ACE Health Probe for SQL

Hi All,
Has anyone seen sample TCL code for probing a generic SQL server?
Thanks,
Dave

You can use the following configuration:
probe tcp MS-SQL
description TO-RBSQL1
ip address 10.15.160.3
port 1433
interval 2
faildetect 2
passdetect interval 2
passdetect count 2
rserver host RBWEB1
ip address 10.15.177.11
rserver host RBWEB3
ip address 10.15.177.13
inservice
serverfarm host RBWEB
description TO-VLAN-177-RBWEB-SERVERS
predictor leastconns
probe WWW-RISKBROWSER
probe PING
rserver RBWEB1
rserver RBWEB3
inservice
And also you can use the command sh probe MS-SQL, to know probe association probed-address probes health. Sure that the server respond or responded with a RST.

Similar Messages

  • ACE Health probe for SIP

    I've setup a SIP probe to check the health of a Microsoft OCS. The health of this server is always failed. What am I missing? I also tried it with a telnet probe on port 5061, but got the same result. A telnet from ACE to the server on port 5061 works fine.
    See below a show probe SIP detail and the relevant configuration.
    ACE21_Secondary/MOCS# sh probe SIP det
    probe : SIP
    type : SIP
    state : ACTIVE
    description :
    port : 5061 address : 0.0.0.0 addr type : -
    interval : 10 pass intvl : 10 pass count : 3
    fail count: 3 recv timeout: 4
    request-method : OPTIONS
    conn termination : GRACEFUL
    expect offset : 0 , open timeout : 2
    expect regex : -
    ------------------ probe results ------------------
    associations ip-address port porttype probes failed passed health
    ------------ ---------------+-----+--------+--------+--------+--------+------
    rserver : OCS_11
    10.105.11.70 5061 -- 7566 7566 0 FAILED
    Socket state : CLOSED
    No. Passed states : 0 No. Failed states : 0
    No. Probes skipped : 0 Last status code : 0
    No. Out of Sockets : 0 No. Internal error: 0
    Last disconnect err : Server reply timeout (no reply)
    Last probe time : Thu Oct 30 14:18:42 2008
    Last fail time : Tue Oct 28 16:31:30 2008
    Last active time : Never
    ACE21_Secondary/MOCS# sh run
    probe sip tcp SIP
    port 5061
    interval 10
    passdetect interval 10
    receive 4
    expect status 200 200
    open 2
    rserver host OCS_11
    ip address 10.105.11.70
    probe SSL
    probe PING
    probe SIP
    probe SIP_TELNET
    inservice
    Cheers
    Peter

    Peter,
    make sure to NOT run version A2(1.1a) as SIP probes are broken in that specific release.
    If your version is something else, get a sniffer trace on the server to see what is going on.
    Seems like we don't get a reply according to the line :
    "Last disconnect err : Server reply timeout (no reply) "
    Gilles.

  • ACE Health probe using get URL

    Hello,
    We are trying to create a health probe for our google search appliances and as part of the URL get there is a question mark but the ACE doesn't like that.  Is there a way around this or should it be done differently?
    request method get url /searchq? (This is what we want the URL to be)
    request method get url /searchq (This is where it thinks i'm asking it for help)
    Thanks in Advance.

    Hello,
    You need to typ CRTL+v prior to entering the ?
    That's the Control key then lowercase v, then your question mark.
    Hope this helps,
    Sean

  • Configuring Health Probe for Server Farm

    If I have a server farm with real servers listening on port 8888 and I apply an HTTP-type health probe with no port number specified, will the ACE know to probe the servers at 8888 or will it try to probe port 80?

    Hi,
    Yes it should inherit the port from the real servers defined in the serverfarm. This gives you the flexibility to associate same probe with different serverfarms probing different servers on different ports. This is probe port inheritance feature which is there in ACE.
    Regards,
    Kanwal

  • CSM health probe for server farm with multiple vservers

    Is there a way to specify the vserver port that a health probe monitors when multiple vservers are configured for the same serverfarm? Let's say I have a serverfarm named farm1. farm1 services two ports www and https so two vservers vserver_www and vserver_https are configured and bound to farm1. I would like to enable http health probe on farm1 with the intention of only monitoring vserver_www http port but, instead, the health probe monitors both www and https and since a http probe on https fails it takes farm1 reals and both vservers vserver_www and vserver_https out-of-service. Is there a way to configure a health probe to monitor a specific port? Or, should I create two duplicate serverfarms farm1 bound to vserver_www and farm2 bound to vserver_https and only enable http health probe on farm1? Any other ideas welcomed.

    Appreciate the feedback. I also found what I was looking for in configuration examples. To summarize I've borrowed the comment from the URL below:
    # The port for the probe is inherited from the vservers.
    # The port is necessary in this case, since the same farm
    # is serving a vserver on port 80 and one on port 23.
    # If the "port 80" parameter is removed, the HTTP probe
    # will be sent out on both ports 80 and 23, thus failing
    # on port 23 which does not serve HTTP requests.
    http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/mod_icn/csm/csm_4_2/config/cfgxpls.htm

  • Health probe for RDP farm

    I have an RDP server farm that lost a disk. The RDP service was still running but users were unable to log in. I'd like to create a health probe that does maybe a combination of TCP probe for port 3389 and something that can determine if the drive that stores user profiles is available.
    I cannot add any new service (http or ftp) to the server.
    Can anyone think of another way to do this? Is there any way I can check SNMP mibs on the windows server or maybe WMI through TCL?
    Thanks.

    Can you drop me a mail offline ([email protected]) and I can share what I have. Matthew

  • Cisco ACE Health Probes

    Probe Interval: 5
    Pass Detect (Seconds): 60
    Fail Detect: 3
    Please can someone explain the above settings that are configured for a health probe?  am I correct in thinking the probe is sent every 5 seconds, and must fail 3 times in order to failover?  Does the "Pass Detect" indicate that the server must be back online for 60 seconds before being placed back into the server farm?
    Also if we have a primary server and a back up server (used if primary fails), if the primary fails and the backup server becomes active, will the primary server become available again when it comes back online, or will all connections continue to go to the backup?  Is there anyway to make the old primary the new backup when it comes back online?

    Hi,
    You are right about Probe interval and fail detect, but Pass detect has two parameters:-interval and count, where interval defines the amount of time to wait for sending the probe back to failed server where as count paramater will control the minimum succefullt probe return from server for making it active again.
    Regarding the backup server, once the prmary server comes online again all new connection will be redirected to it, while all existing connection will continue on existing one. I guess "inservice standby" will be the command of your interest in gracefully removing the primary and bringing the backup active.

  • Health Probe for Proxy Servers

    We have 2 Microsoft ISA servers that are using the CSM's as loadbalancing. Does anyone have an example of a probe script that I could use as a template. Idealily we would want the script to either hit our external router or site.

    Can you drop me a mail offline ([email protected]) and I can share what I have. Matthew

  • ACE http health probes - best practice for interval and passdetect interval?

    Hi,
    Is there a recommended standard for http health probes in terms of interval and passdetect interval timings, i.e. should the passdetect interval always be less than the interval or visa versa? Can a http probe be 'mis-configured', i.e. return a 'false positive' by configuring an interval timeout thats 'incompatible' with the device it's polling?
    I have a http probe for a serverfarm consisting of two Apache http servers and get intermittent 'server reply timeout' probe failures. I'm keen to ensure that the configuration of the probe isn't at fault so I can be confident that a failed probe indicates a problem with the server and not my configuration.
    The probe is currently configured as below:-
    probe http http-apache
      interval 30
      passdetect interval 15
      passdetect count 6
      request method get url /cs/images/ACE.html
      expect status 200 304
    Any advice on the subject woud be gratefully received.
    thanks
    Matthew

    Hi Gilles,
    Thanks for the advice. In another dicussion (found here https://supportforums.cisco.com/message/462397#462397) a poster has stated that:-
    "(The) "Probe interval" should always be less then (open+recieve) timeout  value. Default open & receive timeouts are 10 seconds."
    Are you able to advise on whether the above is correct and if so, why? I currently have an interval value of 30 that obviously goes against the advice above (which I've interpretted to mean that if you leave the open & receive timeouts at their default settings your probe interval should be less than 20 seconds?).
    thanks
    Matthew

  • ACE failing server out using TCP health probe

    We have a mix of ACE20s and ACE30s currently and I am seeing the ACE in both HW platforms failing out our servers sporadically after a sucessful TCP handshake.  Here is the configuration:
    probe tcp TCP-25
       port 25
       interval 25
       faildetect 2
       passdetect interval 90
       open 10
    When I do a show probe TCP-25 detail I see the default recv timeout is 10.
    I captured a trace between the ACE and the server.  When the health probes pass I see a good 3 way TCP handshake, then 50ms later the server sends a SMTP 220 then ace from ace, fin ack from ace and graceful TCP termination occurs.  When the probe fails I see a sucessful TCP handshake but the ACE sends FIN ACK 47ms after it sends ACK for the TCP connection.  Server then sends ACK and ACE sends RST.
    Shouldn't ACE wait 10 seconds in this example for server to respond after TCP handshake?

    TAC/Martin Nash was very helpful in explaining this.  The TCP 3 way handshake was sucessful, but the ACE sent a FIN ACK as expected, but after the server sent an ACK the server did not send a FIN ACK so the ACE marked it down.  The health check not only requires a 3 way handshake, but a clean teardown of the TCP session.

  • Cisco ACE 4710 - Health Monitoring for Real Servers

    Hi,
    I have setup the following health probe to check for the existence of a specific web page.  My intention is that when the web page is removed, the health check fails and the rserver status changes to 'out of service'.  Unfortunately, when I remove the web page, I see the health check fail, and the rserver state change to 'PROBE-FAILED', however the rserver does not go 'out of service' and continues to respond to requests.
    Can anyone see where I'am going wrong?
    Health check probe config
    probe http live_http_int
      interval 15
      passdetect interval 60
      request method get url /loadbalancer/internal.html
      expect status 199 201
      open 10
    RSERVER config
    rserver host Server1
      description Server1
      ip address 10.10.10.1
      conn-limit max 4000000 min 4000000
      probe live_http_int
      inservice
    rserver host Server2
      ip address 10.10.10.2
      conn-limit max 4000000 min 4000000
      probe live_http_int
      inservice

    Hi syannetwork,
    I think you have to "force" the failed server to close the connection when it has failed. Otherwise it will still serve the available HTML pages.
    Have a look at the "Configuring the ACE Action when a Server Fails" in the "Cisco Application Control Engine Module Server Load-Balancing Configuration Guide" and let me know if the following command helped:
    conf t
    serverfarm host ServerFarm
    failaction purge
    Have a good WE.
    Cheers
    LPL

  • SIP Probe for ACE

    Does anyone have a good health check for SIP?

    Currently ACE is not SIP aware.
    ACE will support SIP with version 2.0. It will support SIP load-balancing over TCP and UDP, it can load-balance based upon the SIP header i.e. can load balance based upon the Call-ID (even though information for many calls are in the same TCP connection). It
    can also do stickiness based upon Call-ID.
    Additionally, ACE 2.0 supports SIP probes.
    Currently you can only use udp probes
    probe UDP5060 udp
    interval 1
    faildetect 2
    passdetect interval 60
    passdetect count 2
    port 5060
    probe ICMP icmp
    interval 1
    faildetect 2
    passdetect interval 60
    passdetect count 2
    serverfarm SIP
    rserver 192.160.246.147
    inservice
    rserver 192.160.246.148
    inservice
    probe ICMP
    probe UDP5060
    Syed Iftekhar Ahmed

  • ACE for sql injection filtering

    I have an ACE module in a Cat6500, that is load balancing to some HTTP servers.
    occasionally there are SQL injection attacks towards the http servers.
    I know the ACE can filter based on http strings, but
    If you can provide me with some basic templates on what to filter out and how to format the string
    to stop SQL injection attacks, that would be of great help.
    Cheers.

    There are various signatures which are availbale for configuration for sql injection attacks. The signatures are some times application specific and it may not fit other application. Following links may help you
    http://www.cisco.com/en/US/products/ps7314/products_white_paper0900aecd8068dcdb.shtml
    http://www.cisco.com/en/US/products/ps7314/products_white_paper0900aecd80661ca6.shtml

  • ACE IP source for probe

    Hello,
    Can we select which IP source the ACE will used for any kind of probe (ICMP, TCP, ...)
    or it just used the nearest interface?
    Maurice

    Hi Maurice,
    I do no believe that the ip can be changed.. by default the source IP will be the physical interface of the module/appliance. On a bridged deployment, it will use the BVI IP.
    Any specific reason why you wanted to change this ?
    regards,
    Chris

  • ACE probe for rserver

    Hi I've following requirement to do health check for server.
    I need to add below three ports in probe with OR condition so if any of these 3 port is up along with 10292 connection should  go that  server:
    10721
    10722
    10723
    how to do this? can we setup up such health check with using script?

    Hi,
    You will need a custom script. The supplied CHECKPORT_STD_SCRIPT should provide a reasonable starting point. You just need to implement the logic behind setting the return code.
    HTH
    Cathy

Maybe you are looking for

  • IPad iOS 4.2 and Macbook Pro airplay

    Hi all, I currently have installed on my iPad iOS 4.2 beta 2, which includes the ability to stream audio and video to devices such as the airport extreme and Apple TV. I have recently purchased the second generation Apple TV and am loving it so far.

  • Difficulty with random bingo card generator

    Hi! I'm trying to generate a random bingo card in Flash using ActionScript. The psudeo-code is pretty sound, I think, but I can't even get the first number onto the card. I'm trying a random number variant with output to a dynamic text field. No succ

  • Allow Sorting of Files in Review Tracker

    Please make the file list in the review tracker automatically sort by name rather than in reverse of the order you add them. The ability to add subfolders would also be helpful. When you create folders in the review tracker, they are automatically so

  • In-Memory Ordering

    Hi Background: I've been asked to persuade Kodo to work correctly with some foreign key constraints which have been implemented as triggers (rather than standard foreign keys). Since triggers cannot be deferred, this unfortunately means that statemen

  • Concurrent we service call issue

    I am using spring2.5 framework and tomcat6 as web server. I do have a web service implmentation on this. When my consumer applications are trying to call this WS concuurently, The WS response got mis matched or one call gets others response. How do I