Forum Discussion

Josh_Abaire's avatar
Josh_Abaire
Icon for Nimbostratus rankNimbostratus
Dec 14, 2012

Pool member not disabling despite failed monitor

 

My pools members are still showing as available even when the monitor should be failing. I first had it just look for 200 OK and it wasn't working so added 403 as a disable string and it still doesn't work. Am I missing something or is this a bug?

 

 

Ltm::Pool Member: dcentral821-443 10.16.130.165:443

 

----------------------------------------------------

 

Status

 

Availability : available

 

State : enabled

 

Reason : Pool member is available

 

 

 

ltm pool dcentral821-443 {

 

members {

 

10.16.130.164:https {

 

session monitor-enabled

 

}

 

10.16.130.165:https {

 

session monitor-enabled

 

}

 

}

 

monitor dcentral821-443

 

}

 

 

 

ltm monitor https dcentral821-443 {

 

cipherlist "DEFAULT:+SHA:+3DES:+kEDH"

 

compatibility "enabled"

 

defaults-from https

 

destination *:*

 

interval 5

 

recv "200 OK"

 

recv-disable "403"

 

send "GET /wsp/httpStatus.jsp HTTP/1.1\r\nHost: dcentral821.intra.aexp.com\r\n\r\n\r\n"

 

time-until-up 0

 

timeout 16

 

}

 

 

curl -kI https://10.16.130.165/wsp/httpStatus.jsp

 

 

HTTP/1.1 403 Forbidden

 

Date: Fri, 14 Dec 2012 23:07:03 GMT

 

Server: IBM_HTTP_Server

 

$WSEP:

 

Set-Cookie: JSESSIONID=00002Sq11SBcG6Nb-dKSFLk-GWh:17b9prvpt; Path=/

 

Expires: Thu, 01 Dec 1994 16:00:00 GMT

 

Cache-Control: no-cache="set-cookie, set-cookie2"

 

Content-Type: text/html;charset=ISO-8859-1

 

Content-Language: en-US

 

 

config
design

3 Replies

Sort By
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Dec 14, 2012
    Hi Josh,

     

     

    Which LTM version are you testing on?

     

     

    It's unlikely, but is there any payload in the response that might be matching the 200 OK receive string?

     

     

    Else, can you enable debug on bigd and check the /var/log/bigdlog output file? See this wiki page for details on enabling bigd.debug:

     

     

    https://devcentral.f5.com/wiki/AdvDesignConfig.TroubleshootingLtmMonitors.ashx

     

    tmsh modify sys db bigd.debug value [enable | disable]

     

     

    And thanks for your replies to the other posts in the forums.

     

     

    Aaron
  • Josh_Abaire's avatar
    Josh_Abaire
    Icon for Nimbostratus rankNimbostratus
    Dec 15, 2012
    I thought about something in the response. Since some monitors are setup to look for just the HTTP code, and 200 might be matched elsewhere. I posted the result from curl, shouldn't that be all there is in the response? I'll check a verbose output to see if I'm missing anything.

     

     

    I've never worked with debug. I'll check it out later. Thanks for the suggestion.
  • rob_carr's avatar
    rob_carr
    Icon for Cirrostratus rankCirrostratus
    Dec 20, 2012

    The response to a request made via curl and a request made via an LTM monitor should be essentially similar, but it's worth enabling the bigd logging and perhaps getting tcpdumps for both the curl and monitor requests, in case there is something different happening.

     

     

    While it is possible that you might have an errant mach on the string '200', I doubt that your are going to get an arrant match on '200 OK'.