[HTTP Health Check <HC ID> Menu] name - Set descriptive health check name http - Health Check Parameters Menu ssl - Enable/disable SSL for HTTPS Health check dport - Set application port dest - Set destination address or hostname inter - Set interval between health checks retry - Set number of failed attempts to declare server down restr - Set number of successful attempts to declare server up timeout - Set max seconds to wait for response downtime - Set interval between health checks when server is down invert - Copy health check always - Enable/disable always performing the health check connterm - Set connection termination conntout - Set connection termination on timeout snat - Enable/disable source NAT (PIP) for this health check copy - Copy health check del - Delete health check cur - Display current health check |
Command Syntax and Usage | |
---|---|
http | |
Displays the HTTP Health Check Parameters menu. To view this menu, see /cfg/slb/advhc/health <health check ID> http/http HTTP Health Check Parameters. | |
ssl | |
Enables or disables SSL for HTTPS health checks. | |
cipher <cipher-suite alias or cipher string in OpenSSL format> | |
Lets you change the default cipher-suite to a low or medium cipher to avoid high MP CPU usage. By default, the HTTPS health check uses an internally strong cipher (DEFAULT) that consumes a large amount of MP CPU, which can cause a CPU spike. When you enter the command, the following prompt displays: Current cipher-suite in OpenSSL format: DEFAULT Enter new cipher-suite in OpenSSL format: (e.g. des-cbc-sha) For a complete list of cipher-suites you can enter, see Cipher Suites. Default: DEFAULT | |
inter [1-600] | |
Sets the interval in seconds between health checks. Default: 5 (HTTP), 10 (HTTPS) | |
timeout [0-600] | |
Sets the maximum number of seconds to wait for a response. This value must be lower or equal to the interval parameter. When set to 0, the timeout parameter equals the interval parameter. Default: 5 (HTTP), 10 (HTTPS) | |
always disabled|enabled | |
Specifies that the health check is performed for real servers that are not attached to any virtual service or filter. Default: disabled | |
connterm fin|rst | |
Determines whether the connection is terminated using FIN or RST command, after receiving HC information from the server. fin - closes the connection with a graceful termination (using FIN/ACK messages). rst - resets connection to quickly release the connection resources. Default: fin Note: This command is only applicable for TCP/HTTP IPv4 health checks. For IPv6, the FIN setting will be ignored and the connection will be closed by RST. | |
conntout fin|rst | |
Determines whether, upon timeout (before receiving HC information from the server, and the HC results failed) the connection is terminated using FIN or RST command. fin - closes the connection with a graceful termination (using fin/ack messages). rst - resets connection to quickly release the connection resources. Default: rst Note: On timeout, it is recommended to close the connection with RST for faster response release. Closing with FIN may cause high MP CPU when a large number of real servers are unreachable. Note: This command is only applicable for HTTP/HTTPS IPv4 health checks. For IPv6, the FIN setting will be ignored and the connection will be closed by RST. | |
snat | |
Specifies whether the source IP used for this health check should be egress IP interface (disabled) or the NAT address configured for health checks on the egress IP interface (enabled). This command applies to the https health check. Note: If this parameter is enabled but no NAT address is configured on the egress interface, the health check will fail. Default: disabledDisabled |