Forum Discussion

rajesh1's avatar
rajesh1
Icon for Nimbostratus rankNimbostratus
Jun 09, 2009

Https monitor not working

I configured F5 LTM to HTTPS to check the avaiability of the server by getting a pages on the server .

 

 

 

Two HTTPS monitors are defined - applied to the same pool (test-pool)

 

1)Get /index.html (checks the availability of the webservers)

 

2)GET /APP1/INDEX1/INDEX - (Checks the availability of the Tier2 servers)

 

 

Current status : - I am getting expected response for the monitor 1 (GET /index.html)

 

 

The pool state is down as the F5 is not getting proper response for the monitor (GET /APP1/INDEX1/INDEX ) -

 

 

When i tried using curl -kLv https://(nodeip)/APP1/INDEX1/INDEX) i am getting a response from the server as expected

 

 

Can someone explains what is the difference between get the pages from the curl and https monitor.

 

 

Also suggest me how to verify the responses coming from the server when using HTTPS monitor ?

 

 

Thanks

 

 

 

 

 

config
design

1 Reply

Sort By
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Jun 15, 2009
    By default, curl will send an HTTP 1.1 formatted request including a host header. It's possible that the web server isn't handling your HTTP 0.9 (GET /APP1/INDEX1/INDEX) without a host header. You could try using a host header name in the send string:

     

     

    GET /APP1/INDEX1/INDEX\r\nHost: \r\nConnection: Close\r\n

     

     

    You can also check the access log on the server to see what request and/or response is being sent/received. You can also enable debug on the monitoring daemon bigd to see the request and response send/received for the monitoring. You can enable debug from the command line using 'b db bigd.debug enable' and disable it using 'b db bigd.debug disable' . It does create very large output files (/var/log/bigd.debug).

     

     

    You could also use tcpdump and filter on the non-floating self IP address and the server IP address:port:

     

     

    tcpdump -ni SERVER_VLAN -s0 -w/var/tmp/`/bin/hostname`.monitor.dmp host LTM_STATIC_IP and host SERVER_IP and port SERVER_PORT

     

     

    You would need to use ssldump to decrypt the trace though, so bigd debug might be easier to check with.

     

     

    Aaron