[f-nsp] configuring port groups for health checks
Peter Clark
pclark at raindance.com
Fri Aug 26 17:55:00 EDT 2005
We've been using the "track-group" command on the stackables for years
without any issues. Here's a sample config...
server no-fast-bringup
server sticky-age 30
server tcp-age 2
server port 80
tcp
server port 443
session-sync
tcp
!
!
!
!
!
!
!
!
server real web1-0.net1 x.x.x.x
port ssl
port ssl keepalive
port http
port http keepalive
port http url "HEAD /HealthCheck.html"
!
server real web1-0.net2 x.x.x.x
port ssl
port ssl keepalive
port http
port http keepalive
port http url "HEAD /HealthCheck.html"
!
server real web2-0.net1 x.x.x.x
port http
port http keepalive
port http url "HEAD /HealthCheck.html"
port ssl
port ssl keepalive
!
server real web2-0.net2 x.x.x.x
port http
port http keepalive
port http url "HEAD /HealthCheck.html"
port ssl
port ssl keepalive
!
server virtual webvip1 z.z.z.z
sym-priority 10
predictor round-robin
port ssl sticky
port ssl dsr
port http sticky
port http dsr
track-group http 443
bind ssl web1-0.net1 ssl web1-0.net2 ssl web2-0.net1 ssl web2-0.net2
ssl
bind http web1-0.net1 http web1-0.net2 http web2-0.net1 http
web2-0.net2 http
-----Original Message-----
From: foundry-nsp-bounces at puck.nether.net
[mailto:foundry-nsp-bounces at puck.nether.net] On Behalf Of Brent Van
Dussen
Sent: Saturday, August 20, 2005 10:50 AM
To: Matt Stockdale; foundry-nsp at puck.nether.net
Subject: Re: [f-nsp] configuring port groups for health checks
We have accomplished this using Track groups in the past. Group port 80
as the primary and 443 as the grouped service. If port 80 should fail
its healtcheck, all the rest of the ports that are in the same group
will also be taken out of service. Yes it is more for sticky but it
does exactly what you want in a fairly easy to configure fashion.
"
track
You can configure the SI to send all client requests for a specific set
of TCP/UDP ports to the same real server as a "primary" TCP/UDP port
grouped with the other ports. You can group a primary TCP/UDP port with
up to four additional TCP/UDP ports. After the SI sends a client request
for the primary port to a real server, subsequent requests from the
client for ports grouped with the primary port go to the same real
server. See
<http://www.foundrynet.com/services/documentation/sichassis/slb.html#wp1
05437>"TCP/UDP
Application Groups" for an example of application grouping.
Note that if any service port is down for a real server, any track ports
on that real server are not considered for load balancing.
"
http://www.foundrynet.com/services/documentation/sichassis/slb.html#wp10
5437
That link is for chassis but the config should be the same on the
stackables. Give it a shot.
-Brent
At 04:21 PM 8/19/2005, Matt Stockdale wrote:
>I've checked the archives briefly, and I've been staring at the docs
>for a while, but it's friday and my brain is frazzled. I'm hoping
>someone can take pity on me and answer this -
>
>Can I configure a real server to mark all ports as failed if any one of
>them fails? I've been looking at the port groups, but those seem to be
>more for sticky..
>
>(Specifically, the code we are running on one of our old XL's doesn't
>allow us to do in depth health checks on port 443, I want it to fail
>that port if the content-matching on port 80 fails. I'll upgrade if I
>have to, but it will affect many customers, and I'd rather avoid it)
>
>Thanks in advance,
> Matt
>_______________________________________________
>foundry-nsp mailing list
>foundry-nsp at puck.nether.net
>http://puck.nether.net/mailman/listinfo/foundry-nsp
_______________________________________________
foundry-nsp mailing list
foundry-nsp at puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp
More information about the foundry-nsp
mailing list