For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Macaron's avatar
Macaron
Icon for Nimbostratus rankNimbostratus
Oct 09, 2020
Solved

Script to find virtual servers with connection mirroring enabled

Hi All, I am working on to turn off connection mirroring on all the legacy VIPs which are causing application performance degradation. Is there a way to automate and discover virtual serv...
application delivery
BIG-IP
LTM
security
  • Dario_Garrido's avatar
    Dario_Garrido
    Oct 16, 2020

    Hello Macaron.

    You need to perform bash engineering. Some examples:

    tmsh list ltm virtual mirror | grep -B1 enabled
tmsh list ltm virtual mirror | grep -B1 enabled | grep ltm | awk '{print $3}'
tmsh list ltm virtual one-line all-properties | grep "mirror enabled" | awk '{print $3}'
tmsh -q -c "cd / ; list ltm recursive one-line all-properties" | grep "mirror enabled" | awk '{print $3}'
# This last one to capture VS located in different partitions.

    Regarding the 1000 records, you should not have any problem, but it's better to execute it when CPU/RAM consumption in management plane is low.

    Regards,

    Dario.

Dario_Garrido's avatar
Dario_Garrido
Icon for Noctilucent rankNoctilucent
Oct 10, 2020

Hello Macaron.

ā€‹

You can use some of these commands

## Check Mirroring Enabled
tmsh show sys connection type mirror
tmsh show sys ha-mirror

Regards,

Dario.

Macaron's avatar
Macaron
Icon for Nimbostratus rankNimbostratus
Oct 12, 2020

The first command returned 1200 plus connection records for 37 VIPs in total on F5. I need to identify VIPs which has connection mirroring enabled. Is there any command for that?