Using ssl health checks in a health check policy – Brocade Virtual ADX Server Load Balancing Guide (Supporting ADX v03.1.00) User Manual

Page 218

Advertising
background image

202

Brocade Virtual ADX Server Load Balancing Guide

53-1003247-01

Element health checks

4

verification is contained in a matching list that is attached to one or more real servers. The
following is an example of the commands used to set up a matching list. For information on
how to configure the match lists, refer to

“Configuring HTTP content matching lists”

on

page 208.

Syntax: [no] protocol dns | 53 [addr_query "name" | zone zone-name]

This command changes one of the following DNS health-check parameters. To change more than
one of these parameters, enter a separate protocol dns or protocol 53 command for each
parameter.

addr_query "name" – This parameter specifies a domain name to be requested from the real
server by the Brocade Virtual ADX. If the server successfully responds with the IP address for
the domain name, the server passes the health check. There is no default.

zone zone-name – This parameter specifies a DNS zone name. The Brocade Virtual ADX sends
a Source-of-Authority (SOA) request for the zone name. If the server is authoritative for the
zone and successfully responds to the SOA request, the server passes the health check. There
is no default.

NOTE

If you do not configure one of these parameters, the DNS port will fail the health check.

Syntax: [no] protocol radius | 1812 [username string] | [password string] | [key string]

This command changes one of the following RADIUS health-check parameters. The health check
requests values that are configured on the RADIUS server. To change more than one of these
parameters, enter a separate protocol radius or protocol 1812 command for each parameter.

username string – This parameter specifies an authentication username on the server.

password string – This parameter specifies an authentication password on the server.

key string – This parameter specifies an authentication key on the server.

Syntax: [no] protocol ldap | 389 [num]

This command changes the LDAP version. The health check sent by the Brocade Virtual ADX differs
depending on the version. You can specify 2 or 3. The default is 3.

Using SSL health checks in a health check policy

When SSL health checks are used in a health check policy, by default the simple SSL health check
is used. The Brocade Virtual ADX sends the server an SSL client hello with the SSL SID set to 0; if
the server responds, it passes the health check. However, if you use the protocol ssl use-complete
command in a health check policy, it causes the Brocade Virtual ADX to negotiate an SSL
connection and send a GET or HEAD request to the server.

For example, the following commands create a health check policy to test IP address 10.10.10.50,
using SSL health checks.

Virtual ADX(config)#healthck check4 tcp

Virtual ADX(config-hc-check4)#dest-ip 10.10.10.50

Virtual ADX(config-hc-check4)#port ssl

Virtual ADX(config-hc-check4)#protocol ssl use-complete

Virtual ADX(config-hc-check4)#protocol ssl url "GET /secure.htm"

Virtual ADX(config-hc-check4)#protocol ssl status-code 200 200

Advertising
Popular Brands
Popular manuals