David, I recommend you set up custom health checks to force the fail over. You can specify a page or output of the status of your application.
manolo David Miller wrote: > Oliver Adam wrote: >> I am not sure why you would like to solve this problem with another >> vendors box. I would suggest to look at the features of the 4G. There >> is something called health check track groups. >> >> Out of the documentation: >> >> ServerIron(config)# server real r1 1.1.1.1 >> ServerIron(config-real-server-r1) port 80 >> ServerIron(config-real-server-r1) port ftp >> ServerIron(config-real-server-r1) port dns >> ServerIron(config-rsr1) hc-track-group 80 21 53 >> >> The ServerIron now tracks health status for ports 80, 21, and 53. If >> any of these ports is down then the combined >> health would be marked as failed and the ServerIron will not use >> these ports for load balancing traffic. >> >> You would have to combine port 80 and port 443 in a health check >> track group. >> >> Is not that what you are looking for? > > Ahh, now that's just what I was looking for. I already have that though: > > > healthck Server1_HC tcp > dest-ip 192.168.0.60 > port http > protocol http > protocol http url "GET /status.html" > protocol http content-match Content_Match > l7-check > > > server real server1 192.168.0.60 > source-nat access-list 1 > port http > port http healthck Server1_HC > port http url "HEAD /" > port ssl > port ssl keepalive > port ssl l4-check-only > port 8080 > port 9000 > port 4443 > hc-track-group 80 443 > > > server virtual vserver 1.2.3.4 > sym-priority 110 > port http > port http lb-pri-servers backup-stay-active > port ssl sticky > port ssl ssl-terminate Action > port ssl lb-pri-servers backup-stay-active > bind http server1 8080 real-port http server2 8080 real-port http > bind ssl server1 4443 real-port ssl server2 4443 real-port ssl > > > However, we recently ran into the situation where server1 was > responding very slowly and http failed over to server2 but ssl > remained on server1. > > > The 8080 and 4443 are so we can access the real server for testing > before binding it to the LB VIP. Are they what's causing the problem > here? Should I have hc-track-group 80 443 8080 4443 ? > > Thanks! I love the S/N ratio on this list! > > --- David > > _______________________________________________ > foundry-nsp mailing list > [email protected] > http://puck.nether.net/mailman/listinfo/foundry-nsp > _______________________________________________ foundry-nsp mailing list [email protected] http://puck.nether.net/mailman/listinfo/foundry-nsp
