This option is called “once only” on Coyote Point Equalizer appliances. On software versions prior to 8.5, once_only is the default for newly added clusters which means that only the first set of headers will be parsed (That’s where the name comes from, only parse the first request in a stream). We’ve found hat having this default causes more trouble than it’s worth so we’ve switched the default to parse every request in the stream.

Good question. When your browser connects to a site, it’s actually making lots of separate requests for the HTML, JPGs, etc. But it’s typically happening within the same TCP connection. The source and destination IPs are the same, and don’t get changed until you hit the load balancer.

If the load balancer only looks at the first request, and sees it’s a JPG, it will send every request contained within that TCP connection (JPG or not) to the JPG server farm.

In that case, you need the load balancer to look at every request. It will then proxy those requests, and open up new TCP connections to the appropriate servers and forward them on (with the destination IP changed, and sometimes the source IP too).

“…trying to separate out traffic such as JPGs from HTML to send to different servers (web switching/Layer 7 switching), or if you’re trying to insert headers into every connection (such as the true source IP address, or an SSL header), then this is a big problem. ”

But if I am putting JPGs and HTML on different servers, wouldn’t they have different IP addresses, and therefore different TCP sessions, eliminating the issue?

–
paja

For Firefox there are a couple of other options that are killer: HTTPFox and Firebug.

For HTTP analysis in general, I prefer HTTPFox. Straight forward, feels a lot like ethereal (sorry, Wireshark ;-)) and is pretty compact for a plug-in.

Firebug offers most of the same options, but it’s really aimed more at developers, IMO, and not so heavy on the network/protocol analysis side.

Lori