Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

TCP monitor with sending a byte sequence

One of our customers is using a TCP/IP based application and instead of using the default TCP monitor, they will check their application with sending a specific byte sequence after the TCP connect. If the server answers then with the same byte sequence it can be treated as healthy.

From a C# sample code the byte sequence is defined like this:

private static readonly byte[] _ByteSequence = new byte[] { 62, 122, 33, 83, 70, 46, 14, 74, 164, 167, 81, 253, 54, 254, 113, 78, 128, 0, 101, 99, 104, 111, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 0, 0, 0, 112, 105, 110, 103, 255, 255, 255, 255 };

But currently I have totally no clue how I can handle this with (I guess) and external monitor.

Did someone realized something similar or has an idea how the script should look like?

Thank you!

Ciao Stefan :)

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Why do you use -l parameter ? It's mean listen so, your commands wait for connexion and send your binary payload.

The nc error message tell you that you can't listen on an interface you don't own. Till now, I didn't know we could specify the address. :p

But what you do there is not what I wanted to explain to you in my first post. I told you (but not clearly, i admit :p) that you could use regular TCP monitor in TMSH or GUI. In the field Send String and in the field Receive String you can actually use the escaped string. ;) More simple than with the nc script no ?

1
Comments on this Answer
Comment made 22-Feb-2015 by Amit585731 421
Hi, can you please suggest what will be the correct send and monitor string for below requirement: UDP monitor should probe on 2723 and it should contain the string "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" with a hex value of 02 before the string and a hex value of 00 after it. So the full hex string of the data segment would be: 02 41 42 43 44 45 46 47 48 49 4A 4B 4C 4D 4E 4F 50 51 52 53 54 55 56 57 58 59 5A 30 31 32 33 34 35 36 37 38 39 00. The servers will respond with their hostname (e.g., host1 or host2) followed by a pipe character ("|") followed by the string sent ("ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789") to indicate success.
0
Comment made 23-Feb-2015 by 0x0ff.info 84
Your send string should be you hex string escaped (\x02\x41...\x00), and something like "\x68\x6f\x73\x74\x31..." for your received I guess.
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Here's a thought: use an external monitor with netcat and xxd. Here's an example:

echo '47455d782...hex data...0a0d0a' | xxd -r -p | nc 10.70.0.1 80

Take a look at the sample_monitor Bash script under /config/monitors and you should get an idea on how to deploy the above.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

You could use an escaped string with hexcode like this : \x3e\x7a\x21...\xff\xff It's works in Send and Receive strings, dono if it's a feature but it's quite convenient ! :)

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hi 0x0ff.info,

I just prepared something like this after some additional research, but currently I have to wait until the FW-request is implemented to get access from the LB to the server. I'll let you know, once I can start with my testing.

Thank you!

Ciao Stefan :)

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hi again,

I'm now able to perform some testing, but fighting with below error:

nc: Cannot assign requested address

I tried these two commands, which both ends up with the same error:

echo -ne "\x3e\x7a\x21\x53\x46\x2e\x0e\x4a\xa4\xa7\x51\xfd\x36\xfe\x71\x4e\x80\x00\x65\x63\x68\x6f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x70\x69\x6e\x67\xff\xff\xff\xff" | nc -l 2620:0000:0C10:F501:0000:0002:0AFD:61AB 55555

and

echo "3e7a2153462e0e4aa4a751fd36fe714e80006563686f0000000000000000000000000000000000000400000070696e67ffffffff" | xxd -r -p | nc -l 2620:0000:0C10:F501:0000:0002:0AFD:61AB 55555

The IPv6-address is being used, because we have route domains in place. Any idea, what I'm doing wrong?

Thank you!

Ciao Stefan :)

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

You're my hero of the day ;)

It's fantastic that it's working so easy. The monitor becomes green directly, then I changed one character in the Receive String and it went red. So it seems to work perfectly fine.

Thank you!!!

Ciao Stefan :)

0
Comments on this Answer
Comment made 22-Feb-2015 by Amit585731 421
Hi, can you please suggest what will be the correct send and monitor string for below requirement: UDP monitor should probe on 2723 and it should contain the string "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" with a hex value of 02 before the string and a hex value of 00 after it. So the full hex string of the data segment would be: 02 41 42 43 44 45 46 47 48 49 4A 4B 4C 4D 4E 4F 50 51 52 53 54 55 56 57 58 59 5A 30 31 32 33 34 35 36 37 38 39 00. The servers will respond with their hostname (e.g., host1 or host2) followed by a pipe character ("|") followed by the string sent ("ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789") to indicate success.
0
Comment made 22-Feb-2015 by Amit585731 421
Hi, can you please suggest what will be the correct send and monitor string for below requirement: UDP monitor should probe on 2723 and it should contain the string "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" with a hex value of 02 before the string and a hex value of 00 after it. So the full hex string of the data segment would be: 02 41 42 43 44 45 46 47 48 49 4A 4B 4C 4D 4E 4F 50 51 52 53 54 55 56 57 58 59 5A 30 31 32 33 34 35 36 37 38 39 00. The servers will respond with their hostname (e.g., host1 or host2) followed by a pipe character ("|") followed by the string sent ("ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789") to indicate success.
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hi Stefan, there are examples of using TCP hex string monitors with Oracle Coherence Extend Proxies. You can find both native TCP and External script monitor examples in this deployment guide:

http://www.f5.com/pdf/deployment-guides/oracle-coherence-extend-dg.pdf

You do need BIG-IP version 10.2 or higher for this to work I believe.

-Chris.

0