For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Srijana_137175's avatar
Srijana_137175
Icon for Nimbostratus rankNimbostratus
Apr 10, 2014

DNS health probe configuration in NODE

I am trying to configure DNS health probing (different DNS port with different IP) to NODES that are under a POOL.

 

Example - currently all nodes under a pool are setup with single probing (DNS 53) but now we want to change that probing by setting different DNS probes for all nodes. Each DNS probe should be able to resolve it respective IPs and port.

 

Could you help me ?

 

application delivery
BIG-IP Access Policy Manager (APM)
ihealth
performance
security
TMOS
TMSH

7 Replies

  • Cory_50405's avatar
    Cory_50405
    Icon for Noctilucent rankNoctilucent
    Apr 10, 2014

    You can set the monitor at the node level vice the pool level by specifying a node specific health monitor. This will enable you to apply a unique monitor to each node. Have you tried this?

     

    • Srijana_137175's avatar
      Srijana_137175
      Icon for Nimbostratus rankNimbostratus
      Apr 10, 2014
      NODE Level does not give me DNS option although there are other options to monitor like ICMP, TCP etc. Can you suggest any other way please ?
    • Cory_50405's avatar
      Cory_50405
      Icon for Noctilucent rankNoctilucent
      Apr 10, 2014
      I see what you mean. Only a subset of monitors seems to be available to apply directly at the node level, and DNS isn't one of those. External monitor types look to be available though. You could potentially create an external monitor to run a dig against your node. This would probably be a considerable amount of effort though, if it's even feasible. I can think of no other way to accomplish it though, given your situation.
    • Srijana_137175's avatar
      Srijana_137175
      Icon for Nimbostratus rankNimbostratus
      Apr 10, 2014
      How do we setup external monitor ? could you brief me a bit please ? Cannt see that option under NODE so..
  • Cory_50405's avatar
    Cory_50405
    Icon for Noctilucent rankNoctilucent
    Apr 11, 2014

    Here's the script we have in place for the SSH/script health check. We're using it to determine the health status of Splunk forwarders for logging purposes:

    !/bin/sh
 remove IPv6/IPv4 compatibility prefix (LTM passes addresses in IPv6 format)
IP=`echo ${1} | sed 's/::ffff://'`
PORT=${2}
 set the pid file location and name
PIDFILE="/var/run/`basename ${0}`.${IP}.${PORT}.pid"
 kill off the last instance of this monitor if hung and log current pid
if [ -f $PIDFILE ]
then
echo "EAV exceeded runtime needed to kill ${IP}:${PORT}" | logger -p local0.error
kill -9 `cat $PIDFILE` > /dev/null 2>&1
fi
echo "$$" > $PIDFILE
 send request & check for expected response
ssh splunk@${IP} -i /config/ssh/ssh_host_dsa_key "/home/splunk/healthcheck.sh" > /dev/null 2>&1
 mark node UP if expected response was received
if [ $? -eq 0 ]
then
echo "UP"
fi
rm -f $PIDFILE
exit