Netgate is offering COVID-19 aid for pfSense software users, learn more.
There are five basic pre-defined Monitor types: ICMP, TCP, HTTP, HTTPS, and SMTP. Additional custom types may be added to better detect specific types of failures.
The pre-defined monitors are included in the default configuration and are:
Sends an ICMP echo request to the target server and expects an ICMP echo reply.
Attempts to open a TCP port connection to the target IP address and port. If the port can be opened (3-way TCP handshake) then it succeeds, if it connection is refused or timed out, it fails.
- HTTP & HTTPS
Attempts to open a connection to the server and request the URL
/using HTTP or HTTPS, whichever is selected. If a 200 response code is returned, it is OK. Otherwise, it is considered a failure.
Opens a connection to the defined port and sends the string
EHLO nosuchhost. If the server replies with any message starting with
250-, it is considered OK. Other responses are considered a failure.
Creating Custom Monitors¶
The included monitors are not sufficient for the needs of a site, or they need tweaking, then custom monitors may be created. Most monitor types have their own specific settings that can be customized as needed.
To create a new monitor: * Navigate to Services > Load Balancer * Click the Monitors tab * Click Add to add a new Monitor * Configure the Monitor options as explained below:
A name for the Monitor. This is for reference, but must also adhere to the same limits as an alias or interface name. Letters and numbers only, the only allowed separator is an underscore. No spaces or slashes.
An optional longer description for the Monitor. This is for reference purposes only, and does not have any formatting limits.
The remaining options vary based on the selected Type.
- ICMP & TCP
No extra options. Any custom monitor using these types will behave identically to the pre-defined monitor of the same name.
- HTTP & HTTPS
These behave identically to each other, the only difference is whether or not encryption is used to talk to the target server. These each have three options to control the behavior of the monitor:
The Path defines the path section of the URL sent to the server. If the site contains mostly dynamic content, or the base URL does a redirect, it is best to set this to a full path to a static piece of content, such as an image, that is unlikely to move or change.
If the server runs multiple virtual hosts, this field defines which hostname is sent with the request so that the expected response can be received.
- HTTP Code
This defines the response expected from the server, given the request to the Host/Path. Most commonly this would be set to 200 OK, but if the server uses another return code that would be expected as a healthy response to this query, choose it here. If the return code is unknown, inspect the server logs to find what codes are returned to the client for each request.
This type of monitor opens a connection to the defined port and sends a string and expects the specified response. The most common example is the SMTP monitor discussed previously. The options are:
- Send String
The string sent to the server after a connection is made to its port.
- Expect String
If the response from the server does not start with this string, then it is considered down.