Forum Discussion

Benoit_C_'s avatar
Oct 06, 2015

HTTP monitor receive string : how to not take the '200 OK' into account

Hello,

I have to monitor a page which give in its body 'OK' if server is OK and KO if the server is down.

As a 'receive string', I use 'OK'. The problem is that 'OK' is already present in the 'HTTP/1.1 200 OK' (see below the output of the curl command)

I tried different receive strings, last attempt with this one: ^server But it does not work as F5 apparently considers the whole response as a single line.

Would you have an idea on how to make F5 to 'ignore' the "HTTP/1.[01] 200" ?

curl -vi --http1.0 [http://x.x.x.x:yy/a_path_to_a_page.asp](http://x.x.x.x:yy/a_path_to_a_page.asp)
About to connect() to 10.0.110.192 port 81 (0)
Trying x.x.x.x... connected
Connected to x.x.x.x (x.x.x.x) port yy (0)

GET /a_path_to_a_page.asp HTTP/1.0User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 OpenSSL/1.0.1j zlib/1.2.3 libidn/0.6.5Host: x.x.x.x:yyAccept: _/_ 

HTTP/1.1 200 OK
HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Cache-Control: private, max-age=0
Content-Length: 2
Content-Length: 2
Content-Type: text/html
Content-Type: text/html
Expires: Tue, 06 Oct 2015 11:47:20 GMT
Expires: Tue, 06 Oct 2015 11:47:20 GMT
Server: Microsoft-IIS/xxxxx
Server: Microsoft-IIS/xxxxx
Strict-Transport-Security: max-age=31536000;includeSubdomains
Strict-Transport-Security: max-age=31536000;includeSubdomains
set-Cookie: sessionInt=6946fffe-be06-4e78-a4f0-127e0fc528ad; path=/ncol/int/; Secure; HttpOnly
set-Cookie: sessionInt=6946fffe-be06-4e78-a4f0-127e0fc528ad; path=/ncol/int/; Secure; HttpOnly
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Tue, 06 Oct 2015 11:48:19 GMT
Date: Tue, 06 Oct 2015 11:48:19 GMT
Connection: close
Connection: close

Closing connection 0
OK

thanks a lot

-- B.

8 Replies

  • Hi Brad,

     

    thanks for the answer.

     

    Yes that's what I put in place: KO as a receive string.

     

    But I think i'm confused because of this SOL: https://support.f5.com/kb/en-us/solutions/public/12000/800/sol12818.html (the table with results of matching)

     

    Because then I could end in a situation where both 'receive string' and 'receive disable string' will match: OK because of the 'HTTP/1.1 200 OK' KO because of the body of the page

     

    I'll continue to dig this and take dumps. But so far I observe a lot of flaps on servers for which I apply this monitor, and am wondering if it could be related to the strings I trying to match.

     

    (For info I more or less follow the best practice 'Timeout = 3x Interval + 1')

     

    Br,

     

    Ben

     

    • Brad_Parker's avatar
      Brad_Parker
      Icon for Cirrus rankCirrus
      You may want to think about changing your monitor to look for something other than OK if you want it to be marked down even if a 200 is being sent.
    • Hi Brad, yep that's what I proposed as an alternative: - give me smtg else than a OK, for example 'Valid' But devs are not willing to change this before a next release, so I'm looking at how to make it work. I'm not sure on how F5 behaves when 'reading' the HTTP response: - will LTM stop to parse it after finding the 1st occurence of an OK/KO ? (then I'm a bit stuck) - Or will it go through the entire page, count the numbers of OK or KO and take its decision ? (then it will find the KO which will 'super seed' the OK seen in the HTTP 200, and it is acceptable. Even if the matching OK won't be in the body) thanks!
    • Valentine_96813's avatar
      Valentine_96813
      Icon for Nimbostratus rankNimbostratus
      Health monitors are first exact match. If there are more than one, it takes the first. I have seen issues with monitors because of this. Also, keep in mind that health monitors don't look at the entire page. https://support.f5.com/kb/en-us/solutions/public/3000/400/sol3451.html
  • Hi

     

    Did you try to use "Reverse" option in monitor setting?

     

    1. Set Reverse option to "Yes"

       

    2. Set Receive string to "KO"

       

    Thank you

     

    ps. if it see KO , F5 will mark down but I'm not sure this cover all scenario (500 internal server , etc..)

     

  • Hi guys,

     

    FYI: as F5 considers the whole HTTP response as a single line, I'm trying as a regexp for the 'receive string' something like this: h.ok.ok.

     

    Br,

     

    Benoît

     

    • these ones seems to work and cover OK/KO cases: OK H.*OK.*OK KO H.*OK.*KO