Home > Articles > Networking > Routing & Switching

  • Print
  • + Share This
This chapter is from the book

10-3: SLB Probes

  • Probes can be used to test for server or firewall connectivity and proper operation.
  • Probes can be defined to simulate requests for these protocols:

    • ICMP: Sends ICMP echo (ping) requests to a real server.
    • HTTP: Sends HTTP requests to a real server, using TCP port 80.
    • WSP: Requests and verifies the replies using Wireless Access Protocol (WAP), port 9201.
    • Telnet: Opens and closes a Telnet connection (TCP port 23) to a real server.
    • TCP: Establishes and resets TCP connections to a real server. This can be used to support any TCP port, including HTTPS or SSL, port 443.
    • FTP: Opens and closes an FTP connection (TCP ports 20 and 21) to a real server.
    • SMTP: Opens and closes an SMTP connection (TCP port 25) to a real server.
    • DNS: Sends requests to and verifies the replies from a real DNS server.

Configuration

  1. Define the probe:

    (global) ip slb probe name {ping | http | wsp}

    The probe is named name (text string up to 15 characters) and can be referenced by other SLB server and firewall farm commands. IOS SLB allows these probe types: ping (ICMP), http, or wsp (WAP port 9201). (Optional) Define the target address:

    (probe) address [ip-address]

    For a server farm, this command is not used. The ip-address used by the probe is inherited from each real server in the server farm. With IOS SLB, addresses are not inherited when the probe is used for a firewall farm. You must use this command to define the address of a target firewall.

  2. Set the probe behavior:

    1. (Optional) Set the time between probes:

      (probe) interval seconds

      Probes are sent toward the target at intervals of seconds (IOS SLB: 1 to 65,535 seconds; default 1 second; CSM: 5 to 65,535 seconds; default 120 seconds).

    2. (Optional) Define the criteria for a failure:

      (probe) faildetect retry-count

      With IOS SLB, a server or firewall is considered to have failed if retry-count (1 to 255; default 10) consecutive ping probes are unanswered. With a CSM, the target has failed if retry-count (0 to 65,535; default 3) probes of any type are unanswered.

  3. (Optional; HTTP probe only) Define the HTTP probe operation:

    1. (Optional) Set the port number:

      (probe) port port-number

      Usually, an HTTP probe uses port-number 80. If the port-number is unspecified, however, it is inherited from the virtual server. For a firewall probe, the port-number must be given (1 to 65,535). The target device must answer an HTTP request for the probe to work.

    2. (Optional) Define the HTTP probe method:

      (probe) request [method {get | post | head | name name}] [url path]

      The probe requests information from the server using the get (the default), post, head (request a header data type), or name (request the data named name) method. A URL can also be given, specifying the server path (text string URL; default /).

    3. (Optional) Specify the probe header information:

      (probe) header field-name [field-value]

      The probe header name is set to field-name (text string up to 15 characters), with a value of field-value. A colon is automatically inserted between the name and value. By default, the request contains these headers:

      Accept: */*
      Connection: close
      User-Agent: cisco-slb-probe/1.0
      Host: virtual-IP-address
    4. (Optional) Specify the HTTP authentication values:

      (probe) credentials username [password]

      If HTTP authentication is required, a username (text string, up to 15 characters) and a password (text string up to 15 characters) can be given for the probe.

    5. (Optional) Expect a specific status code to be returned:

      (probe) expect [status status-code] [regex regular-expression]

      A real server or a firewall is considered to have failed if it either does not respond to an HTTP probe or if it returns a status-code (100 to 599, default 200) other than the one specified. For firewalls, the status-code should be set to 401. For a CSM, the status code must be within the range min-number (default 0) and max-number (optional, default 999).

      With IOS SLB, you can also expect a regular expression along with the status code. Use the regex keyword and specify a regular-expression (text string, no default). Only the first 2920 bytes of the probe reply are searched for a match.

  4. (Optional; WSP probe only) Define the target URL:

    (probe) url [path]

    A URL can also be given, specifying the server path (text string URL; default /).

Displaying Information About SLB Probes

To display helpful configuration and status information about SLB probes, enter the following command:

(exec) show ip slb probe [name probe_name] [detail]
  • + Share This
  • 🔖 Save To Your Account