Script to find virtual servers with connection mirroring enabled

Macaron · ‎09-Oct-2020

Hi All,

I am working on to turn off connection mirroring on all the legacy VIPs which are causing application performance degradation. Is there a way to automate and discover virtual server with connection mirroring enabled via script? and also disable automatically?

Thanks

Dario_Garrido · ‎16-Oct-2020

Hello Macaron.

You need to perform bash engineering. Some examples:

tmsh list ltm virtual mirror | grep -B1 enabled
tmsh list ltm virtual mirror | grep -B1 enabled | grep ltm | awk '{print $3}'
tmsh list ltm virtual one-line all-properties | grep "mirror enabled" | awk '{print $3}'
tmsh -q -c "cd / ; list ltm recursive one-line all-properties" | grep "mirror enabled" | awk '{print $3}'
# This last one to capture VS located in different partitions.

Regarding the 1000 records, you should not have any problem, but it's better to execute it when CPU/RAM consumption in management plane is low.

Regards,

Dario.

Regards,
Dario.

View solution in original post

Dario_Garrido · ‎10-Oct-2020

Hello Macaron.

You can use some of these commands

## Check Mirroring Enabled
tmsh show sys connection type mirror
tmsh show sys ha-mirror

Regards,

Dario.

Regards,
Dario.

Macaron · ‎12-Oct-2020

The first command returned 1200 plus connection records for 37 VIPs in total on F5. I need to identify VIPs which has connection mirroring enabled. Is there any command for that?

Dario_Garrido · ‎14-Oct-2020

Hello Macaron.

You can check what SNAT IPs are mirroring with the next command:

tmsh list ltm snat mirror

The same for those VS that are mirroring their connections:

tmsh list ltm virtual mirror

And finally, the same for those VS that are mirroring their persistence records:

tmsh list ltm virtual mirror persist { $(tmsh list ltm persistence one-line all-properties | grep "mirror enabled" | awk '{print$4}') }

For disabling mirroring, you just need to modify the 'mirror' option as expected.

REF - https://support.f5.com/csp/article/K13478

Please, don't forget to mark this answer as the best to help me for this contribution.

Regards,

Dario.

Regards,
Dario.

Macaron · ‎16-Oct-2020

Dairo,

Thanks for the reply. when I used this command tmsh list ltm virtual mirror on an F5 with less number of VIP but the other f5 where i have almost 1000 VIPs it is asking me "are you sure you want to display 1000 records (y/n)" My question is if i say will it impact any application or slow down the application during the processing of such large number of VIPs? Also is there a way to filter VIPs where connection mirroring enabled? as this command show both enable and disabled connection mirroring on VIPs.

Dario_Garrido · ‎16-Oct-2020

Hello Macaron.

You need to perform bash engineering. Some examples:

tmsh list ltm virtual mirror | grep -B1 enabled
tmsh list ltm virtual mirror | grep -B1 enabled | grep ltm | awk '{print $3}'
tmsh list ltm virtual one-line all-properties | grep "mirror enabled" | awk '{print $3}'
tmsh -q -c "cd / ; list ltm recursive one-line all-properties" | grep "mirror enabled" | awk '{print $3}'
# This last one to capture VS located in different partitions.

Regarding the 1000 records, you should not have any problem, but it's better to execute it when CPU/RAM consumption in management plane is low.

Regards,

Dario.

Regards,
Dario.

jaikumar_f5 · ‎19-Oct-2020

Regarding the y/n, you can stop that by this,

tmsh modify cli preference pager disabled display-threshold 0

Macaron · ‎19-Oct-2020

Thank you guys. you are the best

Stan_PIRON_F5 · ‎19-Oct-2020

if you want to disable it on all VS :

modify ltm virtual all mirror disabled

DevCentral

Script to find virtual servers with connection mirroring enabled

Khoros Kudos Award 2022