Solutions

How to use health-checks to monitor CacheFlow 5000 devices

Solutions ID:    KB4468
Version:    1.0
Status:    Published
Published date:    07/05/2011
 

Problem Description

In a caching environment with an L4/L7 switch and a number of CacheFlow 5000 devices it is desirable to allow the L4/L7 switch to monitor the health of the caches and thus be able to divert traffic away from a cache that is not healthy.

Resolution

The recommended health check in a CacheFlow 5000 environment is to use explicit HTTP head requests to the caches on port 80.  It is expected that a healthy CacheFlow 5000 unit will return a status code of 400.  As of version 2.1.4.5 a CacheFlow 5000 will conditionally return a status code of 503 when it is unhealthy based on an internal self-assessment.

To enable this health-check both the switch and the CacheFlow 5000 devices require configuration.

CacheFlow 5000

Verified with version 2.1.4.5

The CacheFlow 5000 devices need to be configured to intercept explicit port 80 traffic.  This can be accomplished using the following CLI directives at the enable prompt:

configure terminal

proxy-services

edit explicit

intercept explicit 80

 

exit

exit

exit


Note:  Avoid the abuse of the CacheFlow 5000 devices as open proxies by disallowing connections to the caches’ port 80 at firewall or switch level.  Exceptions to this should be the L4/L7 switches, and possibly IP addresses used for test connections.

 

A10

Verified with version 2.2.4-p6(build: 1)

The configuration of the health monitor on A10 should make sure to expect a status code of 400, and it is suggested to use a retry count of 1:

health monitor http-monitor retry 1

 method http expect response-code 400

!

 

Enable this health monitor for every configured cache using the following directive as par of the cache configuration:

  health-check http-monitor

 

The complete configuration of a single cache should look similar to this:

slb server cf-1 10.169.8.101

  slow-start

  spoofing-cache

  port 80 tcp

  health-check http-monitor

!

Brocade

Verified with version 12.2.01T403

To enable the health-check on Brocade the following directive is required as part of every cache configuration:

 port http url "HEAD /"

 

The complete configuration of a single cache should look similar to this:

server cache-name cf-1 10.169.8.101

 port http

 port http url "HEAD /"

!

 

Additionally you should enable L4 health checks and disallow fast-bringup to make sure a cache is only considered healthy when the HTTP health-check succeeds.  The switch configuration should contain directives similar to this:

server l4-check

 

server port 80

 no-fast-bringup

 tcp

!

 

F5

Verified with version BIG-IP 10.2.0 Build 1707.0)

The configuration of the health monitor on F5 should make sure to expect a status code of 400, and it is suggested to use a timeout of 1:

monitor http-monitor {

   defaults from http

   timeout 1

   recv "400 Bad Request"

   send "HEAD / HTTP/1.0\r\n\r\n"

}


The cache pool definition should include the following directive to enable the health-check for all caches:

monitor all http-monitor

 

The complete configuration of a cache pool should look similar to this:

pool cf-pool {

   snat disable

   nat disable

   monitor all http-monitor

   members {

      10.169.8.101:http {

      }

      10.169.8.102:http {

      }

      10.169.8.103:http {

      }

      10.169.8.104:http {

      }

   }

}


Rate this Page

Please take a moment to complete this form to help us better serve you.

Did this document help answer your question?
 
 
If you are finished providing feedback, please click the RATE CONTENT button. Otherwise, please add more detail in the following text box and then click RATE CONTENT.
 
 

Your response will be used to improve our document content.

Ask a Question