Command Line Interface Reference Guide > The SLB Configuration Menu
/cfg/slb/advhc/health <health check ID> http
HTTP/HTTPS Health Check Configuration
The following menu example is application-specific and includes only the application-specific commands. For all common commands, refer to cfg/slb/advhc/health <general> General Health Check Configuration.
 
[HTTP Health Check <HC ID> Menu]
name - Set descriptive health check name
http - Health Check Parameters Menu
ssl - Enable/disable SSL for HTTPS Health check
dport - Set application port
dest - Set destination address or hostname
inter - Set interval between health checks
retry - Set number of failed attempts to declare server down
restr - Set number of successful attempts to declare server up
timeout - Set max seconds to wait for response
downtime - Set interval between health checks when server is down
invert - Copy health check
always - Enable/disable always performing the health check
connterm - Set connection termination
 conntout - Set connection termination on timeout
snat - Enable/disable source NAT (PIP) for this health check
copy - Copy health check
del - Delete health check
cur - Display current health check
 
HTTP/HTTPS Health Check Menu Options (/cfg/slb/advhc/health <health check
ID>/http) 
Command Syntax and Usage
http
 
Displays the HTTP Health Check Parameters menu. To view this menu, see /cfg/slb/advhc/health <health check ID> http/http HTTP Health Check Parameters.
ssl
 
Enables or disables SSL for HTTPS health checks.
cipher <cipher-suite alias or cipher string in OpenSSL format>
 
Lets you change the default cipher-suite to a low or medium cipher to avoid high MP CPU usage. By default, the HTTPS health check uses an internally strong cipher (DEFAULT) that consumes a large amount of MP CPU, which can cause a CPU spike.
When you enter the command, the following prompt displays:
Current cipher-suite in OpenSSL format: DEFAULT
Enter new cipher-suite in OpenSSL format: (e.g. des-cbc-sha)
For a complete list of cipher-suites you can enter, see Cipher Suites.
Default: DEFAULT
inter [1-600]
Sets the interval in seconds between health checks.
Default: 5 (HTTP), 10 (HTTPS)
timeout [0-600]
Sets the maximum number of seconds to wait for a response. This value must be lower or equal to the interval parameter. When set to 0, the timeout parameter equals the interval parameter.
Default: 5 (HTTP), 10 (HTTPS)
always disabled|enabled
 
Specifies that the health check is performed for real servers that are not attached to any virtual service or filter.
Default: disabled
connterm fin|rst
 
Determines whether the connection is terminated using FIN or RST command, after receiving HC information from the server.
fin - closes the connection with a graceful termination (using FIN/ACK messages).
rst - resets connection to quickly release the connection resources.
Default: fin
Note: This command is only applicable for TCP/HTTP IPv4 health checks.
For IPv6, the FIN setting will be ignored and the connection will be closed by RST.
conntout fin|rst
 
Determines whether, upon timeout (before receiving HC information from the server, and the HC results failed) the connection is terminated using FIN or RST command.
fin - closes the connection with a graceful termination (using fin/ack messages).
rst - resets connection to quickly release the connection resources.
Default: rst
Note: On timeout, it is recommended to close the connection with RST for faster response release. Closing with FIN may cause high MP CPU when a large number of real servers are unreachable.
Note: This command is only applicable for HTTP/HTTPS IPv4 health checks.
For IPv6, the FIN setting will be ignored and the connection will be closed by RST.
snat
 
Specifies whether the source IP used for this health check should be egress IP interface (disabled) or the NAT address configured for health checks on the egress IP interface (enabled). This command applies to the https health check.
Note: If this parameter is enabled but no NAT address is configured on the egress interface, the health check will fail.
Default: disabledDisabled