Configuring GSLB health check configurations - BlueCat Edge - Service Point v4.x.x

BlueCat Edge Deployment Guide
ft:locale
en-US
Product name
BlueCat Edge
Version
Service Point v4.x.x

The GSLB health check periodically polls IP addresses and domains to determine the health and status of the endpoints to determine the best route for DNS queries. You can configure the health check to use HTTP, HTTPS, TCP, TLS over TCP, or ICMP requests to determine the health.

Attention: You must have the BlueCat Edge GSLB license entitlements to create GSLB health check configurations. Verify that you have the correct licensing with your BlueCat Edge administrators before proceeding to configure this feature.

To configure the health check configuration:

  1. In the top navigation bar, click and select GSLB service > Health check configurations.
  2. To add a new GSLB health check configuration, click New.
  3. Enter the name of the GSLB health check configuration.
  4. Under Endpoints, enter the following information:
    • Under Protocol, select the protocol that you would like to use for the health check. The protocol can be one of the following:
      • HTTP
      • HTTPS
      • TCP
      • TLS over TCP
      • ICMP
      Depending on the protocol selected, different fields appear.
      1. Under IP addresses, enter the list of IP addresses for endpoints that you would link to perform health checks on.
      2. Under Hostname, enter the FQDN hostname used for the HTTP or HTTPS host header.
      3. Under Additional domains, enter a list of additional domains to which health check applies.
      4. Under Port, enter the port number that the health check configuration will use when performing the checks.
      5. Under Path, enter the query path that the health check will use to perform checks.
      1. Under IP addresses, enter the list of IP addresses for endpoints that you would link to perform health checks on.
      2. Under Domains, enter a list of domains to which health check applies.
      3. Under Port, enter the port number that the health check configuration will use when performing the checks.
      1. Under IP addresses, enter the list of IP addresses for endpoints that you would link to perform health checks on.
      2. Under Domains, enter a list of domains to which health check applies.
  5. Under Failure Threshold, enter the following failure criteria:
    • Under Success threshold, enter the number of consecutive health checks that the endpoint’s IP addresses must pass to mark its status as Healthy. Enter a value between 1 and 10. The default value is 1.
    • Under Failure threshold, enter the number of consecutive health checks that the endpoint’s IP addresses fails to mark its status as Unhealthy. Enter a value between 1 and 10. The default value is 1.
    Note: Each IP address is monitored separately and status changes apply only to the specific IP address being checked.
  6. Under Advanced configuration, enter advanced configuration options.

    Depending on the protocol selected, different fields appear.

    1. Under Interval, enter the interval between health checks, in milliseconds. Enter a value between 5000 and 300000 milliseconds. The default value is 30000 milliseconds.
    2. Under Max response time, enter the maximum amount of time that the health service will wait for a response before marking the IP address as Unhealthy, in milliseconds. Enter a value between 10 and 120000 milliseconds. The default value is 10000 milliseconds.
    3. Under Headers, enter HTTP headers used in the health check.
    4. (HTTPS-only) Select Enable SNI to enable Server Name Identification (SNI).
    5. (HTTPS-only) Select Ignore server certificate verification if you do not want to verify the remote server's certificate during the TLS handshake.
      Note: When selected, you do not need to upload a Trusted CA (certificate authority).
    6. (HTTPS-only) Under Trusted CA (certificate authority) upload the CA signing certificate of the server. This must be encoded in PEM or CER format.
    7. Under HTTP status codes, enter the expected HTTP status code that is returned to indicate a successful health check.
    8. Under Response string match, enter the expected response string snippet in the response body to indicate a successful health check.
    1. Under Interval, enter the interval between health checks, in milliseconds. Enter a value between 5000 and 300000 milliseconds. The default value is 30000 milliseconds.
    2. Under Max response time, enter the maximum amount of time that the health service will wait for a response before marking the IP address as Unhealthy, in milliseconds. Enter a value between 10 and 120000 milliseconds. The default value is 10000 milliseconds.
    3. (TLS over TCP-only) Select Enable SNI to enable Server Name Identification (SNI).
      Note: When selected, must enter an SNI host name.
    4. (TLS over TCP-only) Under SNI, enter the SNI host name.
    5. (TLS over TCP-only) Select Ignore server certificate verification if you do not want to verify the remote server's certificate during the TLS handshake.
      Note: When selected, you do not need to upload a Trusted CA (certificate authority).
    6. (TLS over TCP-only) Under Trusted CA (certificate authority) upload the CA signing certificate of the server. This must be encoded in PEM or CER format.
    1. Under Interval, enter the interval between health checks, in milliseconds. Enter a value between 5000 and 300000 milliseconds. The default value is 30000 milliseconds.
    2. Under Max response time, enter the maximum amount of time that the health service will wait for a response before marking the IP address as Unhealthy, in milliseconds. Enter a value between 10 and 120000 milliseconds. The default value is 10000 milliseconds.
    3. Under ICMP payload size, enter the payload size for the ICMP health check, in bytes.
  7. Click Save.