Forum Discussion

ssl_b0y_87395's avatar
Icon for Nimbostratus rankNimbostratus
Jul 20, 2011

Testing the F5 itself with a simple test


I have a goal to monitor my F5's from completelt outside the environment as if they were a client connection. Obviously it's possible to get very fancy on this, but I just need to know for the moment that the F5 is up and running, passing traffic and irules are being processed.

I have a couple of Virtual Servers on my F5 which have a couple of irules attached; one with complex logic which directs the connection to any number of pools and other just doing some "clean up"

What I want to do is create either a separate irule or insert extra logic in the exisiting one which is processed first which responds with a HTTP 200 etc. when a specfic, magic, hidden URL is requested; if this is "hit" I don't want any subsequent irule to be processed for the sake of processor efficiency.

The failure of a single pool or member would not tell me what I need to know as it could be down for any number of reasons, but I still need to know whether it is processing and responding correctly.

So my thought was this:

if { [HTTP::URI] equals "/HelloThereAnyoneHome.htm"} {
      HTTP::respond 200 content {
            Test Page
            No-one here but us Chickens! 
    event disable all
Essentially, my external test host would request the page /HelloThereAnyoneHome.htm, and look for the text "No-one here but us Chickens!" In this context, whether ANY pool member is up is irrelevant, I just want to get a simple, clean "hello" out of the F5, with any

Any other response would cause an alarm..

Thanks a lot!

3 Replies

  • Hamish's avatar
    Icon for Cirrocumulus rankCirrocumulus



    You have a conundrum... If your iRule fires first, you still don't know if the subsequent ones are working... They could be failing too... WHich means that you're only testing connectivity to a VS... At which point, you could get away with just doing a tcp level check... And then close the connection...



    If it fires last, then you're chewing up CPU that you didn't need of course :)



    How fancy do you want to get? You could always create an iRule that just counts the connections (Saving the info in a table - Assuming v10)... And then a separate VS that you can get the stats from... But that won't tell you anything if there's no traffic of course... But you could test that, and then if the counters don't increment do a real test :)




  • Hamish's avatar
    Icon for Cirrocumulus rankCirrocumulus
    Oh... You could also monitor the iRule stats from iControl and check how many times they're invoked. And whether they're accumulating errors...



  • Thanks for coming back to me, At this stage I'm just after something simple but one stage more than a TCP socket check; I'm monitoring the various VS internally via OOB, I'm just trying to establish whether the F5 or indeed the entire DC is dead. I had seen some icontrol samples which did bring back some interesting stats, but whilst I'm an irule newb; I'm a total icontrol virgin and just need something "quick and dirty" up and running for a couple of weeks which isn't going to break the bank in terms of resources (my site is not totally live yet and I don't know what my production volumes are going to be like for certain).



    I'm going to give this a go and see how I get on, unless anyone has any better ideas?