06-07-2009 09:23 AM
Is there anything special talking about health checks for remote servers? I do have some local servers and they are all fine but I am not successful with my remote servers. I do not get them up for some reason. Where should I look at?
06-08-2009 12:18 AM
It is hard to find the root cause for this problem based on the details available in your post. Are you sure everything is OK from a routing/L3 point of view? Have you tried to ping the remote server? Do you get the answer back?
06-08-2009 01:01 AM
I am not able to ping the remote servers. There is a firewall in front of the remote servers and the firewall does not allow ICMP traffic. Nevertheless I am able to telnet to the remote servers and I am as well able to telnet to port 80 of the remote servers. Connectivity is therefore fine and I would expect my HTTP health check to be successful.
06-08-2009 01:28 AM
There are some firewalls in between the ServerIrons and the remote servers and they do not allow ICMP traffic? This is bad - the health checking process is getting down in multiple steps talking about remote servers:
Step 1: route table lookup
Step 2: Layer 3 health check (ICMP echo request)
Step 3: Layer 4
Step 4: Layer 7
The ServerIron is not going to step 3 and step 4 without being able to finish step 2 successfully. You have two options from my point of view:
Option 1: allow ICMP traffic to the remote real server IP addresses coming from the physical IP addresses of the ServerIrons
Option 2: disable step 2 using "no-l3-check" below the remote real server configuration:
server real rsA a.b.c.d