mkyrc
Cirrus
CirrusBIG-IP DNS Generic Host
Hello,
I need to add some services running on 'generic host'. The destination host is reachable (icmp) from CLI (rd0), but after adding it to GTM configuration as 'server' with 'icmp monitor' - it is not getting up (green) but monitor fails with reason 'no reply from big3d: timed out'.
configuration:
gtm server /Common/host-dca {
datacenter /Common/DCA
devices {
host-dca {
addresses {
172.25.113.23 { }
}
}
}
monitor /Common/my_icmp
product generic-host
virtual-servers {
service1 {
destination 172.25.113.21:0
}
service3 {
destination 172.25.113.23:0
}
}
}
gtm monitor gateway-icmp /Common/my_icmp {
defaults-from /Common/gateway_icmp
interval 5
probe-attempts 3
probe-interval 1
probe-timeout 5
timeout 15
}log:
# host 172.25.113.21
alert gtmd[13178]: 011a5004:1: SNMP_TRAP: Server /Common/host-dca (ip=172.25.113.21) state change blue --> red (No enabled VS available)
alert gtmd[13178]: 011ae0f2:1: Monitor instance /Common/my_icmp 172.25.113.21:0 CHECKING --> DOWN from /Common/dca-dcdns-adc (no reply from big3d: timed out)
alert gtmd[13178]: 011a6006:1: SNMP_TRAP: VS service1 (ip:port=172.25.113.21:0) (Server /Common/host-dca) state change blue --> red ( Monitor /Common/my_icmp : no reply from big3d: timed out)
# host 172.25.113.23
alert gtmd[13178]: 011a5004:1: SNMP_TRAP: Server /Common/host-dca (ip=172.25.113.23) state change blue --> red (No enabled VS available)
alert gtmd[13178]: 011ae0f2:1: Monitor instance /Common/my_icmp 172.25.113.23:0 CHECKING --> DOWN from /Common/dca-dcdns-adc (no reply from big3d: timed out)
alert gtmd[13178]: 011a6006:1: SNMP_TRAP: VS service3 (ip:port=172.25.113.23:0) (Server /Common/host-dca) state change blue --> red ( Monitor /Common/my_icmp : no reply from big3d: timed out)why is there 'no reply from big3d: timed out'?? the server type is 'generic host' (not 'bigip').
network:
GTM is running in HA (there are two GTM devices). Each of them has one self and one float IP address configured. All in routing domain 0 only. Nothing special.
Troubleshooting
host 172.25.113.21 is currently down, host 172.25.113.23 is reachable:
# ping 172.25.113.21
PING 172.25.113.21 (172.25.113.21) 56(84) bytes of data.
^C
--- 172.25.113.21 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 1999ms
# ping 172.25.113.23
PING 172.25.113.23 (172.25.113.23) 56(84) bytes of data.
64 bytes from 172.25.113.23: icmp_seq=1 ttl=253 time=2.11 ms
64 bytes from 172.25.113.23: icmp_seq=2 ttl=253 time=1.96 ms
64 bytes from 172.25.113.23: icmp_seq=3 ttl=253 time=3.68 ms
^C
--- 172.25.113.23 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 1.964/2.586/3.684/0.780 ms
tcpdump from bigip CLI (rd0) with above 'ping' tests:
# tcpdump -i0.0:nn -nnp host 172.25.113.21 or 172.25.113.23
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on 0.0:nn, link-type EN10MB (Ethernet), capture size 65535 bytes
11:28:50.368443 IP 172.18.210.20 > 172.25.113.21: ICMP echo request, id 1286, seq 1, length 64 out slot1/tmm0 lis= port=1/0.16 trunk=.itrunk0 flowtype=130 flowid=4000013D1C00 peerid=4000013D1B00 conflags=20E26 inslot=1 inport=18 haunit=0 priority=0
11:28:52.816810 IP 172.18.210.20 > 172.25.113.23: ICMP echo request, id 1321, seq 1, length 64 out slot1/tmm0 lis= port=1/0.16 trunk=.itrunk0 flowtype=130 flowid=4000013CD140 peerid=4000013CD040 conflags=20E26 inslot=1 inport=18 haunit=0 priority=0
11:28:52.818050 IP 172.25.113.23 > 172.18.210.20: ICMP echo reply, id 1321, seq 1, length 64 in slot2/tmm0 lis= port=.itrunk0 trunk= flowtype=0 flowid=0 peerid=0 conflags=0 inslot=7 inport=26 haunit=0 priority=3
Question:
- I thing, the configuration is correct, but server (host-dca) and virtual services (service1 and service3) are going down.
- Why is the reason of virtual service is going down 'no reply from big3d: timed out'? the server type is 'generic host', not 'bigip'
- I can't see monitoring (my_icmp monitor) requests in the tcpdump. why is this not working? I can see only ping request from CLI, but not from monitor 'my_icmp'.
thank you for advice