Forum Discussion

JCMATTOS_41723's avatar
JCMATTOS_41723
Icon for Nimbostratus rankNimbostratus
Aug 27, 2009

Monitor failing with firewall port redirection?

We have an LTM 9.4.7 and we are using a monitor for a keepalive.htm page using HTTP 1.1 settings. It works fine, when no port redirection is used on the firewall. I did a couple traces on the F5 and I see the monitor responding back fine thru the firewall to the F5 (10.0.52.11)with a 200 OK but the serivce stays down. Any ideas as to why?

 

Send String

 

GET /keepalive.htm HTTP/1.1\r\nHost: \r\nConnection: close\r\n\r\n

 

Rec String

 

HTTP/1.1 200 OK

 

Alias Port: 8080

 

[root@F5:Active] config tcpdump -ni VIP -X -s 0 host 10.0.52.11

 

09:38:47.255082 10.0.52.11.37503 > 10.0.53.252.webcache: P 1:63(62) ack 1 win 5840 (DF)

 

0x0000 4500 0072 7993 4000 4006 42ec 0a00 340b E..ry.@.@.B...4.

 

0x0010 0a00 35fc 927f 1f90 5677 035f d5b5 6949 ..5.....Vw._..iI

 

0x0020 8018 16d0 acc3 0000 0101 080a 5cb9 3ed4 ............\.>.

 

0x0030 5cb9 3ed5 4745 5420 2f6b 6565 7061 6c69 \.>.GET./keepali

 

0x0040 7665 2e68 746d 2048 5454 502f 312e 310d ve.htm.HTTP/1.1.

 

0x0050 0a48 6f73 743a 200d 0a43 6f6e 6e65 6374 .Host:...Connect

 

0x0060 696f 6e3a 2063 6c6f 7365 0d0a 0d0a 0d0a ion:.close......

 

0x0070 0d0a ..

 

09:38:47.257766 10.0.53.252.webcache > 10.0.52.11.37503: P 1:290(289) ack 63 win 4442 (DF)

 

0x0000 4500 0155 6b35 4000 fe06 9266 0a00 35fc E..Uk5@....f..5.

 

0x0010 0a00 340b 1f90 927f d5b5 6949 5677 039d ..4.......iIVw..

 

0x0020 8018 115a 4d46 0000 0101 080a 5cb9 3ed8 ...ZMF......\.>.

 

0x0030 5cb9 3ed4 4854 5450 2f31 2e31 2032 3030 \.>.HTTP/1.1.200

 

0x0040 204f 4b0d 0a53 6572 7665 723a 204d 6963 .OK..Server:.Mic

 

0x0050 726f 736f 6674 2d49 4953 2f35 2e31 0d0a rosoft-IIS/5.1..

 

0x0060 436f 6e6e 6563 7469 6f6e 3a20 636c 6f73 Connection:.clos

 

0x0070 650d 0a44 6174 653a 2054 6875 2c20 3237 e..Date:.Thu,.27

 

0x0080 2041 7567 2032 3030 3920 3136 3a33 383a .Aug.2009.16:38:

 

0x0090 3437 2047 4d54 0d0a 436f 6e74 656e 742d 47.GMT..Content-

 

0x00a0 5479 7065 3a20 7465 7874 2f68 746d 6c0d Type:.text/html.

 

0x00b0 0a41 6363 6570 742d 5261 6e67 6573 3a20 .Accept-Ranges:.

 

0x00c0 6279 7465 730d 0a4c 6173 742d 4d6f 6469 bytes..Last-Modi

 

0x00d0 6669 6564 3a20 5468 752c 2031 3620 4a75 fied:.Thu,.16.Ju

 

0x00e0 6c20 3230 3039 2032 303a 3536 3a32 3620 l.2009.20:56:26.

 

0x00f0 474d 540d 0a45 5461 673a 2022 3066 3932 GMT..ETag:."0f92

 

0x0100 6365 3235 3736 6361 313a 6132 6222 0d0a ce2576ca1:a2b"..

 

0x0110 436f 6e74 656e 742d 4c65 6e67 7468 3a20 Content-Length:.

 

0x0120 3437 0d0a 0d0a 5465 7374 2066 726f 6d20 47....
management
monitoring

1 Reply

Sort By
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Aug 27, 2009
    Hi JC,

     

     

    If the receive string you've listed is accurate, that monitor request should have been considered successful. Is there another monitor on the pool or node that might be failing? If you enable bigd debug (b db bigd.debug enable / disable) and check the log file (/var/log/bigdlog), do you see a valid response being marked as failed?

     

     

    Aaron