ServerIron ADX Server Load Balancing Guide
Release 12.0.00
June 15, 2009

Table of Contents Previous Next Print


Health Checks > SSL Health Checks

SSL Health Checks
The ServerIron ADX supports two kinds of SSL health checking methods:
The Simple method sends the server an SSL client hello with the SSL SID set to 0. If the server responds, then the server passes the health check. The ServerIron ADX then resets the connection and marks the SSL port ACTIVE.
The Complete method negotiates an SSL connection and sending a GET or HEAD request to the server once the connection is established. The GET or HEAD request specifies a page containing the URL of a page on the server. If the server responds with an acceptable status code, the ServerIron ADX resets the connection and marks the port ACTIVE.
Configuring SSL Health Checks
To configure the ServerIron ADX to use the simple SSL health check, enter the following command:
ServerIron(config)# server use-simple-ssl-health-check
To use the complete SSL health check, enter the following command (notice the no):
ServerIron(config)# no server use-simple-ssl-health-check
Syntax: [no] server use-simple-ssl-health-check
Error Messages
The following error messages are related to SSL health check, after receiving SSL data while it cannot find the key to decrypt the data. The key is missing possibly due to a time out.
ssl_receive_data but tcb->ssl is null
SSL cleanup: can't find key ???
SSL interface: ssl_read_data return error !!!
ssl_receive_data but tcb->ssl is null
SSL cleanup: can't find key ???
SSL interface: ssl_read_data return error !!!
ssl_receive_data but tcb->ssl is null
SSL cleanup: can't find key ???
SSL interface: ssl_read_data return error !!!
The ServerIron ADX normally stops processing the rest of the data and releases the SSL control block data structure. However when the ServerIron ADX does not do that, the ServerIron ADX finds the SSL data structure is null and prints these messages.

Health Checks > SSL Health Checks

Table of Contents Previous Next Print
Copyright © 2009 Brocade Communications Systems, Inc.