Forum Discussion

legan's avatar
legan
Icon for Nimbostratus rankNimbostratus
Jan 21, 2021

In TMM Monitoring with username / password doesn't work

We have upgraded our LTM units from 11.x to 13.1.3.5.

Because we use an external program for monitors over HTTPS with SNI, we have now replaced that with default HTTPS monitors and attached a serverssl profile. In order to make the work, we have enabled in tmm monitoring, as explained in this article: https://support.f5.com/csp/article/K11323537.

That works like a charm and we can now get rid of that external program to monitor HTTPS with SNI.

But, from that moment on, the checks we have that use a username / password fail. So I found this bug: https://cdn.f5.com/product/bugtracker/ID757369.html.

I did what's mentioned in the document: remove the latest \r\n from the check. Still the check fails.

The send string now looks like:

GET /uri HTTP/1.1\r\nHost: hostname.domainname.net\r\n

Instead of:

GET /uri HTTP/1.1\r\nHost: hostname.domainname.net\r\n\r\n

But that doesn't help.

Any ideas?

2 Replies

  • When you say its not working, have you checked the packets, what F5 is sending & what response is coming back. I would turn on the monitor logging to get an idea atleast.

  • legan's avatar
    legan
    Icon for Nimbostratus rankNimbostratus

    I did enable monitor logging already. I do see the 'GET' command:

    (monitor_and_params): /Common/pool_monitor: IP_TOS= 0, RECVDISABLE= , USERNAME= domain\username, SEND= GET /tfs/_apis/health HTTP/1.1\r\nHost: pool\r\n, RECV_I= HTTP/1.1 200 OK, PASSWORD= <sensitive data redacted>,  [ tmm?=false td=true tr=false addr=::ffff:10.202.4.216:80 srcaddr=none mon=/Common/pool_monitor ]

    But the only response I see is:

    Probing monitor instance '/Common/pool_monitor' '/Common/node' 80 [ tmm?=false td=true tr=false addr=::ffff:10.202.4.216:80 srcaddr=none ]
    (main_loop [next_ping]) Closing logging file /var/log/monitors/Common_pool_monitor-Common_node-80.log
    (_do_ping): time to ping, now=[1611242324.368594][2021-01-21 16:18:44], status=UNKNOWN [ tmm?=false td=true tr=false addr=::ffff:10.202.4.216:80 mon=/Common/pool_monitor fd=-1 pend=0 #conn=0 up_intvl=5 dn_intvl=5 timeout=16 time_until_up=0 immed=0 next_ping=[1611242319.368236][2021-01-21 16:18:39] last_ping=[1611242322.638621][2021-01-21 16:18:42] deadline=[1611242340.368236][2021-01-21 16:19:00] on_service_list=True snd_cnt=0 rcv_cnt=0 ]
    (_do_ping): probing with tmm [ tmm?=true td=true tr=false tmm_mid=1:0 addr=::ffff:10.202.4.216:80 srcaddr=none ]
    (_do_ping): post ping, status=UNKNOWN [ tmm?=true td=true tr=false tmm_mid=1:0 addr=::ffff:10.202.4.216:80 mon=/Common/pool_monitor fd=-1 pend=0 #conn=0 up_intvl=5 dn_intvl=5 timeout=16 time_until_up=0 immed=0 next_ping=[1611242329.368236][2021-01-21 16:18:49] last_ping=[1611242324.3685
    94][2021-01-21 16:18:44] deadline=[1611242340.368236][2021-01-21 16:19:00] on_service_list=True snd_cnt=1 rcv_cnt=0 ]
    TMM::handle_message(TMA_Message<tma_msg_args_notify>*): tmm monitor indicates service down [ tmm?=true td=true tr=false tmm_mid=1:26 addr=::ffff:10.202.4.216:80 srcaddr=none ]
    (main_loop [next_ping]) Closing logging file /var/log/monitors/Common_pool_monitor-Common_node-80.log

    I'm used to seeing the actual response string from the server, but in this case, this is the only response I see in the monitoring logfile.