Varnish and sticky sessions

Loesche, Lukas, scoyo lukas.loesche at
Thu Nov 13 18:15:45 CET 2008

JT Justman wrote:
> Never tried it, but it seems to me you could read a cookie in VCL to
> determine the backend to use. This is how most load balancers handle
> sticky sessions, right?

That's one way. Another way that doesn't involve cookies or server side
session tables and which is generally more performant (if performance is of
any relevance here) is to hash some client endpoint identifier and calculate
the modulus with the number of available backend servers.

As client endpoint identifier you could use the decimal representation of
it's ip address.

decimal Client IP = (first octet * 256**3) + (second octet * 256**2) +
(third octet * 256) + (fourth octet)
Sticky Client Backend = decimal Client IP % Number of available Backend


Client IP =
Number of available Backend Servers = e.g. 4


Decimal Client IP = (10 * 16777216) + (129 * 65536) + (40 * 256) + (22)
Decimal Client IP = 176236566

Sticky Client Backend = 176236566 % 4 = 2

Or if VCL doesn't support the modulo operator, calculate it using basic
arithmetic operations:

176236566 / 4 = 44059141.5
4 * 44059141 = 176236564
176236566 - 176236564 = 2

So in this case the client always get's balanced to the third backend server
(range is 0 - 3). It would only get rebalanced if the number of available
backend servers changes. I.e. if a backend server fails or one is added.

Instead of the client's dec IP you could also create some hash using a
combination of client IP and browser name, or something like that.. depends
on what your requirements are and who your site's target audience is.
If your site gets lots of traffic from companies who generally NAT their
employees using one or two gateway IPs than hashing based on the client IP
alone wouldn't do much good. However if the site's target audience are
end-users sitting at home each with their own IP it's a very efficient and
well balanced way of doing sticky sessions.

I really don't know enough about available VCL operators and syntax, but
from taking a quick look at it I saw that it's pretty flexible, even
supporting regexp (personally wouldn't use them for request balancing
though) and inline C Code. So if the required hashing and char matching
functions aren't present in VCL itself it seems you could easily do them in

As far as the number of available backend servers go, I don't know if they
get exposed by varnish inside VCL. You could always hard code them of course
but it would be better if varnish itself had some way to let you know which
backend servers it considers alive and which not. This might require some
modifications to varnish itself if they aren't already present.

Anyway, the method described is a valid way to do sticky sessions and
supported by most commercial load balancers. It's very resource friendly as
it doesn't involve any cookie parsing/setting or server side session tables.

-- Lukas

More information about the varnish-misc mailing list