F5 Logo MyF5
Search
  1. MyF5 Home
  2. BIG-IP System: Prioritizing ICMP Health Monitor Traffic
  3. Prioritizing ICMP Health Monitor Traffic
Manual Chapter : Prioritizing ICMP Health Monitor Traffic

Applies To:

Show Versions Show Versions

BIG-IP LTM

  • 17.1.1, 17.1.0, 17.0.0, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.10, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0
Manual Chapter

Prioritizing ICMP Health Monitor Traffic

Overview: Raising the priority of ICMP health monitor traffic

To minimize the chance that ICMP health monitor traffic is dropped when traffic congestion occurs, you can configure the BIG-IP system to prioritize ICMP health monitor traffic over other types of traffic. This prioritization works whether congestion occurs at the BIG-IP switch, at a high-speed bridge (HSB), or on a TMM instance.
With this feature, the BIG-IP system treats ICMP health monitor traffic (both ingress and egress) as the highest priority of all traffic on the system.
Some key things to note:
  • When the feature is enabled, ICMP health monitor traffic is prioritized whether or not Class of Service/Quality of Service (CoS/QoS) is configured on the system.
  • You enable or disable the prioritization of ICMP health monitor traffic on a global (system-wide) basis. Therefore, when you enable the feature on a VIPRION system, the prioritization is enabled on all blades in the chassis, rather than per blade.
  • In a high-availability configuration, the Device Service Clustering (DSC) feature syncs ICMP health monitor prioritization across all members of a BIG-IP device group, using the standard DSC config sync mechanism.
  • When enabled, the prioritization of ICMP health monitor traffic functions correctly with any combination of BIG-IP modules provisioned on the BIG-IP system. This means that the prioritization feature does not require any particular module or modules to be provisioned.
  • The prioritization of ICMP health monitor traffic functions correctly even when the BIG-IP system is configured to prioritize ARP/NDP traffic.

Create a VLAN

An essential task in configuring the BIG-IP system is to create VLANs. To prioritize ICMP health monitor traffic, you must create a VLAN and associate it with an interface on the BIG-IP system. Later, you will create a self IP address and associate it with this VLAN.
  1. On the Main tab of the BIG-IP Configuration utility, click
    Network
    VLANs
    .
    The VLAN List screen opens.
  2. Click
    Create
    .
    The New VLAN screen opens.
  3. Type a
    Name
     for the VLAN, such as
    external
    .
  4. In the
    Tag
     field, type a numeric tag, between 1-4094, for the VLAN, or leave the field blank if you want the BIG-IP system to automatically assign a VLAN tag.
    The VLAN tag identifies the traffic from hosts in the associated VLAN.
  5. For the
    Interfaces
     setting:
    1. From the
      Interface
       list, select an interface number.
    2. From the
      Tagging
       list, select
      Untagged
      .
    3. Click
      Add
      .
  6. Configure all other settings as needed.
  7. Click
    Finished
    .
After you complete this task, the BIG-IP system configuration contains a VLAN that it can associate with a self IP address for managing traffic to and from the system.

Create a self IP address

Before you create a self IP address, ensure that you have created at least one VLAN.
To enable the BIG-IP system to route traffic through a VLAN, you must create a self IP address and associate it with the VLAN.
When configuring the BIG-IP system to prioritize ICMP health monitor traffic, you must limit the number of self IP addresses on the system to 64.
  1. On the Main tab, click
    Network
    Self IPs
    .
  2. Click
    Create
    .
    The New Self IP screen opens.
  3. In the
    Name
     field, type a unique name for the self IP address.
  4. In the
    IP Address
     field, type an IPv4 or IPv6 address.
    This IP address should represent the address space of the VLAN that you specify with the
    VLAN/Tunnel
     setting.
  5. In the
    Netmask
     field, type the full network mask for the specified IP address.
  6. From the
    VLAN/Tunnel
     list, select the VLAN to associate with this self IP address.
  7. From the
    Port Lockdown
     list, select
    Allow Default
    .
  8. From the
    Traffic Group
     list, select a floating traffic group.
    This ensures that the BIG-IP system can continue to process traffic if failover occurs.
  9. From the
    Service Policy
     list, retain the default value of
    None
    , or select a policy to associate with the self IP address.
    A service policy contains a timer policy, which defines custom timeouts for matched traffic types.
  10. Click
    Finished
    .
    The screen refreshes, and displays the new self IP address.
After you perform this task, the BIG-IP system can send and receive traffic through the specified VLAN.

Create a pool that specifies an ICMP health monitor

  1. On the Main tab, click
    Local Traffic
    Pools
    .
    The Pool List screen opens.
  2. Click
    Create
    .
    The New Pool screen opens.
  3. In the
    Name
     field, type a unique name for the pool.
  4. For the
    Health Monitors
     setting, in the
    Available
     box, select
    gateway_icmp
     and move it to the
    Active
     box.
  5. Using the
    New Members
     setting, add each resource that you want to include in the pool:
    1. Select
      Node List
      .
    2. For the
      Address
       option, select the IP address of the web application server.
    3. For the
      Service Port
       option, select a service port from the list.
    4. Click
      Add
      .
      The added pool member appears in the displayed table.
    5. Repeat the process until all pool members are added.
  6. Click
    Finished
    .
After you complete this task, the BIG-IP configuration includes a pool in which a Gateway ICMP monitor is assigned to each pool member.

Create a virtual server

You can use this procecdure to create a virtual server that references a pool that has a Gateway ICMP health monitor assigned to it.
  1. On the Main tab, click
    Local Traffic
    Virtual Servers
    .
    The Virtual Server List screen opens.
  2. Click the
    Create
     button.
    The New Virtual Server screen opens.
  3. In the
    Name
     field, type a unique name for the virtual server.
  4. Type a destination and network mask.
  5. Type or select a service port.
  6. Configure all other relevant settings
  7. In the Resources area of the screen, from the
    Default Pool
     list, select the name of the pool you created earlier.
    This pool has a Gateway ICMP health monitor assigned to it.
  8. Click
    Finished
    .
After you complete this task, the BIG-IP system configuration includes a virtual server that sends traffic to a pool that has a Gateway ICMP monitor assigned to it.

Set the global prioritization value

Before doing this task, make sure that your BIG-IP user account grants you permission to access the TMOS shell (
tmsh
).
In the TMOS Shell, you can use the command
dag-globals
 to globally raise the priority for ICMP health monitor traffic leaving or entering the BIG-IP system. Specifically, you can configure the BIG-IP system to:
  • Raise the priority of all ICMP health monitor requests that specify a self IP address as a source address.
  • Raise the priority of all ICMP health monitor replies that specify a self IP address as a destination address.
This global prioritization works for both ICMPv4 and ICMPv6 traffic. To raise the priority level of ICMP health monitor traffic, follow these steps.
  1. Using the BIG-IP system's management IP address, open a console window.
  2. If the system displays a Bash prompt, type
    tmsh
    . Otherwise, you can skip this step.
  3. At the
    tmsh
     prompt, type
    modify net dag-globals icmp-monitor-priority high
     and press Enter.
    If you need to restore this command to its default setting for any reason, type
    modify net dag-globals icmp-monitor-priority normal
     and press Enter.
  4. Type
    Save
    .
After you have completed this task, including setting the ICMP health monitor priority to
high
, the BIG-IP system is configured to raise the priority of ICMP health monitor requests and replies passing through the BIG-IP system.
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information