Having some trouble configuring a custom health monitor..

So, I've a unique requirement to ensure our ISA servers (in a pool together, on tcp/443) are both sending traffic into our Exchange organization for external webmail. We really need the LTM to check that the traffic is being forwarded back to Exchange on each pool member ISA host.

 

 

Right now, I'm only confirming that HTTPS is responding. However, I'd like to call the OWA webmail page, which is accessible at a URI of /owa on each server. There are two distinct challenges that I'm facing:

 

 

1. The ISA proxy requires a host name in the HTTP GET request (corp.mail.company.com, for example), as it routes the traffic based on the installed SSL certificate which specifies the host name of the site. Therefore, the custom monitor also needs to include the host header.

 

 

2. The Exchange webmail site issues a basic authentication challenge to any incoming requests, so I need the ability to respond with a username and password in the custom health monitor as well.

 

 

I've gone to this URL - http://devcentral.f5.com/wiki/AdvDesignConfig.HTTPMonitor_cURL_GETWithHostSpecificHeaders.ashx - and have setup a custom monitor that maps the site host name to each specific pool member. In fact, I've actually created two custom monitors. One maps the first ISA pool member IP address to the host name corp.mail.company.com). The second maps the other ISA pool member IP address to the host as well. Is it possible for me use just one monitor to check the status of both? I noticed that the custom monitor was only assignable to a pool, not to a specific node, which is what I thought I would need to do.

 

 

I've included the text of both monitors below. My questions are:

 

 

-Can I accomplish what I'm trying to do with one health monitor or do I need two separate ones (for each pool member)?

 

 

-How do respond/reply to the browser basic authentication challenge to get into the mail system?

 

 

Thank much in advance for any input!

 

 

-B

 

 

 

1st custom monitor:

 

!/bin/sh

 

 

(c) Copyright 1996-2007 F5 Networks, Inc.

 

 

This software is confidential and may contain trade secrets that are the

 

property of F5 Networks, Inc. No part of the software may be disclosed

 

to other parties without the express written consent of F5 Networks, Inc.

 

It is against the law to copy the software. No part of the software may

 

be reproduced, transmitted, or distributed in any form or by any means,

 

electronic or mechanical, including photocopying, recording, or information

 

storage and retrieval systems, for any purpose without the express written

 

permission of F5 Networks, Inc. Our services are only available for legal

 

users of the program, for instance in the event that we extend our services

 

by offering the updating of files via the Internet.

 

 

@() $Id: http_monitor_cURL+GET+HostSpecificHeaders,v 1.0 2007/06/28 15:03:15 deb Exp $

 

(based on sample_monitor,v 1.3 2005/02/04 18:47:17 saxon)

 

 

 

 

these arguments supplied automatically for all external monitors:

 

$1 = IP (nnn.nnn.nnn.nnn notation)

 

$2 = port (decimal, host byte order)

 

 

additional command line arguments ($3 and higher) may be specified in the monitor template

 

This example does not expect any additional command line arguments

 

 

Name/Value pairs may also be specified in the monitor template

 

This example expects the following Name/Vaule pairs:

 

URI = the URI to request from the server

 

RECV = the expected response (not case sensitive)

 

 

remove IPv6/IPv4 compatibility prefix (LTM passes addresses in IPv6 format)

 

NODE=`echo ${1} | sed 's/::ffff://'`

 

PORT=${2}

 

 

PIDFILE="/var/run/`basename ${0}`.${NODE}_${PORT}.pid"

 

kill of the last instance of this monitor if hung and log current pid

 

if [ -f $PIDFILE ]

 

then

 

echo "EAV exceeded runtime needed to kill ${IP}:${PORT}" | logger -p local0.error

 

kill -9 `cat $PIDFILE` > /dev/null 2>&1

 

fi

 

echo "$$" > $PIDFILE

 

 

set the value for the Host header based on IP

 

(defaults to IP address if IP doesn't match)

 

case "$IP" in

 

"192.168.1.100")

 

HOST="corp.mail.company.com"

 

;;

 

*)

 

HOST="$IP"

 

;;

 

esac

 

 

send request & check for expected response

 

curl -fNs http://${NODE}:${PORT}${URI} -H "Host: ${HOST}" | grep -i "${RECV}" 2>&1 > /dev/null

 

mark node UP if expected response was received

 

if [ $? -eq 0 ]

 

then

 

echo "UP"

 

fi

 

 

rm -f $PIDFILE

 

exit

 

 

 

2nd custom monitor:

 

!/bin/sh

 

 

(c) Copyright 1996-2007 F5 Networks, Inc.

 

 

This software is confidential and may contain trade secrets that are the

 

property of F5 Networks, Inc. No part of the software may be disclosed

 

to other parties without the express written consent of F5 Networks, Inc.

 

It is against the law to copy the software. No part of the software may

 

be reproduced, transmitted, or distributed in any form or by any means,

 

electronic or mechanical, including photocopying, recording, or information

 

storage and retrieval systems, for any purpose without the express written

 

permission of F5 Networks, Inc. Our services are only available for legal

 

users of the program, for instance in the event that we extend our services

 

by offering the updating of files via the Internet.

 

 

@() $Id: http_monitor_cURL+GET+HostSpecificHeaders,v 1.0 2007/06/28 15:03:15 deb Exp $

 

(based on sample_monitor,v 1.3 2005/02/04 18:47:17 saxon)

 

 

 

 

these arguments supplied automatically for all external monitors:

 

$1 = IP (nnn.nnn.nnn.nnn notation)

 

$2 = port (decimal, host byte order)

 

 

additional command line arguments ($3 and higher) may be specified in the monitor template

 

This example does not expect any additional command line arguments

 

 

Name/Value pairs may also be specified in the monitor template

 

This example expects the following Name/Vaule pairs:

 

URI = the URI to request from the server

 

RECV = the expected response (not case sensitive)

 

 

remove IPv6/IPv4 compatibility prefix (LTM passes addresses in IPv6 format)

 

NODE=`echo ${1} | sed 's/::ffff://'`

 

PORT=${2}

 

 

PIDFILE="/var/run/`basename ${0}`.${NODE}_${PORT}.pid"

 

kill of the last instance of this monitor if hung and log current pid

 

if [ -f $PIDFILE ]

 

then

 

echo "EAV exceeded runtime needed to kill ${IP}:${PORT}" | logger -p local0.error

 

kill -9 `cat $PIDFILE` > /dev/null 2>&1

 

fi

 

echo "$$" > $PIDFILE

 

 

set the value for the Host header based on IP

 

(defaults to IP address if IP doesn't match)

 

case "$IP" in

 

"192.168.1.101")

 

HOST="corp.mail.company.com"

 

;;

 

*)

 

HOST="$IP"

 

;;

 

esac

 

 

send request & check for expected response

 

curl -fNs http://${NODE}:${PORT}${URI} -H "Host: ${HOST}" | grep -i "${RECV}" 2>&1 > /dev/null

 

mark node UP if expected response was received

 

if [ $? -eq 0 ]

 

then

 

echo "UP"

 

fi

 

 

rm -f $PIDFILE

 

exit