Forum Discussion
Peter_Baumann_5
Nimbostratus
NimbostratusUpgrade from v11.6.0 HF4 to v11.6.0 HF6 breaks some monitors
Hi all, Is there any problem known with v11.6.0 HF6 upgrade with http monitors?
The customer was using the following http monitors in v11.6.0 HF4:
`GET /_layouts/15/success.aspx HTTP/1.1\r\nHost: mysitestage.domain.com`
`GET / HTTP/1.1\r\nHost: mentoring.domain.com\r\nConnection: Close\r\n\r\n`
After upgrade to v11.6.0 HF6 the http monitors looks like the following:
`GET /_layouts/15/success.aspx HTTP/1.1\\r\\nHost: mysitestage.domain.com`
`GET / HTTP/1.1\\r\\nHost: mentoring.domain.com\\r\\nConnection: Close\\r\\n\\r\\n`
So the upgrade procedure changed all backslashes to double backslashes, why? Also very strange is that the new "HF6" monitor with the string:
`GET / HTTP/1.1\\r\\nHost: mentoring.domain.com\\r\\nConnection: Close\\r\\n\\r\\n`
is STILL working in HF6.
But the monitor with the string:
`GET /_layouts/15/success.aspx HTTP/1.1\\r\\nHost: mysitestage.domain.com`
is NOT working anymore, it is turning red. After we changed all the monitors back to a single backslash every monitor was working again.
It's bad that again a hotfix upgrade leads to this bug. We can not recommend to upgrade to HF6 then.
Any ideas what kind of bug this is again?
Thanks for answering!
Best regards, Peter
I got bit by this last night, which resulted in extended downtime until we found the cause. On our LTM-VE (standalone), it only doubled the backslashes, which allowed it to work on some pools still. Our 2000s HA pair got triple backslashes, though, and marked everything down as a result. Not good.
https://support.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnote-ltm-11-5-1.htmlrn_ki
ID 453256 seems to point to an issues with double quotes are backslashes in monitors. Seems pretty hard to avoid getting hit by it (I'd probably over/under escape).
https://support.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnote-ltm-11-6-0.htmlrn_ki
Different ID, 291584, points to another backslash issue where the workaround is to delete the extras.
RossVermetteRan into this also. Apparently the extra "\" check was added in some version after 11.6.0 HF1. One other issue I noticed is that if you use "auth" username/password in your monitor, make sure there is no "\r\n" at the end of your send string(even though the online help screen says it needs one), as what would happen in packet the HTTP header there would be new line between the http header and the auth header, which would cause a 400 bad response from a backend server that you're monitoring.
boneyardMVP
thanks for the heads up, haven't seen this yet, but something useful the remember.
jbancroft_16904This upgrade issue is documented in sol91296817: Extra escape characters may be appended to monitor send/receive strings after upgrading
https://support.f5.com/kb/en-us/solutions/public/k/91/sol91296817.html?sr=50677863
- Also affects 11.5.3, 11.5.3 HF1, 11.5.3 HF2
Peter_BaumannCirrostratus
Hi jbancroft, Thanks, I found the same article not long ago. And I have some news. The issue should be fixed in v11.6.1 which should be released soon, maybe this week. So happy upgrading and testing when it will be released... :-)