About load balancers

Access Gatewayis often deployed in a high availability scenario using a load balancer.

Typical Access Gateway Load Balancer Architecture



Load balancer configuration

Load balancers:

  • Sticky sessions or session affinity: Persistence, often known as stickiness or sticky sessions, is a technique implemented by application load balancers to ensure requests from a single session are always routed to the server on which they started. Any load balancer used with Access Gateway must support session affinity. Session affinity for a particular session is required by Access Gateway to ensure that second and subsequent requires for a given session are routed to the same Access Gateway node.
    How session affinity is specified varies by load balancer type, including cookie based or other mechanisms such as hashed source IP and port.
  • Load balancer strategy: The preferred strategy for an Access Gateway load balancer is round-robin or weighted round-robin.


When configuring a load balancer, the Access Gateway admin node is typically not included as part of the worker pool.

Node Health Check


Load balancers must be able to determine if Access Gateway cluster members are healthy.
To perform a health check send an HTTP request with the following:

Protocol HTTPS
Request GET
IP IP Address of each worker node
With header Host: Your gateway's host

For example:

curl -X GET -v -k -H 'Host:gw.yourhost.com'

  • -X GET - Make a get request
  • -v - Verbose (not require for production)
  • -k - Insecure
  • -H 'Host:gw.{yourgateway.tld}

This returns a status of 200 on success and 400 or timeout on error.

To determine the value for the Host header variable:

  1. Sign in to the Access Gateway Admin UI console.
  2. Select Settings.
  3. Select the Access Gateway.
  4. In the System Configuration section, examine the value of the Access Gateway Hostname field.
    Access Gateway Hostname

Cluster upgrades and load balancers

To upgrade Access Gateway:

  1. Backup the configuration. See About backup and restore
  2. For the admin instance, secure shell (ssh oag-mgmt@gw.gateway.tld) into the Command Line Management Console.
  3. Follow the process for upgrading the Access Gateway appliance. See Upgrade Access Gateway nodes .
  4. For each worker node in the Access Gateway high availability cluster.
    1. Take the worker node out of the load balancer rotation.
    2. Update the worker node.
    3. Return the worker node to the load balancer rotation.