Forum Discussion
Brian_Saunders1
Altostratus
AltostratusMonitor HTTP Page for Text
Hello All,
I'm trying to setup a custom health monitor that monitors a page for specific text. I've read through the forums and the SOLs but haven't found a resolution to my particular situation. When I access one of the servers I'd like to monitor via the following, http://hostname.domain.com/dana-na/healthcheck/healthcheck.cgi it shows:
When I try to setup a TCP health monitor on port 80 with the following GET statement
GET /dana-na/healthcheck/healthcheck.cgi HTTP/1.1\r\nHost: 10.10.10.10\r\nConnection: Close\r\n\r\n
I always get a 200 OK response instead of the "Security gateway is accessible" like you would get when manually accessing the server. I also attempted a curl query from the LTM and it appears I do get "Security gateway is accessible" in the response:
< HTTP/1.1 200 OK < Content-Type: text/html; charset=utf-8 < Pragma: no-cache < Cache-Control: no-store < Expires: -1 Connection 0 to host 10.10.10.10 left intact * Closing connection 0 xml version="1.0" encoding="utf-8">Cluster HealthCheck
Security gateway is accessibleSecurity gateway is accessible
Is there something I'm missing in the GET statement on the health monitor?
Thanks,
Brian
I would use i.e. httpfox (Firefox plugin) to verify the requests and responses from scratch. Perhaps a real browser gets redirected (302) first and / or the content will show up only after receiving a session cookie being retransmitted by the client.
Actually I had exactly the same issue a couple of months ago with a customer and we simply parsed for a '302'. Ironically we received a '200', if the gateway was inoperable. So you may add the '200' to the monitor disable conditions.- Kevin_Stewart
Employee
So just to clarify, you DO get the "Security gateway is accessible" message when using cURL? If so, how do you know you're not getting it with the monitor? Have you looked at the traffic with a TCPDUMP?
tcpdump -lnni 0.0 -Xs0 port 80 and host [ip of server] Yepp, cURL is a good choice. In case you need to test for SSL the following syntax may help to avoid complaints about non-trusted certificates:
curl -v -i -k -H "Host: test51.lb-net.bit" https://10.111.111.100:443/path/object?query
Brian_Saunders1Wow, formatting in my original message didn't turn out so great. So when I perform a cURL I do see "security gateway is accessible" within the message:
I ran a tcpdump within the GUI but it doesn't show the content of the page, appears to be getting truncated. Will performing the tcpdump via CLI provide more insights?
hooleylistCirrostratus
Can you try this as a send string?
GET /dana-na/healthcheck/healthcheck.cgi HTTP/1.1\r\nHost: \r\nConnection: Close\r\nAccept: /\r\n\r\n
If that doesn't work, try using these steps to troubleshoot:
https://devcentral.f5.com/wiki/AdvDesignConfig.TroubleshootingLtmMonitors.ashx
Aaron
- Kevin_Stewart
Yes. CLI-based TCPDUMP will definitely show you more information. Use the "-Xs0" option.
- Brian_Saunders1
So I updated the GET syntax to what hoolio mentioned above and the nodes are passing the health monitor (they were with the other syntax as well). I also ran the following command via tcpdump in CLI
Code tcpdump -lnni 0.0 -Xs0 port 80 and host 10.10.10.10And saw the following output:
So I guess the health monitor is working as expected? I guess the best test would be to fail the node and confirm it doesn't return that text.
- hooleylistYep, that looks right to me.
