Last few days back, I faced one peculiar issue, while adding a new system in my Web Farm. My users started facing an issue
“InValid View State” intermittently.
First, I could not guess what is the issue and thought of some programming issue. But later after analysis I found the issue is caused by the changes in the Web Farm.
Just before discuss the solution, Let’s analyse this.
What is Web Farm?
A Web Farm is used in highly available applications and which have a lot of users that cannot be served by a single server. They provides better performance and are easily scalable. It means we’ll have multiple web servers behind a Network Load Balancer (NLB). Whenever a request comes, it first goes to the load balancer, which checks all the available web servers and finds the web server which has comparatively less requests to serve, and passes the request to that web server.
So now lets discuss the problem. Normally when we add a new Web Servers in the Web Farm Cluster to scale up our system, we sometimes face the issue of
Invalid View State .
This is because of the difference in Machine Key in different servers.
So First What is Machine Key?
This is introduced in ASP.NET 2.0 and this is stored in machine.config or in web.config of an application. Normally it is stored in Machine.config.
- The MachineKey defines a validation method, validationKey and decryptionKey which are used in the encryption/decryption algorithm.
- Normally, Asp.Net and the .Net Framework autogenerates a MachineKey.
This is used mainly at two places.
- Form Authentication uses this key to encrypt/decrypt the form authentication tickets.
- This key is also used in View State encryption/decryption.
We use Web Farm, as I already discussed, that it is used for High availability. In this case if a Client sends a request then Load balancer decides, which web server to serve the request. It happens several times that another request might be served by another server. So here is the issue.
As we know,view state (Want to know more about View State Click here) is Client side state management techniques and the data travels with the request and response. So if the view state is encrypted with some machine key and in other request if handled by another server and that has different machine key, it would not be able to decrypt it and will through the error.
So here the key is while adding a new server, we need to keep in mind to have the same the machine key in all the web servers under the Load Balancer.
So how we can make the key same in all web servers. Every server generate a new key when it is set auto. and even sometimes any recycle of the app domain will generate a new key when it is set to auto. It means we cannot use the default auto generate key. So here the solution is to use a specific key in the machine.config to prevent automatic key generation on each process start.
One another flexible approach, however, would be to add a
MachineKey section to the web.config file of your web site. This would not require to make the changes on every web server.
Hope this will help you all.