Forum Discussion

Brian_Saunders1's avatar
Brian_Saunders1
Icon for Altostratus rankAltostratus
Sep 24, 2013

Monitor HTTP Page for Text

Hello All,

 

I'm trying to setup a custom health monitor that monitors a page for specific text. I've read through the forums and the SOLs but haven't found a resolution to my particular situation. When I access one of the servers I'd like to monitor via the following, http://hostname.domain.com/dana-na/healthcheck/healthcheck.cgi it shows:

 

 

When I try to setup a TCP health monitor on port 80 with the following GET statement

 

GET /dana-na/healthcheck/healthcheck.cgi HTTP/1.1\r\nHost: 10.10.10.10\r\nConnection: Close\r\n\r\n

 

I always get a 200 OK response instead of the "Security gateway is accessible" like you would get when manually accessing the server. I also attempted a curl query from the LTM and it appears I do get "Security gateway is accessible" in the response:

 

< HTTP/1.1 200 OK < Content-Type: text/html; charset=utf-8 < Pragma: no-cache < Cache-Control: no-store < Expires: -1 Connection 0 to host 10.10.10.10 left intact * Closing connection 0 xml version="1.0" encoding="utf-8">Cluster HealthCheck

 

Security gateway is accessibleSecurity gateway is accessible

 

Is there something I'm missing in the GET statement on the health monitor?

 

Thanks,

 

Brian

 

  • I would use i.e. httpfox (Firefox plugin) to verify the requests and responses from scratch. Perhaps a real browser gets redirected (302) first and / or the content will show up only after receiving a session cookie being retransmitted by the client.

     

    Actually I had exactly the same issue a couple of months ago with a customer and we simply parsed for a '302'. Ironically we received a '200', if the gateway was inoperable. So you may add the '200' to the monitor disable conditions.

     

  • So just to clarify, you DO get the "Security gateway is accessible" message when using cURL? If so, how do you know you're not getting it with the monitor? Have you looked at the traffic with a TCPDUMP?

     

    tcpdump -lnni 0.0 -Xs0 port 80 and host [ip of server]
    

     

  • Yepp, cURL is a good choice. In case you need to test for SSL the following syntax may help to avoid complaints about non-trusted certificates:

     

    curl -v -i -k -H "Host: test51.lb-net.bit" https://10.111.111.100:443/path/object?query

     

  • Wow, formatting in my original message didn't turn out so great. So when I perform a cURL I do see "security gateway is accessible" within the message:

     

     

    I ran a tcpdump within the GUI but it doesn't show the content of the page, appears to be getting truncated. Will performing the tcpdump via CLI provide more insights?

     

     

  • Can you try this as a send string?

     

    GET /dana-na/healthcheck/healthcheck.cgi HTTP/1.1\r\nHost: \r\nConnection: Close\r\nAccept: /\r\n\r\n

     

    If that doesn't work, try using these steps to troubleshoot:

     

    https://devcentral.f5.com/wiki/AdvDesignConfig.TroubleshootingLtmMonitors.ashx

     

    Aaron

     

  • Yes. CLI-based TCPDUMP will definitely show you more information. Use the "-Xs0" option.

     

  • So I updated the GET syntax to what hoolio mentioned above and the nodes are passing the health monitor (they were with the other syntax as well). I also ran the following command via tcpdump in CLI

     

    Code tcpdump -lnni 0.0 -Xs0 port 80 and host 10.10.10.10
    

     

    And saw the following output:

    So I guess the health monitor is working as expected? I guess the best test would be to fail the node and confirm it doesn't return that text.