Sunday, January 15, 2012


F5 is a vendor that provides various types of traffic engineering productions such as Application Load Balancing, DNS Load balancing, SSL VPN, etc. etc.

One of the things I find useful is keeping reference of certain commands that help me with my day to day adminstration.

Here are some helpful commands:

v9 and v10 Bigpipe
b summary - Get's all kinds of information regarding the Load balancer,

b conn dump - Shows connections...this can be used with Excel to sort the connections.

b conn | grep IP_ADDRESS | awk '{print $1 }' | cut -d : -f 1 | uniq -c | sort - Shows all connections based on IP_ADDRESS

qkview - Get's a diagnostics view of the entire load balancers - used for Troubleshooting

bigtop -n  All vips and nodes and to see which traffic is going where

top - Shows the highest order of processes

cpu bigip - Shows CPU (only for v4)

lsof –n Lists all open files in Linux

watch –n1 b virtual ­- This will display the outputs in realtime

watch –n1 b pool - This will display the outputs in realtime

cat /var/log/ltm | grep 'Node' |grep '' | sort -t . -k 3,3n -k 4,4n

awk 'BEGIN {RS="}";FS=RS} /PATTERN/ {print $1"}";} ' /config/bigip.conf - ALLOWS you to go through bigip.conf and look for all virtuals that contain the PATTERN you defined.

Packet Analysis 
tcpdump ni host - This is to view on the console

tcpdump ni -s1600 host -w /var/tmp/test.cap    - This is to capture to a file

tcpdump ni 0.0 host - This views the aggregate traffic of all interfaces

tcpdump –ni 0.0 –s1600 host -w /var/tmp/test.cap - This captures to a file looking at the aggregate interface

tcpdump ni ‘host (host )’ – This captures host for multiple hosts

tcpdump ni -1600 ‘host or (host )’ –w /var/tmp/test.cap

tcpdump ni 0.0 ‘host (host )’

tcpdump -ni   -s 0 'tcp[tcpflags] & (tcp-syn) != 0' – this capture traffic without SYN

TMSH v10 or up
You need to enter tmsh at the CLI to get into TMSH shell
show sys version detail – view system version and hotfix detailed information

show sys version – view system version and hotfix summary information

show sys – General system configuration

show sys cpu - CPU statistics of system overall performance and on management hosts.

show sys hardware - View hardware information

show sys ha-status - Displays the settings and status for high availability on a system.

show sys host-info - Host statistics, including system memory, CPU, and processor

show sys ip-address - View configured IP addresses

show sys log - View system log files

show sys mac-address - View MAC addresses attached to the system

show sys console - Configure the serial console

show sys license - View license information

show sys service - Controls the BIG-IP system services

show sys connection - Displays or deletes active connections on the BIG-IP system

show config-sync - Redundant system configuration synchronization

show config-diff - Displays differences between two SCF files or between a SCF and the running system.

show ltm – Local Traffic Manager

show cli – local user settings and configuration transaction

show net route – routing tables and configuration

show net interface – shows the interface

show net arp – shows the F5s arp table

SCP to transfer a file, perform the following steps:

Use the following command syntax to execute SCP:
scp -p local_filename username@server:remote_filename

where :
  • local_filename is the name of the file you want to transfer.
  • username is is the name of a valid user account on the server to which you want to transfer the file.
  • server is theis the IP address of the server to which you want to transfer the file.
  • remote_filename is the full pathname that you want to name the file on the system to which you are transferring the file.




How to look at each Virtual IP address's Maximum Connection
snmpwalk -c l0cal F5-BIGIP-LOCAL-MIB::ltmVirtualAddrStatClientMaxConns|awk -F: '$4 > 2000'

Show all VIP addresses with MAX Conns greater than 200
snmpwalk -c l0cal F5-BIGIP-LOCAL-MIB::ltmVirtualAddrStatClientMaxConns|awk -F: '{if($4 > 200) print }'

Show all VIP addresses with Curr Conns greater than 200

snmpwalk -c l0cal F5-BIGIP-LOCAL-MIB::ltmVirtualAddrStatClientCurConns|awk -F: '{if($4 > 200) print }'

Leave out the awk -F: '{if($4 > 200) print }' to see all VIP addresses

NOTE: Make sure that the F5 can accept SNMP requests from the local loopback.

No comments:

Post a Comment