f5mku -K <-get the master key
tmsh
load /sys config default
give the command some time
save /sys config partitions all
bash
full_box_reboot
Category: F5
F5 troubleshooting
check failover status
tmsh show cm failover
look for a certain port on the F5 in this case 6699
netstat -pan | grep -E 6699
Tail LTM log
tail -f /var/log/ltm
View interface stats
tmsh show net interface all-properties
TCP dump looking at 192.168.0.1 and port 6699 sent to pcap
tcpdump -s0 -ni 0.0:nnn host 192.168.0.1 and port 6699 -vw /var/tmp/6699.pcap
Stop telnet session on the F5
killall telnet
F5 tcp dump examples.
This one writes to a file in /var/tmp/
tcpdump -vni 0.0:nnnp -s0 host <client-ip> -w /var/tmp/114.pcap
This one outputs to screen:
tcpdump -vni 0.0:nnnp -s0 host x.x.x.x
F5 software upgrade.
Install the new version 11.4.1 to HD1.3 then run the following command.
cpcfg –source=HD1.2 HD1.3
[root@LTM05:Active:In Sync] config # cpcfg –source=HD1.2 HD1.3
info: Getting configuration from HD1.2
info: Copying configuration to HD1.3
info: Applying configuration to HD1.3
[root@LTM05:Active:In Sync] config # tmsh
root@(LTM05)(cfg-sync In Sync)(Active)(/Common)(tmos)# reboot ?
Options:
volume Reboot into the specified volume
root@(LTM05)(cfg-sync In Sync)(Active)(/Common)(tmos)# reboot volume HD1.3
The system will be rebooted momentarily
root@(LTM05)(cfg-sync In Sync)(Active)(/Common)(tmos)#
Oct 28 12:31:11 LTM05 emerg overdog[6522]: 01140043:0: Ha feature software_update reboot requested.
Standby)(/Common)(tmos)# quit
[root@LTM05:Standby:In Sync] config # exit
logout
Notes for F5 Big IP
https://ihealth.f5.com/qkview-analyzer/qv/76241
http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip9_0cli/BIG_IP9_0XCLIGuide2-4-1.html
http://support.f5.com/kb/en-us/products/big-ip_ltm/versions.11-4-0.html
Qkview is
like show tech-support
app that we should look in to.
http watch
F5 troubleshooting
tcpdump -ni VLAN_211 host 172.22.211.13
tcpdump -ni VLAN_211
tcpdump -ni 0.0:nnn
ssldump -r -k
man ssldump
bigtop
b virtual www.mywebsite.com-ssl
b virtual www.mywebsite.com-ssl show all
top
can look for pim virtual (just running on one
processor)
in top look for mcpd make sure it is under 100m
failover
b fo show
b ha table
vi /var/log/ltm
less /var/log/ltm
cd /var/log
less tnm
cd /shared/core/
b memory
look at conn flows to see number of connections
tmstat
b interface
b interface -j show all
b interface -j
b trunk show all
b stp
man b
tmsh takes you to (tmos)
ltm
asm
quit
b save writes to disk
b load reads from disk
b db | grep -i big3d
b db Log.Big3d.Level
b db Log.Big3d.Level debug
b db Log.Big3d.Level notice
cd /var/log
bigstart status
F5 man ip setup from cli
tmsh
list sys management-ip
modify sys global-settings mgmt-dhcp disabled
create sys management-ip 10.1.1.200/24
create sys management-route default gateway 10.1.1.1
show running-config sys
quit
ping 10.1.1.1
Curl web browsing.
ubuntu:~# apt-get install curl
ubuntu:~# curl http://www.ccie23050.com/?p=129
Apache restart on F5
bigstart restart httpd tomcat
F5 self IP from tmsh
tmsh
create net vlan external interfaces add { 1.1 { untagged } }
create net vlan internal interfaces add { 1.2 { untagged } }
create net self 10.1.10.245 address 10.1.10.245/24 vlan external
create net self 10.1.20.245 address 10.1.20.245/24 vlan internal
create net route Default_Gateway network 0.0.0.0/0 gw 10.1.10.254
save sys config
(tmos)# list net self address
net self 10.1.20.245 {
address 10.1.20.245/24
}
net self 10.1.10.245 {
address 10.1.10.245/24
}
Backup F5
tmsh
sys ucs
save ltmbackup.ucs