Idea Details

Load Balancing capabilities for CA Access Gateway (formerly CA SPS)

Last activity 06-13-2019 10:02 AM
Anon Anon's profile image
08-15-2016 03:32 PM

Currently the CA Access Gateway does not support even basic load balancing to back-end applications. It is currently a requirement to have a 2nd tier VIP behind the the CA Access Gateway. I think it would add a lot of value if CA were to add this functionality in the product.


Think of the Nginx Load Balancing capabilities.


07-24-2018 09:37 PM

A note here in case someone is looking to do this.


Original Demo Version:

I do have straw man setup for SPS that does load balancing. 


The version I had implemented a cookie to do sticky load balancing implemented as a filter. 


It was a bit messy since if the cookie was not set it required a "loopback" call to set the cookie and then execute the sps filter in the right order to forward to the loadbalanced backend. 


The setup was something like : 






<nete:proxyrules xmlns:nete="" debug="yes">
<nete:forward filter="LoadBalanceFilter">http://{{LB_HOSTNAME}}$0</nete:forward>


(Latter version had a direct forward based on the cookie value, and loopback to localhost if cookie was not set).



A Better Method : 

Since then I have thought of a simpler and better method.  So if I was revisiting it now, I would now set the PROXY_LB cookie (and probably the LD_HOSTNAME header as well) in apache using mod_headers settings, similar to what I ended up doing here:… 


As that would require only one pass even when the cookie was not set, and possibly not even need the sps filter. 


Cheers - Mark