[f-nsp] [ServerIron XL] 10.2.01u Is it a bug?

Adam Li adam_li at gti.com.hk
Sun Jul 17 23:34:27 EDT 2011


Hi All,

We know that when binding the real server to a virtual, a layer 4 or 
layer 7 health check enabled atomically.
for well known ports will use layer 7 health check by default, for non 
well known ports will use layer 4 by default.

But I found that the Server port 995 UP and DOWN showing on syslog.
Mar 31 16:47:13:N:L4 server 10.198.101.8 HKISAS03 port 995 is up
Mar 31 16:47:11:N:L4 server 10.198.101.8 HKISAS03 port 995 is down due 
to healthcheck
Mar 31 16:39:03:N:L4 server 10.198.101.8 HKISAS03 port 995 is up
Mar 31 16:39:01:N:L4 server 10.198.101.8 HKISAS03 port 995 is down due 
to healthcheck
Mar 30 23:22:33:N:L4 server 10.198.101.8 HKISAS03 port 995 is up
Mar 30 23:22:31:N:L4 server 10.198.101.8 HKISAS03 port 995 is down due 
to healthcheck
Mar 30 22:44:28:N:L4 server 10.198.101.8 HKISAS03 port 995 is up
It look like HC flapping (passed layer 4 but failed layer 7 checks). 
Suppose either L4 or L7 only.

I did some troubleshooting as below;
1. I can see there are only L4 checks in packet capture.
2. The UP and DOWN issue can be fixed by increase the keepalive interval 
from 10 to 60.

I am very confuse that the UP and DOWN issue is really came from 
flapping? why the packet capture cannot see the layer 7 HC?
If it is a bug. I think the only way to help is disable the L7 HC for 
port 995, right? But how come it can be fixed by enlarge the keepalive 
interval?

Much appreciated if anyone can advice. Thanks!

Rgds,
LI


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/foundry-nsp/attachments/20110718/a5eac226/attachment.html>


More information about the foundry-nsp mailing list