Sunday, January 15, 2012

COMMAND REFERENCE: F5

F5 is a vendor that provides various types of traffic engineering productions such as Application Load Balancing, DNS Load balancing, SSL VPN, etc. etc.


One of the things I find useful is keeping reference of certain commands that help me with my day to day adminstration.

Here are some helpful commands:

v9 and v10 Bigpipe
b summary - Get's all kinds of information regarding the Load balancer,

b conn dump - Shows connections...this can be used with Excel to sort the connections.

b conn | grep IP_ADDRESS | awk '{print $1 }' | cut -d : -f 1 | uniq -c | sort - Shows all connections based on IP_ADDRESS


Shell
qkview - Get's a diagnostics view of the entire load balancers - used for Troubleshooting

bigtop -n  All vips and nodes and to see which traffic is going where

top - Shows the highest order of processes

cpu bigip - Shows CPU (only for v4)

lsof –n Lists all open files in Linux

watch –n1 b virtual ­- This will display the outputs in realtime

watch –n1 b pool - This will display the outputs in realtime

cat /var/log/ltm | grep 'Node' |grep '' | sort -t . -k 3,3n -k 4,4n

awk 'BEGIN {RS="}";FS=RS} /PATTERN/ {print $1"}";} ' /config/bigip.conf - ALLOWS you to go through bigip.conf and look for all virtuals that contain the PATTERN you defined.


Packet Analysis 
tcpdump ni host - This is to view on the console

tcpdump ni -s1600 host -w /var/tmp/test.cap    - This is to capture to a file

tcpdump ni 0.0 host - This views the aggregate traffic of all interfaces

tcpdump –ni 0.0 –s1600 host -w /var/tmp/test.cap - This captures to a file looking at the aggregate interface

tcpdump ni ‘host (host )’ – This captures host for multiple hosts

tcpdump ni -1600 ‘host or (host )’ –w /var/tmp/test.cap

tcpdump ni 0.0 ‘host (host )’

tcpdump -ni   -s 0 'tcp[tcpflags] & (tcp-syn) != 0' – this capture traffic without SYN

TMSH v10 or up
You need to enter tmsh at the CLI to get into TMSH shell
show sys version detail – view system version and hotfix detailed information

show sys version – view system version and hotfix summary information

show sys – General system configuration

show sys cpu - CPU statistics of system overall performance and on management hosts.

show sys hardware - View hardware information

show sys ha-status - Displays the settings and status for high availability on a system.

show sys host-info - Host statistics, including system memory, CPU, and processor

show sys ip-address - View configured IP addresses

show sys log - View system log files

show sys mac-address - View MAC addresses attached to the system

show sys console - Configure the serial console

show sys license - View license information

show sys service - Controls the BIG-IP system services

show sys connection - Displays or deletes active connections on the BIG-IP system

show config-sync - Redundant system configuration synchronization

show config-diff - Displays differences between two SCF files or between a SCF and the running system.

show ltm – Local Traffic Manager

show cli – local user settings and configuration transaction

show net route – routing tables and configuration

show net interface – shows the interface

show net arp – shows the F5s arp table


SUPPORT COMMANDS 
SCP to transfer a file, perform the following steps:

Use the following command syntax to execute SCP:
scp -p local_filename username@server:remote_filename

where :
  • local_filename is the name of the file you want to transfer.
  • username is is the name of a valid user account on the server to which you want to transfer the file.
  • server is theis the IP address of the server to which you want to transfer the file.
  • remote_filename is the full pathname that you want to name the file on the system to which you are transferring the file.

Example


--------------------

SNMP

How to look at each Virtual IP address's Maximum Connection
snmpwalk -c l0cal 127.0.0.1 F5-BIGIP-LOCAL-MIB::ltmVirtualAddrStatClientMaxConns|awk -F: '$4 > 2000'

Show all VIP addresses with MAX Conns greater than 200
snmpwalk -c l0cal 127.0.0.1 F5-BIGIP-LOCAL-MIB::ltmVirtualAddrStatClientMaxConns|awk -F: '{if($4 > 200) print }'

Show all VIP addresses with Curr Conns greater than 200

snmpwalk -c l0cal 127.0.0.1 F5-BIGIP-LOCAL-MIB::ltmVirtualAddrStatClientCurConns|awk -F: '{if($4 > 200) print }'

Leave out the awk -F: '{if($4 > 200) print }' to see all VIP addresses

NOTE: Make sure that the F5 can accept SNMP requests from the local loopback.

No comments:

Post a Comment