Redirect

is the example irule in sol6510 applicable?

 

 

sol6510: BIG-IP system fallback host behavior when a host is down

 

http://support.f5.com/kb/en-us/solutions/public/6000/500/sol6510.html

No. They want to have the word "down" in the header (really meaning they made the maintenance page they want available) on the maintenance VS and when that maintenance page is available they want the production VS to redirect to that very maintenance page.

 

 

 

 

 

Appreciate the quick response.

 

 

e.g.

172.28.19.79 is production virtual

200.200.200.101 is production pool

172.28.19.89 is maintenance virtual

[root@ve10:Active] config  b virtual prod list
virtual prod {
   snat automap
   pool prodpool
   destination 172.28.19.79:80
   ip protocol 6
   rules myrule
   profiles {
      http {}
      tcp {}
   }
}
[root@ve10:Active] config  b pool prodpool list
pool prodpool {
   monitor all myhttp
   members 200.200.200.101:80 {}
}
[root@ve10:Active] config  b monitor myhttp list
monitor myhttp {
   defaults from http
   dest 172.28.19.89:80
   reverse
   recv "down"
   send "GET /test.html HTTP/1.1\r\nHost: \r\nConnection: Close\r\n\r\n"
}
[root@ve10:Active] config  b rule myrule list
rule myrule {
   when HTTP_REQUEST {
   if {[active_members [LB::server pool]] < 1} {
     HTTP::fallback "http://172.28.19.89"
   }
}
}

[root@ve10:Active] config  curl http://172.28.19.89/test.html
down

[root@ve10:Active] config  b pool prodpool|grep -i pool
POOL prodpool  LB METHOD round robin   MIN/CUR ACTIVE MEMBERS 0/0
+-> POOL MEMBER prodpool/200.200.200.101:80   inactive,down

[root@ve10:Active] config  curl -I http://172.28.19.79
HTTP/1.0 302 Found
Location: http://172.28.19.89
Connection: close

another way.

[root@ve10:Active] config  b virtual prod list
virtual prod {
   snat automap
   pool prodpool
   destination 172.28.19.79:80
   ip protocol 6
   rules myrule
   profiles {
      http {}
      tcp {}
   }
}
[root@ve10:Active] config  b rule myrule list
rule myrule {
   when HTTP_REQUEST {
   if {[LB::status pool foo member 172.28.19.89 80] eq "up"} {
      HTTP::redirect "http://172.28.19.89"
   }
}
}
[root@ve10:Active] config  b pool foo list
pool foo {
   monitor all myhttp
   members 172.28.19.89:80 {}
}
[root@ve10:Active] config  b monitor myhttp list
monitor myhttp {
   defaults from http
   dest 172.28.19.89:80
   recv "down"
   send "GET /test.html HTTP/1.1\r\nHost: \r\nConnection: Close\r\n\r\n"
}

[root@ve10:Active] config  curl http://172.28.19.89/test.html
down

[root@ve10:Active] config  b pool foo|grep -i pool
POOL foo  LB METHOD round robin   MIN/CUR ACTIVE MEMBERS 0/1
+-> POOL MEMBER foo/172.28.19.89:80   active,up

[root@ve10:Active] config  curl -I http://172.28.19.79
HTTP/1.0 302 Found
Location: http://172.28.19.89
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

I'm not sure I fully comprehend your requirements. But how about this -

 

 

Apply a second monitor to the production pool which hits the maintenance pool members (using the Alias Address/Alias Service Port options if necessary), and leaving the Availability Requirement set to All. When the maintenance monitor goes down (by "changing the header"), that will trigger the LB_FAILED event on the production VIP. Then you can catch it with an iRule:

 

 

when LB_FAILED {

 

HTTP::redirect "http://(maintenance URL)"

 

}

 

 

That's exactly what I tried to do. Having issues with getting their header. Are you sure that we can apply a health monitor to a Virtual server that then points to another site (is that what the alias does?) also what about persistance? I'm told that even if the members are down, persistant connections will still go to them.

The health monitor is applied to a Pool, not a Virtual Server. But yes, the Alias fields say, in effect, "check this ip address/port instead of the ip/port of the members in the pool where it's applied". But what I would do first is create a bogus pool with the maintenance members and apply the maintenance monitor there. That way, you're not fussing with the production pool.

 

 

There could be a number of issues around "getting the header" (still not 100% confident I understand what that means exactly, but I think I do). One thing I know for certain is that the LTM only looks for the Receive String in the the first 5120 bytes of the HTTP response - the response headers are included in that 5120 limit. But assuming it's not that or something like a firewall or routing issue, typically what I would do is perform a tcpdump and see exactly how the maintenance server is responding on the wire. This is something I do all the time, but not everyone knows how to do this or analyze the output. I can help if needed if you feel comfortable sharing a network trace. You may be able to send me a private message with attachment if you don't want to post it to everyone.

 

 

(edit)

 

Also I forgot to answer your persistence question. I think when the Virtual Server is marked down, it will still trigger the LB_FAILED event even if the connection is persistent because when the VS is down, the LTM has nowhere to send the traffic. You should test this though.

That's exactly what I tried to do. Having issues with getting their header.

 

 

Also, post what LTM version you are running and your maintenance monitor Send and Receive Strings - sanitize if necessary. It's possible you arent using the correct CR/LF line-termination characters.

Everything with the redirect irule works. The problem is I cannot get the health monitor to work.

 

The app guys gave me this.

 

https://testmaint.xyz.com/getwebsit...x?env=test

 

If I go to this webpage with a Internet browser, it says "down" in the body.

 

 

So I created this for the send string

 

GET / HTTP/1.1\nHost: testmaint.xyz.com/getwebsitestatus.aspx?env=test\nConnection: close\n\n\r\n

 

and a receive string

 

down

 

-------

 

For alias address it just has this and I cannot change anything.

 

Alias Address * All Addresses

 

Alias Service Port * All Ports

 

 

_________

 

 

BIG-IP 10.2.3 Build 112.0 Final

 

GET / HTTP/1.1\nHost: testmaint.xyz.com/getwebsitestatus.aspx?env=test\nConnection: close\n\n\r\ncan you try this?

 

 

GET /getwebsitestatus.aspx?env=test HTTP/1.1\r\nHost: testmaint.xyz.com\r\nConnection: close\r\n\r\n

 

 

sol2167: Constructing HTTP requests for use with the HTTP or HTTPS application health monitor

 

http://support.f5.com/kb/en-us/solutions/public/2000/100/sol2167.html

 

 

by the way, it is https monitor, isn't it?

 

 

For alias address it just has this and I cannot change anything.you have to create a new one i.e. you cannot change it after creating.