Table Of Contents

Configuring Keepalives

Logging in to the CLI and Enabling Privileged EXEC Mode

Modifying Global Keepalive Properties

Default Global Keepalive Properties and Settings

Modifying ICMP Global Keepalive Settings

Modifying TCP Global Keepalive Settings

Modifying HTTP HEAD Global Keepalive Settings

Modifying KAL-AP Global Keepalive Settings

Modifying CRA Global Keepalive Settings

Modifying Name Server Global Keepalive Settings

Displaying Global Keepalive Properties

Configuring Shared VIP Keepalives

Configuring ICMP Shared Keepalives

Configuring TCP Shared Keepalives

Configuring HTTP HEAD Shared Keepalives

Configuring KAL-AP Shared Keepalives

Deleting a Shared Keepalive

Displaying Shared Keepalive Properties

Where to Go Next

Configuring Keepalives

---

This chapter describes how to configure keepalives on your GSS network. A keepalive is a method by which the GSS periodically checks to see if a resource associated with an answer is still active.

The GSS uses keepalives to collect and track information from the simple online status of VIPs to services and applications running on a server. You can configure a keepalive to continually monitor the online status of a resource and report that information to the primary GSSM.

Depending on the type of answer being tracked, the GSS also monitors load and connection information on SLBs and then uses this information to perform load-based redirection.

This chapter contains the following major sections:

•Logging in to the CLI and Enabling Privileged EXEC Mode

•Modifying Global Keepalive Properties

•Displaying Global Keepalive Properties

•Configuring Shared VIP Keepalives

•Deleting a Shared Keepalive

•Displaying Shared Keepalive Properties

•Where to Go Next

Logging in to the CLI and Enabling Privileged EXEC Mode

---

Note To log in and enable privileged EXEC mode in the GSS, you must be a configured user with admin privileges. Refer to the Cisco Global Site Selector Administration Guide for information on creating and managing user accounts.

---

To log in to the primary GSSM and enable privileged EXEC mode at the CLI:

1. If you are remotely logging in to the primary GSSM through Telnet or SSH, enter the host name or IP address of the GSSM to access the CLI.

If you are using a direct serial connection between your terminal and the GSSM, use a terminal emulation program to access the CLI. For details about making a direct connection to the GSS device using a dedicated terminal and about establishing a remote connection using SSH or Telnet, refer to the Cisco Global Site Selector Getting Started Guide.

2. Specify your GSS administrative username and password to log in to the GSSM. The CLI prompt appears.

gssm1.example.com> 

3. At the CLI prompt, enable privileged EXEC mode as follows:

gssm1.example.com> enable

gssm1.example.com# 

Modifying Global Keepalive Properties

The GSS includes a set of global keepalive properties that function as the default (or minimum) values used by the GSS. If desired, you can modify the global keepalive properties for the GSS by entering CLI commands in the global server load-balancing configuration mode. Changing a global keepalive property and applying that change immediately modifies the default values of the keepalives currently in use by the GSS. For example, if a VIP answer uses a TCP keepalive with all of its associated defaults and you change the default port value from port 80 to port 23, port 23 automatically becomes the default for the TCP keepalive.

---

Note You can also modify keepalive properties associated with an answer by changing keepalive properties in the answer configuration mode. Refer to the "Configuring and Modifying Answers" section in Chapter 6, , Configuring Answers and Answer Groups for more information.

---

To modify keepalive properties, use the keepalive-properties command in global server load-balancing configuration mode. The syntax for this command is:

keepalive-properties {cra | http-head | icmp | kalap | ns | tcp}

Specify the appropriate keepalive option type (cra, http-head, icmp, kalap, ns, and tcp) to modify keepalive settings. For detailed information about modifying and displaying global keepalive settings, refer to the following sections:

•Default Global Keepalive Properties and Settings

•Modifying ICMP Global Keepalive Settings

•Modifying TCP Global Keepalive Settings

•Modifying HTTP HEAD Global Keepalive Settings

•Modifying KAL-AP Global Keepalive Settings

•Modifying CRA Global Keepalive Settings

•Modifying Name Server Global Keepalive Settings

•Displaying Global Keepalive Properties

Default Global Keepalive Properties and Settings

Table 5-1 lists the GSS keepalive properties for all keepalive types, and provides their default global settings. Where applicable, both Standard and Fast failure detection mode default settings are provided. The default Standard settings provide a keepalive failure detection time of 60 seconds. The default Fast settings provide a keepalive failure detection time of 4 seconds.

Table 5-1 Default Global Keepalive Properties and Settings

ICMP Global Keepalive Properties—Standard Failure Detection Mode
Property	Default Global Setting
min-interval	40 seconds
ICMP Global Keepalive Properties—Fast Failure Detection Mode
Property	Default Global Setting
retries	1
successful probes	1
TCP Global Keepalive Properties—Standard Failure Detection Mode
Property	Default Global Setting
port	80
termination	reset
timeout	20 seconds
min-interval	40 seconds
TCP Global Keepalive Properties—Fast Failure Detection Mode
Property	Default Global Setting
port	80
termination	reset
retries	1
successful probes	1
HTTP HEAD Global Keepalive Properties—Standard Failure Detection Mode
Property	Default Global Setting
port	80
path	/
termination	reset
timeout	20 seconds
min-interval	40 seconds
HTTP HEAD Global Keepalive Properties—Fast Failure Detection Mode
Property	Default Global Setting
port	80
path	"/"
termination	reset
retries	1
successful probes	1
KAL-AP Global Keepalive Properties—Standard Failure Detection Mode
Property	Default Global Setting
capp-key	hash-not-set
min-interval	40 seconds
KAL-AP Global Keepalive Properties—Fast Failure Detection Mode
Property	Default Global Setting
capp-key	hash-not-set
retries	1
successful probes	1
CRA Global Keepalive Properties
Property	Default Global Setting
cra-timing-decay	2
min-interval	10 seconds
Name Server Global Keepalive Properties
Property	Default Global Setting
query-domain	"."
min-interval	10 seconds

Modifying ICMP Global Keepalive Settings

To modify the ICMP global keepalive configuration settings, perform the steps that follow. See "Default Global Keepalive Properties and Settings" for a list of all default global keepalive settings.

1. If desired, use the show gslb-config keepalive-properties command to display the current property settings and failure detection mode for existing keepalives. See the "Displaying Global Keepalive Properties" section for more information.

You can modify an ICMP keepalive properties by changing either the Standard or Fast failure detection mode properties. The requirements for your network should determine which failure detection mode (Fast or Standard) properties to modify.

---

Note The GSS supports a maximum of 750 ICMP keepalives when using the standard detection method and a maximum of 150 ICMP keepalives when using the fast detection method.

---

For more information on keepalive detection time, refer to the "Keepalives"section in Chapter 1, , Introducing the Global Site Selector.

2. To change ICMP Standard settings, use the keepalive-properties icmp standard min-interval command in global server load-balancing configuration mode.

The syntax of this command is:

keepalive-properties icmp standard min-interval number

The min-interval number variable specifies the minimum frequency with which the GSS attempts to schedule ICMP keepalives. The valid entries are 40 to 255 seconds. The default is 40.

For example, enter:

gssm1.example.com(config)# gslb

gssm1.example.com(config-gslb)# keepalive-properties icmp standard 
min-interval 60

To reset the keepalive properties to the default settings, enter:

gssm1.example.com(config-gslb)# no keepalive-properties icmp 
standard min-interval 60

3. To change ICMP Fast settings, use the keepalive-properties icmp fast command in global server load-balancing configuration mode.

The syntax of this command is:

keepalive-properties icmp fast {retries number | successful-probes number}

The options and variables are:

•retries number—Specifies the number of times the GSS retransmits an ICMP echo request packet before declaring the device offline. As you adjust the retries value, you change the detection time determined by the GSS. By increasing the number of retries, you increase the detection time. Reducing the number of retries has the reverse effect. The valid entries are 1 to 10 retries. The default is 1.

•successful-probes number—Specifies the number of consecutive successful ICMP keepalive attempts (probes) that must be recognized by the GSS before bringing an answer back online. The valid entries are 1 to 5 attempts. The default is 1.

For example, enter:

gssm1.example.com(config)# gslb

gssm1.example.com(config-gslb)# keepalive-properties icmp fast 
retries 3 successful-probes 2

To reset the keepalive properties to the default settings, enter:

gssm1.example.com(config-gslb)# no keepalive-properties icmp fast 
retries 3 successful-probes 2

Modifying TCP Global Keepalive Settings

To modify the TCP global keepalive configuration settings, perform the steps that follow. See "Default Global Keepalive Properties and Settings" for a list of all default global keepalive settings.

1. If desired, use the show gslb-config keepalive-properties command to display the current property settings and failure detection mode for existing keepalives. See the "Displaying Global Keepalive Properties" section for more information.

You can modify a TCP keepalive properties by changing either Standard or Fast failure detection mode properties. The requirements for your network should determine which failure detection mode (Fast or Standard) properties to modify.

---

Note The GSS supports a maximum of 1500 TCP keepalives when using the standard detection method and a maximum of 150 TCP keepalives when using the fast detection method.

---

For more information on keepalive detection time, refer to the "Keepalives"section in Chapter 1, , Introducing the Global Site Selector.

2. To change TCP Standard settings, use the keepalive-properties tcp standard command in global server load-balancing configuration mode.

The syntax of this command is:

keepalive-properties tcp standard {min-interval number} | port number | termination {graceful | reset} | timeout number}}

The options and variables are:

•min-interval number—Specifies the minimum frequency with which the GSS attempts to schedule TCP keepalives. The valid entries are 40 to 255 seconds. The default is 40.

•port number—Specifies the port on the remote device that is to receive the TCP-type keepalive request from the GSS. The valid entries are 1 to 65535. The default port is 80.

•termination—Specifies one of the following TCP keepalive connection termination methods:

–graceful—The GSS initiates the graceful closing of a TCP connection by using the standard three-way connection termination method.

–reset—The GSS immediately terminates the TCP connection by using a hard reset. If you do not specify a connection termination method, the GSS uses this method type.

•timeout—Specifies the length of time allowed before the GSS retransmits data to a device that is not responding to a request. The valid entries are 20 to 60 seconds. The default is 20.

For example, enter:

gssm1.example.com(config)# gslb

gssm1.example.com(config-gslb)# keepalive-properties tcp standard 
min-interval 60 timeout 25

To reset the keepalive properties to the default settings, enter:

gssm1.example.com(config-gslb)# no keepalive-properties tcp 
standard min-interval 60 timeout 25

3. To change TCP Fast settings, use the keepalive-properties tcp fast command in global server load-balancing configuration mode.

The syntax of this command is:

keepalive-properties tcp fast {port number | retries number | successful-probes number | termination {graceful | reset}}

The options and variables are:

•port number—Specifies the port on the remote device that is to receive the TCP-type keepalive request from the GSS. The valid entries are 1 to 65535. The default port is 80.

•retries number—Specifies the number of times the GSS retransmits a TCP packet before declaring the device offline. As you adjust the retries value, you change the detection time determined by the GSS. By increasing the number of retries, you increase the detection time. Reducing the number of retries has the reverse effect. The valid entries are 1 to 10 retries. The default is 1.

---

Note When using Graceful termination, there are two packets that require acknowledgement: SYN and FIN.

---

•successful-probes number—Specifies the number of consecutive successful TCP keepalive attempts (probes) that must be recognized by the GSS before bringing an answer back online. The valid entries are 1 to 5 attempts. The default is 1.

•termination—Specifies one of the following TCP keepalive connection termination methods:

–graceful—The GSS initiates the graceful closing of a TCP connection by using the standard three-way connection termination method.

–reset—The GSS immediately terminates the TCP connection by using a hard reset. If you do not specify a connection termination method, the GSS uses this method type.

For example, enter:

gssm1.example.com(config)# gslb

gssm1.example.com(config-gslb)# keepalive-properties tcp fast 
retries 3 successful-probes 2 termination graceful

To reset the keepalive properties to the default settings, enter:

gssm1.example.com(config-gslb)# no keepalive-properties tcp fast 
retries 3 successful-probes 2 termination graceful

Modifying HTTP HEAD Global Keepalive Settings

To modify the HTTP HEAD global keepalive configuration settings, perform the steps that follow. See the "Default Global Keepalive Properties and Settings" section for a list of all default global keepalive settings.

1. If desired, use the show gslb-config keepalive-properties command to display the current property settings and failure detection mode for existing keepalives. See the "Displaying Global Keepalive Properties" section for more information.

You can modify an HTTP HEAD keepalive properties by changing either the Standard or Fast failure detection mode properties. The requirements for your network should determine which failure detection mode (Fast or Standard) properties to modify.

---

Note The GSS supports a maximum of 500 HTTP HEAD keepalives when using the standard detection method and a maximum of 100 HTTP HEAD keepalives when using the fast detection method.

---

For more information on keepalive detection time, refer to the "Keepalives"section in Chapter 1, , Introducing the Global Site Selector.

2. To change HTTP HEAD Standard settings, use the keepalive-properties http-head standard command in global server load-balancing configuration mode.

The syntax of this command is:

keepalive-properties http-head standard {min-interval number} | path path | port number | termination {graceful | reset} | timeout number}}

The options and variables are:

•min-interval number—Specifies the minimum frequency with which the GSS attempts to schedule HTTP HEAD keepalives. The valid entries are 40 to 255 seconds. The default is 40.

•path path—Specifies the server website queried in the HTTP HEAD request (for example, /company/owner). The default path "/" specifies the virtual root of the webserver.

•port number—Specifies the port on the remote device that is to receive the HTTP HEAD-type keepalive request from the GSS. The valid entries are 1 to 65535. The default port is 80.

•termination—Specifies one of the following HTTP HEAD keepalive connection termination methods:

–graceful—The GSS initiates the graceful closing of an HTTP HEAD connection by using the standard three-way connection termination method.

–reset—The GSS immediately terminates the TCP-formatted HTTP HEAD connection by using a hard reset. If you do not specify a connection termination method, the GSS uses this method type.

•timeout—Specifies the length of time allowed before the GSS retransmits data to a device that is not responding to a request. The valid entries are 20 to 60 seconds. The default is 20.

For example, enter:

gssm1.example.com(config)# gslb

gssm1.example.com(config-gslb)# keepalive-properties http-head 
standard min-interval 60 path /COMPANY/OWNER

To reset the keepalive properties to the default settings, enter:

gssm1.example.com(config-gslb)# no keepalive-properties http-head 
standard min-interval 60 path /COMPANY/OWNER

3. To change HTTP HEAD Fast settings, use the keepalive-properties http-head fast command in global server load-balancing configuration mode.

The syntax of this command is:

keepalive-properties http-head fast {path path | port number | retries number | successful-probes number | termination {graceful | reset}}

The options and variables are:

•path path—Specifies the server website queried in the HTTP HEAD request (for example, /company/owner). The default path "/" specifies the virtual root of the webserver.

•port number—Specifies the port on the remote device that is to receive the HTTP HEAD-type keepalive request from the GSS. The valid entries are 1 to 65535. The default port is 80.

•retries number—Specifies the number of times the GSS retransmits an HTTP HEAD packet before declaring the device offline. As you adjust the retries value, you change the detection time determined by the GSS. By increasing the number of retries, you increase the detection time. Reducing the number of retries has the reverse effect. The valid entries are 1 to 10 retries. The default is 1.

---

Note When using graceful termination, there are three packets that require acknowledgement: SYN, HEAD, and FIN.

---

•successful-probes number—Specifies the number of consecutive successful HTTP HEAD keepalive attempts (probes) that must be recognized by the GSS before bringing an answer back online. The valid entries are 1 to 5 attempts. The default is 1.

•termination—Specifies one of the following HTTP HEAD keepalive connection termination methods:

–graceful—The GSS initiates the graceful closing of an HTTP HEAD connection by using the standard three-way connection termination method.

–reset—The GSS immediately terminates the TCP-formatted HTTP HEAD connection by using a hard reset. If you do not specify a connection termination method, the GSS uses this method type.

For example, enter:

gssm1.example.com(config)# gslb

gssm1.example.com(config-gslb)# keepalive-properties http-head 
fast path /COMPANY/OWNER retries 2 successful-probes 2

To reset the keepalive properties to the default settings, enter:

gssm1.example.com(config-gslb)# no keepalive-properties http-head 
fast path /COMPANY/OWNER retries 2 successful-probes 2

Modifying KAL-AP Global Keepalive Settings

To modify the KAL-AP global keepalive configuration settings, perform the steps that follow. See the "Default Global Keepalive Properties and Settings" section for a list of all global keepalive settings.

1. If desired, use the show gslb-config keepalive-properties command to display the current property settings and failure detection mode for existing keepalives. See the Displaying Global Keepalive Properties section for more information.

You can modify an KAL-AP keepalive properties by changing either the Standard or Fast failure detection mode properties. The requirements for your network should determine which failure detection mode (Fast or Standard) properties to modify.

---

Note The GSS supports a maximum of 128 primary and 128 secondary KAL-AP keepalives when using the standard detection method and a maximum of 40 primary and 40 secondary KAL-AP keepalives when using the fast detection method.

---

For more information on keepalive detection time, refer to the "Keepalives"section in Chapter 1, , Introducing the Global Site Selector.

2. To change KAL-AP Standard settings, use the keepalive-properties kalap standard command in global server load-balancing configuration mode.

The syntax of this command is:

keepalive-properties kalap standard {capp-key key | min-interval number}

The options and variables are:

•capp-key key—Specifies the secret key to be used for Content and Application Peering Protocol (CAPP) encryption. The alphanumeric string you enter is used to encrypt interbox communications using CAPP. You must also configure the same encryption value on the Cisco CSS or CSM.

•min-interval number—Specifies the minimum frequency with which the GSS attempts to schedule KAL-AP keepalives. The valid entries are 40 to 255 seconds. The default is 40.

For example, enter:

gssm1.example.com(config)# gslb

gssm1.example.com(config-gslb)# keepalive-properties kalap 
standard capp-key SECRET-KEY-101 min-interval 80

To reset the keepalive properties to the default settings, enter:

gssm1.example.com(config-gslb)# no keepalive-properties kalap 
standard capp-key SECRET-KEY-101 min-interval 80

3. To change KAL-AP Fast settings, use the keepalive-properties kalap fast command in global server load-balancing configuration mode.

The syntax of this command is:

keepalive-properties kalap fast {capp-key key | retries number | successful-probes number}

The options and variables are:

•capp-key key—Specifies the secret key to be used for Content and Application Peering Protocol (CAPP) encryption. The alphanumeric string you enter is used to encrypt interbox communications using CAPP. You must also configure the same encryption value on the Cisco CSS or CSM.

•retries number—Specifies the number of times the GSS retransmits an KAL-AP packet before declaring the device offline. As you adjust the retries value, you change the detection time determined by the GSS. By increasing the number of retries, you increase the detection time. Reducing the number of retries has the reverse effect. The valid entries are 1 to 10 retries. The default is 1.

•successful-probes number—Specifies the number of consecutive successful KAL-AP keepalive attempts (probes) that must be recognized by the GSS before bringing an answer back online. The valid entries are 1 to 5 attempts. The default is 1.

For example, enter:

gssm1.example.com(config)# gslb

gssm1.example.com(config-gslb)# keepalive-properties kalap fast 
capp-key SECRET-KEY-101 retries 5 successful-probes 2

To reset the keepalive properties to the default settings, enter:

gssm1.example.com(config-gslb)# no keepalive-properties kalap fast 
capp-key SECRET-KEY-101 retries 5 successful-probes 2

Modifying CRA Global Keepalive Settings

To modify the CRA global keepalive configuration settings, perform the steps that follow. See the "Default Global Keepalive Properties and Settings" section for a list of all global keepalive settings.

1. If desired, use the show gslb-config keepalive-properties command to display the current property settings for existing keepalives. See the "Displaying Global Keepalive Properties" section for more information.

2. To change CRA settings, use the keepalive-properties cra command in global server load-balancing configuration mode.

The syntax of this command is:

keepalive-properties cra {min-interval number} | timing-decay number}

The options and variables are:

•min-interval number—Specifies the minimum frequency with which the GSS attempts to schedule CRA keepalives. The valid entries are 1 to 60 seconds. The default is 10.

•timing-decay number—Specifies how heavily the GSS should weigh recent DNS Round Trip Time (RTT) probe results relative to earlier RTT metrics. A setting of 1 indicates that recent results should not be weighed any more than previous RTT results. The valid entries are 1 to 10. The default is 2.

For example, enter:

gssm1.example.com(config)# gslb

gssm1.example.com(config-gslb)# keepalive-properties cra 
min-interval 60 timing-decay 1

To reset the keepalive properties to the default settings, enter:

gssm1.example.com(config-gslb)# no keepalive-properties cra 
min-interval 60 timing-decay 1

Modifying Name Server Global Keepalive Settings

To modify the Name Server (NS) global keepalive configuration settings, perform the steps that follow. See the "Default Global Keepalive Properties and Settings" section for a list of all global keepalive settings.

1. If desired, use the show gslb-config keepalive-properties command to display the current property settings for existing keepalives. See the Displaying Global Keepalive Properties section for more information.

2. To change NS settings, use the keepalive-properties ns command in global server load-balancing configuration mode.

The syntax of this command is:

keepalive-properties ns {min-interval number} | query-domain domain_name}

The options and variables are:

•min-interval number—Specifies the minimum frequency with which the GSS attempts to schedule NS keepalives. The valid entries are 40 to 255 seconds. The default is 40.

•query-domain domain_name—Specifies the name of the domain name server to which an NS-type keepalive is sent. Enter the name as an unquoted text string with no spaces and a maximum length of 100 characters. The default domain "." specifies the root of the domain name server.

For example, enter:

gssm1.example.com(config)# gslb

gssm1.example.com(config-gslb)# keepalive-properties ns 
min-interval 60 query-domain WWW.HOME.COM

To reset the keepalive properties to the default settings, enter:

gssm1.example.com(config-gslb)# no keepalive-properties ns 
min-interval 60 query-domain WWW.HOME.COM

Displaying Global Keepalive Properties

Use the show gslb-config keepalive-properties command to display the current property settings for all keepalives types.

The syntax of this command is:

show gslb-config keepalive-properties

For example, enter:

gssm1.example.com# config

gssm1.example.com(config)# gslb

gssm1.example.com(config-gslb)# show gslb-config keepalive-properties 

keepalive-properties icmp standard min-interval 40

keepalive-properties tcp fast retries 1 successful-probes 1

keepalive-properties http-head standard min-interval 40 port 80 
termination reset timeout 20 path /

keepalive-properties kalap fast retries 1 successful-probes 1

keepalive-properties cra timing-decay 2 interval 10

keepalive-properties ns query-domain . interval 40

Configuring Shared VIP Keepalives

The GSS supports the use of shared keepalives to minimize traffic between the GSS and the SLBs that it is monitoring. A shared keepalive identifies a common IP address or resource that provides status for multiple answers. Shared keepalives periodically provide state information (online, offline) to the GSS for multiple VIP answer types. Once created, you can associate the shared keepalives with VIPs when you create a VIP answer type.

---

Note Shared keepalives are not used with name server or CRA answers.

---

All answers are validated by configured keepalives and are not returned if the keepalive indicates that the answer is not viable. If a shared keepalive fails to return a status, the GSS assumes that all VIPs associated with that shared keepalive are offline.

If you intend to use the KAL-AP keepalive method with a VIP answer, you must configure a shared keepalive. The use of shared keepalives is an option for the ICMP, TCP, and HTTP HEAD keepalive types.

This section includes the following sub-sections:

• Configuring ICMP Shared Keepalives

•Configuring TCP Shared Keepalives

•Configuring HTTP HEAD Shared Keepalives

•Configuring KAL-AP Shared Keepalives

•Deleting a Shared Keepalive

•Displaying Shared Keepalive Properties

Configuring ICMP Shared Keepalives

To configure an ICMP shared keepalive, use the shared-keepalive icmp command in global server load-balancing configuration mode. Use the no form of the command to remove a shared keepalive. The syntax for this command is:

shared-keepalive icmp ip_address

The ip_address variable specifies the IP address used to test the online status for the linked VIPs.

For example, enter:

gssm1.example.com(config)# gslb

gssm1.example.com(config-gslb)# shared-keepalive icmp 192.168.1.47

gssm1.example.com(config-gslb)#

If you need to delete a shared keepalive from your GSS network, and that shared keepalive is in use by the GSS, you must first disassociate any answers that are using the keepalive. Refer to the "Deleting a Shared Keepalive" section for steps to disassociate your answers and remove a shared keepalive from your GSS network.

Configuring TCP Shared Keepalives

To configure a TCP shared keepalive, use the shared-keepalive tcp command in global server load-balancing configuration mode. Use the no form of the command to remove a shared keepalive.

The syntax for this command is:

shared-keepalive tcp ip_address [port port_number] | [termination {graceful | reset}]

The variables and options for this command are:

•ip_address—Specifies the IP address used to test the online status for the linked VIPs.

•port port_number—(Optional) Specifies the port on the remote device that is to receive the TCP keepalive request. The port range is 1 to 65535. If you do not specify a destination port, the GSS uses the globally configured setting.

•termination—(Optional) Specifies one of the following TCP keepalive connection termination methods. If you do not specify a connection termination method, the GSS uses the globally configured setting.

–graceful—The GSS initiates the graceful closing of a HTTP HEAD connection by using the standard three-way connection termination method.

–reset—The GSS immediately terminates the TCP connection by using a hard reset.

For example, enter:

gssm1.example.com# config

gssm1.example.com(config)# gslb

gssm1.example.com(config-gslb)# shared-keepalive tcp 192.168.1.46 port 
23 termination graceful

Configuring HTTP HEAD Shared Keepalives

To configure an HHTP HEAD shared keepalive, use the shared-keepalive http-head command in global server load-balancing configuration mode. Use the no form of the command to remove a shared keepalive.

The syntax for this command is:

shared-keepalive http-head ip_address [port port_number] | [host-tag domain_name] | [path path]

The variables and options for this command are:

•ip_address—Specifies the IP address used to test the online status for the linked VIPs.

•port port_number—(Optional) Specifies the port on the remote device that is to receive the HHTP HEAD-type keepalive request. The port range is 1 to 65535. If you do not specify a destination port, the GSS uses the globally configured value.

•host-tag domain_name—(Optional) Specifies an optional domain name that is sent to the VIP as part of the HTTP HEAD query. This tag allows an SLB to resolve the keepalive request to a particular website even when multiple sites are represented by the same VIP.

•path path—(Optional) Specifies the path that is relative to the server website being queried in the HTTP HEAD request. If you do not specify a default path, the GSS uses the globally configured value. The default path "/" specifies the virtual root of the webserver.

For example, enter:

gssm1.example.com# config

gssm1.example.com(config)# gslb

gssm1.example.com(config-gslb)# shared-keepalive http-head 
192.168.1.48 port 23 host-tag WWW.HOME.COM

Configuring KAL-AP Shared Keepalives

To configure a KAL-AP shared keepalive, use the shared-keepalive kalap command in global server load-balancing configuration mode. Use the no form of the command to remove a shared keepalive.

The syntax for this command is:

shared-keepalive kalap ip_address [secondary ip_address] | [capp-secure enable [key secret]] | [retries number] | [successful probes number]

The variables and options for this command are:

•ip_address—Specifies the IP address used to test the online status for the linked VIPs.

•secondary ip_address—(Optional) Specifies IP address is to query a second Cisco CSS or CSM in a virtual IP (VIP) redundancy and virtual interface redundancy configuration.

•capp-secure enable—(Optional) Use this option if you intend to use Content and Application Peering Protocol (CAPP) encryption. If you do not specify an optional key (see below), the GSS uses the globally configured setting.

•key secret—(Optional) Specifies an encryption key that is used to encrypt interbox communications using CAPP. You must also configure the same encryption key on the Cisco CSS or CSM. Enter an unquoted alphanumeric text string with a maximum of 31 characters. If you do not specify a key, the GSS uses the globally configured setting.

If the KAL-AP global keepalive configuration is set to the Fast KAL Type, you can specify these parameters:

•retries number—(Optional) Specifies the number of times the GSS retransmits an KAL-AP packet before declaring the device offline. As you adjust the retries value, you change the detection time determined by the GSS. By increasing the number of retries, you increase the detection time. Reducing the number of retries has the reverse effect. The valid entries are 1 to 10 retries. If you do not specify a value, the GSS uses the globally configured setting.

For more information on keepalive detection time, refer to the "Keepalives"section in Chapter 1, , Introducing the Global Site Selector.

•successful probes number—(Optional) Specifies the number of consecutive successful KAL-AP keepalive attempts (probes) that must be recognized by the GSS before bringing an answer back online (and reintroducing it into the GSS network). The valid entries are 1 to 5. If you do not specify a value, the GSS uses the globally configured setting.

For example, enter:

gssm1.example.com# config

gssm1.example.com(config)# gslb

gssm1.example.com(config-gslb)# shared-keepalive kalap 192.168.1.40 
secondary 192.168.1.42 retries 

Deleting a Shared Keepalive

To delete a shared keepalive that is in use by the GSS, you must first remove it from any answers that are using the keepalive. Use the procedure that follows to remove a shared keepalive from any answers to which it is associated, then to remove the shared keepalive from your GSS network.

---

Caution Deletions of any kind cannot be undone in the primary GSSM. Before deleting any data that you think you might want to use at a later point in time, perform a database backup of your GSSM. Refer to the Global Site Selector Administration Guide for details.

---

To delete a shared keepalive:

1. Use the show gslb-config command to display the current property settings for existing answers and keepalives.

2. Identify the shared keepalive you want to delete and the answer to which it is associated.

3. Use the answer vip command and enter the IP address and answer name (if the answer has a name) to enter the answer vip configuration mode.

4. Use the no keepalive type command in answer vip configuration mode to remove the keepalive associated with the answer.

5. Use the no shared-keepalive command in global server load-balancing configuration mode to delete the shared keepalive.

For example, enter:

gssm1.example.com(config-gslb)# show gslb-config

...

answer cra 192.168.50.41 delay 2 active

answer ns 172.16.27.4 DOMAIN EXAMPLE.COM active

answer vip 172.16.27.6 name ANSVIP2 active

		keepalive type tcp port 180 active

		keepalive type tcp port 88 active

...

gssm1.example.com(config-gslb)# answer vip 172.16.27.6 name ANSVIP2

gssm1.example.com(config-ansvip)# no keepalive type tcp port 88 active

gssm1.example.com(config-ansvip)#exit

gssm1.example.com(config-gslb)#no shared-keepalive tcp 172.16.27.6

gssm1.example.com(config-gslb)#

Displaying Shared Keepalive Properties

Use the show gslb-config shared-keepalive command to display information about the shared keepalives currently configured for the GSS.

For example, enter:

gssm1.example.com(config-gslb)# show gslb-config shared-keepalive

...

shared-keepalive kalap 192.168.1.47 capp-secure enable

shared-keepalive tcp 192.168.1.46 termination graceful

shared-keepalive tcp 192.168.1.40

...

To display shared keepalive information for a specific IP address, enter:

gssm1.example.com(config-gslb)# show gslb-config shared-keepalive 192.168.1.47

...

shared-keepalive kalap 192.168.1.47 capp-secure enable

...

Where to Go Next

Chapter 6, , Configuring Answers and Answer Groups, describes how to create and configure GSS answers and answer groups. Answers refer to resources to which the GSS resolves DNS requests that it receives. Once created, answers are grouped together as resource pools called answer groups.