Systems and methods for maintaining session persistence in a cluster system

US 9,888,068 B2
Filed: 04/03/2014
Issued: 02/06/2018
Est. Priority Date: 04/06/2013
Status: Active Grant

First Claim

Patent Images

1. A method for managing ownership of one or more secure socket layer (SSL) sessions, the method comprising:

(a) maintaining, for a cluster of nodes comprising devices intermediary via a computer network between at least one client device and at least one server device, a succession list for at least one session of a first client device established with the server from the at least one client device, the succession list comprising an ordered list of nodes within the cluster based on a number of nodes in the cluster that are up and have a corresponding virtual internet protocol server present, the ordered list of nodes identify one of an ascending or descending order of succession for the nodes in the list to transfer ownership of the at least one session of the first client device established with the server from a current node to a next node in the ordered list of nodes;

(b) entering the cluster, by a first node of the cluster, in an operational state for managing one or more sessions established between the at least one client device and the at least one server device; and

(c) initiating, by a second node of the cluster based on identifying in the succession list the first node as a node to succeed the second node and responsive to the first node entering the cluster, a transfer of ownership of the at least one session, established via the second node between the at least one client device and the least one server device via a transport layer connection with the least one server device, from the second node to the first node.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present application is directed towards systems and methods for managing ownership of one or more SSL sessions. A cluster of nodes intermediary between at least one client server may maintain a succession list for at least one session of a first client from the at least one client. The succession list may include a list of nodes within the cluster and an order of succession for the nodes to transfer ownership of the at least one session. A first node of the cluster may enter an operational state for managing one or more sessions between the at least one client and the at least one server. A second node of the cluster may initiate, based on the succession list and responsive to the first node entering the operational state, a transfer of ownership of the at least one session from the second node to the first node.

Citations

20 Claims

1. A method for managing ownership of one or more secure socket layer (SSL) sessions, the method comprising:
- (a) maintaining, for a cluster of nodes comprising devices intermediary via a computer network between at least one client device and at least one server device, a succession list for at least one session of a first client device established with the server from the at least one client device, the succession list comprising an ordered list of nodes within the cluster based on a number of nodes in the cluster that are up and have a corresponding virtual internet protocol server present, the ordered list of nodes identify one of an ascending or descending order of succession for the nodes in the list to transfer ownership of the at least one session of the first client device established with the server from a current node to a next node in the ordered list of nodes;
  
  (b) entering the cluster, by a first node of the cluster, in an operational state for managing one or more sessions established between the at least one client device and the at least one server device; and
  
  (c) initiating, by a second node of the cluster based on identifying in the succession list the first node as a node to succeed the second node and responsive to the first node entering the cluster, a transfer of ownership of the at least one session, established via the second node between the at least one client device and the least one server device via a transport layer connection with the least one server device, from the second node to the first node.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, comprising specifying the succession list as assigned to a first address of the at least one client device or the at least one server device.
  - 3. The method of claim 1, comprising specifying the succession list to be assigned to the at least one session based on one of an internet protocol address or an identifier of the at least one session.
  - 4. The method of claim 1, comprising specifying the succession list based on a selection of a subset of nodes from the cluster.
  - 5. The method of claim 1, comprising assigning the succession list to the second node of the plurality of nodes, wherein one or more nodes of the plurality of nodes are assigned different succession lists.
  - 6. The method of claim 1, wherein (c) comprises determining that the first node has entered the cluster as one of a new node of the cluster or as a node that previously exited the cluster.
  - 7. The method of claim 1, further comprising receiving, by the first node from a third node, a query on a first session of the at least one session.
  - 8. The method of claim 7, further comprising sending, by the third node, the query to the first node based on the succession list.
  - 9. The method of claim 7, further comprising responding, by the first node, to the query with information about the first session, if a transmission complete message has been received from the second node.
  - 10. The method of claim 1, wherein entering the cluster in an operational state comprises one of executing, provisioning or hosting the corresponding virtual internet protocol server 7.

11. A system for managing ownership of one or more secure socket layer (SSL) sessions, the system comprising:
- a cluster of nodes comprising devices intermediary via a computer network between at least one client device and at least one server device, a succession list for at least one session of a first client device established via a transport layer connection with the server, the succession list comprising an ordered list of nodes within the cluster based on a number of nodes in the cluster that are up and have a corresponding virtual internet protocol server present, the ordered list of nodes identify one of an ascending or descending order of succession for the nodes in the list to transfer ownership of the at least one session of the first client device established with the server from a current node to a next node in the ordered list of nodes;
  
  a first node of the cluster, the first node configured to enter the cluster in an operational state for managing one or more sessions established between the at least one client device and the at least one server device; and
  
  a second node of the cluster, the second node configured to initiate, based on the succession list and responsive to the first node entering the cluster, a transfer of ownership of the at least one session, established via the second node between the at least one client device and the least one server device, from the second node to the first node.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The system of claim 11, wherein the succession list is assigned to a first address of the at least one client device or the at least one server device.
  - 13. The system of claim 11, wherein the succession list is assigned to based on one of an internet protocol address or an identifier of the at least one session.
  - 14. The system of claim 11, wherein the succession list is specified based on a selection of a subset of nodes from the cluster.
  - 15. The system of claim 11, wherein the succession list is assigned to the second node of the plurality of nodes, wherein one or more nodes of the plurality of nodes are assigned different succession lists.
  - 16. The system of claim 11, wherein the second node is configured to determine that the first node has entered the cluster as one of a new node of the cluster or as a node that previously exited the cluster.
  - 17. The system of claim 11, wherein the first node is configured to receive from a third node a query on a first session of the at least one session.
  - 18. The system of claim 17, wherein the third node is configured to send the query to the first node based on the succession list.
  - 19. The system of claim 17, wherein the first node is configured to respond to the query with information about the first session if a transmission complete message has been received from the second node.
  - 20. The system of claim 11, wherein entering the cluster in an operational state comprises one of executing, provisioning or hosting the corresponding virtual internet protocol server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Citrix Systems, Inc. (Cloud Software Group)
Original Assignee
Citrix Systems, Inc. (Cloud Software Group)
Inventors
Kamath, Sandeep, Arumugam, Mahesh, Menon, Anoop
Primary Examiner(s)
Choudhury, Azizul

Application Number

US14/244,504
Publication Number

US 20140304409A1
Time in Patent Office

1,405 Days
Field of Search

None
US Class Current
CPC Class Codes

H04L 63/04   for providing a confidentia...

H04L 63/166   at the transport layer

H04L 67/1036   Load balancing of requests ...

Systems and methods for maintaining session persistence in a cluster system

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for maintaining session persistence in a cluster system

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links