5

I have two separate Nginx machines. The domain uses round-robin DNS and has two A records, one for each of the two frontend Nginx server.

Both Nginx servers use the ip_hash directive and proxy requests to the same backend servers.

Will an IP address that goes to the first Nginx server always be routed to the same backend server as that same IP address that goes to the other Nginx server?

This may be of help: What IP does nginx use for ip_hash sticky sessions?

Community
  • 1
Justin Meltzer
  • 711
  • 1
  • 9
  • 19

2 Answers2

2

The Nginx servers are unaware of each other with their own ip_hash tables. So a specific server will route traffic to the backend based on its own ip_hash pool. Any consistency between the frontend Nginx servers would be due to chance alone.

Now in practice, this may be less of an issue because the client's DNS is unlikely to change during their session. As a result, they will hit the same front-end server and be routed to the same backend server.

Another approach to this is to use something like HAProxy, which can balance on a number of metrics, e.g. as a URL parameter. Your application can set a parameter to assure the client gets routed to the same backend. Of course normalizing your data over your backends with a distributed tool is preferred but that can be challenging with legacy applications.

jeffatrackaid
  • 4,142
  • 19
  • 22
  • 2
    But if Nginx always uses the same method to hash ip addresses with no random variables, then they will do the same thing. Have you looked into the Nginx source code to determine this? – Justin Meltzer May 29 '13 at 19:14
  • Also what do you mean by the DNS comment. Doesn't round robin mean a request will go back and forth between A records? – Justin Meltzer May 29 '13 at 19:15
  • The hash may not be random but the assignment to the upstream backends would be different between the two systems based on traffic. – jeffatrackaid May 29 '13 at 19:24
  • Round robin will go back and forth but DNS record caching client-side often negates this behavior, even with short TTLs. If their systems cache DNS for 1 hour, then they will be using the same front-end server for that hour. – jeffatrackaid May 29 '13 at 19:25
  • Ahh ok. I didn't know about record caching. – Justin Meltzer May 29 '13 at 19:26
  • But if the hash isn't random, why wouldn't the same IP address always go to the same backend server regardless of the nginx server? – Justin Meltzer May 29 '13 at 19:28
  • There are two parts. 1) The hash. This is not random. It is based on the IP address. 2) The initial assignment of the hash to a specific backend will vary. Once it is assigned it will remain in place until the session ends. Once the session ends, an initial assignment is required again. There's no guarantee that it will hit the same backend the next time around. – jeffatrackaid May 29 '13 at 19:32
  • Ok. How is the hash assigned to a backend? – Justin Meltzer May 29 '13 at 19:51
  • let us [continue this discussion in chat](http://chat.stackexchange.com/rooms/9002/discussion-between-jeffatrackaid-and-justin-meltzer) – jeffatrackaid May 29 '13 at 20:01
  • I'm in chat now – Justin Meltzer May 29 '13 at 20:35
  • See docs at: http://nginx.org/en/docs/http/ngx_http_upstream_module.html – jeffatrackaid Jun 03 '13 at 18:39
0

According to the docs:

The key for the hash is the class-C network address or the entire IPv6-address of the client.

So, in theory, this should work.

Another problem that could arise is when one of your backends fail. Nginx doesn't make any promises about what backend the client hits next.

But, yeah, HAProxy ftw.

chrskly
  • 1,569
  • 12
  • 16