A match-list provides the ability to content match string based values and mark the application (layer 7) based health-check as either up or down.
When assigning a match-list health-check the match-list is assigned to a port policy. This port policy is then assigned to the virtual server.
Steps
1. First we enable Layer 7 health-checks on the webserver
server real webserver1
port http keepalive
2. When next create a match-list which will bring up the health-check if the string ALIVE is found within the content received from the HTTP /GET that is issues under the port policy.
http match-list matchlist1
default down
up simple “ALIVE” log
3. A port policy is created and assigned the port http and configuring to perform a HTTP GET / and content-match against our previous match-list.
server port-policy ppolicy1
port http
protocol http url “GET /”
protocol http content-match matchlist1
3. Finally the port policy is assigned to the virtual server.
server virtual VIP_192.168.1.100
port http use-port-policy ppolicy1
Show Commands
The following show commands are especially useful in confirm the status and troubleshooting match-list based health-checks.
- show commands
- show http match-list
- show server bind
- show log
- NETCONF & YANG: Automate Network Configs via Python - April 2, 2026
- Palo Alto – How to Configure Your Next-Generation Firewall - April 2, 2026
- How to Harden Linux SSH: Keys, Fail2ban & Ciphers - March 1, 2026
Want to become a networking expert ?
Here is our hand-picked selection of the best courses you can find online:
Cisco CCNA Certification Gold Bootcamp
Complete Cyber Security Course – Network Security
Internet Security Deep Dive course
Python Pro Bootcamp
and our recommended certification practice exams:
Delta Practice Tests