Forum Discussion
shaikhzaid
Altocumulus
AltocumulusMonitor multiple services on one service
Hi folks, I have a server serving web/smtp services, how to monitor multiple services on f5 having one backend server ? Also, which VS should I configure, to serve both services? instead of crea...
Paulius
MVP
MVPshaikhzaid In order to get the single VS and pool setup to work the way you would want it would be more complex compared to 2 VS's and 2 pools with the same node in it. Do you have a particular limitation that requires you to only configure 1 VS rather than a VS per application? The reason I ask is because this also introduces a greater security risk with 1 VS rather than 2 individual VS's. We should not take a path just because it seems easier without taking into consideration the overall security aspect.
shaikhzaidAltocumulus
AltocumulusThanks Paulius for the reply,
There is no constraint with regards to configuring two different VS, however i am more interested in how the health monitor shall i configure since i have a single backend server? a tcp-half open or what?
Also i would like to know the security risk in having 1 VS to support multiple services?
Thanks
- Aswin_mk
Cumulonimbus
Hi shaikhzaid
If your VIP is running on webport(eg:443) please configure layer 7 health check. (https or content based)
If you vips are running on SMTP, please create a SMTP health check
Please dont create tcp half open or tcp, it will impact your service (if service goes down and it allow a tcp connection, it will show vip is up and hard to troubleshoot the issue)
BR
Aswin- shaikhzaid
Thanks Ashwin for the reply,
Can you share any guide/doc about smtp health monitor for smtp? or shall i use the default f5 provided one?
Regards
- Aswin_mk
Yes, if you have a default one, you can use it and verify the status of the pool. If no, please create a TCP custom one with port 25. Use this if your backend port is SMTP(25)
BR
Aswin
