1 Reply Latest reply on Sep 21, 2018 5:34 AM by lhoffer

    NSX 6.0.2 LB - Setting up to monitor ports on both Windows Security servers

    dimarcusa12 Lurker

      We have two Windows 2012 Web\security server sitting behind the NSX firewall. Last month one quit responding to users when a windows update was installed. Yet the LB never saw the issue on the server that the ports were not responding. We have the monitoring of TCP on to the server pool with the server showing port 8443.

      What other ports need to be monitored to show the server is down and to stop allowing users to access if an issue arises?

      Can services be monitored by the LB?

      What else needs to be monitored by NSX LB for isolating the server when an issue arises?

        • 1. Re: NSX 6.0.2 LB - Setting up to monitor ports on both Windows Security servers
          lhoffer Hot Shot
          VMware EmployeesvExpert

          If you're using a TCP monitor it's just testing to see whether it can open a socket on the pool member so doesn't verify whether the underlying process/service is working and responding to users (really just useful for verifying that the VM is on and that its network stack is operational).

           

          I don't know for sure if this was in place as far back as 6.0.2, which has been end of support for a while, but in all of the supported releases, if you're using TCP 8443 for an HTTPS service, you may be able to change the load balancer to utilize an HTTPS health check which will actually generate GET requests and verify that it's receiving 200 OK responses from the server.