Table of Contents

F5 BIG-IP CLI Commands

Table of Contents



Basic Knowlege

F5 BIG-IP LTM image diagram

F5 BIG-IP LTM image diagram

F5 BIG-IP LTM Order of Settings

1 SSL Certificates Key
Certificate
2 SSL Profile Trusted Certificate Ahuthorities
Ciphers
3 HTTP Profile Fallback Host
4 Node Address
Name
5 Monitor Type : HTTP or TCP
Send String :
Receive String
6 Pool Members
Halth Monitor
7 iRule iRule use Nodes and Pools.
8 Virtual Server Address
Service Port


Basic

Web login

https://192.168.0.10/

admin / admin (default password)

ssh login

ssh root@192.168.0.10

root / default  (default password)

CUI

We must use TMSH in F5 BIG-IP these days.

TMSH BIG-IP Ver10, Ver11, Ver12
# tmsh
(tmos)#
(tmos)# quit
#
bigpipe
b 		BIG-IP Ver9, Ver10 bigpipe = b
BIG-IP Ver11 and later version don't use bigpipe command.
You must use tmsh.


F5 BIG-IP Commands

Initial setting Management IP
# tmsh list sys management-ip
Network # tmsh show net interface
# tmsh show net route
# tmsh show net vlan
Check Hardware # tmsh show sys hardware
Configuration Check Configuration
# view /config/bigip.conf
Backup BIG-IP Configuration
# cp -ip /config/bigip.conf /config/bigip.conf.`date “+%Y%m%d”`
Backup UCS(User Configuration Set)
# tmsh save sys ucs /var/tmp/test-lb_`date “+%Y%m%d”`.ucs
HA / Redundancy Active/Standby
# tmsh show sys config-sync
# tmsh show sys failover
# tmsh run sys failover standby ← execute from active node
Resource # tmstat ← cpu, memory
etc # bigstart restart syslog-ng


LTM

Display list show status
Node # tmsh list ltm node |less
(tmos)# list ltm node 		# tmsh show ltm node |less
(tmos)# show ltm node
Monitor # tmsh list ltm monitor | less
(tmos)# list ltm monitor
Pool # tmsh list ltm pool | less
(tmos)# list ltm pool 		# tmsh show ltm pool | less
(tmos)# show ltm pool
Virtual Server # tmsh list ltm virtual | less
(tmos)# list ltm virtual 		# tmsh show ltm virtual | less
(tmos)# show ltm virtual

Check LTM

Operation TMSH Commands Complement
show NAT # tmsh show ltm nat
show SNAT # tmsh show ltm snat
show snatpool # tmsh show ltm snatpool
SNAT address translation information # tmsh show ltm snat-translation
show connection # tmsh show sys connection Warning : all connection is shown
show persistence table # tmsh show ltm persistence persist-records 
# bigtop
                     |  bits  since       |  bits  in prior    |  current
                     |  Dec 13 17:32:19   |  0 seconds         |  time
BIG-IP      ACTIVE   |---In----Out---Conn-|---In----Out---Conn-|  01:06:12
test-lb.gmo.sec       1.278T 2.920T 487.1M      0      0      0

VIRTUAL ip:port      |---In----Out---Conn-|---In----Out---Conn-|-Nodes Up--
192.168.253.59:http   70.79G 281.2G 1.431M      0      0      0      1
192.168.253.71:https  110.9G 85.29G 653531      0      0      0      2
(abbr)

NODE ip:port         |---In----Out---Conn-|---In----Out---Conn-|--State----
192.168.2.158:http    69.88G 254.2G 647241      0      0      0 DOWN
192.168.4.232:ssh     2.153G 90.14G   3234      0      0      0 UP
192.168.4.228:http    46.99G 32.67G 276679      0      0      0 UP
(abbr)
check connection with pool
show ltm pool | grep -e Ltm::Pool -e "Current Connections"
check connection with node
show ltm node | grep -e Ltm::Node -e "Current Connections"


F5 BIG-IP iRules

Check irules of Virtual Servers with TMSH

list ltm virtual | grep -E -A 1 "virtual|rules"


Sample iRules

F5 BIG-IP iRules Examples popular

HTTP_REQUEST From http To https
Geolocation
WebSockets
HTTP_RESPONSE cookie
LB_FAILED Check Active Members


BIG-IP Tips

tcpdump Examples

tcpdump -i any port 25
tcpdump -n host 192.168.1.10
tcpdump -n udp port 53 -i any
tcpdump -n  not arp and not port 123 and not port 22




Reference






F5 BIG-IP CLI Commands