Fortinet Document Library

Version:


Table of Contents

CLI Reference

6.0.6
Download PDF
Copy Link

firewall ldb-monitor

Use this command to configure health check settings.

Health check settings can be used by load balancing VIPs to determine if a real server is currently responsive before forwarding traffic. One health check is sent per interval using the specified protocol, port and HTTP-GET, where applicable to the protocol. If the server does not respond during the timeout period, the health check fails and, if retries are configured, another health check is performed. If all health checks fail, the server is deemed unavailable, and another real server is selected to receive the traffic according to the selected load balancing algorithm.

Health check settings can be re-used by multiple real servers. For details on enabling health checking and using configured health check settings, see firewall {vip | vip6}.

config firewall ldb-monitor
    edit {name}
    # Configure server load balancing health monitors.
        set name {string}   Monitor name. size[35]
        set type {ping | tcp | http}   Select the Monitor type used by the health check monitor to check the health of the server (PING | TCP | HTTP).
                ping  PING health monitor.
                tcp   TCP-connect health monitor.
                http  HTTP-GET health monitor.
        set interval {integer}   Time between health checks (5 - 65635 sec, default = 10). range[5-65535]
        set timeout {integer}   Time to wait to receive response to a health check from a server. Reaching the timeout means the health check failed (1 - 255 sec, default = 2). range[1-255]
        set retry {integer}   Number health check attempts before the server is considered down (1 - 255, default = 3). range[1-255]
        set port {integer}   Service port used to perform the health check. If 0, health check monitor inherits port configured for the server (0 - 65635, default = 0). range[0-65535]
        set http-get {string}   URL used to send a GET request to check the health of an HTTP server. size[255]
        set http-match {string}   String to match the value expected in response to an HTTP-GET request. size[255]
        set http-max-redirects {integer}   The maximum number of HTTP redirects to be allowed (0 - 5, default = 0). range[0-5]
    next
end

Additional information

The following section is for those options that require additional explanation.

firewall ldb-monitor

Use this command to configure health check settings.

Health check settings can be used by load balancing VIPs to determine if a real server is currently responsive before forwarding traffic. One health check is sent per interval using the specified protocol, port and HTTP-GET, where applicable to the protocol. If the server does not respond during the timeout period, the health check fails and, if retries are configured, another health check is performed. If all health checks fail, the server is deemed unavailable, and another real server is selected to receive the traffic according to the selected load balancing algorithm.

Health check settings can be re-used by multiple real servers. For details on enabling health checking and using configured health check settings, see firewall {vip | vip6}.

config firewall ldb-monitor
    edit {name}
    # Configure server load balancing health monitors.
        set name {string}   Monitor name. size[35]
        set type {ping | tcp | http}   Select the Monitor type used by the health check monitor to check the health of the server (PING | TCP | HTTP).
                ping  PING health monitor.
                tcp   TCP-connect health monitor.
                http  HTTP-GET health monitor.
        set interval {integer}   Time between health checks (5 - 65635 sec, default = 10). range[5-65535]
        set timeout {integer}   Time to wait to receive response to a health check from a server. Reaching the timeout means the health check failed (1 - 255 sec, default = 2). range[1-255]
        set retry {integer}   Number health check attempts before the server is considered down (1 - 255, default = 3). range[1-255]
        set port {integer}   Service port used to perform the health check. If 0, health check monitor inherits port configured for the server (0 - 65635, default = 0). range[0-65535]
        set http-get {string}   URL used to send a GET request to check the health of an HTTP server. size[255]
        set http-match {string}   String to match the value expected in response to an HTTP-GET request. size[255]
        set http-max-redirects {integer}   The maximum number of HTTP redirects to be allowed (0 - 5, default = 0). range[0-5]
    next
end

Additional information

The following section is for those options that require additional explanation.