This section allows you to create a Real Server and lists the Real Servers that are assigned to the Virtual Service. The properties of the Real Servers are summarized and there is also the opportunity to add or delete a Real Server, or modify the properties of a Real Server. When Content Switching is enabled, there is also the opportunity to add rules to, or remove rules from, the Real Server (see Add Rule).

Real Server Check Method

This provides a list of health checks for well-known services, as well as lower level checks for TCP/UDP or ICMP. With the service health checks, the Real Servers are checked for the availability of the selected service. With TCP/UDP the check is simply a connect attempt.

The tables below describe the options that may be used to verify Real Server health. You may also specify a health check port on the Real Server. If none are specified here, it will default to the Real Server port.

When the HTTP/HTTPS, Generic and STARTTLS protocols Service Types are selected, the following health check options are available.

Method

Action

ICMP Ping

An ICMP ping is sent to the Real Server

HTTP

HTTP checking is enabled

HTTPS

HTTPS (SSL) checking is enabled

TCP

A basic TCP connection is checked

Mail

The SMTP (Simple Mail Transfer Protocol) is used

NNTP

The NNTP (Network News Transfer Protocol) is used

FTP

The FTP (File Transfer Protocol) is used

Telnet

The Telnet protocol is used

POP3

The POP3 (Post Office Protocol – mail client protocol) is used

IMAP

The IMAP (Internet Message Access Protocol – mail client protocol) is used

Name Service (DNS) Protocol

The Name Server (DNS) Protocol value is only available in the Real Server Check Method drop-down list when the Virtual Service Protocol is set to udp. The LoadMaster performs nslookups against an A record on the server over UDP port 53. If the server successfully responds to the DNS query, the LoadMaster marks it as active. If the server fails to respond within the configured response time for the configured number of times or if it responds unsuccessfully to the A record request, it is assumed down.

Binary Data

Specify a hexadecimal string to send and specify a hexadecimal string to check for in the response

LDAP

Select an LDAP endpoint to use for the health check. The LDAP health check uses the LDAP credentials and protocol specified in the LDAP endpoint. The health check is run against the Real Server IP address and port. The LDAP health check comprises of a LoadMaster connecting to a Real Server and validating the specified user credentials. The health check is performed in two steps:

Step 1: Check if the Real Server specified port is up and available.

Step 2: Attempt to log in to the Real Server using the LDAP specified credentials.

If step 1 and step 2 are true, the health check passes. If step 1 or step 2 fails, the health check fails.

For further information on LDAP endpoints, refer to the LDAP Configuration section.

None

No checking performed

When the Remote Terminal Service Type is selected the following health check options are available.

Method

Action

ICMP Ping

An ICMP ping is sent to the Real Server

TCP

A basic TCP connection is checked

Remote Terminal Protocol

An RDP Routing Token is passed to the Real Server.

This health check supports Network-Level Authentication.

None

No checking performed
Note: For a UDP virtual service, only the ICMP Ping and Name Service (DNS) Protocol options are available for use.

Check Parameters

In LoadMaster firmware version 7.2.52, the check Interval, Timeout, and Retry Count settings can be configured on each Virtual Service or SubVS. Previously, these were just global settings. You can configure the global settings in Rules & Checking > Check Parameters. The global settings are used by default for all Virtual Services.

Interval (seconds): This field specifies the number of seconds that will pass between consecutive health check attempts and defines the length of the ‘health check cycle’. To override the global interval, you can select any other value from the drop-down list. The global option cannot be selected if either the Timeout or Retry Count parameters have been set to a value other than the global setting.

Timeout (seconds): This is the allowed maximum wait time for a connection to be established and for the receipt of a reply to a health check. If no reply is received before the timeout expires, then the connection is re-attempted as long as the Retry Count has not been reached. If any HTTP response is received in response to the health check, then no retries are attempted in the current health check cycle. To override the global timeout value, you can select any other value from the drop-down list.

Retry Count: This specifies the number of times the health check will be re-attempted if the timeout above is reached before receiving a response. To override the global retry count value, you can select any other value from the drop-down list. The retry count does not apply if any response is received in response to the health check. If, for example, either a 200 or a 404 response is received, then no retries are attempted in the current cycle.

To configure these settings for a specific Virtual Service, expand the Real Servers section of the Virtual Service or SubVS modify screen. A Real Server Check Method must be selected to see the relevant fields. You can configure these settings to either use the global value, set a specific value within the provided range, or reset to the default value.

If you configure these settings for a parent Virtual Service and then create a SubVS within that Virtual Service, the check values are reset to use the global values.

Enhanced Options

Enabling the Enhanced Options check box provides an additional health check option – Minimum number of RS required for VS to be considered up. If the Enhanced Options check box is disabled (the default), the Virtual Service is considered available if at least one Real Server is available. If the Enhanced Options check box is enabled, you can specify the minimum number of Real Servers that must be available to consider the Virtual Service to be available.

Minimum number of RS required for VS to be considered up

Note: This option will only appear if the Enhanced Options check box is enabled and if there is more than one Real Server.

Select the minimum number of Real Servers required to be available for the Virtual Service to be considered up.

If less than the minimum number of Real Servers is available, a critical log is generated. If some Real Servers are down but it has not reached the minimum amount specified, a warning is logged. If the email options are configured, an email is sent to the relevant recipients. For further information on the email options, refer to the Email Options section.

Note: Note that the system marks a Virtual Service as down whenever a Real Server that is marked as Critical becomes unavailable – even if Enhanced Options are enabled and there are more than the specified minimum number of Real Servers still available.

In all cases, if the Virtual Service is considered to be down and the Virtual Service has a sorry server or an error message configured, these are used.

If the minimum number is set to the total number of Real Servers and one of the Real Servers is deleted, the minimum will automatically reduce by one.

When using content rules in a SubVS, the minimum number of Real Servers required has a slightly different meaning. A rule is said to be available and can be matched if and only if the number of available Real Servers with that rule assigned to them is greater than the limit. If the number of available Real Servers is below this limit, the rule can never be matched - the SubVS is marked as down and this is logged appropriately.

If a Real Server on a SubVS is marked as critical – the SubVS is marked as down if that Real Server is down. However, the parent Virtual Service will not be marked down unless that SubVS is marked as critical.