Home
Community
☰
In order to monitor Radius (i.e., authentication and/or accounting) services behind a load balancer, there exists several ways to do so. The Object Status Monitor is a mechanism that monitors backend services and disables any nodes which are not reachable or are considered 'down'. To leverage the Object Status Monitor, you must first create a monitor which will send the appropriate packets/queries/messages to verify service availability. Once the appropriate monitor(s) have been created, they must be assigned to the target node(s). This can be done on an individual node basis or in bulk. Once configured, the host statuses for monitored nodes should appear as such:
In order to monitor Radius (i.e., authentication and/or accounting) services behind a load balancer, there exists several ways to do so.
The Object Status Monitor is one way. The Object Status Monitor is a mechanism that monitors backend services and disables any nodes which are not reachable or are considered 'down'. This makes it easy to minimize false alarms caused by network connectivity issues between the RADIUS server and its clients without having to maintain an explicit list of servers that should be monitored.
The Object Status Monitor is a mechanism that monitors backend services and disables any nodes which are not reachable or are considered 'down'.
When the Object Status Monitor finds a node is down, your cluster will be in an unhealthy state.
To leverage the Object Status Monitor, you must first create a monitor which will send the appropriate packets/queries/messages to verify service availability.
Create a new monitor from the main menu. You can select either an ICMP or TCP/UDP based service check.
Select Create New or Edit to modify an existing check type.
Select the Type of Service Check: Ping or Traceroute for ICMP; TCP for TCP/UDP Services (ICMP).
For ICMP-based checks, provide values under “Target Hosts” as follows: , and ,. For example: ping google-public-dns-a.google.com,8.8.8.8 and ping www1a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t10u11v12w13x14y15z16A17B18C19D1A1B2C3D4E5F6G7H8I9J0K1L2M3N4O5P6Q7R8S9T10U11V12W13X14Y15Z16A17B18C19D1A1B2C3D4E5F6G7H8I9J0K1L2M3N4O5P6Q7R8S9T10U11V12W13X14Y15Z16A17B18C19D21a22b23c24d25e26f27g28h29i
To assign a monitor to nodes, use the Monitor Manager. The Monitor Manager is accessible from the Administration menu in Fusion Middleware Control.
You can create a new monitor for your target node(s) by selecting New > Monitor from the left navigation panel in the Monitor Manager page. Once you have selected this option, you will be taken to another screen where you can select both your monitor type and its attributes:
! [](https://www.apress.com/us/book/9781484226750#reviews)
You can set up the Radius Monitor to monitor individual nodes, or in bulk.
The bulk method is easier to manage, and it's much faster than monitoring each node individually. In addition to being easier and faster, the Radius Monitor will be more efficient because it uses less CPU power when monitoring a large number of nodes.
Once configured, the host statuses for monitored nodes should appear as such:
Green: This indicates that the node is up and running.
Yellow: This indicates that the node is up, but is experiencing some sort of problem (for example, if it has not been able to reach its primary server within a certain period of time).
Red: This indicates that the node is down and is not reachable by any means (e.g., no ping response).
As a security professional, you are likely to have heard of the f5 object status monitor and the f5 ltm monitor.
Now is the time to learn about their big brother: the f5 radius monitor.
The next time you're asked by your boss "What's doing?" or "How's everything going?", think of a good answer that includes this new tool!
It’s important to remember that the Object Status Monitor is not a replacement for monitoring services directly, but rather an additional layer in case something goes wrong.
