Forum Discussion

Andy_Litzinger's avatar
Sep 29, 2011

Suggestions for geoip_lookup monitor

Hi,

I'm using Topology based Global Load balancing for some wideip pools. I have two datacenters, one in Pennsylvania and one in Washington State. Each DC has its own public IP subnet and Quova correctly recognizes the state each IP range is assigned to. It is very important to me that the Quova DB always identifies IPs from my PA DC as from PA and IPs from my WA DC as from WA. It would be bad for example if a Quova DB update applied to my GTMs where to suddenly say my PA IPs are located in CA.

 

 

 

Of course I will have a policy in place to verify this before applying any Quova DB update, but you can imagine someone might forget to do this.

 

 

 

So I would like to create a monitor in our monitoring system that periodically calls the geoip_lookup script (as described here: http://support.f5.com/kb/en-us/solu...11176.html ) to verify that the IP in question is reported as located in the US State expected.

 

 

 

is there a way to run this query via icontrol? or am i stuck deciding between:

 

 

 

1. the monitoring system logging into the GTM to run geoip_lookup (yuck)

 

2. copying down the utility, its lib, and the IP database file and running it locally on the monitoring server (yuck because it decouples the IP DB from the GTM- so you could update the GTM IP DB to a 'bad' version, but the monitor would continue to pass because it was still using the old DB)

 

  • Hi Andy,

     

     

    How about creating a shell script on your GTMs which runs the geoip_lookup script? You could call the script from an external monitor on a dummy pool.

     

     

    Or you could create a test LTM virtual server which uses an iRule to call whereis and sends a TCP or HTTP response of yes/no, good/bad, whatever based on the whereis result.

     

    http://devcentral.f5.com/wiki/iRules.whereis.ashx

     

     

    Aaron
  • Hi Hoolio,

     

    My GTM is a GTM only (not an LTM). I think that rules out your 2nd suggestion; can i still use your first? i'm not sure how that would be accomplished?
  • Here's a template for an external monitor you could use for the first option:

     

     

    http://devcentral.f5.com/wiki/AdvDesignConfig.TemplateForExternalLtmMonitors.ashx

     

     

    Reply back here if you have any questions after reading that example.

     

     

    Aaron
  • is there a more in depth guide to external monitors? The config guides don't have any detail. for example, in your sample script i see you are getting the IP and port from arguments $1 and $2, but i don't know how you knew they would be in those arguments since your monitor config doesn't pass anything in by default. if i pass in arguments, what arg number will they start at?
  • never mind i found this: http://devcentral.f5.com/Tutorials/TechTips/tabid/63/articleType/ArticleView/articleId/151/LTM-External-Monitors-The-Basics.aspx

     

    very helpful!
  • i've set DEBUG=1 in the variables of the monitor definition but debug log lines are not being written to /var/log/gtm (and nothing is going to /var/log/ltm on my GTMs). does this template log properly to /var/log/gtm as written?

     

     

    Also, SOL8154 suggests i should be able to pin the monitor to a specific "Statistics collection server", but I don't see the "statistics collection server" drop down menu where it says i should. My goal is to have only my GTMs run this monitor, not the LTMs in my env.
  • scratch that - it is writing to /var/log/ltm after all (i was looking on the wrong GTM). I still have a question about the "Statistics collection server"- my monitor fails on and off, presumably when my LTM tries to run it.
  • To get this working I had to do the following:

     

    * On my GTM create a dummy "server" of type "generic host" under Global Traffic-> servers

     

    ** choose the local GTM as the "Statistics Collection Server" for this server

     

    * create a dummy VS under this dummy server and assign my external monitor to it. Works like a charm!

     

     

    Now i just need to figure out how I want to monitor the status of this dummy VS (snmp trap, snmp poll, syslog monitoring, etc). thanks for your help Hoolio.