I recently had the opportunity to configure our new web servers running Microsoft Windows 2003 Server and IIS 6.0. These servers are to be used in our development and production environments and will use Microsoft's Network Load Balancing to handle server load. This configuration allows an administrator to take an individual server off line for maintenance or add an additional server without interrupting service to our clients.
We are running ASP.NET 2.0 and one of the features we are taking advantage of is running a State Server in a seperate machine. In order for a web farm to manange session state between web requests a few things need to be done in order for the user to have the same session between these requests.
The problem lies in the fact that in a web farm the user is not guaranteed to come back to the same server between requests and session must be maintained.
The detail which I find poorly documented is a machineKey needs to be added to each member of the web farm needing to share session. These keys MUST be the same on all servers in the web farm. As you can see below the key is a very large hex number, but don't worry you won't have to make it up. The section below is put in the machine.config on each server this will take care of the problem.
This key could just as well been put into the web.config but I chose the machine.config file so when we add applications to our web farm I won't have to mantain multiple web.config files with this information in it.
55B26717CF76A5348DC83D34F3E3F079DECAD2075FF278BD927C06F784923F59DD1' decryptionKey='B134B1E055D415013E31DECBF84B80492E8A8F1623F7332E' validation='SHA1'/>
A great online utility to generate the key for you and give you the section for the .config file is available here.