Forum Discussion

Peter_Lowdon's avatar
Peter_Lowdon
Icon for Altocumulus rankAltocumulus
Sep 07, 2020
Solved

So basically health monitors which actually monitor downstream virtual servers on another f5 LTM don't seem to work?

hi f5'ers,   I've got a weird situation here, wondered if anyone has come across it before.   We have an f5 LTM with some simple load balanced web services, we call this our Tier 2 f5 LTM. T...
  • crodriguez's avatar
    Sep 08, 2020

    I think what you are running up against is simply the way the inband monitor works. My understanding is that the inband monitor relies upon multiple attempts to connect to the pool member failing over some period of time, as defined in the inband monitor settings. In other words, it's looking for a RST in response to a SYN. Because your Tier 2 pool members are actually Tier 3 virtual servers, it would appear the 3WHS actually succeeds before a RST is sent by the Tier 3 virtual server, even though it has no available pool members. I was able to confirm this behavior with TCPDUMP.

     

    If this is all web traffic, have you considered switching to an HTTP-type monitor - even the default http monitor, rather than use the inband monitor? The HTTP monitor should mark the Tier 2 pool member down when the associated Tier 3 virtual server is also down, as there is no HTTP response.