I am running GTM 11.4.1 HF1. If I assign the default HTTP health monitor to a GTM pool, the pool goes red. If I remove the pool health check and add the HTTP health monitor to the member that's in the pool, the pool goes green. The GTM has no problem making a telnet connection on port 80 to the member. It can ping and tracert to the member without problem. This behavior happens for any pool and member combination. Is this expected behavior? Why can I not set a pool health check and have it work correctly? I spend most of my time in LTM and am accustomed to LTM behavior. thanks!

Does the server respond as expected if you issue the curl command? From bash shell: curl http://serveripaddress

Yes. From the GTM, when I open the member server's IP address with curl, I get expected HTML from the default document.

The results should be the same between the two. Have you tried capturing the network-behavior with tcpdump, and is this GTM part of a network of iquery-connected GTMs/LTMs?

1) I have not make any packet captures yet, as this hasn't been a critical issue. 2) This GTM does communicate with LTMs using iquery, however the GTM does not use that data. All server/member/node objects in the GTM are added manually.

I suppose it's good to know that this behavior is not expected. This might motivate me to open a case with F5 support to inquire about the issue. At least I know it's not working how it is supposed to. Much of the config in the GTM is not intuitive to me, so sometimes I'm never really sure how things are supposed to work.

GTM health monitor fails on pool, but not on member.

18 Replies

shaggy_121467
Cumulonimbus
Nov 20, 2014
my apologies if the following is overkill - just want to lay out some iquery functionality that is often vague in documentation and misunderstood until you have to dig in:

regarding the earlier comment "This GTM does communicate with LTMs using iquery, however the GTM does not use that data. All server/member/node objects in the GTM are added manually."

iquery is used between GTM/LTM not only to autodiscover LTM virtual servers and monitor health of the F5 devices, but also to pass on health status of virtual servers from the LTM on which a vs is configured to a GTM that is configured with that vs as a GTM vs object, regardless of whether the server object was manually added or autodiscovered - if a GTM vs was manually added to the LTM server object and a bigip monitor is assigned to that server object, the GTM will ascertain the vs status via its iquery connection from that LTM.

when a specific non-bigip monitor is assigned to a GTM pool/member/server, the GTM may delegate that monitoring activity to a different iquery-connected F5-device. it doesn't necessarily handle the monitoring itself. from my experience, it will choose a live F5 device (GTM or LTM) in the same GTM data center as the monitored virtual-server object. for example, if an http monitor is assigned to a GTM pool/member in DC1, the GTM may tell another LTM in DC1 to monitor that object and relay the status back via iquery. this can cause issues if there's a firewall that prevents the selected F5 device from hitting that server object via port 80, 443, etc. required by the non-bigip monitor
- AjayPra_161698
  Nimbostratus
  Dec 15, 2014
  Hi Shaggy , I do have question regarding GTM monitoring the LTM vs using iquery On GTM I have Virtual Server ABC_VIP_http ,Called in Pool ABC_Pool,WIP= abc.com GTM will give Virtual Server IP=1.1.1.1 in resolution to abc.com Virtual Server name=ABC_VIP_http Virtual Server IP = 1.1.1.1 Virtual Server Port=80 On LTM Virtual Server name=ABC_VIP Virtual Server IP =1.1.1.1 Virtual Server Port=any. My questions is in this scenario the Virtual servers name and configuration on GTM/LTM doesn't match. How GTM will come to know that Virtual server ABC_VIP_http is available? Bigip monitor will tell the status of Virtual server = ABC_VIP ?LTM will say Virtual server ABC_VIP is available ? How GTM will correlate it to the Virtual Server name=ABC_VIP_http configured on GTM, Thanks
- shaggy_121467
  Cumulonimbus
  Dec 15, 2014
  I don't believe the GTM will be able to match that GTM VIP to the associated LTM VIP since the port is different. Why did you specify the GTM virtual with port 80 instead of "any"?
shaggy
Nimbostratus
Nov 20, 2014
my apologies if the following is overkill - just want to lay out some iquery functionality that is often vague in documentation and misunderstood until you have to dig in:

regarding the earlier comment "This GTM does communicate with LTMs using iquery, however the GTM does not use that data. All server/member/node objects in the GTM are added manually."

iquery is used between GTM/LTM not only to autodiscover LTM virtual servers and monitor health of the F5 devices, but also to pass on health status of virtual servers from the LTM on which a vs is configured to a GTM that is configured with that vs as a GTM vs object, regardless of whether the server object was manually added or autodiscovered - if a GTM vs was manually added to the LTM server object and a bigip monitor is assigned to that server object, the GTM will ascertain the vs status via its iquery connection from that LTM.

when a specific non-bigip monitor is assigned to a GTM pool/member/server, the GTM may delegate that monitoring activity to a different iquery-connected F5-device. it doesn't necessarily handle the monitoring itself. from my experience, it will choose a live F5 device (GTM or LTM) in the same GTM data center as the monitored virtual-server object. for example, if an http monitor is assigned to a GTM pool/member in DC1, the GTM may tell another LTM in DC1 to monitor that object and relay the status back via iquery. this can cause issues if there's a firewall that prevents the selected F5 device from hitting that server object via port 80, 443, etc. required by the non-bigip monitor
- AjayPra_161698
  Nimbostratus
  Dec 15, 2014
  Hi Shaggy , I do have question regarding GTM monitoring the LTM vs using iquery On GTM I have Virtual Server ABC_VIP_http ,Called in Pool ABC_Pool,WIP= abc.com GTM will give Virtual Server IP=1.1.1.1 in resolution to abc.com Virtual Server name=ABC_VIP_http Virtual Server IP = 1.1.1.1 Virtual Server Port=80 On LTM Virtual Server name=ABC_VIP Virtual Server IP =1.1.1.1 Virtual Server Port=any. My questions is in this scenario the Virtual servers name and configuration on GTM/LTM doesn't match. How GTM will come to know that Virtual server ABC_VIP_http is available? Bigip monitor will tell the status of Virtual server = ABC_VIP ?LTM will say Virtual server ABC_VIP is available ? How GTM will correlate it to the Virtual Server name=ABC_VIP_http configured on GTM, Thanks
- shaggy
  Nimbostratus
  Dec 15, 2014
  I don't believe the GTM will be able to match that GTM VIP to the associated LTM VIP since the port is different. Why did you specify the GTM virtual with port 80 instead of "any"?
gsharri
Altostratus
Dec 16, 2014
Shaggy is correct. GTM will not be able to automatically associate a GTM VS with a LTM VS if both the name and IP:port are different. However you can manually assign a LTM VS to a GTM VS if required using tmsh.

modify gtm server virtual-servers modify { { ltm-name /Common/ }}

Forum Discussion

GTM health monitor fails on pool, but not on member.

18 Replies

Recent Discussions

iRule resulting in too many redirects

Azure SAML - F5 APM

Converting config to DO

Wildcard SSL Certificate Deployment on F5 LTM

URL

Related Content

F5 Distributed Cloud - Regional Edge Health Monitoring Insights

Health monitor question

iRule based RADIUS Health Monitor Builder

Losing Requests because of health monitoring

GTM health monitor connection refuesd