If a back-end server will be unavailable for a long period, such as when a server is undergoing hardware repair, it is experiencing extended downtime, or when you have removed a server from the server pool, you can improve the performance of your FortiWeb appliance by disabling the back-end server, rather than allowing the server health check to continue to check for responsiveness. For details, see “config server-policy server-pool”. |
Variable | Description | Default |
<health-check_name> | Type the name of the server health check. The maximum length is 35 characters. To display the list of existing server health checks, type: edit ? | No default. |
trigger <trigger-policy_name> | Type the name of the trigger to apply when the health check detects a failed server (see “config log trigger-policy”). The maximum length is 35 characters. To display the list of existing trigger policies, type: set trigger ? | No default. |
relationship {and |or} | • and — FortiWeb considers the server to be responsive when it passes all the tests in the list. • or — FortiWeb considers the server to be responsive when it passes at least one of the tests in the list. | and |
<entry_index> | Type the index number of the individual rule in the table. The valid range is from 1 to 16. | No default. |
type {icmp | tcp | http | https} | • icmp — Send ICMP type 8 (ECHO_REQUEST) and listen for either ICMP type 0 (ECHO_RESPONSE) indicating responsiveness, or timeout indicating that the host is not responsive. • tcp — Send TCP SYN and listen for either TCP SYN ACK indicating responsiveness, or timeout indicating that the host is not responsive. • http — Send an HTTP request and listen for the code specified by response-code, the page content specified by match-content, or both the code and the content, or timeout indicating that the host is not responsive. Apply to server pool members only if the SSL setting for the member is disabled. • http — Send an HTTP request and listen for the code specified by response-code, the page content specified by match-content, or both the code and the content, or timeout indicating that the host is not responsive. Apply to server pool members only if the SSL setting for the member is enabled. | ping |
time-out <seconds_int> | Type the number of seconds which must pass after the server health check to indicate a failed health check. The valid range is from 1 to 10 seconds. | 3 |
retry-times <retries_int> | Type the number of times, if any, a failed health check will be retried before the server is determined to be unresponsive. The valid range is from 1 to 10 retries. | 3 |
interval <seconds_int> | Type the number of seconds between each server health check. The valid range is from 1 to 10 seconds. | 10 |
url-path <request_str> | Type the URL, such as /index.html, that FortiWeb uses in the HTTP/HTTPS request to verify the responsiveness of the server. If the web server successfully returns this URL, and its content matches the expression specified by match-content, FortiWeb considers it to be responsive. Available when type is http or https. | No default. |
method {get | head | post} | Specify whether the health check uses the HEAD, GET, or POST method. Available when type is http or https. | get |
match-type {response-code | match-content | all} | • response-code — If the web server successfully returns the URL specified by url-path and the code specified by response-code, FortiWeb considers the server to be responsive. • match-content — If the web server successfully returns the URL specified by url-path and its content matches the match-content value, FortiWeb considers the server to be responsive. • all — If the web server successfully returns the URL specified by url-path and its content matches the match-content value, and the code specified by response-code, FortiWeb considers the server to be responsive. Available when type is http or https. | match-content |
response-code {response-code_int} | Enter the response code that you require the server to return to confirm that it is available, if match-type is response-code or all. Available when type is http or https. | 200 |
match-content {match-content_str} | Enter a regular expression that matches the content that must be present in the HTTP reply to indicate proper server connectivity, if match-type is match-content or all. Available when type is http or https. | No default. |