UDP Health Monitor

Overview

This article covers the specific configuration for UDP health monitor type. Refer Overview of Health Monitors article for general monitor information, implementation, and other monitor types.

Send a UDP datagram to the server, then match the server’s response against the expected response data.

Creating a UDP Health Monitor

To create a UDP health monitor,

  1. From the NSX Advanced Load Balancer UI, navigate to Templates > Profiles > Health Monitors.

  2. Click on Create to open the CREATE HEALTH MONITOR screen.

  3. Under the General tab, enter the basic information about the health monitor. Note: Select UDP to view the UDP-specific settings.

  4. Configure the UDP settings.

  5. Configure the Server Maintenance Mode settings.

  6. Configure Role-Based Access Control (RBAC).

  7. Click Save to complete the HTTPS health monitor creation.

Configuring General Settings

Under the General tab of the CREATE HEALTH MONITOR screen, configure the following:

  1. Enter a unique Name for the monitor.

  2. Enter a Description.

  3. Select UDP as the Type of Health Monitor.
    Note: Once the Type of Monitor is selected, options specific to the health monitor type are displayed.

  4. Select the option Is Federated? to replicate the object across the GSLB federation. When this option is not selected, the object is visible within the Controller-cluster and its associated SEs. This option is enabled only when GSLB is activated. A federated health monitor is used for GSLB purposes while it is not applicable for a regular (non-federated) health-monitor. A GSLB service cannot be associated with a regular (non-federated) health monitor, because GSLB service is a federated object, while the health monitor is not. Conversely, a pool cannot be associated with a federated health monitor because the pool is not a federated object.

  5. Enter the Send Interval value (in seconds). This value determines how frequently the health monitor initiates an active check of a server. The frequency range is 1 to 3600.

  6. Enter the Receive Timeout value (in seconds). The server must return a valid response to the health monitor within the specified time limit. The receive timeout range is 1 to 2400 or the send interval value minus 1 second.
    Note: If the status of a server continually flips between up and down, this may indicate that the receive timeout is too aggressive for the server.

  7. Enter Successful Checks. This is the number of consecutive health checks that must succeed before NSX Advanced Load Balancer marks a down server as up. The minimum is 1, and the maximum is 50.

  8. Enter Failed Checks. This is the number of consecutive health checks that on failing, NSX Advanced Load Balancer marks a server as down. The minimum is 1, and the maximum is 50.

    UDP Health Monitor

Configuring UDP Settings

Under the UDP tab, configure the following:

  1. Specify a Health Monitor Port that should be used for the health check. When this field is blank, the default port configured for the server will be used. When it is specified, clients may be directed to a different port than what is monitored.

  2. Use the section Client Request Header and Server Response Data to input a UDP request and the keywords to look for in the UDP response.

    UDP Health Monitor

Configuring Server Maintenance Mode

Custom server response can be used to mark a server as disabled. During this time, health checks will continue, and servers operate the same as if manually disabled, which means existing client flows are allow to continue, but new flows are sent to other available servers. Once a server stops responding with the maintenance string it will be brought online, being marked up or down as it normally would based on the server response data.

This feature allows an application owner to remove all connections from a server prior to taking the server offline without the requirement to log into Avi Vantage to first place the server in disabled state.

Under Maintenance Server Response Data enter the match for a keyword to find in the first 2kb of the server header and body response. If the defined string is seen in the server response, the server is placed in maintenance mode. The health checks will continue, and servers operate the same as if manually disabled, which means existing client flows are allowed to continue, but new flows are sent to other available servers. Once a server stops responding with the maintenance string, it will be noticed by the subsequent health monitors and will be brought online, being marked up or down as it normally would, based on the server response data. A manually disabled server does not receive health checks and is not automatically re-enabled.

See the Detecting Server Maintenance Mode for an example configuration.

Configuring RBAC

  1. Under the Role-Based Access Control (RBAC) section, configure labels to control access to the health monitor based on the defined roles:
    1. Click Add.
    2. Enter the Key and the corresponding values. TCP Health Monitor

See Granular RBAC for more information.

Example of a UDP Health Monitor

The example below discusses how to configure a health monitor to monitor an NTP server.

1) Have a UDP health monitor with a request string and response string specified (this is the recommended option) as follows:

a) Request string — You can specify the request string as #000000000000000000000000000000000000000%NTPMON%.

b) Response string — You can specify the response string as NTPMON.

UDP Health Monitor

If you do not send any response, then the UDP health checks will fail with port-unreachable ICMP responses.