Differences

This shows you the differences between two versions of the page.

--- network_stuff:f5 [2016/12/29 21:44] – jotasandoku
+++ network_stuff:f5 [2023/11/02 14:38] (current) – external edit 127.0.0.1
@@ Line 8: / Line 8: @@
   bigpipe
 \\
+----
+Rack and installation: \\
+  * 10800i
+    * [[https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-system-initial-configuration-11-6-0/1.html#conceptid]]
+  * plugged in and with a management ip sometime this week. Just need to use the 'config' utility on the F5 CLI.
+    * [[https://support.f5.com/csp/article/K15040]]
+  * Each lb 2G SPF+ in a trunk for outside and 2G SPF+ in the LAN trunk.  Management would be on a 1G (cat6)
+Activate lldp: (always **save /sys config** at the end)
+  modify net lldp-globals enabled
+  tcpdump -nni 1.1 ether proto 0x88cc
 ----
@@ Line 15: / Line 30: @@
   - Use UI in CP02DEVLB01 to create profile.
   - Log into tmos and pull the command defining that profile. We will use this to automate it in Ansible:
+  - we can use data ports for sync/heartbeat
   (tmos)# list ltm profile client-ssl bondticker_wildcard one-line
   ltm profile client-ssl bondticker_wildcard { app-service none cert default.crt cert-key-chain { default { cert default.crt key default.key } } chain none defaults-from mktx_tls_1.2 inherit-certkeychain true key default.key passphrase none }
 	(create ltm profile ...)
+\\
+SELF IP  [[https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos-routing-administration-11-6-0/5.html|explained]]
+----
+SYSLOGS:\\
+Located in:
+  /var/log/ltm
 ----
-BONDTICKER:
+**BONDTICKER:**\\
 it has 4 profiles. eg: compression .
-(tmos)# list ltm virtual dr.bondticker.com  profiles
+  (tmos)# list ltm virtual dr.bondticker.com  profiles
-ltm virtual dr.bondticker.com {
+\\
-    profiles {
-        bondticker_wildcard {
-            context clientside
-        }
-        https_front_end_https_on {
-            context all
-        }
-        mktx_bondticker_compression {
-            context all
-        }
-        oneconnect {
-            context all
-        }
-        tcp {
-            context all
-        }
-    }
-}
-- irules:
+  ltm virtual dr.bondticker.com {
-	weblogging_math : Not sending to local disk but to the remote webloggong server. 10.30.70.53
+      profiles {
+          bondticker_wildcard {
+              context clientside
+          }
+          https_front_end_https_on {
+              context all
+          }
+          mktx_bondticker_compression {
+              context all
+          }
+          oneconnect {
+              context all
+          }
+          tcp {
+              context all
+          }
+      }
+  }
+**irules:** \\
+iRULES ~= TRAFFIC POLICIES
+\\
+	weblogging_math : Not sending to local disk but to the remote webloggong server. 10.30.70.53
+\\
 vips in bondticker
 is redirected to 443
-Eg: trn.bondticker.com & trn.bondticker.com_http
+Eg: trn.bondticker.com & trn.bondticker.com_http \\
-(This is to see virtual servers with port 80, for instance:
+This is to see virtual servers with port 80, for instance: [[https://devcentral.f5.com/questions/how-to-list-virtual-servers-based-on-some-properties-like-destination-pool-profile-used]]
-	https://devcentral.f5.com/questions/how-to-list-virtual-servers-based-on-some-properties-like-destination-pool-profile-used)
 Redirection is done via an irule. (MKTX_http_to_https_redirect)
 (tmos)# list ltm virtual trn.bondticker.com_http rules
-ltm virtual trn.bondticker.com_http {
+  ltm virtual trn.bondticker.com_http {
-    rules {
+      rules {
-        MKTX_http_to_https_redirect # <<<<<<<<<<<
+          MKTX_http_to_https_redirect # <<<<<<<<<<<
-    }
+      }
-}
+  }
+\\
+----
+**BONDLINKCS**
+More straightforward: Only has 1 irule for weblogging
-- policies. They are processed in order. Example of usage: responder and action
+**policies.** \\
+They are processed in order. Example of usage: responder and action \\
 create policy -> publicsh policy -> go to virtual server and select it.
-modify ltm virtual XXXXXX policies add { YYYYY}
+  modify ltm virtual XXXXXX policies add {
 ----
-BONDLINKCS
+\\
-More straighforward
+In F5 BIG-IP:
-Only has 1 irule for weblogging
+  * CSR Creation [[https://www.digicert.com/csr-creation-f5-big-ip.htm|Link1]]
+  * Certificate installation [[https://uk.godaddy.com/help/installing-an-ssl-certificate-in-f5-big-ip-loadbalancer-5511|Link2]]
-!----------------------
-ANSIBLE
+----
-inventory --- where host information host specific variable
-input --- input information where all application specific variables are stored
+**__ANSIBLE__**
-playbooks --- what you actually put together
+General scheme of folders is as follows:
-templates --- jinja2 file
-roles -- function that groups together tasks into one module ...
+  * inventory --- where host information host specific variable
+  * input --- input information where all application specific variables are stored
+  * playbooks --- what you actually put together
+  * templates --- jinja2 file
+  * roles -- function that groups together tasks into one module ...
-BONDTICKER
+BONDTICKER
 adding a pool ,  adding a server to a pool

dokucama

User Tools

Site Tools

Differences

Page Tools