NimbostratusI have a virtual server/pool members configured for *ALL Ports but am struggling to determine the best way to monitor the health of the pool members. I have tried using the search function on this website but am having issues. Getting allot of blank results, not sure if the site is down or what is going on. Any help is appreciated. Thanks
NacreousYou will need to create monitors with explicit ports to test other wise many of the default monitors will try to probe every port. i.e. the http monitor will want to send an HTTP request to all 65,535 ports. you will want to create a custom http monitor that only tests port 80 or whatever port it is you are running your http service.
Nacreous
EmployeeIt is quite untrue to suggest that bigd attempt to send 65,535 probes to the pool member.
If a pool member's service port is set to zero, then it means user traffic will inherit the appropriate layer-4 port from the virtual server's configuration.
In other words, if the virtual server is listening on port 80, and the pool member is set to service port 0, the traffic will be passed to port 80 on the pool member. A second virtual server listening on port 443 could use the same pool, and it would pass traffic to the same pool member, but on port 443.
In the case where the pool member is listening on port 0, and the virtual is also listening on port 0, the pool member's port will follow what destination port that the traffic arrived on at the virtual server.
You have two choices in terms of monitoring such a pool member.
Associate an ICMP based monitor, which doesn't use ports (eg, gateway_icmp)
Create a custom monitor with an alias port, so that it knows what port to send the monitor to. There is one already defined in the default configuration: https_443.
Any attempt to apply a layer 4 monitor that does not have an alias port defined will result in the following error message:
root@(ltm-1200-211)(cfg-sync Disconnected)(Active)(/Common)(tmos) modify ltm pool wildcard_service monitor tcp
01070622:3: The monitor /Common/tcp has a wildcard destination service and cannot be associated with a node that has a zero service.
CirrusYou will need to create monitors with explicit ports to test other wise many of the default monitors will try to probe every port. i.e. the http monitor will want to send an HTTP request to all 65,535 ports. you will want to create a custom http monitor that only tests port 80 or whatever port it is you are running your http service.
CirrusEmployeeIt is quite untrue to suggest that bigd attempt to send 65,535 probes to the pool member.
If a pool member's service port is set to zero, then it means user traffic will inherit the appropriate layer-4 port from the virtual server's configuration.
In other words, if the virtual server is listening on port 80, and the pool member is set to service port 0, the traffic will be passed to port 80 on the pool member. A second virtual server listening on port 443 could use the same pool, and it would pass traffic to the same pool member, but on port 443.
In the case where the pool member is listening on port 0, and the virtual is also listening on port 0, the pool member's port will follow what destination port that the traffic arrived on at the virtual server.
You have two choices in terms of monitoring such a pool member.
Associate an ICMP based monitor, which doesn't use ports (eg, gateway_icmp)
Create a custom monitor with an alias port, so that it knows what port to send the monitor to. There is one already defined in the default configuration: https_443.
Any attempt to apply a layer 4 monitor that does not have an alias port defined will result in the following error message:
root@(ltm-1200-211)(cfg-sync Disconnected)(Active)(/Common)(tmos) modify ltm pool wildcard_service monitor tcp
01070622:3: The monitor /Common/tcp has a wildcard destination service and cannot be associated with a node that has a zero service.