ACE 4710 HTTP Probes

Unanswered Question
Mar 26th, 2010

Using the ACE 4710 for loadbalancing a Sharepoint site.

We currently have a HTTP probe setup to check the port 80 status of the rserver.

Is there anyway to get the HTTP probe to check a DNS entry for each of the application sites? For instance http://info vs http://site are two different web sites running on the same IP. One site could have a problem but the actual port 80 for the IP may be still alive.

Thanks for any information.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Loading.
Pablo Fri, 03/26/2010 - 10:31

Hi Andy

If you have a single web server hosting multiple sites where the
individual web sites are differentiated by the "Host" header in the HTTP
requests. In order to probe these types of sites, it is necessary to
specify this header, using the "header" command, eg.

*******************************************

Here is an example

probe http Site
  request method head url /url1.html
  expect status 200 200
  header Host header-value "info.com"

  interval 15

  open 1

probe http Info
  request method head url /index.html
  expect status 200 200
  header Host header-value "site.com"

  interval 15

  open 1

rserver host Sharepoint
  ip address 172.16.35.11
  inservice

serverfarm host Site
  rserver Sharepoint
  probe Site
  inservice

serverfarm host Info
  rserver Sharepoint
  probe Info
  inservice

**************************************

In the above example, a regular HTTP HEAD will be sent to the Sharepoint service
specifying the Host header as info.com and site.com

Hope this helps.

___ ___

Pablo

Cisco TAC

gabemichaels Tue, 06/01/2010 - 07:30

Hello,

I'm trying to do exactly the same thing using Host header values.  I've setup a test probe and serverfarm to experiment with this.  However, I'm finding that it doesn't seem to matter what you put in the header value because it always returns a positive response.

Here are the correct settings:

probe http prb-heartbeat.php-TEST
  port 80
  interval 10
  passdetect interval 10
  request method get url /heartbeat.php
  expect status 200 200
  header Host header-value "noreservationsapp.com"

serverfarm host sf-10.2.130.197-TEST
  probe prb-heartbeat.php-TEST
  rserver rs-10.2.224.75
    inservice
  rserver rs-10.2.224.76
    inservice

I get this:

LB-7273-WA1/LB-D01-WA# sh probe prb-heartbeat.php-TEST

probe       : prb-heartbeat.php-TEST
type        : HTTP
state       : ACTIVE
----------------------------------------------
   port      : 80      address     : 0.0.0.0         addr type  : -          
   interval  : 10      pass intvl  : 10              pass count : 3   
   fail count: 3       recv timeout: 10  
                ------------------ probe results ------------------
   associations ip-address      port  porttype probes   failed   passed   health
   ------------ ---------------+-----+--------+--------+--------+--------+------
   serverfarm  : sf-10.2.130.197-TEST
     real      : rs-10.2.224.75[0]
                10.2.224.75     80    PROBE    231      90       141      SUCCESS

     real      : rs-10.2.224.76[0]
                10.2.224.76     80    PROBE    231      90       141      SUCCESS

If I change the header value to "bark" or anything else, it still passes!  Is this a bug?  Or am I doing missing something?

Thanks,

Gabe

gondorch Wed, 06/02/2010 - 15:47

Has anyone figure this out?  I am tring to get healthchecks/probes setup in this same fashion.  I have 2 servers with 1 IP but have many sites.  I want to probe each side and ensure I get a 200 code.  I also have to provide credentials to the site.  It seems that if i open IE I can log in just fine to the site with the credentials.  However there is an active x control box that is wanting to be installed.  When I set this up on my ACE it seems I am getting a http 401 unauthorized error.  I have done a wireshark capture while I was browsing and I see the 401 however it also reports a 200 code after that.  Do you think this is a problem because of the active x control wanting to be downloaded?  Or is this an issue with the first http code that is recieved by the probe, that being the 401 and then the 200? Below is my config (cleaned of course).

probe http HTTP-80-OUR.DOMAIN.COM

  interval 15
  passdetect interval 60
  credentials
  request method get url http://our.domain.com/default.aspx

  expect status 200 200
  header Host header-value "our.domain.com"
  open 1

rserver host SERVER-A
  ip address X.X.X.47
  inservice
rserver host SERVER-B

  ip address X.X.X.48
  inservice

serverfarm host FARM-AB
  predictor leastconns
  probe HTTP-80-OUR.DOMAIN.COM

  rserver SERVER-A
    inservice
  rserver SERVER-B
    inservice

ACE4710# show probe HTTP-80-OUR.DOMAIN.COM detail

probe       : HTTP-80-OUR.DOMAIN.COM
type        : HTTP
state       : ACTIVE
description :
----------------------------------------------
   port      : 80      address     : 0.0.0.0         addr type  : -
   interval  : 15      pass intvl  : 60              pass count : 3
   fail count: 3       recv timeout: 10
   http method      : GET
   http url         : http://our.domain.com
   conn termination : GRACEFUL
   expect offset    : 0         , open timeout     : 1
   expect regex     : -
   send data        : -
                ------------------ probe results ------------------
   associations ip-address      port  porttype probes   failed   passed   health
   ------------ ---------------+-----+--------+--------+--------+--------+------
   serverfarm  : OUR.DOMAIN.COM-10.25.4.12-L3-FARM
     real      : SERVER-A[0]
                X.X.X.47      80    DEFAULT  414      406      8        FAILED

   Socket state        : CLOSED
   No. Passed states   : 1         No. Failed states : 2
   No. Probes skipped  : 0         Last status code  : 401
   No. Out of Sockets  : 0         No. Internal error: 0
   Last disconnect err : Received invalid status code
   Last probe time     : Wed Jun  2 17:44:18 2010
   Last fail time      : Wed Jun  2 13:37:04 2010
   Last active time    : Wed Jun  2 13:34:19 2010

     real      : SERVER-B[0]
                X.X.X.48      80    DEFAULT  414      406      8        FAILED

   Socket state        : CLOSED
   No. Passed states   : 1         No. Failed states : 2
   No. Probes skipped  : 0         Last status code  : 401
   No. Out of Sockets  : 0         No. Internal error: 0
   Last disconnect err : Received invalid status code
   Last probe time     : Wed Jun  2 17:44:20 2010
   Last fail time      : Wed Jun  2 13:37:06 2010
   Last active time    : Wed Jun  2 13:34:21 2010

Peter Koltl Sat, 06/05/2010 - 14:25

ACE probes support only Basic authentication but not Integrated Windows Authentication. Look into the captured 401 packet and search for WWW-Authenticate header. If you see only Negotiate or NTLM then your web server does not allow Basic authentication.

Gilles Dufour Mon, 06/07/2010 - 00:22

You absolutely can't get 2 responses (401 and then 200) to a single request.

Therefore, I can't help you unless you show us the sniffer trace so we can really see what is going on.

Gilles.

Peter Koltl Sat, 06/05/2010 - 14:14

I guess your server accepts any Host header. Try to restrict that. It can easily be tested with a PC if you add the 'bank' hostname to the hosts file then point your browser to http://bank

gabemichaels Mon, 06/07/2010 - 04:53

Hello all,

I determined that our problem was a web server configuration issue.  It was set to accept all headers, with undefined headers going to the root.  It just so happens the probe file resides there as well, which explains the positive 200 response.

Thanks,

GM

gondorch Mon, 06/07/2010 - 09:46

I opened a TAC case on this and found that the ACE only supports basic authentication.  I spoke with the sharepoint admin and found out that it was using NTLM.  After doing some more thinking on this we decided to change our probes to expect a 401 code instead of a 200 code.  This would still tell us that Share Point is functional or not.  When the probe runs it will run as anonymous and Sharepoint will deliver the 401 error.  However if sharepoint is having problems and cant display pagers it would deliver a 404 error or no code at all which would take the rserver out of rotation in both events.

Actions

This Discussion