Greetings, I am pretty much a newbie to f5 and I apologize for my lack of expertise upfront. I have an LTM 1600 running code 10.2.4 and am trying to create an ECV health monitor. The configuration that I am using is listed below. monitor lgdb-evc { defaults from http recv "GN_green" send "GET /cgi-bin/ecv.cgi HTTP/1.0n" } I have verified manually that I am receiving the correct response, as listed below, when I manually perform the get on the node in question. 218:~ jaime.silva$ telnet 10.16.24.40 80 Trying 10.16.24.40... Connected to 10.16.24.40. Escape character is '^]'. GET /cgi-bin/ecv.cgi HTTP/1.0 Host: ltm01.nj1.answers HTTP/1.1 200 OK Date: Thu, 15 Aug 2013 18:45:59 GMT Server: Apache/2.2.23 (CentOS) Connection: close Content-Type: text/html; charset=ISO-8859-1 GN_green Connection closed by foreign host. When I apply the health monitor to the pool, it is marking it down. I switch to the standard http health monitor and it marks the pool as being up. So I know there is no issues reaching the node via port 80. Any feedback or input regarding the above problem would be greatly appreciated.

I would tweak your send string. GET /cgi-bin/ecv.cgi HTTP/1.0\r\n\r\n I don't remember when and in which version this changes, but you either need "\r\n\r\n", "\r\n", or nothing at the end of the string. You can also watch this traffic with TCPDUMP for further troubleshooting.

This solution SOL2167: Constructing HTTP requests for use with the HTTP or HTTPS application health monitor covers the functionality. This is a portion of the solution: 10.2.x and 11.x Each instance of \r is translated to a CR character (0x0d). Each instance of \n is translated to a LF character (0x0a). No CR/LF sequences are appended to the end of the Send String unless Basic Authentication is enabled. When Basic Authentication or NTLM / NTLMv2 Authentication (version 11.1 and later) is enabled by configuring a User Name and Password in the monitor definition, the system inserts the Authorization header and a terminating double CR/LF sequence (0x0d 0x0a 0x0d 0x0a) after the last character in the Send String. 9.4.x, 9.6.x, 10.0.x, 10.1.x Each instance of \r is translated to a CR character (0x0d). Each instance of \n is translated to a LF character (0x0a). A double CR/LF sequence (0x0d 0x0a 0x0d 0x0a) is appended to the end of the Send String. 9.2.x and 9.3.x Each instance of \r is translated to a CR character (0x0d). Each instance of \n is translated to a LF character (0x0a). A single CR/LF sequence (0x0d 0x0a) is appended to the end of the Send String. 9.0.x and 9.1.x Each instance of \n is translated to a CR+LF character sequence (0x0d 0x0a). A single CR/LF sequence (0x0d 0x0a) is appended to the end of the Send String.

I tried modifying the send string to GET /cgi-bin/ecv.cgi HTTP/1.0\r\n\r\n but still doesn't seem to be working right. I performed a tcpdump on the heth monitor to one of the pool nodes and noticed that the connection attempt looks like is being made on port 3306, which is the port assigned to the pool. I was under the impression that since the health monitored was configured for HTTP, it would use port 80 by default. I tried changing the destination port to HTTP and it seems to work. The question I have is do I need to specify the destination port even though I have already specified the health monitor's "default from" is already ser to be HTTP based.

LTM ECV Health Monitor Issue

11 Replies

Kevin_Stewart
Employee
Aug 15, 2013
I would tweak your send string.

GET /cgi-bin/ecv.cgi HTTP/1.0\r\n\r\n

I don't remember when and in which version this changes, but you either need "\r\n\r\n", "\r\n", or nothing at the end of the string. You can also watch this traffic with TCPDUMP for further troubleshooting.
Michael_Yates
Nimbostratus
Aug 15, 2013
This solution SOL2167: Constructing HTTP requests for use with the HTTP or HTTPS application health monitor covers the functionality.

This is a portion of the solution: 10.2.x and 11.x

Each instance of \r is translated to a CR character (0x0d).

Each instance of \n is translated to a LF character (0x0a).

No CR/LF sequences are appended to the end of the Send String unless Basic Authentication is enabled.

When Basic Authentication or NTLM / NTLMv2 Authentication (version 11.1 and later) is enabled by configuring a User Name and Password in the monitor definition, the system inserts the Authorization header and a terminating double CR/LF sequence (0x0d 0x0a 0x0d 0x0a) after the last character in the Send String.

9.4.x, 9.6.x, 10.0.x, 10.1.x

Each instance of \r is translated to a CR character (0x0d).

Each instance of \n is translated to a LF character (0x0a).

A double CR/LF sequence (0x0d 0x0a 0x0d 0x0a) is appended to the end of the Send String.

9.2.x and 9.3.x

Each instance of \r is translated to a CR character (0x0d).

Each instance of \n is translated to a LF character (0x0a).

A single CR/LF sequence (0x0d 0x0a) is appended to the end of the Send String.

9.0.x and 9.1.x

Each instance of \n is translated to a CR+LF character sequence (0x0d 0x0a).

A single CR/LF sequence (0x0d 0x0a) is appended to the end of the Send String.
- silvajai_01_131
  Nimbostratus
  Aug 16, 2013
  I tried modifying the send string to GET /cgi-bin/ecv.cgi HTTP/1.0\r\n\r\n but still doesn't seem to be working right. I performed a tcpdump on the heth monitor to one of the pool nodes and noticed that the connection attempt looks like is being made on port 3306, which is the port assigned to the pool. I was under the impression that since the health monitored was configured for HTTP, it would use port 80 by default. I tried changing the destination port to HTTP and it seems to work. The question I have is do I need to specify the destination port even though I have already specified the health monitor's "default from" is already ser to be HTTP based.
- BinaryCanary_19
  Historic F5 Account
  Aug 16, 2013
  If you don't specify an alias port on the montor, it will always use what the pool member is configured on. The fact that the monitor type is "http" implies nothing about it's behaviour with regards to network ports. It just means it's going to treat the connections it establishes as to a server capable of reading and responding to HTTP.
Michael_Yates_6
Cirrus
Aug 15, 2013
This solution SOL2167: Constructing HTTP requests for use with the HTTP or HTTPS application health monitor covers the functionality.

This is a portion of the solution: 10.2.x and 11.x

Each instance of \r is translated to a CR character (0x0d).

Each instance of \n is translated to a LF character (0x0a).

No CR/LF sequences are appended to the end of the Send String unless Basic Authentication is enabled.

When Basic Authentication or NTLM / NTLMv2 Authentication (version 11.1 and later) is enabled by configuring a User Name and Password in the monitor definition, the system inserts the Authorization header and a terminating double CR/LF sequence (0x0d 0x0a 0x0d 0x0a) after the last character in the Send String.

9.4.x, 9.6.x, 10.0.x, 10.1.x

Each instance of \r is translated to a CR character (0x0d).

Each instance of \n is translated to a LF character (0x0a).

A double CR/LF sequence (0x0d 0x0a 0x0d 0x0a) is appended to the end of the Send String.

9.2.x and 9.3.x

Each instance of \r is translated to a CR character (0x0d).

Each instance of \n is translated to a LF character (0x0a).

A single CR/LF sequence (0x0d 0x0a) is appended to the end of the Send String.

9.0.x and 9.1.x

Each instance of \n is translated to a CR+LF character sequence (0x0d 0x0a).

A single CR/LF sequence (0x0d 0x0a) is appended to the end of the Send String.
- silvajai_01_131
  Nimbostratus
  Aug 16, 2013
  I tried modifying the send string to GET /cgi-bin/ecv.cgi HTTP/1.0\r\n\r\n but still doesn't seem to be working right. I performed a tcpdump on the heth monitor to one of the pool nodes and noticed that the connection attempt looks like is being made on port 3306, which is the port assigned to the pool. I was under the impression that since the health monitored was configured for HTTP, it would use port 80 by default. I tried changing the destination port to HTTP and it seems to work. The question I have is do I need to specify the destination port even though I have already specified the health monitor's "default from" is already ser to be HTTP based.
- BinaryCanary_19
  Historic F5 Account
  Aug 16, 2013
  If you don't specify an alias port on the montor, it will always use what the pool member is configured on. The fact that the monitor type is "http" implies nothing about it's behaviour with regards to network ports. It just means it's going to treat the connections it establishes as to a server capable of reading and responding to HTTP.
Kevin_Stewart
Employee
Aug 16, 2013
When you say "default from", are you referring to the "parent monitor"? If so, that just mirrors the configuration settings of the parent monitor profile. If your pool members are on one port (3306), and you need to send monitor requests on another port (80), then use the "Alias Service Port" setting in the monitor configuration.
JRahm
Admin
Aug 16, 2013
you can enable debug information on the monitors with:

tmsh modify /sys db bigd.debug value enable

Just make sure you disable once you get what you need.
hooleylist
Cirrostratus
Aug 16, 2013
It sounds like you fixed it with the alias service port. For future reference here's a SOL with more suggestions on troubleshooting monitors:

sol12531: Troubleshooting health monitors http://support.f5.com/kb/en-us/solutions/public/12000/500/sol12531.html

and

https://devcentral.f5.com/wiki/AdvDesignConfig.TroubleshootingLtmMonitors.ashx

Aaron
silvajai_01_131
Nimbostratus
Aug 19, 2013
Thanks for all the replies. Greatly appreciated!!!