Difference between revisions of "F5 BIG-IP"
| Line 79: | Line 79: | ||
</pre> | </pre> | ||
Note: The second option is CLF (Common Log Format), which is used in [https://httpd.apache.org/docs/2.4/logs.html apache's access logs]. | Note: The second option is CLF (Common Log Format), which is used in [https://httpd.apache.org/docs/2.4/logs.html apache's access logs]. | ||
====Displaying all IP addresses in the BIG-IP configuration==== | |||
[https://support.f5.com/csp/article/K34314310 K34314310: Displaying all IP addresses in the BIG-IP configuration] | |||
show /sys ip-address | |||
show /sys ip-address all-properties | |||
Revision as of 00:54, 23 January 2021
Info related to F5 BIG-IP Load Balancers.
tmsh
Disable paging
For a single command you and use tmsh -q.
For a permanent change use tmsh modify cli preference pager (disabled|enabled).
List pools that contain a member
tmsh -q list ltm pool one-line | grep -E '($node_hostname|$node_ip)' | awk '{ print $3 }'
Create node:
create ltm node NODE_NAME address NODE_IPADDRESS monitor icmp
Modify or create pool:
modify ltm pool POOL_NAME members add { NODE_NAME:PORT NODE_NAME:PORT }
create ltm pool POOL_NAME members add { NODE_NAME:PORT NODE_NAME:PORT } monitor tcp_half_open
show ltm pool POOL_NAME members | grep MEMBER
Find the virtual servers using an SSL profile
tmsh list /ltm virtual /Partition/* | grep -E "virtual|SSL_PROFILE_NAME"
ltm virtual /Partition/VIRTUAL_SERVER_01 {
ltm virtual /Partition/VIRTUAL_SERVER_02 {
ltm virtual /Partition/VIRTUAL_SERVER_03 {
ltm virtual /Partition/VIRTUAL_SERVER_04 {
/Partition/SSL_PROFILE_NAME {
ltm virtual /Partition/VIRTUAL_SERVER_05 {
ltm virtual /Partition/VIRTUAL_SERVER_06 {
ltm virtual /Partition/VIRTUAL_SERVER_07 {
/Partition/SSL_PROFILE_NAME {
ltm virtual /Partition/VIRTUAL_SERVER_08 {
/Partition/SSL_PROFILE_NAME_BONUS {
ltm virtual /Partition/VIRTUAL_SERVER_09 {
The virtuals followed by the indented profile name are the ones using that profile.
Note that this can turn up other profiles that match, like the one named SSL_PROFILE_NAME_BONUS in the example.
Show TCP connections to a VS
tmsh show sys connection {cs-server-addr 1.2.3.4 protocol tcp}
Show connections to a pool member:
tmsh show sys connection {ss-server-addr 1.2.3.4 ss-server-port 443}
Clear TCP connections to a VS
Same as above but "delete" instead of "show".
Misc
A command that F5 wanted run when a box had high CPU.
ps aux > ~/$(cat /proc/sys/kernel/hostname | cut -d'.' -f1)_ps.txt
SSL Troubleshooting
curl -k https://URL_OR_IP/ curl -iv https://URL_OR_IP/ openssl s_client -connect URL_OR_IP:443 -prexit
iRules
Date Format
http://www.tcl.tk/man/tcl8.4/TclCmd/clock.htm
set var clock format [clock seconds] -format {%d-%m-%y:%H:%M:%S %Z}
11-08-14:00:49:41 PDT
set var clock format [clock seconds] -format {%d/%b/%Y:%H:%M:%S %z}
11/Aug/2014:13:35:34 -0700
Note: The second option is CLF (Common Log Format), which is used in apache's access logs.
Displaying all IP addresses in the BIG-IP configuration
K34314310: Displaying all IP addresses in the BIG-IP configuration
show /sys ip-address show /sys ip-address all-properties