Simple and compound ssl health checks – Brocade Virtual ADX Server Load Balancing Guide (Supporting ADX v03.1.00) User Manual

Page 198

Advertising
background image

182

Brocade Virtual ADX Server Load Balancing Guide

53-1003247-01

Layer 7 health checks

4

Configuring Boolean LDAP health checks
To configure a Boolean LDAPS health check, enter commands such as the following.

Virtual ADX(config)#healthck check1 tcp

Virtual ADX(config-hc-check1)#dest-ip 10.10.1.101

Virtual ADX(config-hc-check1)#port ldaps

Virtual ADX(config-hc-check1)#protocol ldaps

Virtual ADX(config-hc-check1)#l7-check

A Layer 7 health check must be configured in order for the Brocade Virtual ADX to establish a
secure connection on the LDAPS port. If only a Layer 4 health check is configured, then the
Brocade Virtual ADX establishes a regular TCP connection on port 636.

Simple and compound SSL health checks

The Brocade Virtual ADX supports two kinds of SSL health checking methods:

The Simple method sends the server an SSL client hello with the SSL SID set to 0. If the server
responds, then the server passes the health check. The Brocade Virtual ADX then resets the
connection and marks the SSL port ACTIVE.

The Compound method negotiates an SSL connection and sending a GET or HEAD request to
the server once the connection is established. The GET or HEAD request specifies a page
containing the URL of a page on the server. If the server responds with an acceptable status
code, the Brocade Virtual ADX resets the connection and marks the port ACTIVE.

Configuring SSL health checks
To configure the Brocade Virtual ADX to use the simple SSL health check, enter the following
command.

Virtual ADX(config)#server use-simple-ssl-health-check

To use the complete SSL health check, enter the no server use-simple-ssl-health-check command.

Virtual ADX(config)#no server use-simple-ssl-health-check

NOTE

When you configure complete SSL health check on the Brocade Virtual ADX and the server response
is in small TCP segment packets of 5 to 50 bytes, flapping occurs and the Brocade Virtual ADX
displays the following error messages:

SSL interface: ssl_read_data return error !!!

SSL read data: can't find key ???

Syntax: [no] server use-simple-ssl-health-check

Error messages
The following error messages are related to SSL health check, after receiving SSL data while it
cannot find the key to decrypt the data. The key is missing possibly due to a time out.

ssl_receive_data but tcb->ssl is null

SSL cleanup: can't find key ???

SSL interface: ssl_read_data return error !!!

ssl_receive_data but tcb->ssl is null

SSL cleanup: can't find key ???

Advertising
Popular Brands
Popular manuals