SSL session ID persistence

When SSL session ID persistence is configured, the NetScaler appliance uses the SSL session ID, which is part of the SSL handshake process, to create a persistence session before the initial request is directed to a service. The load balancing virtual server directs subsequent requests that have the same SSL session ID to the same service. This type of persistence is used for SSL bridge services.


There are two issues that users should consider before choosing this type of persistence. First, this type of persistence consumes resources on the NetScaler appliance, which limits the number of concurrent persistence sessions that it can support. If you expect to support a very large number of concurrent persistence sessions, you might want to choose another type of persistence.

Second, if the client and the load-balanced server should renegotiate the session ID during their transactions, persistence is not maintained, and a new persistence session is created when the client’s next request is received. This may result in the client’s activity on the website being interrupted and the client might be asked to reauthenticate or restart the session. It may also result in large numbers of abandoned sessions if the timeout is set to too large a value.

To configure persistence based on SSL session ID,  see Configuring Persistence Types That Do Not Require a Rule..


SSL session ID persistence is not supported with session tickets.

SSL session ID persistence

In this article