This section is intended to introduce the reader to various aspects of art, which may be related to various aspects of the present invention that are described or claimed below. This discussion is believed to be helpful in providing the reader with background information to facilitate a better understanding of the various aspects of the present invention. Accordingly, it should be understood that these statements are to be read in this light, and not as admissions of prior art.
In the field of computer networking, providing communication sessions between computers via a secure server may be facilitated by various network protocols, such as the secure shell (SSH) protocol. An SSH connection secures communications between computers, such as two computers connecting via a common SSH server, via encryption of the communication and authentication. Once this connection is set up between the two computers (via the SSH server), no other computers can join the connection to collaborate or otherwise participate in the session (e.g., to listen in on the network “conversation”).
One example of a situation in which such a connection may be desirable is when a computer user requires help from a support technician. To allow the support technician to connect to the customer's computer via the internet, a form of bridging needs to be established. Two strategies for connecting the computers of the customer and the support technician are to set up a virtual private network between the two or set up a port-forwarding session along the same route. Port forwarding is desirable because it provides advantages in simplicity and connection setup time.
To facilitate repair of a customer's computer, it may be desirable to allow the support technician to take control of the customer's computer via a remote control program. Such programs generate a substantial amount of network traffic. As a result, an SSH server may be limited in the number of connections that may be supported. As additional SSH servers are added to a system, a reliable method of providing a connection between the support technician and the customer via the same server is needed. In other words, an SSH connection needs to be established between the two computers via the same SSH server. For instance, a viewer application on the support technician's computer must connect to the same port-forwarding SSH server as a screen server application on the customer's computer.
A hardware load balancer can be introduced to distribute the work load across a pool of servers, but such a load balancer does not guarantee that all requests for the same session will go to the same server. Typical hardware load balancers are ineffective at ensuring that connections will be assigned to the same SSH server, because the requests to initiate the communication session originate as two separate requests (i.e., one from the customer and one from the support technician). Furthermore, a hardware load balancer introduces a new potential bottleneck, a potential single-point-of-failure, and additional hardware and maintenance costs. An improved system and method of distributing connection requests among a pool of secure servers is desirable.