asp.net server load balance setup - how it impacts sessions

We are trying to setup load balancing for our website through a firewall. We will have two web-servers, namely ws1, and ws2 both running the same web application with in-process sessions.

My question is, if someone is accessing our website and currently has a session on ws1, and the firewall switches them to ws2, which will give them a new session on ws2. My question is, if they switch back to ws1 while their original session hasn't expired yet, will they get a new session, or will the browser still have their old session id and bring back their ol开发者_运维百科d session?

When using in-process sessions, the two servers will be completely ignorant of each other. Your users might get switched over and lose their session, and then later get switched back and have their old session "restored". This will cause no end of grief for you and your users: depending on how much you rely on session, things will randomly disappear and reappear.

You need to look into Session State Providers, which will let you use a common store for your session data. The typical option is to store session in SQL Server, since you're probably already sharing that between the two servers. If you're not using SQL Server, you may need to write your own provider for your database or find one created by a third party. (The paradox here is that now your SQL Server needs to be load balanced / high availability, and now you've just shifted the problem.)

If this is not an option, your firewall might support "session affinity" or "sticky sessions", which will use some sort of stateful inspection to track sessions and ensure that once a session is started, traffic from that session gets directed to only one server. This is considered a kludge, however, and shouldn't be relied upon.