10-3. SLB Probes Configuration 1. | Define the probe:
IOS | (global) ip slb probe name {ping | http | wsp} | CSM | [View full width] (csm) probe probe-name {http | icmp | telnet | tcp | ftp | smtp | dns} |
The probe is named name (text string up to 15 characters) and can be referenced by other SLB server and firewall farm commands. IOS SLB allows these probe types: ping (ICMP), http, or wsp (WAP port 9201). In addition, the CSM allows http, icmp (Ping), telnet, tcp (TCP connection), ftp, smtp, and dns.
| 2. | (Optional) Define the target address:
IOS | (probe) address [ip-address] | CSM | (probe) address ip-address |
For a server farm, this command is not used. The ip-address used by the probe is inherited from each real server in the server farm. However, a CSM allows an address to be configured for a ping or DNS probe type.
With IOS SLB, addresses are not inherited when the probe is used for a firewall farm. You must use this command to define the address of a target firewall.
| 3. | Set the probe behavior:
- a. (Optional) Set the time between probes:
IOS | (probe) interval seconds | CSM | (probe) interval seconds |
Probes are sent toward the target at intervals of seconds (IOS SLB: 1 to 65,535 seconds, default 1 second; CSM: 5 to 65,535 seconds, default 120 seconds).
- b. (Optional; CSM only) Set the time to wait for a non-TCP probe reply:
IOS | N/A | CSM | (probe) receive receive-timeout |
The CSM waits receive-timeout (1 to 65,535 seconds; default 10 seconds) for data to be received in response to probes other than TCP.
- c. (Optional; CSM only) Set the time to wait for a TCP probe connection:
IOS | N/A | CSM | (probe) open open-timeout |
For HTTP, TCP, FTP, Telnet, and SMTP probes, the CSM waits open-timeout (1 to 65,535 seconds; default 10 seconds) for a TCP connection to be opened in response to the probe.
- d. (Optional) Define the criteria for a failure:
IOS | (probe) faildetect retry-count | CSM | (probe) retries retry-count |
With IOS SLB, a server or firewall is considered to have failed if retry-count (1 to 255; default 10) consecutive ping probes are unanswered. With a CSM, the target has failed if retry-count (0 to 65,535; default 3) probes of any type are unanswered.
- e. (Optional; CSM only) Wait to retry a failed server:
IOS | N/A | CSM | (probe) failed failed-interval |
When a CSM has determined that a server has failed, it waits failed-interval (5 to 65,535 seconds; default 300 seconds) before sending another probe.
| 4. | (Optional; HTTP probe only) Define the HTTP probe operation:
- a. (Optional; IOS SLB only) Set the port number:
IOS | (probe) port port-number | CSM | N/A |
Usually, an HTTP probe uses port-number 80. If the port-number is unspecified, however, it is inherited from the virtual server. For a firewall probe, the port-number must be given (1 to 65,535). The target device must be able to answer an HTTP request for the probe to work.
- b. (Optional) Define the HTTP probe method:
IOS | [View full width] (probe) request [method {get | post | head | name name}] [url path] | CSM | (probe) request [method {get | head}] [url path] |
The probe requests information from the server using the get (the default), post, head (request a header data type), or name (request the data named name) method. A URL can also be given, specifying the server path (text string URL; default /).
- c. (Optional) Specify the probe header information:
IOS | (probe) header field-name [field-value] | CSM | (probe) header field-name [field-value] |
The probe header name is set to field-name (text string up to 15 characters), with a value of field-value. A colon is automatically inserted between the name and value. By default, the request contains these headers:
Accept: */* Connection: close User-Agent: cisco-slb-probe/1.0 Host: virtual-IP-address
- d. (Optional) Specify the HTTP authentication values:
IOS | (probe) credentials username [password] | CSM | (probe) credentials username [password] |
If HTTP authentication is required, a username (text string, up to 15 characters) and a password (text string up to 15 characters) can be given for the probe.
- e. (Optional) Expect a specific status code to be returned:
IOS | [View full width] (probe) expect [status status-code] [regex regular-expression] | CSM | (probe) expect status min-number [max-number] |
A real server or a firewall is considered to have failed if it either does not respond to an HTTP probe or if it returns a status-code (100 to 599, default 200) other than the one specified. For firewalls, the status-code should be set to 401. For a CSM, the status code must be within the range min-number (default 0) and max-number (optional, default 999).
With IOS SLB, you can also expect a regular expression along with the status code. Use the regex keyword and specify a regular-expression (text string, no default). Only the first 2920 bytes of the probe reply are searched for a match.
| 5. | (Optional; WSP probe only) Define the target URL:
IOS | (probe) url [path] | CSM | N/A |
A URL can also be given, specifying the server path (text string URL; default /).
| 6. | (Optional; DNS probe only) Define the domain name:
IOS | N/A | CSM | (probe) name domain-name |
A DNS probe requires a domain-name (text string) that can be resolved by a DNS server target.
| Displaying Information About SLB Probes Table 10-3 lists some switch commands that you can use to display helpful information about SLB probes. Table 10-3. Commands to Display SLB Probe InformationDisplay Function | Switch OS | Command |
---|
Probe configuration and status | IOS | (exec) show ip slb probe [name probe_name] [detail] | CSM | [View full width] (exec) show module csm slot probe [http | icmp | telnet | tcp | ftp | smtp | dns] [name probe_name] [detail] |
|