F5 BIG-IP

From DN Wiki
Jump to navigation Jump to search

Info related to F5 BIG-IP Load Balancers.


iRules

Date Format

http://www.tcl.tk/man/tcl8.4/TclCmd/clock.htm

set var clock format [clock seconds] -format {%d-%m-%y:%H:%M:%S %Z}
11-08-14:00:49:41 PDT

set var clock format [clock seconds] -format {%d/%b/%Y:%H:%M:%S %z}
11/Aug/2014:13:35:34 -0700

Note: The second option is CLF (Common Log Format), which is used in apache's access logs.


tmsh

List the pools that contain a member:

tmsh -q list ltm pool one-line | grep -E '($node_hostname|$node_ip)' | awk '{ print $3 }'

Create node and add to pool:

create ltm node NODE_NAME address NODE_IPADDRESS monitor icmp
modify / ltm pool POOL_NAME members add { NODE_NAME:PORT NODE_NAME:PORT }

show ltm pool POOL_NAME  members | grep MEMBER

Find the virtual servers using an SSL profile:

tmsh list /ltm virtual /Partition/* | grep -E "virtual|SSL_PROFILE_NAME"
ltm virtual /Partition/VIRTUAL_SERVER_01 {
ltm virtual /Partition/VIRTUAL_SERVER_02 {
ltm virtual /Partition/VIRTUAL_SERVER_03 {
ltm virtual /Partition/VIRTUAL_SERVER_04 {
        /Partition/SSL_PROFILE_NAME {
ltm virtual /Partition/VIRTUAL_SERVER_05 {
ltm virtual /Partition/VIRTUAL_SERVER_06 {
ltm virtual /Partition/VIRTUAL_SERVER_07 {
        /Partition/SSL_PROFILE_NAME {
ltm virtual /Partition/VIRTUAL_SERVER_08 {
        /Partition/SSL_PROFILE_NAME_BONUS {
ltm virtual /Partition/VIRTUAL_SERVER_09 {

The virtuals followed by the indented profile name are the ones using that profile.
Note that this can turn up other profiles that match, like the one named SSL_PROFILE_NAME_BONUS in the example.


Show TCP connections to a VS:

tmsh show sys connection {cs-server-addr 1.2.3.4 protocol tcp}

Show connections to a pool member:

tmsh show sys connection {ss-server-addr 1.2.3.4 ss-server-port 443}