Chapter 5 - Monitors 54 Chapter 5: Monitors Monitor Configuration and Review Lesson Objectives During this lesson, you will review many of the monitors that are available and how to customize them. Monitor Templates ‘The BIG-IP system includes a set of pre-configured monitor templates for address, service, content and interactive checks. Some of these monitors can be used with no changes, but all can be used as templates to create monitors with parameters that are custom to each sites particular needs. Additionally, once a custom monitor is created, it can be used as a template to create other monitors. There are over 20 ‘monitor templates; the tables below list the features that are used more commonly. Address Checks Name Description ICMP Issues ICMP Echo Request. Expects Echo Reply in response. Can only be assigned to Nodes (addresses). Gateway_ICMP | Issues ICMP Echo Request. Expects Echo Reply in response. Can only be assigned to Members (IP address and port) Service Checks Name Description TCP_Half_Open | Issues TCP SYN. Expects a SYN-ACK. Upon receipt of SYN- ACK, issues a RESET. TCP ‘Attempts to open a connection. Expects connection to complete. Upon connection completion, closes connection. Configuring BIG-IP LTM v11 Bt5-2 Chapter 5 - Monitors Content Checks Name Description HTTP ‘Opens a connection. Upon connection completion, issues a GET / command. Expects connection to complete and response to match receive rule - if any. Upon receipt of data (if any expected), closes connection. HTTPS ‘Opens a connection. Upon connection completion, performs SSL negotiations and issues a GET / command. Expects connection to complete, SSL negotiation to complete, and response to match receive rule — if any. Upon receipt of data (if any expected), closes connection. HTTPS_443_| Opens a connection to port 443. Upon connection completion, performs SSL negotiations and issues a GET / command. Expects connection to complete, SSL negotiation to complete, and response to match receive rule - if any. Upon receipt of data (if any expected), closes connection. Interactive Checks Name Description FTP ‘Opens a connection. Upon connection completion, issues a CWD to the specified directory and a GET for the specified filename. Expects connection to complete and file transfer to be successful. Upon receipt of fle, closes connection. MSSQL Opens a connection. Upon connection completion, issues SQL ‘command to specified database. Expects connection to complete and database to open successfully. Upon receipt of data, closes connection. Ifa monitor's default function meets your needs, assign the monitor to the pool, pool member, or node. More often, the templates are used to create custom monitors. Creating Monitors Concepts A custom or user-defined monitor is based on a default monitor template or another custom monitor. ‘Custom monitors are given unique names and vary from their template in one or more parameters. ‘Some templates can be used without modification and can useful in that form. For example, there is little to change for ICMP monitors except their timers. Other monitor templates can be used directly, but are of limited use without customization. For example, since the HTTP monitor's default receive string is a null string, the response must only be a null string or more. In effect, no response is required and any response is acceptable. Because of situations like that, most production monitors are customized. In fact, some templates cannot be assigned directly; they can only be used as a template for a user-defined monitor. FTP is an example of this type. At a minimum, a path and file name must be specified before a custom fip monitor can be assigned. The general steps to create user-defined monitors do not vary, but the parameters that can be specified vary dependent upon the monitor type. 52 Configuring BIG-IP LTM v11Chapter 5 - Monitors 53 Monitor Assignment Lesson Objectives During this lesson, you will review how monitors are associated with nodes, pool members, and pools. Monitor Associations Creating custom monitors is an important process, but unless the monitor is assigned to something—a node, a pool member or a pool—the monitor will not perform any tests. Assignments can be performed by group, individually, or both. By default, there are no monitor assignments. Associating Monitors to Nodes One option is to monitor nodes — the IP addresses of the pool members. Every node is set to one of three states: Node Default > Default setting for all nodes + Node Specific © None “Node Default” indicates that the node should be tested with the Default Monitor. However, since the Default Monitor is initially unassigned, the result is that nodes are not tested by default. If you would like all nodes to be tested with the same monitor, set the Default Monitor to that monitor. Once the Default Monitor is set (or changed), all nodes set to “Node Default” will be tested by this monitor. Each node can be assigned monitors individually by selecting “Node Specific”. These monitors are instead of the Default Monitor, not in addition to them. When “None” is selected, that node will not be tested by any monitor regardless the Default Monitor setting Assigning the Default Monitor ‘This setting affects all nodes set to “Node Default” © From the Navigation pane, expand the Local Traffic section and select Nodes Above the list of nodes, sclect the Default Monitor tab. * Within the Configuration section, enter the following: Configuration Level _| Basic Health Monitors | Move (<<) desired monitors to the "Active" column + When complete, click Update. Configuring BIG-IP LTM v11 5-354 Chapter 5 - Monitors Setting a Specific Monitor(s) for a Node This setting affects single nodes. + From the Navigation pane, expand the Local Traffic section and select Nodes. ‘+ From the list of nodes, select the node of interest. © Within the Configuration section, set the following: Health Monitors Node Specific Select Monitors Move (<<) desired monitor to the Active column Availability Requirement _| As desired + When complete, click Update. Assigning Monitors to Pool Members Like nodes, there are no default monitors associated with any pool members. Also like nodes, pools ‘members can be associated with a default monitor, a specific monitor, or no monitor. However, with pool ‘members, the default monitor is not on the global level, but on the pool level. The three choices for a given pool member are: * Inherit from Pool > Default Setting for all pool members. * Member Specific * None Inherit from Pool allows you to assign a monitor at the poo! level only and be assured that each pool ‘member will be tested in the same way. Setting a Pool’s Monitor ‘This setting affects all members in that pool that are set to Inherit from Pool. ‘+ From the Navigation pane, expand the Loeal Traffic section and select Pools. ‘* From the list of pools, select the pool of interest. Within the Configuration section, enter the following: Configuration Level | Basic Health Monitors _| Move (<<) desired monitor to the Active column ‘© When complete, click Update. Setting a Specific Monitor(s) to a Member ‘This setting affects single members, * From the Navigation pane, expand the Local Traffic section and select Pools. © From the list of pools, select the pool of interest. 5-4 Configuring BIG-IP LTM v11Chapter 5 - Monitors ‘© Select the Members tab. ‘+ From the list of members, sclect the member of interest. ‘© Within the Configuration section, set the following: Configuration Level | Advanced Health Monitors __| Member Specific Select Monitors | Move (<<) desired monitor to the Active column Availability As desired Requirements © When complete, click Update. Configuring BIG-IP LTM v11 55 5-556 Chapter 5 - Monitors Monitor Status Reporting Lesson Objectives During this lesson, you will learn how the states of virtual servers, pools, pool members, and nodes are displayed as the result of Monitors. Monitoring Status for Pools vs. Nodes Monitors are assigned to nodes, pools, and pool members but the results of the monitors affect the state of virtual servers as well. This is because of the hierarchy between virtual servers, pools, pool members, and nodes. This is one of many relationships within BIG-IP system objects that use a Parent-Child model, Parent Object Child Object Virtual Server Pools: Pools Pool Members Pool Members Nodes Virtual Server, Pool, Member and Node Status Monitors will cause virtual servers, pools, pool members and nodes to have one of the states in the chart below. In each case, the state of the parent is a function of any monitors testing it directly and any monitors testing that parent’s children. Status (Color) Status Definition . General: For a child, a monitor is successful. For a parent, at least AVAILABLE (Green) __| one child is Green. Node: The most recent monitor was successful. Pool Member: The most recent monitor was successful and associated node is not offline. Pool: At least one pool member is available. Virtual Server: At least one Pool is available. . General: For a child, no monitor is associated (or the timeout has UNKNOWN (Blue) not yet been reached). For a parent, all child objects are blue. Node: Either no monitor is assigned or the monitor has neither succeeded nor exceeded the timeout period. Pool Member: Either no monitor is assigned or the monitor neither succeeded nor exceeded the timeout period. Pool: No members are available and at least one is unknown. Others may be offiine. Virtual Server: All pools are unknown 56 Configuring BIG-IP LTM v11Chapter 5 - Monitors 57 4 UNAVAILABLE. (Yellow) General: For a child, a connection limit has been reached. Fora parent, all children have reached their connection limit. Node: The current connections are at the limit set for the node. Pool Member: The current connections are at the limit for the pool member. Pool: All pool members are at their connection limits, Virtual Server: No pools are Available and at least one pool is Unavailable due to connection limits being reached. OFFLINE (Red) General: For a child, a monitor has failed. For a parent, at least ‘one child object is red AND there are no green or yellow children. Node: Monitor did not succeed during the recent timeout period. Pool Member: Either the member or node monitor did not succeed during the most recent timeout period. Pool: One or more members are offline, and no members are either unknown or available. Virtual Server: One or more pools are offline, and no pools are available. Black Circle Operational but manually disabled ° Black Diamond Manually forced offline Configuring BIG-IP LTM v11 5758 Chapter 5 - Monitors Scripted Monitors ‘Most templates can send a single command to a server and scan through a single response. A scripted ‘monitor can send multiple commands to a server and examine multiple responses. Scripted monitors reference an external file that contains a series of “send” and “expect” strings. A single TCP connection is used to monitor the “conversation” between the BIG-IP system and the server. If all the “expect” strings are received when expected, the monitor is considered a success. ‘The format of the monitor would be like the following: monitor { defaults from scripted debug “no” filename } As the BIG-IP system reads the script, the messages are sent and expected in the order in the file. As the BIG-IP system processes the each line, it first determines whether the line is a send or expect and then removes the command. Next, the leading and trailing spaces are removed. If there are no enclosing " " @ouble quotes), the line is not translated any further and is sent as is (note that for a send this means no new line is sent) If the line to be sent is enclosed with double quotes, then the quotes are removed and the line is examined for escaped characters, which are properly translated. If the line is to be sent, it is now sent as translated. If the line is expected, then the beginning of each line of the response is examined until either a match is found or the data ends. There may be other characters in the received line. The expect sequence of characters may not be the complete line, but the first characters must match the expected sequence. The filename should be the name of a file contained in the directory /config/cav. Keeping these files under this directory allows them to be saved within ues archives. Example 1: a typical SMTP sequence expect 220 send "HELO bigip1.somecompany.net\r\n" expect 250 send "quit\r\n" Example 2: a typical HTTP sequence send "GET /index.html HTTP/1.1\r\nHost: www.site.com\r\n\r\n" expect HTTP/1.1 200 OK When employing scripted monitors, it is very important to know the format of commands the servers ‘expect and the format of data the servers send 58 Configuring BIG-IP LTM v11Chapter 5 - Monitors 5-9 Interactive Monitors: EAVs ith all monitors to this point, the BIG-IP system manages the communication between the BIG-IP and the device being tested. When external monitors are used, also known as Extended Application Verification (EAV) monitors, the BIG-IP system is used only to run an external program and wait for a response or a timeout. For EAVs, when the test is successful, the script should send a message, any ‘message, to standard out. When any output is seen, the device is marked UP. F5 Consulting is available to help develop such custom tools. Samples are located in the /usr/bin/monitors directory. The BIG-IP system provides multiple pre-configured EAV monitors and supports creation of custom external monitors written in shell script or Perl. Examples of EAV monitors (or templates) include: FIP Using an FTP monitor type, you can monitor File Transfer Protocol (FTP) traffic. This type of monitor attempts to download a specified file to the /var/tmp directory, and if the file is retrieved, the check is successful. Note that once the file has been successfully downloaded, the LTM system does not save it. ‘An FTP monitor specifies a user name, a password, a full path to the file, the file name to be downloaded, and whether the transfer should use active or passive FTP. IMAP ‘With an IMAP type of monitor, you can check the status of Internet Message Access Protocol (IMAP) traffic. An IMAP monitor is essentially a POP3 type of monitor with the addition of the Folder The check is successfl if the monitor is able to log into a server and open the specified mail folder. ‘An IMAP monitor requires that you specify a user name and password. configuration to maintain a high level of security, while also allowing for Note: Servers to be checked by an IMAP monitor typically require special monitor authentication. r type checks the status of Lightweight Directory Access Protocol (LDAP) servers. The LDAP protocol implements standard X.500 for email directory consolidation. A check is successful if entries are retumed for the base and filter specified; in essence attempting to authenticate the specified user. An LDAP monitor requires a user name, a password, and base and filter strings. «The User Name setting specifies a distinguished name, that is, an LDAP-format user name. ‘* The Base setting specifies the starting place in the LDAP hierarchy from which to begin the query. © The Filter setting specifies an LDAP-format key of the search item. ©The Security setting specifies the security protocol to be used. Acceptable values are SSL, TLS, or None. Configuring BIG-IP LTM v11 5-95-10 Chapter 5 - Monitors MssaqL An MSSQL monitor verifies Microsoft® Windows SQL-based services by attempting to perform a login to those services. Service checks are performed on Microsoft SQL Server-based services such as Microsoft SQL Server versions 6.5 and 7.0. The BIG-IP system requires installation ofa JDBC driver before performing the login. If you receive a message that the connection was refused, verify that the IP address and port number are correct. MSSQL monitor settings and their default values In an MSSQL-type monitor, the Database setting specifies the name of the data source on the Microsoft® SQL-based server. Examples are sales and hr. The Send String setting is optional and specifies a SQL. query statement that the LTM system should send to the server. Examples are: SELECT * FROM sales SELECT FirstName, LastName FROM Employees If you configure the Send String setting, you can also configure the following settings: + Receive String ‘The Receive String setting is an optional parameter that specifies the value expected to be returned for the row and column specified with the Receive Row and Receive Column settings. ‘An example of a Receive String value is ALAN SMITH. You can only configure this setting ‘when you configure the Send String setting. + Receive Row The Receive Row setting is optional, and is useful only if the Receive String setting is specified. This setting specifies the row in the returned table that contains the Receive String value, You can only configure this setting when you configure the Send String setting. © Receive Column The Receive Column setting is optional and is useful only if the Receive String setting is, specified. This setting specifies the column in the retumed table that contains the Receive String value. You can only configure this setting when you configure the Send String setting. NNTP ‘You use an NNTP type of monitor to check the status of Usenet News traffic. The check is successful if the monitor retrieves a newsgroup identification string from the server. An NNTP monitor requires a newsgroup name (for example, alt.cars.mercedes) and, if necessary, a user name and password, Oracl With an Oracle type of monitor, you can check the status of an Oracle database server. The check is successful if the monitor is able to connect to the server, log in as the indicated user, and log out. The Send String setting specifics a SQL statement that the LTM system should send to the Oracle server. An example is SELECT * FROM sales. The Receive String setting is an optional parameter that specifies the value expected to be returned for a specific row and column of the table that the Send String setting retrieved. An example of a Receive String value is SMITH. 5-10 Configuring BIG-IP LTM v11Chapter 5 - Monitors 511 In an Oracle type of monitor, the Database setting specifies the name of the data source on the Oracle server. Examples are sales and hr. The Receive Row setting is optional, and is useful only if the Receive String setting is specified. This setting specifies the row in the returned table that contains the Receive String value. The Receive Column setting is optional and is useful only if the Receive String setting is specified. This setting specifies the column in the returned table that contains the Receive String value. POP3 ‘A POP3 type of monitor checks the status of Post Office Protocol (POP) traffic. The check is successful if the monitor is able to connect to the server, log in as the indicated user, and log out. A POP3 monitor requires a user name and password. RADIUS Using a RADIUS type of monitor, you can check the status of Remote Access Dial-in User Service (RADIUS) servers. The check is successful if the server authenticates the requesting user. A RADIUS. monitor requires a user name, a password, and a shared secret string for the code number. Note: Servers to be checked by a RADIUS monitor typically require special configuration to maintain a high level of security while also allowing for monitor authentication. sIP You use a Session Initiation Protocol (SIP) monitor to check the status of SIP Call-ID services. This monitor type uses UDP to issue a request to a server device. The request is designed to identify the options that the server device supports. If the proper request is retumed, the device is considered to be UP and responding to commands. Possible values for the Mode setting are TCP and UDP. Possible values for the Additional Accepted Status Codes setting are Any, None, and Status Code List. ‘The Status Code List setting specifies one or more status codes, in addition to status code 200, which are acceptable in order to indicate an up status. Multiple status codes should be separated by spaces. Specifying an asterisk (*) indicates that all status codes are acceptable. ‘SMTP ‘An SMTP type of monitor checks the status of Simple Mail Transport Protocol (SMTP) servers. This ‘monitor type is an extremely basic monitor that checks only that the server is UP and responding to ‘commands. The check is successful if the mail server responds to the standard SMTP HELO and QUIT ‘commands. An SMTP-type monitor requires a domain name. Configuring BIG-IP LTM v11 5-115-12 Chapter 5 - Monitors SOAP A SOAP monitor tests a Web service based on the Simple Object Access protocol (SOAP). More specifically, the monitor submits a request to a SOAP-based Web service, and optionally, verifies a return value or fault. Possible values for: ‘¢ The Protocol setting are HTTP and HTTPS. ‘* The Parameter Type setting are: bool, int, long, and string. ‘+ The Return Type setting are: bool, int, short, long, float, double, and string. ‘+ The Expect Fault setting are No and Yes. UDP You use a UDP type of monitor when the system is sending User Datagram Protocol (UDP) packets. Designed to check the status of a UDP service, a UDP-type monitor sends one or more UDP packets to a pool member or node. The Timeout setting should be lower than the Interval setting. ‘When using a UDP-type monitor to monitor a pool, pool member, or node, you must also enable another ‘monitor type, such as ICMP, to monitor the pool, pool member, or node. Until both a UDP-type monitor and another type of monitor to report the status of the UDP service as UP, the UDP service receives no traffic Ifa UDP monitor reports status as uP__[UP DOWN | DOWN. ‘And another monitor reports status as_[UP | DOWN | UP DOWN Then the UDP service is up___[Down | DOWN | DOWN External Monitors ‘An External monitor allows you to monitor services using their own programs. Your program tests services in any way you wish; the monitor need only know the name of the program. Once the BIG-IP system initiates the external program, it waits for any response set to standard out. Ifa response is seen, the monitor is considered a success. If no response is seen prior to the timeout being reached, the monitor has failed. Use the External Program setting to specify the executable name of your user-supplied monitor program. By default, an External monitor searches the directory /config/monitors for that monitor name. If the ‘user-supplied monitor resides elsewhere, you must enter a fully qualified path name. The Arguments setting allows you to specify any required command-line arguments. 5-12 Configuring BIG-IP LTM v11Chapter 5 - Monitors 5-13 Example External Script (Echo_up) #1 /bin/sh HHRERESEGERRHMHAHERERAHERSHRREREBRAA ERR RRA AHA RRR RRA RHEHHY # F5 Networks and BIG/ip(c) Copyright No part of the software may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without express written permission of F5 Networks, Inc. It is against the law to copy the software. No part of this program may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose other than the purchasers personal use, without the express written permission of FS Networks, Inc. Copyright (c) 1999 BIG/ip Software. All rights reserved. Our services are only available for legal users of the program for instance in case we extend our services by offering updating of files through Internet. HELAERSHHHHH EER SAAH TNT H EHS HE HERRERA AMR RRA ARR RR AHHH HEHE these arguments supplied automatically for all external pingers: $1 = IP (nnn.nnn.nnn.nnn notation or hostname) $2 = port (decimal, host byte order) §3 = URI $4 = Text that must be returned by http service In this sample script, $3 is the regular expression pidfile="/var/run/pinger.§1..$2-pid" Li eee eeeeeeee ee seaeee (ahh up: MusT_SBE=$(4); if [ -£ $pidfile then Kill -9 “cat $pidfile” > /dev/null 2>81 fi echo "$$" > $pidfile ‘TMPFILE=/var/tmp/${L3}-${L4} .check rm -£ §{TMPFILE) curl -s -o ${TMPFILE) http://${L3}/${URT} 2>/dev/null 1>/dev/muli grep ${MUST_SEE) ${TMPFILE) 2>41 > /dev/null status=$7 aif [ $status -eq 0] then # any output is interpreted as a successful monitor echo "up" fi rm -£ $pidfile $(T™MPFILE} Configuring BIG-IP LTM v11 5-13514 Chapter 5 - Monitors Performance Monitors Performance monitors are generally used with Dynamic Ratio Load Balancing, Unlike health monitors, performance monitors do not report the status of a pool, pool member or node but, combined with special Server plug-ins, allow monitoring of Real Networks, WMI and Windows2000/Unix SNMP-monitored pools of Servers. Some monitors are included as part of the LTM system, while other monitors are user-created, Monitors that the LTM system provides are called pre-configured monitors. User-created monitors are called custom monitors. Before configuring and using monitors, it is helpful to understand some basic concepts regarding monitor types, monitor settings, and monitor implementation. Dynamic Ratio Load Balancing ‘The Dynamic Ratio method is used specifically for load balancing traffic to RealNetworks® RealSystem® Server platforms, Windows® platforms equipped with Windows Management Instrumentation (WMI, or any server equipped with an SNMP agent such as the UC Davis SNMP agent ‘or Windows 2000 Server SNMP agent. To implement Dynamic Ratio load balancing, you must first and configure the necessary server software for these systems, and then install the appropriate performance monitor. ‘The Dynamic Ratio method is like the Ratio method except that ratio weights are based on continuous ‘monitoring of the servers and are therefore continually changing. This is a dynamic load balancing method, distributing connections based on various aspects of real-time server performance analysis, such as the current number of connections per node or the fastest node response time. RealServer ‘A RealServer type of monitor checks the performance of a pool, pool member, or node that is running the RealSystem Server data collection agent. The monitor then dynamically load balances traffic accordingly. Performance monitors are generally used with dynamic ratio load balancing. ‘The LTM system provides a Pre-configured RealServer monitor named real_server. Like all Pre- configured monitors, the real_server monitor is not user-modifiable. However, if you want to modify the Metrics setting, you can create a custom RealServer monitor, to which you can add metrics and modify metric values. The metric coefficient is a factor determining how heavily the metric’s value counts in the overall ratio weight calculation, The metric threshold is the highest value allowed for the metric if the metric is to have any weight at all. ‘SNMP DCA With an SNMP DCA type of monitor, you can check the performance of a server running an SNMP agent such as UC Davis, for the purpose of load balancing traffic to that server. With this monitor you can define ratio weights for CPU, memory, and disk use. Performance monitors are generally used with ‘dynamic ratio load balancing. Pre-configured monitors are not user-modifiable. Thus, if you want to change the values for the SNMP DCA monitor settings, you must create an SNMP DCA-type custom monitor. Possible values for the 514 Configuring BIG-IP LTM v11Chapter 5 - Monitors 5-15 Version setting are vl, v2c, and Other. Possible values for the Agent Type setting are UCD, Win2000, and Other, ‘When configuring an SNMP DCA custom monitor, you can use the default CPU, memory, and disk coefficient and threshold values specified in the monitors, or you can change the default values. Optionally, you can specify coefficient and threshold values for gathering other types of data. Note that if the monitor you are configuring is for a type of SNMP agent other than UC Davis, you must specify the agent type, such as Win2000. SNMP DCA Base ‘You use an SNMP DCA Base type of monitor to check the performance of servers that are running an ‘SNMP agent, such as UC Davis. However, you should use this monitor only when you want the load ‘alancing destination to be based solely on user data, and not CPU, memory or disk use. Performance monitors are generally used with dynamic ratio load balancing. wi A WML type of monitor checks the performance of a pool, pool member, or node that is running the ‘Windows Management Infrastructure (WMI) data collection agent and then dynamically load balances traffic accordingly. ‘You generally use performance monitors such as a WMI monitor with dynamic ratio load balancing, Note that when ereating a custom WMI monitor, the only default values that you are required to change are the null values for user name and password. Also note that you cannot change the value of the Method setting. Performance monitors are generally used with Dynamic Ratio Load Balancing. Unlike health monitors, performance monitors do not report on the status of a Pool Member or Node but, combined with special Server plug-ins, allow monitoring of Real Networks, WMI and Windows2000/Unix SNMP-monitored pools of Servers. Configuring BIG-IP LTM v11 5-155-16 Chapter 5 - Monitors Configuring Monitors Lesson Objectives During this lesson, you will lear how to use pre-configured monitors and/or create user-defined monitors and associate them with pools, pool members and nodes. Creating Custom Monitors All monitor templates can be used as the basis of custom monitors. When you create a custom monitor, ‘you must give it a unique name, specify a monitor type, specify the defaults by choosing a monitor to import settings from, and make changes asdesired. For example, you could create a custom monitor called my_icmp, which is based in the ICMP monitor, but has a different timeout setting. ‘One common change is to edit the Send Sting and Receive String for an HTTP monitor. The default Send String is GET /\x\n, and it is designed to retrieve the default page from a web site. There are various reasons that you may wish to change this. For example, some servers may not have a default page. Alternately, you may wish to request a specific page. Finally, some servers will not process a request that does not include the HTTP version and required HTTP headers. The example below includes the HTTP version and the HTTP Host header, which is required in HTTP version 1.1 “GET /www/cust_info.html HTTP/1.1\r\nHost: Yoursite\r\n\r\n" *\e\n" is used to insert a newline ‘The Receive string should almost always be changed. The default Receive String is a null. If itis not changed, as long as the TCP connection forms, the monitor is successful. Associating Multiple Monitors ‘One or more custom or pre-defined monitors can be assigned to pools, pool members, or nodes. When ‘multiple monitors are assigned, if any one monitor fails, by default the object will be marked down. Alternatively, shared services can be independently monitored to prevent bringing down the entire server when only one service or one process fails. Other applications can continue to use a server even though a single service or application has failed. Multiple Monitors can be Associated to a Pool or Pool Member This is especially important when using transparent monitors to check the viability of a path. Transparent ‘monitors check through the member to an ultimate destination in an effort to verify that the member represents a viable path. With this feature, you can specify multiple ultimate destinations and consider the members available as long as one or more of the end points can be reached. This feature is also useful for detection of failed gateways to determine if the pool should be brought out of service when x number of monitors fails. In this way, a user can ensure that his/her site reacts to connectivity problems within their network and gains greater protection against outages from upstream failures. For example, you can create monitors httpl, http2, and http3, where each monitor is configured differently, and associate all three monitors with the same pool member. By default, the pool member is 5-16 Configuring BIG-IP LTM v11Chapter 5 - Monitors S17 marked as Offline if any of the checks are unsuccessful. The screen shot below shows assigning both hpi and hatp2 monitors to a pool, but also only requiring a positive response from one of the monitors (Availability Requirement of At Least 1). Configuration: | Advanced Health Monitors | & ‘Availabilty Requirement AtLeast... [1 Health Monitor(s) Or, you can associate all three monitors with the same pool and require all monitors to be successful. In that case, each pool member is marked Offline if any of the checks are unsuccessful. ‘You can also associate multiple monitor types with the same pool member within a pool. For example the system administrator is using a WMI performance monitor. Performance monitors (WMI, SNMP_DCA, REAL_SERVER) do not report the health of their target system; they simply ‘compute a metric for dynamic ratio load balancing and report up or down based on the compared results. To report the health of the monitor the user could also use the HTTP monitor. The BIG-IP system allows them both to be associated with the same pool member with the WMI monitor assigned to get metrics from the server and the HTTP monitor determining its health. In this case, the pool member is marked Offline if either of the checks fail. Monitors to Same IP:port — Different Members Multiple monitors can be associated with the same IP:port combination in multiple pools. One monitor may check for content needed in one pool while the other checks for content of another pool. For example, you assign the same IP:port to three separate pools: pl, p2, and p3. You can then associate three custom HTTP monitors to the three pools. The result is that the BIG-IP system uses the one monitor to check the server health in pl, another monitor to check p2, and the third monitor in p3. If one of the monitors detects the service has failed, only that pool member is marked down. Monitor Instances ‘When you associate a monitor with an object, the BIG-IP system automatically creates an instance of that monitor for each object that is being tested. You can also Disable/Enable a given monitor instance (Node or Member). This allows you to suspend health or performance checking for that particular object, without having to actually delete the entire monitor itself. Configuring BIG-IP LTM v11 5-175-18 Chapter 5 - Monitors Other Monitor Options Manual Resume By default, when a monitor fails (that is, anode or a pool member), the BIG-IP system marks the resource as down and directs traffic to the next appropriate resource. Then when the monitor next determines that the resource is available, the BIG-IP system marks the resource as available and considers the resource for subsequent load-balancing connection requests. While this process is appropriate for most resources, there are situations where you want to wait before a resource is again available, rather than allow the BIG-IP system to do that automatically. This can be done by setting Manual Resume in the monitor definition, For example, consider a monitor that you assigned to a resource to track the availability of an HTML file, index html, for a web site. During the course of a business day, you decide that you need to restart the system that hosts the web site. The monitor detects the restart action the BIG-IP system marks objects unavailable. When the system restarts, the monitor detects that the index.html file is available, and begins sending connection requests to the web site. However, the rest of the web site might not be ready to receive connection requests. Consequently, the BIG-IP system sends connection requests to the web site before the site can respond effectively. To prevent this problem, you can enable the Manual Resume attribute of the monitor. Then, if'a monitor ‘marks an object down and later the monitor succeeds, the object will be left in a Forced Down state until the object is manually enabled. Receive Disabled St This option is designed to allow sites to disable servers by making changes on the servers rather than the BIG-IP systems. When combined with a non-null Receive String, when the Receive String is not matched and the Receive Disabled String is, the object is disabled. This allows server administrators to disable BIG-IP system pool members without having any administrative access to the BIG-IP system itself. 5-18 Configuring BIG-IP LTM v11Chapter 5 - Monitors Alias Address and Port 519 By default, both the Alias Address and Alias Service Port are set to a wildcard *. This value causes the ‘monitor instance created for a pool, pool member, or node to take that node’s address or address and port as its destination. You can, however, replace either or both wildcard symbols with an explicit destination value when creating a custom monitor. An explicit value for the Alias Address and/or Alias Service Port setting is used to force the instance destination to a specific address and/or port, which may not be that of the pool, pool member, or node. This technique allows you to create monitors that test dependencies and ‘mark the primary service down with the backend services fail, Monitor Destination | Monitor Checked Resource whose in Definition Assignment Resource status is determined = 172.16.20.1 172.16.20.1 172.16.20.1 oS 172.16.20.2:80 | 172.16.20.2:80 | 172.16.20.2:80 *:443 172.16.20.3:80 | 172.16.20.3:443 | 172.16.20.3:80 10.10.10.10 172.16.20.4 10.10.10.10 172.16.20.4 10.10.10.10:50 172.16.20.5.80 | 10.10.10.10:50 | 172.16.20.5:80 Configuring BIG-IP LTM v11 5-19Lab 5.1 - Monitors Lab Objectives In this exercise you will configure health checks using multiple defaults and custom monitors to verify Pool Members. Lab Requirements © Estimated time for completion: 40 minutes © Access toa BIG-IP LTM Syst © Atleast one Virtual Server with one working Node Removing Monitors and Persistence from Earlier Labs 1. Un-assign all monitors from the previous labs. 2. Remove persistence from vs_http. uration g before con’ 3. Reset statistics and send traffic to vs_http by connecting to hitp:/10.10.X.100, 4. Look at the statistics page for the virtual server and the http_pool to see how data is flowing through the BIG-IP system.Assigning Multiple Monitors Create Custom Monitors for HTTP and HTTPS 5. Navigate to Local Traffi » Monitors and select My_http. 6. Modify My_http monitor to have the following characteristics: Monitor [Monitor | Parent Interval, Timeout | Other Parameters Name Type Monitor My_http | HTTP http 5,16 Send: GET /index.htmi\in Receive: Server [1-3] i} Note: [1-3] is a regular expression that matches any single character in the range from 1 to 3. 7. Ifyou already created the My_https monitor in an earlier lab, verify it has the following characteristics. Otherwise, edit My_https monitor with the following characteristics: Monitor [Monitor | Parent Interval, Timeout | Other Parameters Name | Type Monitor My_https [HTTPS — | https 5, 16 ‘Send: GET /index.htmi\rin Receive: Server 2 Alias Service Port: 443 (HTTPS) Note the Alias Service Port setting will make sure the monitor will always test port 443 regardless of the port configured on the pool member being monitored. Set Monitor Assignments and Test 8. Associate the Health Monitor My_http with http_pool. 9. Click Update. 10. What is the status of http_pool? What are the statuses of the members? Each time the Members tab is clicked, the screen will refresh. Which monitor(s) are testing each member? Associate My_https mor Click Update. with http_pool also. 13. What is the status of http_pool? What are the statuses of its members? Which monitor(s) are testing each member? Are the current monitor assignments appropriate for the servers in the classroom labs? 14. Did the status of the pool members in http_pool change? 15. Under the Advanced Configuration, change the Availabili monitors from All to At Least I and click Update. Requirements of http_poot 16. Did the status of the pool and/or pool member's change? 17. Change the Availability Requirement for http_pool monitors back to All. Save your change.18, Change the Receive String on My_https monitor to Server [1-3]. Save your change. 19, What is the status of http_pool? What are the statuses of its members? Which monitor(s) are testing each member? Expected Results Initially when you set just the My_http monitor, all members should be “Available (Enabled)". When you added the My_https monitor, only member 172.16.20.2 should be Available since the My_https monitor was only looking for the response “Server 2”. When you change the monitor availability to “At Least 1”, then only 1 monitor needs to succeed for a member to be Available. Finally when you changed the My_https monitor to look for all 3 server responses with Server [1-3] both ‘monitors will now mark all 3 members Available. Enabling and Testing Receive Disabled String 20. Navigate to My_https monitor and set the Receive String to Server 2 and the Receive Disabled String to Server 1. Save your change: 21. Check the status of the pool and its members, Expected Results Each member of http_pool should be in a different state ~ 172.16.20.1:80 is disabled (black circle), 172.16.20.2:80 is up (green circle), 172.16.20.3:80 is down (red diamond). Why? 22. Remove the Receive Disable String from My_https monitor. If you cannot remove it, modify it to Server 4 (which does not exist). 23. Click Update. Enabling and Testing Manual Resume 24. Navigate to the My_https monitor and, using the Advaneed pull-down in the Configuration section, set the Manual Resume option to Yes. You may wish to decrease the Interval and ‘Timeout settings as well. Save your changes. Check the status of ttp_pool and its members, 26. Change the Receive String of My_https monitor back to Server [1-3] and save your changes 27. Test the results by verifying the status of the pool, its members, and by sending traffic to the vs_http virtual server. You should be able to send traffic to pool member 2 only. 28. Re-enable pool members 1 and 3, 29. Test the results by verifying the status of the pool, its members, and by sending traffic to the ‘vs_http virtual server. You should be able to send traffic to all pool members. 30. Set the Manual Resume option to No.31. Click Update. 32. Test again by verifying the status of the pool, its members, and by sending traffic to the vs_http virtual server. Clean Up 33. Select http_pool and disassociate My_https monitor.fee aa