The default ASP.NET in-process session state handling,
results in server affinity and cannot be used in a Web farm scenario. For Web
farm deployments, the session state must be stored out of process in either the
ASP.NET State service or a SQL Server database.
Out of Process Mode
In the Out of Process mode, the session information is
stored in a separate “state server” process. The worker process ("aspnet_wp.exe")
will communicate with the state server ("aspnet_state.exe") to
retrieve session information. However, the use of state server mode can affect
the performance of the application by 10-15%. The main reason for this performance
hamper is due to the fact that session information resides in a separate
process (i.e. in a memory area outside the direct control of the asp_net worker
process). So with every request, the worker process has to get the session
values from a separate process.
To keep session information outside the worker process, the
objects inside the session must be serializable. So with end of every request,
the objects inside the session are serialized and with the beginning of each
request, the objects are de-serialized.
To continue to use the state server model, the sessionstate
parameter in the web.config file needs to be updated.
sqlconnectionstring="data source=127.0.0.1;user id=userid;password=password"
The default data source is set to the local machine so if
the state server is on a different machine as that of the application then the
correct machine name should be given on the web.config file.
SQL Server Mode
In the SQL Server mode the information is stored in the SQL
Server rather than memory. But to use the SQL Server session state, we need to
create the necessary tables and the stored procedures that ASP.NET will look
for on the identified SQL Server. The SQL Server mode affects the performance
to a greater degree, but makes the session information more secure as we can
have two or more identical computers running SQL server for a single database.
So if one computer fails another computer can take over and serve requests
without session data loss.
For applications in ASP.NET 1.1 and SQL 2000
To configure to use the SQL Server mode, the sessionstate
parameter in the web.config needs to be updated.
sqlconnectionstring="data source=MySqlServer;user id=ASPState;password=1Gr8State"
Configure the SQL Server to store Session objects by running
a script to create the ASPState database. Version 1.0 of the .NET Framework
provides a state database configuration script in
%SYSTEMROOT%\Microsoft.NET\Framework\v1.0.3705\InstallSqlState.sql. If you open
the file, you will see a statement to create a database called ASPState.
For applications in ASP.NET 2.0 and SQL 2005
To install the session state database on SQL Server, run
Aspnet_regsql.exe tool and supply the following information with the command.
• The name of the SQL Server instance, using the -S option
• The logon credentials for an account that has permission
to create a database on a computer running SQL Server: Use the -E option to use
the currently logged-on user, or use the -U option to specify a user ID along
with the -P option to specify a password.
• The -ssadd command-line option to add the session state
aspnet_regsql.exe -S <SQL Server name> -U <User Name> -P <Password> -ssadd -sstype p
You can run Aspnet_regsql.exe without any command-line
arguments to run a wizard that will walk you through specifying connection
information for your SQL Server database and installing or removing the
database elements for supported features. You can also run Aspnet_regsql.exe as
a command-line tool to specify database elements for individual features to add
To run the wizard, run Aspnet_regsql.exe without any
command-line arguments, as shown in the following example.