Forum Discussion
xuwen
Cumulonimbus
CumulonimbusF5 LTM TCP traffic can't be meet this require
topology: client( 30.1.1.1 )------->VS( 200.1.1.100:23)-------------->pool members(router1: 192.168.40.1:23 router2:192.168.40.2:23) The scenario is as follows: vs 200.1.1.100 vs port 23, pool n...
Last year, I came up with a solution. Linux shell can be used for any node, and I can also use icall (the disadvantage is that when add some new pool members, I have to add icall configuration)
The method is to add a ping detection to the Linux shell. If the ping timeout occurs, it will tmsh delete the node session;
you need to pay attention to BIGIP version(V12.1.6 can support nc -z command), some high version(in Centos 7+ system) can not support nc -z
you can use status=`echo -e "admin" | /usr/bin/nc -w 1 $node_ip 22 &>/dev/null;echo $?`
#!/bin/sh # # (c) Copyright 1996-2006, 2010-2013 F5 Networks, Inc. # # This software is confidential and may contain trade secrets that are the # property of F5 Networks, Inc. No part of the software may be disclosed # to other parties without the express written consent of F5 Networks, Inc. # It is against the law to copy the software. No part of the software may # be reproduced, transmitted, or distributed in any form or by any means, # electronic or mechanical, including photocopying, recording, or information # storage and retrieval systems, for any purpose without the express written # permission of F5 Networks, Inc. Our services are only available for legal # users of the program, for instance in the event that we extend our services # by offering the updating of files via the Internet. # # @(#) $Id: //depot/maint/bigip12.1.6/tm_daemon/monitors/sample_monitor#1 $ # # # these arguments supplied automatically for all external pingers: # $1 = IP (::ffff:nnn.nnn.nnn.nnn notation or hostname) # $2 = port (decimal, host byte order) # $3 and higher = additional arguments # # $MONITOR_NAME = name of the monitor # # In this sample script, $3 is the regular expression # # Name of the pidfile pidfile="/var/run/$MONITOR_NAME.$1..$2.pid" # Send signal to the process group to kill our former self and any children # as external monitors are run with SIGHUP blocked if [ -f $pidfile ] then kill -9 -`cat $pidfile` > /dev/null 2>&1 fi echo "$$" > $pidfile # Remove the IPv6/IPv4 compatibility prefix node_ip=`echo $1 | sed 's/::ffff://'` # Using the nc utility to get data from the server. # Search the data received for the expected expression. # status=`echo -e "admin" | /usr/bin/nc -w 1 $node_ip 22 &>/dev/null;echo $?` status=`/usr/bin/nc -w 1 $node_ip -z 22 &>/dev/null;echo $?` ping_result=`ping -c1 -w1 $node_ip &>/dev/null;echo $?` if [ $status -eq 0 ] then # Remove the pidfile before the script echoes anything to stdout and is killed by bigd rm -f $pidfile echo "up" elif [ $ping_result -eq 1 ] then rm -f $pidfile tmsh delete /sys connection ss-server-addr $node_ip ss-server-port $2 &>/dev/null exit fi # Remove the pidfile before the script ends rm -f $pidfile
xuwenCumulonimbus
CumulonimbusLast year, I came up with a solution. Linux shell can be used for any node, and I can also use icall (the disadvantage is that when add some new pool members, I have to add icall configuration)
The method is to add a ping detection to the Linux shell. If the ping timeout occurs, it will tmsh delete the node session;
you need to pay attention to BIGIP version(V12.1.6 can support nc -z command), some high version(in Centos 7+ system) can not support nc -z
you can use status=`echo -e "admin" | /usr/bin/nc -w 1 $node_ip 22 &>/dev/null;echo $?`
#!/bin/sh
#
# (c) Copyright 1996-2006, 2010-2013 F5 Networks, Inc.
#
# This software is confidential and may contain trade secrets that are the
# property of F5 Networks, Inc. No part of the software may be disclosed
# to other parties without the express written consent of F5 Networks, Inc.
# It is against the law to copy the software. No part of the software may
# be reproduced, transmitted, or distributed in any form or by any means,
# electronic or mechanical, including photocopying, recording, or information
# storage and retrieval systems, for any purpose without the express written
# permission of F5 Networks, Inc. Our services are only available for legal
# users of the program, for instance in the event that we extend our services
# by offering the updating of files via the Internet.
#
# @(#) $Id: //depot/maint/bigip12.1.6/tm_daemon/monitors/sample_monitor#1 $
#
#
# these arguments supplied automatically for all external pingers:
# $1 = IP (::ffff:nnn.nnn.nnn.nnn notation or hostname)
# $2 = port (decimal, host byte order)
# $3 and higher = additional arguments
#
# $MONITOR_NAME = name of the monitor
#
# In this sample script, $3 is the regular expression
#
# Name of the pidfile
pidfile="/var/run/$MONITOR_NAME.$1..$2.pid"
# Send signal to the process group to kill our former self and any children
# as external monitors are run with SIGHUP blocked
if [ -f $pidfile ]
then
kill -9 -`cat $pidfile` > /dev/null 2>&1
fi
echo "$$" > $pidfile
# Remove the IPv6/IPv4 compatibility prefix
node_ip=`echo $1 | sed 's/::ffff://'`
# Using the nc utility to get data from the server.
# Search the data received for the expected expression.
# status=`echo -e "admin" | /usr/bin/nc -w 1 $node_ip 22 &>/dev/null;echo $?`
status=`/usr/bin/nc -w 1 $node_ip -z 22 &>/dev/null;echo $?`
ping_result=`ping -c1 -w1 $node_ip &>/dev/null;echo $?`
if [ $status -eq 0 ]
then
# Remove the pidfile before the script echoes anything to stdout and is killed by bigd
rm -f $pidfile
echo "up"
elif [ $ping_result -eq 1 ]
then
rm -f $pidfile
tmsh delete /sys connection ss-server-addr $node_ip ss-server-port $2 &>/dev/null
exit
fi
# Remove the pidfile before the script ends
rm -f $pidfile