ADC

Proxy protocol service monitoring

NetScaler appliance with a proxy protocol supports monitor check. The monitor check ensures that the back end server also supports the proxy protocol. The NetScaler appliance has four built-in monitor types for HTTP or TCP related services: HTTP, HTTPS, HTTP-ECV, and TCP-ECV.

The following table lists the monitor types, and the parameters and monitoring processes associated with each type.

Configuration type Probe Success criteria
HTTP httprequest [“HEAD /”] - HTTP request that is sent to the service. respcode [200] - A set of HTTP response codes are expected from the service. The NetScaler appliance establishes a 3-way handshake with the monitor destination. After the connection is established, the appliance sends HTTP requests, and then compares the response code with the configured set of response codes.
HTTPS httprequest [“HEAD /”] - HTTPS request that is sent to the service. respcode [200] - A set of HTTPS response codes are expected from the service. The NetScaler appliance establishes a 3-way handshake with the monitor destination. After the connection is established, the appliance sends HTTPS requests, and then compares the response code with the configured set of response codes.
HTTP-ECV send [””] - HTTP data that is sent to the service. Received [””] - the expected HTTP response data from the service The NetScaler appliance establishes a 3-way handshake with the monitor destination. When the connection is established, the appliance uses the send parameter to send the HTTP data to the service and expects the HTTP response that the receive parameter specifies. (HTTP body part without including HTTP headers). Empty response data matches any response. Expected data might be anywhere in the first 24 K bytes of the HTTP body of the response.
TCP-ECV send [””] - is the data that is sent to the service. The maximum permissible length of the string is 512 K bytes. received [””] - the expected response from the service. The maximum permissible length of the string is 128 K bytes. The NetScaler appliance establishes a 3-way handshake with the monitor destination. When the connection is established, the appliance uses the send parameter to send specific data to the service and expects a specific response through the receive parameter. Different servers send different sizes of segments. However, the pattern must be within 16 TCP segments.

You can configure the proxy protocol monitor using netprofile.

Configure proxy protocol monitor by using the CLI

At the command prompt, type:

  1. Add net profile with proxy protocol enabled

    add netprofile <name> -proxyProtocol ( ENABLED | DISABLED )

Example:

add netprofile profile1 –proxyProtocol ENABLED
  1. Bind the net profile to a service.

    set service <name> -netprofile <netprofile-name>

Example:

set service S1 –netprofile profile1

Note

You can run the preceding command if you want net profile to bound to a service.

  1. Bind the net profile to a monitor.

    set lb monitor <monitor-name> <type> -netprofile <netprofile-name>

Example:

set lb monitor http1 HTTPS –netprofile profile1

Note

  • You can run the preceding command if you want the net profile to bound to a monitor.
  • You can select a monitor type of your choice. It can be HTTP, HTTPS, TCP-ECV, or HTTP-ECV.

Important

  • In a general case, the net profile (proxy protocol enabled) bound to a service is considered.
  • If the net profile is bound to both monitor and service, the net profile bound to monitor is considered. The net profile bound to service is ignored.
Proxy protocol service monitoring