Forum Discussion
Nimbostratushttp get / URI
need some help with forming a get that will return a 200 ok response.
the root site is https://xyz.fqdn.gov the uri I need to query is /eftxweb/access.ofx I created the following get GET /eftxweb/access.ofx HTTP/1.(0|1) host: xyz.fqdn.gov connection: close
it returns the following
HTTP/1.0 302 Found Location: https://xyz.fqdn.gov/eftxweb/access.ofx Server: BigIP Connection: close Content-Length: 0
the 302 I understand indicates a redirect, which is occurring, http to https. but I need to be able to create a health monitor that once redirected, tells me that the connection is good and the correct content is rendered, which I think should be a 200 OK.
thanks for the help.
bruce
24 Replies
HamishCirrocumulus
For multi-step you'll need to create an external monitor. Which in your case would be something like a bash script that uses curl to access the content, testing the results along the way...
If the requests can be done independently (e.g. You want to verify the redirect AND that the content for the redirect is there, but you don't need to do 1, followed by the other) then you could simply attach an HTTP monitor for the initial access and check the redirect is there, then a second (HTTPS) monitor that accesses the (Static) URI to verify the content from that.
H
- Hamish
I think there's a better way to do this though... Do you really need to check both the HTTP and HTTPS server working on a node for the pool member to be considered up?
H
- Hamish
- Although you can telnet to port 443, you'r enot going to get what you expect. Telnet doesn't do SSL.
- As for 1
Note that if you want to check by hand, either use curl, OR openssl
- For a different VS on port 80 I take it...
- OK. You don't really ned to check the :80 then. Just an HTTPS monitor on the pool would be fine.
H
- nitass
Employee
I created an https monitor, and it downed the pool members (though the app is up and running).
what send and receive string are you using?
sol2167: Constructing HTTP requests for use with the HTTP or HTTPS application health monitor
http://support.f5.com/kb/en-us/solutions/public/2000/100/sol2167.htmlare you able to get response if testing the send string with openssl s_client?
testing HTTPS with openssl
http://blog.yimingliu.com/2008/02/04/testing-https-with-openssl/
brucecmc_163171send string GET /eftxweb/access.ofx HTTP/1.1\r\nHost: xyz.fqdn.gov\r\nConnection: close\r\n\r\n my receive string I've tried 200 OK, 302 Found and nothing, all of which produce the same result...pool members downed.- brucecmc_163171I have not tried open ssl, but curl results are above
- nitasscan you try openssl s_client with the send string and see if it gives any clue?
nitass_89166Noctilucent
I created an https monitor, and it downed the pool members (though the app is up and running).
what send and receive string are you using?
sol2167: Constructing HTTP requests for use with the HTTP or HTTPS application health monitor
http://support.f5.com/kb/en-us/solutions/public/2000/100/sol2167.htmlare you able to get response if testing the send string with openssl s_client?
testing HTTPS with openssl
http://blog.yimingliu.com/2008/02/04/testing-https-with-openssl/- brucecmc_163171send string GET /eftxweb/access.ofx HTTP/1.1\r\nHost: xyz.fqdn.gov\r\nConnection: close\r\n\r\n my receive string I've tried 200 OK, 302 Found and nothing, all of which produce the same result...pool members downed.
- brucecmc_163171I have not tried open ssl, but curl results are above
- nitass_89166can you try openssl s_client with the send string and see if it gives any clue?
- Hamish
Syntax is
openssl s_client -connect fqdnorip:portnumThen when you gets connection (You won't get a prompt) type
GET /eftxweb/access.ofx HTTP/1.1 host: xyz.fqdn.gov_as_appropriate connection: closeRemember to type that extra (RETURN Key) after the connection close for the blank line to indicate end of the request... And you should get a response.
H
- nitass
I get the ssl connection, shows me the certificate etc...then when I execute the GET, I get the 200 OK response from the pool...
AND when I run that openssl s_client command from the F5 itself, I get positive results.that means the send string should be correct.
so, can you try capture the health monitor traffic to see if there is reset?
tcpdump -nni 0.0:nnn -s0 -w /var/tmp/output.pcap host x.x.x.x and host y.y.y.y and port zzz -v x.x.x.x is non-floating selfip y.y.y.y is pool member ip zzz is pool member port - brucecmc_163171
thanks for all the responses...got this squared away...problem was with the app, not the monitor monitoring the app...DOH!!!!
