ACE Health probe using get URL
Hello,
We are trying to create a health probe for our google search appliances and as part of the URL get there is a question mark but the ACE doesn't like that. Is there a way around this or should it be done differently?
request method get url /searchq? (This is what we want the URL to be)
request method get url /searchq (This is where it thinks i'm asking it for help)
Thanks in Advance.
Hello,
You need to typ CRTL+v prior to entering the ?
That's the Control key then lowercase v, then your question mark.
Hope this helps,
Sean
Similar Messages
-
Probe Interval: 5
Pass Detect (Seconds): 60
Fail Detect: 3
Please can someone explain the above settings that are configured for a health probe? am I correct in thinking the probe is sent every 5 seconds, and must fail 3 times in order to failover? Does the "Pass Detect" indicate that the server must be back online for 60 seconds before being placed back into the server farm?
Also if we have a primary server and a back up server (used if primary fails), if the primary fails and the backup server becomes active, will the primary server become available again when it comes back online, or will all connections continue to go to the backup? Is there anyway to make the old primary the new backup when it comes back online?Hi,
You are right about Probe interval and fail detect, but Pass detect has two parameters:-interval and count, where interval defines the amount of time to wait for sending the probe back to failed server where as count paramater will control the minimum succefullt probe return from server for making it active again.
Regarding the backup server, once the prmary server comes online again all new connection will be redirected to it, while all existing connection will continue on existing one. I guess "inservice standby" will be the command of your interest in gracefully removing the primary and bringing the backup active. -
I've setup a SIP probe to check the health of a Microsoft OCS. The health of this server is always failed. What am I missing? I also tried it with a telnet probe on port 5061, but got the same result. A telnet from ACE to the server on port 5061 works fine.
See below a show probe SIP detail and the relevant configuration.
ACE21_Secondary/MOCS# sh probe SIP det
probe : SIP
type : SIP
state : ACTIVE
description :
port : 5061 address : 0.0.0.0 addr type : -
interval : 10 pass intvl : 10 pass count : 3
fail count: 3 recv timeout: 4
request-method : OPTIONS
conn termination : GRACEFUL
expect offset : 0 , open timeout : 2
expect regex : -
------------------ probe results ------------------
associations ip-address port porttype probes failed passed health
------------ ---------------+-----+--------+--------+--------+--------+------
rserver : OCS_11
10.105.11.70 5061 -- 7566 7566 0 FAILED
Socket state : CLOSED
No. Passed states : 0 No. Failed states : 0
No. Probes skipped : 0 Last status code : 0
No. Out of Sockets : 0 No. Internal error: 0
Last disconnect err : Server reply timeout (no reply)
Last probe time : Thu Oct 30 14:18:42 2008
Last fail time : Tue Oct 28 16:31:30 2008
Last active time : Never
ACE21_Secondary/MOCS# sh run
probe sip tcp SIP
port 5061
interval 10
passdetect interval 10
receive 4
expect status 200 200
open 2
rserver host OCS_11
ip address 10.105.11.70
probe SSL
probe PING
probe SIP
probe SIP_TELNET
inservice
Cheers
PeterPeter,
make sure to NOT run version A2(1.1a) as SIP probes are broken in that specific release.
If your version is something else, get a sniffer trace on the server to see what is going on.
Seems like we don't get a reply according to the line :
"Last disconnect err : Server reply timeout (no reply) "
Gilles. -
Hi All,
Has anyone seen sample TCL code for probing a generic SQL server?
Thanks,
DaveYou can use the following configuration:
probe tcp MS-SQL
description TO-RBSQL1
ip address 10.15.160.3
port 1433
interval 2
faildetect 2
passdetect interval 2
passdetect count 2
rserver host RBWEB1
ip address 10.15.177.11
rserver host RBWEB3
ip address 10.15.177.13
inservice
serverfarm host RBWEB
description TO-VLAN-177-RBWEB-SERVERS
predictor leastconns
probe WWW-RISKBROWSER
probe PING
rserver RBWEB1
rserver RBWEB3
inservice
And also you can use the command sh probe MS-SQL, to know probe association probed-address probes health. Sure that the server respond or responded with a RST. -
ACE 4710 http probe get url question
I am trying to create a http probe using the request method get url command. My url contains a question mark and the ACE will not accept the url as is and it strips out the question mark character. Is there a way to make the ace accept a url containg a question mark?
probe http HTTP_PROBE
port 9040
interval 10
faildetect 5
passdetect interval 60
expect status 200 200
open 1
The url I am trying to enter is /psp/epprod/?cmd=login
When I enter it the ACE does as shown below
(config-probe-http)# request method get url /psp/epprod/?
<LINE>
ACE-APP-02/vc_peoplesoft(config-probe-http)# request method get url /psp/epprod/cmd=login
It strips out the ? character.Hi Nicholas,
To enter a question mark you need to type ctrl+v prior to entering the ?
You enter the control key then lowercase v, then your question mark.
HTH
Pablo -
ACE failing server out using TCP health probe
We have a mix of ACE20s and ACE30s currently and I am seeing the ACE in both HW platforms failing out our servers sporadically after a sucessful TCP handshake. Here is the configuration:
probe tcp TCP-25
port 25
interval 25
faildetect 2
passdetect interval 90
open 10
When I do a show probe TCP-25 detail I see the default recv timeout is 10.
I captured a trace between the ACE and the server. When the health probes pass I see a good 3 way TCP handshake, then 50ms later the server sends a SMTP 220 then ace from ace, fin ack from ace and graceful TCP termination occurs. When the probe fails I see a sucessful TCP handshake but the ACE sends FIN ACK 47ms after it sends ACK for the TCP connection. Server then sends ACK and ACE sends RST.
Shouldn't ACE wait 10 seconds in this example for server to respond after TCP handshake?TAC/Martin Nash was very helpful in explaining this. The TCP 3 way handshake was sucessful, but the ACE sent a FIN ACK as expected, but after the server sent an ACK the server did not send a FIN ACK so the ACE marked it down. The health check not only requires a 3 way handshake, but a clean teardown of the TCP session.
-
ACE HTTP probe get - not able to contain '?' in URL?
Trying to put a probe together..
probe http probeElvis
interval 5
passdetect interval 10
request method get url 8888/livelink/llisapi.dll?func=LL.getlogin&NextURL=%2Flivelink%2Fllisapi%2Edll%3FRedirect%3D1
expect status 100 404
connection term forced
But when typing or pasting that URL in - when it gets to the '?" after llisapi.dll the CLI is interpreting that as a query for HELP - but i want it to be part of the string!!
Is my only choice to go to TCL scripting? I don't know how to do that! I'm a network guy!! :)Precede the question mark with Ctrl-V to prevent the question mark from being interpreted as a help command.
-
ACE http health probes - best practice for interval and passdetect interval?
Hi,
Is there a recommended standard for http health probes in terms of interval and passdetect interval timings, i.e. should the passdetect interval always be less than the interval or visa versa? Can a http probe be 'mis-configured', i.e. return a 'false positive' by configuring an interval timeout thats 'incompatible' with the device it's polling?
I have a http probe for a serverfarm consisting of two Apache http servers and get intermittent 'server reply timeout' probe failures. I'm keen to ensure that the configuration of the probe isn't at fault so I can be confident that a failed probe indicates a problem with the server and not my configuration.
The probe is currently configured as below:-
probe http http-apache
interval 30
passdetect interval 15
passdetect count 6
request method get url /cs/images/ACE.html
expect status 200 304
Any advice on the subject woud be gratefully received.
thanks
MatthewHi Gilles,
Thanks for the advice. In another dicussion (found here https://supportforums.cisco.com/message/462397#462397) a poster has stated that:-
"(The) "Probe interval" should always be less then (open+recieve) timeout value. Default open & receive timeouts are 10 seconds."
Are you able to advise on whether the above is correct and if so, why? I currently have an interval value of 30 that obviously goes against the advice above (which I've interpretted to mean that if you leave the open & receive timeouts at their default settings your probe interval should be less than 20 seconds?).
thanks
Matthew -
Hi guys,
I am coding a web application using ColdFusion 8.
The situation is as follow:
- I type https://mypage.com/aaa/bbb.html on web browser where aaa and bbb.html does not exist in my web folder.
- And this will drive the error 404 PageNotFound occurred, in the code that processing error 404, I tried to get URL aaa/bbb.html by using GetPageContext().getRequest().getRequestURI() but the result of this command is my created 404 error page.
- I also tried to get URL by using CGI, but also couldn't get it.
Can you guys show me the way to get URL when no page is found error occurred?
Thank you very much in advanced!No screen wrote:
- I type https://mypage.com/aaa/bbb.html on web browser where aaa and bbb.html does not exist in my web folder.
- And this will drive the error 404 PageNotFound occurred, in the code that processing error 404, I tried to get URL aaa/bbb.html by using GetPageContext().getRequest().getRequestURI() but the result of this command is my created 404 error page.
ColdFusion will know nothing of https://mypage.com/aaa/bbb.html! As the requested page is HTML, the web server will respond to it, without involving ColdFusion. The ColdFusion function GetPageContext() is therefore irrelevant. -
I'm trying to read some XML data from temperature logger over my network. I'm using LabView version 2009 sp1. I'm using the URL Get Document Vi. It works fine when using Internet sites like google or foxnews etc...
When I use it with my temperature logger most of the time I get an Error 66...but some times it does work and actually retrieves the document.
I can use the same address "http://172.22.21.68/XMLfeed.rb" (Internet Explorer or Google Chrome) in my browser and get a response every time. When accessing from my browser the server in the temperature logger does take around 6 seconds to respond, but it does respond every time.
Is the URL Get Document Vi exceeding a timeout? If so, where can I set it to wait longer?
Attachments:
Error 66.jpg 183 KBIt looks like the TCP Buffered Read has a 2.5 sec timeout, I believe that is where I had trouble as well. Try creating your own URL Get HTTP Doc vi in which you call URL Get Document in normal mode, with an appropriate number of characters to fetch (enough characters so that you capture all the important data in the XML file).
Attachments:
ex1.PNG 33 KB -
Get URL parameters of Web Dynpro Application using Floor plan manager
Hi Experts,
I have a web dynpro component using FPM. The default window of the application is FPM_WINDOW which is an interface view of component of FPM framework. so I cannot get the URL parameters in handledefault of a normal web dynpro app which is not using FPM. How do I get URL parameters in this case through FPM? Thanks!Hi,
I guess you might have created the application under FPM_OIF_COMPONENT/FPM_GAF_COMPONENT. For that add the pramaters to the PARAMTERS tab of teh application.
Now, you can use
data lo fpm type ref to if_fpm.
lo_fpm = cl_fpm=> get_instance( ).
CALL METHOD lo_fpm->mo_app_parameter->get_value
EXPORTING
iv_key = 'PERNR' "Application param name
IMPORTING
ev_value = lv_pernr.
Regards,
Lekha. -
Hi,
I have a question about the config of the ACe probe.
I have the following probe defined :
probe http P_HTTP_TEST
interval 5
passdetect interval 2
passdetect count 2
request method get url /test
expect status 200 200
expect regex trululu
I would like to use the regex just like the expect string on the csm probe...
The regex doesn't seem to work as the strin trululu is not on the page tested.
I guess the expect status override the regex but without the expect status it doesn't work either.
Anyone know how exactly the probe expect works for http ?
Another question, on the CSM module, the tcp probe by default use the real port for the probe, not the default port of the probe type, is it possible to change that so it mimmicks the CSM way of working ?
Thanks a lot ;-)This seems to be bug related to some version of ACE software as HTTP return code overrides missing regexp. For sure this bug is present in:
system: Version A2(2.0) [build 3.0(0)A2(2.0)]
Notice the difference between 192.168.1.1 (is missing regex in HTTP response) and 192.168.1.2 (sends regexp in HTTP response). Both are successful and as addition 192.168.1.1 (missing regexp) is showing last status code 200 which seems to be sufficient for probe to pass. 192.168.1.2 (which sends expected regexp) doesn't show last status code.
probe : tw2_http_81
type : HTTP
state : ACTIVE
description :
port : 81 address : 0.0.0.0 addr type : -
interval : 30 pass intvl : 30 pass count : 1
fail count: 1 recv timeout: 10
http method : GET
http url : /knowtw2-f/livelink.exe?func=ll&objtype=142&bypass
conn termination : GRACEFUL
expect offset : 0 , open timeout : 10
expect regex : lbmonitor
send data : -
--------------------- probe results --------------------
probe association probed-address probes failed passed health
------------------- ---------------+----------+----------+----------+-------
real : 192.168.1.1[81]
192.168.1.1 2 0 2 SUCCESS
Socket state : CLOSED
No. Passed states : 1 No. Failed states : 0
No. Probes skipped : 0 Last status code : 200
No. Out of Sockets : 0 No. Internal error: 0
Last disconnect err : -
Last probe time : Mon Nov 7 12:38:42 2011
Last fail time : Never
Last active time : Mon Nov 7 12:38:22 2011
real : 192.168.1.2[81]
192.168.1.2 2 0 2 SUCCESS
Socket state : CLOSED
No. Passed states : 1 No. Failed states : 0
No. Probes skipped : 0 Last status code : 0
No. Out of Sockets : 0 No. Internal error: 0
Last disconnect err : -
Last probe time : Mon Nov 7 12:38:27 2011
Last fail time : Never
Last active time : Mon Nov 7 12:37:58 2011 -
Hi,
We would like to see the hash value calculated by the ACE when the HTTP probe hash command configured.
This is possible on CSS via the "sh service" command. We have tried to get it from sh rserver , sh probe XXX detail sh serverfarm XXX det but we do not get it.
Is this possible to get it on the ACE as we do on the CSS?
We need this to manually configure it via the hash <value> command because if the ACE probe is reseted for any reason, the probe http hash will be re-calculated based on the first http response of the server and we can not predict that the server will give the expected web page at this time.
A // question is: on what the md5 value is calculated? HTTP header + payload or only http object payload? We have calculated the md5 hash value by ourselves but the probe is still failing whatever the http portion used for the calculation is.
Many thanks for your help.
Regards/ludovic.probe http MD5-HTTP
interval 15
passdetect interval 15
request method get url /index.html
expect status 200 200
hash 2441DA7F68A265F8CFB4426B6897CE33
And here is how I computed the hash on the server itself [linux machine]
md5sum /var/www/HTML/index.html
2441da7f68a265f8cfb4426b6897ce33 /var/www/HTML/index.html
[root@linux-1 tftpboot]#
The probe is UP
switch/Admin# sho probe MD5-HTTP detail
probe : MD5-HTTP
type : HTTP
state : ACTIVE
description :
port : 80 address : 0.0.0.0 addr type : -
interval : 15 pass intvl : 15 pass count : 3
fail count: 3 recv timeout: 10
http method : GET
http url : /index.html
Hash-value : 2441da7f68a265f8cfb4426b6897ce33
conn termination : GRACEFUL
expect offset : 0 , open timeout : 10
expect regex : -
send data : -
--------------------- probe results --------------------
probe association probed-address probes failed passed health
------------------- ---------------+----------+----------+----------+-------
serverfarm : linux1
real : linux1[0]
192.168.30.27 13 4 9 SUCCESS
md5sum is a standard tool.
Nothing fancy about it.
Gilles. -
ACE HTTP Probe with regex
Hi,
I'm trying to setup a HTTP probe with expected string rather then a code (config below). I do a GET for the page then a search for a string in the response however it's not working, as probe appears as failed.
I've tested the connection to the server by using telneting and then looking at the page displayed to make sure the string I want to match is in the response.
probe http HTTP-PROBE
port 43050
interval 30
passdetect interval 30
passdetect count 1
request method get url /action=help
open 43050
expect regex action=help
Q. Is there anything wrong with this configuration and what I'm trying to achive?
Thanks,
PriteshUse "expect status" under probe config. expect regex doesnt work if expect status is not configured.
expect regex work flawlessly with static pages. It doesnt work all the time with dynamic pages.
Specially if "content-length" header is missing from Server response.
Hope it helps
Syed Iftekhar Ahmed -
ACE: connection reset using Firefox
Hi Community,
I'm expecting some problems with ACE. I've configured it to loadbalance between 4 nodes with SSL termination at ACE.
Everything was working fine up to the identification of a problem using firefox browser. With Chrome and IE works fine.
The user is trying to upload a file to one of the 4 nodes. When the costumer click at the send button, the Firefox shows the following message: Connection Reset.
Can you suggest some actions? This problem just happens when the user try to upload the file. Whe he's just surfing through the system, works fine.
Thank you in advance.
------ Configuration ------
ACE-01-SJPR/eproc4# sh runGenerating configuration....logging enablelogging timestamplogging trap 5logging buffered 7access-list acl_ALL line 5 extended permit ip any any access-list acl_ALL line 10 extended permit icmp any any probe snmp cpu_servers version 2c community Public oid 1.3.6.1.2.1.25.3.3.1.2 threshold 60probe http pb_http port 80 interval 5 passdetect interval 30 passdetect count 2 request method get url /eprocV2/index.php expect status 200 200probe icmp pb_ping interval 10 faildetect 2 passdetect interval 5 passdetect count 2rserver host eproc-1g-aplic-noh1 ip address 10.7.123.1 inservicerserver host eproc-1g-aplic-noh2 ip address 10.7.123.2 inservicerserver host eproc-1g-aplic-noh3 ip address 10.7.123.3 inservicerserver host eproc-1g-aplic-noh4 ip address 10.7.123.4 inservicerserver redirect srv_eproc4_https_redirect description ## Redireciona trafego de HTTP para HTTPS ## webhost-redirection https://%h%p 302 inserviceserverfarm host farm_eproc4 failaction purge probe pb_ping probe pb_http rserver eproc-1g-aplic-noh1 80 cookie-string "eproc-1g-aplic-noh1" inservice rserver eproc-1g-aplic-noh2 80 cookie-string "eproc-1g-aplic-noh2" inservice rserver eproc-1g-aplic-noh3 80 cookie-string "eproc-1g-aplic-noh3" inserviceserverfarm redirect farm_eproc4_https_redirect description ## Redireciona trafego de HTTP para HTTPS ## rserver srv_eproc4_https_redirect inserviceparameter-map type http HTTP_PARAM description Reuse TCP and Keep Persistence case-insensitive persistence-rebalanceparameter-map type ssl PARAMMAP_SSL_TERMINATION cipher RSA_WITH_3DES_EDE_CBC_SHA cipher RSA_WITH_AES_128_CBC_SHA priority 2 cipher RSA_WITH_AES_256_CBC_SHA priority 3 rehandshake enabledparameter-map type connection TCP_PARAM description TCP Options for SSL exceed-mss allowsticky http-cookie acecookie st_eproc4_cookie cookie insert browser-expire serverfarm farm_eproc4sticky http-cookie acecookie st_eproc4_https_redirect cookie insert browser-expire serverfarm farm_eproc4_https_redirectssl-proxy service CISCO-SSL-PROXY key my.key cert my-cert.pem ssl advanced-options PARAMMAP_SSL_TERMINATIONclass-map type management match-any acesso_remoto description ## Acesso Remoto ao ACE ## 2 match protocol telnet any 3 match protocol ssh any 4 match protocol icmp any 5 match protocol snmp anyclass-map type http loadbalance match-any https_redirect_eproc4 2 match http url /.*class-map match-all vip_eproc4_http 8 match virtual-address 10.7.3.252 tcp eq wwwclass-map match-all vip_eproc4_https 8 match virtual-address 10.7.3.252 tcp eq httpspolicy-map type management first-match acesso_mgmt class acesso_remoto permitpolicy-map type loadbalance first-match lb_eproc4_http class class-default sticky-serverfarm st_eproc4_cookiepolicy-map type loadbalance first-match lb_https_redirect class https_redirect_eproc4 sticky-serverfarm st_eproc4_https_redirect class class-default sticky-serverfarm st_eproc4_cookiepolicy-map multi-match policy_vip_eproc4 class vip_eproc4_http loadbalance vip inservice loadbalance policy lb_https_redirect loadbalance vip icmp-reply active nat dynamic 4093 vlan 4093 appl-parameter http advanced-options HTTP_PARAM class vip_eproc4_https loadbalance vip inservice loadbalance policy lb_eproc4_http loadbalance vip icmp-reply active nat dynamic 4093 vlan 4093 appl-parameter http advanced-options HTTP_PARAM ssl-proxy server CISCO-SSL-PROXYinterface vlan 4039 description ## Interface lado SERVIDOR ## bridge-group 1 access-group input acl_ALL no shutdowninterface vlan 4093 description ## Interface lado SERVIDOR ## bridge-group 1 access-group input acl_ALL nat-pool 4093 10.7.3.253 10.7.3.253 netmask 255.255.255.255 pat service-policy input policy_vip_eproc4 service-policy input acesso_mgmt no shutdowninterface bvi 1 ip address 10.7.3.251 255.255.0.0 no shutdownip route 0.0.0.0 0.0.0.0 10.7.1.1From my prior experience I have seen similar issues with firefox.
Please try using firefox for reproducing the issue and get the output for below :
show np 1 me-stats -shttp
Look for counter value
Exceed max buffer errors: 16901 <<<<< Check if the counter increase after the test.
you can try few times and in case if you see the value increasing for “ Exceed max buffer errors”
I believe if you do the following and test that should fix it. I have seen similar issue with a customer and the below has fixed it.
configure set header-maxparse-length 65535 and set max-parse-time 65535 and set content-maxparse-length 65535
host1/Admin(config)# parameter-map type http http_parameter_map
host1/Admin(config-parammap-http)#
host1/Admin(config-parammap-http)# set content-maxparse-length 65535
host1/Admin(config-parammap-http)# set max-parse-time 65535
host1/Admin(config-parammap-http)# set header-maxparse-length 65535
host1/Admin(config-parammap-http)# length-exceed continue
Apply the above in multimatch policy :
appl-parameter http advanced-options http_parameter_map
Let me know the result after applying the above.
Maybe you are looking for
-
I just replaced my airport extreme and now the amber light on my airport express is blinking. When I go to utilities and try to find the airport express it does not show up. What should I do?
-
I'm trying to open Photostream on AppleTV; the screen says Terms of Service have changed and go to /support/icloud. I go there but can find no place to see the new terms of service and/or agree to them.
-
How do I add a new IP to the local host file?
One of the sites I manage has been migrated to a dedicated server. Before changing the nameservers, I need to proof all the pages. To do so, I need to add the new IP number to my local computer local host file. How is that done? OSX 10.9 david
-
FIX STATEMENT AND LARGE SPARSE DIMENSIONS
Hello all, We have the following Essbase BSO db; Account (Dense) (285 Members) (Aggregating Dimension) Period (Dense) (65 Members) (Aggregating Dimension) D1 (Sparse) (3700 Members) (Aggregating Dimension) D2 (Sparse) (8900 Members) (Aggregating Dime
-
I am unable to view the CAPTCHA on certain sites, anyone know why?
When a page asks me to fill in the CAPTCHA the box is blank. I was told it was the internet browser causing it. I also have a problem with some pages loading - and then they are just blank and say "done" at the bottom of the page. I ran a virus/malwa