Re: GSS-CSS Keepalive KAL-AP by Tag!

ssh · ‎08-31-2006

Hi All,

I'll like to get your comments on GSS keepalive KAL-AP by Tag functionality. How does this suppose to help or work?

This is my scenario: CSS has two content rules with the same VIP address. First content rule is for port 389 and second is for port 636.

I am using KAL-AP by Tag keepalive on GSS to find the health of each port/content rule separately i.e if 389 goes down, GSS should ONLY show 389 as offline and 636 as online. Is it possible to do that? How can I implement a GSS DNS rule on the basis of services (ldap/sldap/http)? I dont want GSS to give wrong information to my users i.e If I use KAL-AP by VIP,GSS doesnt show 389 as offline when it goes down because on the same VIP 636 is online. Please help and any pointers will be helpful.

Thansk,

Shahid

Gilles Dufour · ‎09-01-2006

Shahid,

when a client makes a dns request it does not mention what application it is going to use.

It justs request an ip address.

For example if you have both HTTP and HTTPS running, the ip address is the same for www.mycompany.com.

If, let's say HTTPS goes down but not HTTP, do you want the GSS to continue to respond to requests for www.mycompany.com ?

If yes, the client could then try to open https://www.mycompany.com which will fail.

I would say KAL-AP by TAG is usefull if you have multiple domain names pointing to the same vip. ie: www.mycompany.com and ldap.mycompany.com both pointing to ip x.x.x.x.

I believe that the GSS config is straight forward - check the config guide if needed.

For the CSS, you need to configure APP with the GSS and set the TAG with the 'add dns' command under the content rule.

Gilles.

ssh · ‎09-01-2006

Hi Gilles,

Thanks a bunch for your resonse.

"

If, let's say HTTPS goes down but not HTTP, do you want the GSS to continue to respond to requests for http://www.mycompany.com ?

If yes, the client could then try to open https://www.mycompany.com which will fail. "

Thats exactly what I am asking. I want http://www.mycompany.com to go down when https is down (http is still up) but it wont happen with KAL-AP by VIP keepalive and it wont happen with KAL-AP by TAG as there is no way to associate two Answers with same ip address but different tags in GSS Answer group.

Let me know if I am not on the right track.

I always appreciate and learn a lot from your replies.

Thanks,

Shahid

Gilles Dufour · ‎09-02-2006

Shahid,

you can create a service that will monitor both HTTP and HTTPS. This service would be used in a content rule with a KAL-AP TAG and you will use it for GSS KAL-AP monitoring - this rule would not be used for loadbalancing traffic.

This way, when either HTTP or HTTPS goes down, the service will go down and the rule as well so the GSS will be able to detect it.

Gilles.

ssh · ‎09-02-2006

Interesting!

You mean to say I create a content rule with no port and add two services for httpand https along with tag? This content rule is in addition to two more content rules for 443 and 80. Am i correct?

thanks,

Shahid

ssh · ‎09-03-2006

how can i create service with 2 keepalives?

Thanks,

Shahid

Gilles Dufour · ‎09-03-2006

you can't.

But you can create 1 script keepalive that will monitor 2 or more ports.

Gilles.