Why does my ProxySG connect to the same server IP address with DNS round-robin?
Last Updated May 13, 2017
This is an intended behavior to preserve client-affinity to a particular server, even when DNS is returning a round-robin response and IPs listed in the response have been re-ordered.
Every time an entry expires in the DNS cache, it has to be refreshed from the server when a client next makes a request for the website. When the response comes back from the DNS server we check whether 1) The number of address entries is the same 2) The entries in the list are the same despite possible re-ordering
If both are true, we leave the entry in the DNS cache as-is and we simply reset the expiry time. By preserving the order, the client-IP hash that is used to select the address for a given client will not change.
The purpose of the feature is to try and preserve client-affinity to a particular server, and thereby avoid breaking web applications.
If preferred, the default behaviour can be overriden via the following change in the CLI: #(config)dns client-affinity disable
With the above setting applied, oridnary DNS round-robin will be used.
Imported Document ID: 000016193
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe