Deploying F5 BIG-IP Virtual Edition on VMware Fusion

To deploy BIG-IP Virtual Edition on your workstation, VMware provides two great solutions:

For this guide, we’ll use Fusion Pro 8 (v11 functions the same) due to it’s good network management abilities; for the non-Pro version refer to Jason Rahm’s article on setting up networking.  Using the BIG-IP Virtual Edition, you can setup a development environment for most BIG-IP software solutions, including but not limited to LTM, APM Lite, ASM, AFM, and BIG-IP DNS. For more team oriented test or dev environments, you should probably install those to more robust infrastructure everyone has access too.

Installation Instructions

 

Installing and configuring VMware Fusion Pro

Installing additional VMware networking

  1. Start VMware Fusion Pro, and select the menu VMware Fusion > Preferences
  2. Click the Network icon
  3. Click the lock icon to authenticate and create additional networks
  4. Click the + icon 3 times to create vmnet2, vmnet3, and vmnet4 
  5. Select vmnet2 and configure the following network:
    • Leave Allow virtual machines on this network to connect to external networks (using NAT) cleared
    • Leave the Connect the host Mac to this network selected
    • Leave Provide addresses on this network via DHCP selected
    • In the Subnet IP field, enter 10.128.1.0
    • In the Subnet mask field, enter 255.255.255.0
  6. Select vmnet3 and configure the following network:
    • Select the Allow virtual machines on this network to connect to external networks (using NAT) to allow your BIG-IP VE to reach the internet
    • Leave the Connect the host Mac to this network selected
    • Leave Provide addresses on this network via DHCP selected
    • In the Subnet IP field, enter 10.128.10.0
    • In the Subnet mask field, enter 255.255.255.0
  7. Select vmnet4 and configure the following network:
    • Leave Allow virtual machines on this network to connect to external networks (using NAT)
    • Clear the Connect the host Mac to this network to prevent the system from having direct access to the internal network
    • Leave Provide addresses on this network via DHCP selected
    • In the Subnet IP field, enter 10.128.20.0
    • In the Subnet mask field, enter 255.255.255.0
  8. Click Apply and close the window

 

Downloading the F5 BIG-IP Virtual Edition

  1. Navigate and login at https://downloads.f5.com, if you do not have a support login, register here.
  2. Click Find a Download, select BIG-IP v12.x / Virtual Edition, and click Virtual-Edition again.
  3. Read the License Agreement and click I Accept  (it’s a fantastic read)
  4. Select the BIGIP-currentversion.ALL-scsi.ova file, with the description Image file set for VMware ESX/i Server
  5. Choose the nearest download location

 

Importing BIG-IP Virtual Edition Image

  1. From VMware Fusion, navigate to File > Import
  2. Click Choose File
  3. Select the BIGIP-13.0.0.3.0.1679.ALL-scsi.ova image file from your download location and click Open
  4. Click Continue
  5. Name the new virtual machine whatever you want using common sense, for our example we’ll use BIGIP_v13_lab 
  6. Click Accept
  7. After the import completes, click Finish, and Customize Settings
  8. Click Processors & Memory and adjust memory to provide the following:
    • If System = 8GB, set VM memory to 4096
    • If System = 16GB, set VM memory to 8192
    • If System = 24GB+, set VM memory to 12416
  9. Click Show All
  10. Click Network Adapter, and click vmnet2
  11. Click Show All, then click Network Adapter 2, select vmnet3
  12. Click Show All, then click Network Adapter 3, select vmnet4
  13. Click Show All, then click Network Adapter 4, and uncheck the Connect Network Adapter to disable
  14. Close the Settings window

 

F5 BIG-IP Configuration

Configuring the Management Interface

  1. Click your BIG-IP VE Image from the Virtual Machine Library, then click Start Up
  2. After the BIG-IP VE powers up, you’ll be presented with the localhost login screen
  3. Log in to the BIG-IP system using the following default credentials
    • localhost login: root
    • Password: default
  4. At the CLI prompt, type: config
  5. Press Enter to activate the OK option
  6. Use the Tab key to activate the No option, then press Enter
  7. Edit the IP Address to 10.128.1.145, then press Tab to activate the OK option, and press Enter
  8. Ensure the Netmask is 255.255.255.0, then press Tab to activate the OK option, and press Enter
  9. Press Enter to activate the Yes option to create a default route for the management port
  10. Edit the Management Route to 10.128.1.1, then press the Tab to activate the OK option, and press Enter
  11. Press the Enter key to activate the Yes option to accept the settings

Obtaining an F5 BIG-IP Developer Edition License

  1. Refer to How to get a F5 BIG-IP VE Developer Lab License to purchase your Developer License.

Configuring External and Internal Networks on BIG-IP VE

  1. Open a terminal window, and type: ssh root@10.128.1.145
  2. Use the following Password:  default
  3. Copy or manually enter the following TMSH commands to your SSH session.  You can copy and past all the lines simultaneously
tmsh create net vlan external interfaces add { 1.1 { untagged } }
tmsh create net vlan internal interfaces add { 1.2 { untagged } }
tmsh create net self 10.128.10.240 address 10.128.10.240/24 vlan external
tmsh create net self 10.128.20.240 address 10.128.20.240/24 vlan internal
tmsh create net route Default_Gateway network 0.0.0.0/0 gw 10.128.10.1
tmsh save sys config
exit

Accessing BIG-IP VE GUI and Completing Setup and Licensing

  1. Open a web browser and access https://10.128.1.145
  2. Log into the BIG-IP VE using the following credentials:
    • Username: admin
    • Password: admin
  3. On the Welcome Page click Next
  4. On the License page click Activate
  5. Open the email from F5 Networks with your Developer License Registration Key and copy the Registration Key text
  6. In the Setup Utility, in the Base Registration Key field, past the registration key text
  7. For Activation Method, select Manual, and click Next
  8. Select and copy all of the dossier text to your clipboard
  9. Select Click here to access F5 Licensing Server
  10. On the Activate F5 Product page, paste the dossier text in the field, then click Next
  11. Select to accept the legal agreement, then click Next
  12. Select and copy all of the license key text to your clipboard
  13. On the Setup Utility > License page, paste the license key text into the Step 3: License field, then click Next
  14. After the configuration changes complete, log into the BIG-IP VE system using the previous credentials
  15. On the Resource Provisioning page leave Local Traffic (LTM) as the only provisioned module and click Next
  16. On the Device Certificates page click Next
  17. On the Platform page, configure the Host Name, Root Account, and Admin Account to your desired settings, then click Next
  18. You’ll be prompted to log out and back into the BIG-IP VE.  Do it.
  19. Under Standard Network Configuration, click Next
  20. Clear the Display configuration synchronization options checkbox, then click Next
  21. On the Internal Network Configuration page, review the settings, then click Next
  22. On the External network Configuration page, review the settings, then click Finished to complete the Setup Utility.

Configure BIG-IP System Settings

  1. Open the System > Preferences page, and update the following settings, then click Update
  2. Records Per Screen: 30
  3. Start Screen: Statistics
  4. Idle Time Before Automatic Logout: 100000 seconds
  5. Security Banner Text:  Welcome to the F5 BIG-IP VE Lab Environment (or whatever you want this to say)
  6. Open the System > Configuration > Device > DNS page
  7. For DNS Lookup Server List, enter 8.8.8.8, and then click Add (you can use whatever DNS resolver you want here)
  8. Select 10.128.1.1, then click Delete, and click Update
  9. Open the Local Traffic > Nodes > Default Monitor page
  10. Click ICMP, and click << to move it to the Active list, then click Update

 

Additional Information

  • Using the 10.128.x.0/24 is intended only for ease of use and not a requirement.  If you have alternate requirements, please replace our examples
  • This guide builds a sufficient external and internal network the BIG-IP can use for proxy architecture testing and is intended for development purposes only
  • If you opted not to purchase the Pro version of Fusion, you can still setup advanced networking.  For more on this please see: VMware Fusion Custom Networking for BIG-IP VE Lab
  • This guide is developed for VMware Fusion Pro on OSX.  If you run VMware Workstation, setup is the same, only the UX and configuration locations change.
Published Nov 12, 2015
Version 1.0
101
BIG-IP
cloud
devops
virtualization
vmware
  • Paul_Peard's avatar
    Paul_Peard
    Icon for Nimbostratus rankNimbostratus
    Oct 09, 2019

    This may be a quirk of my setup - but the gateway on the "external" vmnet in my case was 10.128.10.2 (not something I had specified or changed during the setup ( Vmware Fusion Pro 11.5).

  • andrewbytes's avatar
    andrewbytes
    Icon for Altocumulus rankAltocumulus
    May 29, 2019

    For VMWare Fusion 11, this worked for me;

    Under the topic heading "F5 BIG-IP Configuration

    1. Configuring the Management Interface"

     

    For option 10 (Edit the Management Route to 10.128.1.1, then press the Tab to activate the OK option, and press Enter) Change the Route to 10.128.1.2 <-- Within the VM, this was pinging, but not 10.128.1.1 - Configuring this allowed me to attach SSH, and use the management console, PLUS allowed pings from the Macintosh Terminal window to 10.128.1.145 per the instructions.

     

     

     

     

  • Chase_Abbott's avatar
    Chase_Abbott
    Icon for Employee rankEmployee
    Mar 13, 2018

    @NiHo - If you have the interfaces active within Fusion Pro, they should be available for this command. I just spun up a new v13 BIG-IP on Fusion 10.1.1 with no issues. I did ensure I had network adapter 1 as vmnet2, network adapter 2 as vmnet3, and network adapter 3 as vmnet 4. All of this was prior to booting BIG-IP for the first time.

    The commands work as a result and I get:

    root@(localhost)(cfg-sync Standalone)(NO LICENSE)(/Common)(tmos) show net interface all

    ----------------------------------------------------------------
Net::Interface
Name  Status    Bits    Bits  Pkts  Pkts  Drops  Errs      Media
                  In     Out    In   Out                        
----------------------------------------------------------------
1.1       up    2.7K   15.8K     4    25      0     0  10000T-FD
1.2       up    2.7K   15.8K     4    25      0     0  10000T-FD
1.3   uninit       0       0     0     0      0     0       none
mgmt      up  186.6K  170.7K   232   174      0     0   100TX-FD

    What do you see when you run a tmsh show net interface all ?

  • NiHo_202842's avatar
    NiHo_202842
    Icon for Cirrostratus rankCirrostratus
    Mar 13, 2018

    Hi, I get the following error under Fusion 10:

     create net vlan external interfaces add { 1.1 { untagged } }
01070256:3: Requested VLAN member (1.1) is not valid

    1.0 is the only interface that receives a MAC address, 1.1 looks like:

    net interface 1.1 {
    if-index 112
    media-fixed 10000T-FD
}

  • Chase_Abbott's avatar
    Chase_Abbott
    Icon for Employee rankEmployee
    Nov 20, 2017

    @tongatom: You are correct. Fusion updated the On/Off toggle to a check box for "Connect Network Adapter". Uncheck that to disable that adapter from connecting to any available interface. I will update the article to reflect both versions. Everything else should be pretty much the same. I updated to Fusion v10 last week and haven't noticed anything too different besides UX changes and OS support updates.

     

  • tongatom_341319's avatar
    tongatom_341319
    Icon for Nimbostratus rankNimbostratus
    Nov 18, 2017

    I am using MacOS High Sierra and running VMWare Fusion v.10. The instructions after downloading the image, the instruction in line 13 states "toggle the Enable Network Adapter option to OFF".

     

    I'm not quite sure what this means. There is no option under v.10 to turn off anything. Could this perhaps be the same deselecting "Connect Network Adapter"

     

    Thanks in advance Tongatom