BIG-IP LTM supports internal and external classes (called Data Groups in the GUI) of address, string, and integer types. An internal class is stored in the bigip.conf file, whereas external classes are split between the bigip.conf and the file system (the class itself is defined in the bigip.conf file, but the values of the class are stored in the file system in a location of your choice, though /var/class is the location defined for synchronization in the cs.dat file) Which flavor? Depends on the requirements. External classes are generally best suited for very large datasets or for datasets that require frequent updates like blacklists. Formatting is slightly different depending on whether the class is internal or external, and is also different based on the class type: address, integer, or string. Below I’ll show the formatting requirements for each scenario. If you are using the GUI to create key/value pairs in a class (and therefore deciding on an internal class), the formatting is handled for you. Note that with internal classes, the dataset is defined with the class, but with external classes, the class is defined with type, separator, and the filename where the dataset is stored. If there is no value for the type (internal or external) it is omitted with no separator.
Note: You can also add network entries in the address type external file like shown immediately below, but when the class is updated, it will be converted to the CIDR format.
class str_testclass_ext {
type string
filename "/var/class/str_testclass.class"
separator ":="
}
/var/class/str_class.class
"str1" := "value 1",
"str2" := "value 2",
Working With External Files Now that the formatting of the classes themselves are complete, I’d like to point out one more issue, and that’s file formatting. If you’re editing all the external classes by hand on the BIG-IP, you have nothing to worry about. However, if you edit them on an external system and copy them over, be careful on which editor you choose. The Unix/Linux line terminator is a line feed (0x0A) whereas Windows default is a carriage return/line feed (0x0D0A) and Mac typically employs just a carriage return (0x0D). The file needs to be formatted in unix-style. I use gVim on my windows laptop. By default, it uses the dos-style, as evidenced in my hex readout in gVim below:
0000000: 6865 6c6c 6f2c 2077 6f72 6c64 0d0a 7468 hello, world..th
0000010: 6973 2069 7320 6120 6c69 6e65 2074 6572 is is a line ter
0000020: 6d69 6e61 746f 7220 7465 7374 0d0a 0d0a minator test....
0000030: 0d0a
.. Now, this is easily changed in gVim: “set fileformat=unix”. After this setting, now my linefeeds are correct:
0000000: 6865 6c6c 6f2c 2077 6f72 6c64 0a74 6869 hello, world.thi
0000010: 7320 6973 2061 206c 696e 6520 7465 726d s is a line term
0000020: 696e 6174 6f72 2074 6573 740a 0a0a inator test...
The guidance here is…use a good editor (hint..Notepad and Word are not on that list!)
This very topic should be covered in the LTM advanced class at least as an appendix if not directly in the training. I used an external class that was not stored in the proper directory and support gave me instructions on how to include the dir that I dropped it in, rather than just saying move it to the var/class dir. Is this new in V10+? I hit the wall with 9.4.3 and the external class not being replicated and causing config sync to fail.
added a link near the top of this article to the updated formatting for v11. Also, you can go here: https://devcentral.f5.com/s/articles/v11-irules-data-group-updates
