Forum Discussion

luevelvet's avatar
luevelvet
Icon for Altocumulus rankAltocumulus
Nov 24, 2020

GTM/DNS Not able to run simple external monitor?

Hello All,

I've been struggling with this for some time and wanted to see if anyone else had any ideas.

Scenario:

  • We have a GTM/DNS VE to perform intelligent DNS resolution for generic hosts (IE, non LTM virtual servers etc).
  • We have multiple Squid proxies in one location that we want to intelligently resolve IP's for. For example, we want all traffic to flow through proxyA in case it's down then start resolving proxyB.
  • We figure would could send a command to probe a website on the internet through the proxy which will give us a bit more accuracy instead of a simple port monitor. For example reach out to www.google.com/robots.txt and expect to receive a 200 (or something similar) will ensure the proxy itself can reach the internet even though the port is still accessible to the internal clients.
  • I have a curl command that does reach through the proxy and gets the response we're expecting but we can't seem to get that to work in monitor format. We continue to receive: Offline (Enabled) - Monitor /Common/proxy_mon from [self_ip] : state returned down

The External Program:

#!/bin/sh
# These arguments supplied automatically for all external monitors:
# $1 = IP (nnn.nnn.nnn.nnn notation)
# $2 = port (decimal, host byte order)
#
# This script expects the following Name/Value pairs:
# HOST = the host name of the SNI-enabled site
# URI  = the URI to request
# RECV = the expected response
#
# Remove IPv6/IPv4 compatibility prefix (LTM passes addresses in IPv6 format)
NODE=`echo ${1} | sed 's/::ffff://'`
PORT=${2}
if [[ $NODE =~ ^[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ ]]; then
    NODE=${NODE}
else
    NODE=[${NODE}]
fi
PIDFILE="/var/run/`basename ${0}`.sni_monitor_${HOST}_${PORT}_${NODE}.pid"
if [ -f $PIDFILE ]; then
    echo "EAV exceeded runtime needed to kill ${HOST}:${PORT}:${NODE}" | logger -p local0.error
    kill -9 `cat $PIDFILE` > /dev/null 2>&1
fi
echo "$$" > $PIDFILE
STATUS=`curl-apd -x http://${NODE}:${PORT} https://${URL} 2>/dev/null`
rm -f $PIDFILE
if [[ "$STATUS" == "$RECV"* ]]; then
    echo "UP"
fi
exit

The GTM Monitor:

The GTM log just shows the same message as the monitor status on the member properties. We even tried to setup a simple monitor that simply does an echo "UP" so it shouldn't be reaching out through the proxy yet that still comes back with the same status. Any ideas on where else to look is greatly appreciated!

Thanks,

Luis

application delivery
BIG-IP DNS
devops
external monitor
external program
gtm
  • Lidev's avatar
    Lidev
    Icon for MVP rankMVP
    Nov 24, 2020

    Hi luevelvet

    Did you try to increase the debugging level of the GTM logs and enable DNS mode probe to see if you had more details about this issue ?

    modify /sys db log.gtm.level value debug; modify /sys db gtm.debugprobelogging value enable

    Regards