For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

BIG-IP

10548 Topics

Can't change sync type or failover after tenant upgrade.
I made a mistake that I didn't think in the end would matter, but here's what I did. I had previously upgraded this tenant pair to 17.1.3. Everything was fine, and I intended to install on another pair but I installed on the other boot location of one that I had already installed. I didn't think this was an issue as I would just not activate that boot location. However, I couldn't force the Active member to Standby. It was greyed out. I thought that maybe I should boot to that new location because maybe there was something that needed to complete to allow me to fail over between the members. That made it worse because I couldn't change the sync type back to Automatic with incremental sync. So naturally, I booted to the previous partition because it seemed to be at least better, but now I seem to be digging a hole I can't get out of. Where it stands now: The pair is set to sync type "Manual with Incremental Sync" Member1 is standby and says "Not All Devices Synced" Member2 is active and says "Changes Pending" On the Standby Member1, I can change the sync type, but I haven't. On the Active Member2, I can't change the sync type or force it to standby. I have a ticket open but as this is a live system, I pursuing all avenues.
Solved
Shadow
Nov 10, 2025 Place Technical Forum
104Views
0likes
7Comments
How to log HTTP/2 reset_stream
Hello, We are currently in a meeting to prepare for HTTP/2 DDoS attacks. What we would like to do is log the client’s IP address (either local or remote) whenever an HTTP/2 RESET_STREAM is received. Is there any way to achieve this? Would it be possible to implement using an iRule? Thank you.
JO_JO
Nov 10, 2025 Place Technical Forum
65Views
0likes
1Comment
F5 upgrades
We are upgrading F5 tenants from 17.1 to 17.5. We have Two R-series pairs at each data center ( ex:main and colo) Within the data center, they are in HA active standby and the 4 are in a GSLB group . Each host has one tenant During the upgrade process, I disabled GTM Sync on the F5 that is going to be upgraded. Is it recommended? I plan on having traffic moved to this active box at ex colo from the other data center main, I won't be making any config changes . After the applications move to this side, LTM pools show up on this side and global availability will have the upgraded side up. just want to make sure, if that is disabled, do we need to leave them disabled and sync them after all the 4 F5s are upgraded? during this process, can we make changes with the data center on LTM pools? Thank you
InquisitiveMai
Oct 13, 2025 Place Technical Forum
152Views
0likes
2Comments
Struggling with Node.js API for Searching Profiles Across Multiple F5 Devices
Hey everyone, I’m working on a Node.js API that connects to my frontend and allows users to search for an SSL or LTM profile by name and get back all the relevant details. The twist is that the profile could live on any one of 40+ F5 devices (different mgmt IPs). Here’s what I’ve done so far: I’m using the F5 REST API and creating a session token for each mgmt IP to avoid basic auth on every call. I built a loop to query each device, aggregate results, and return the profile details if it exists. The problem: It’s not consistent. Sometimes the profile is found; other times it’s missed—even though it’s definitely there. I’m getting timeouts pretty frequently, which adds to the frustration. Feels like I’m doing too many sequential calls and maybe hitting performance or token issues. Has anyone tackled something similar? How do you structure your calls to make them reliable across multiple devices? Is there a recommended pattern for handling large-scale F5 REST calls in Node.js (parallelization, rate limits, caching)? Should I stick to session tokens or consider another auth pattern? Any tricks for minimizing timeouts when calling multiple mgmt IPs? Any examples, best practices, or lessons learned would be hugely appreciated. At this point, I’m looking for a clean way to make this work reliably before I refactor again. Thanks
tadams9145
Aug 14, 2025 Place Technical Forum
69Views
0likes
1Comment
F5 Open telemetry issue
Hi all, we have the issue with TS on f5, we installed TS package, set up declaration but when we are checking f5 url/telemetry we dont see atribute which we should see in the attachment you can see the declaration we have used and posted on f5 expecting to see everything, but we see only some basic status, not eg: f5 pool active members, f5 pool availability we dont see any errors in /var/log/restnoded/restnoded.log and when we check url: localhost/mgmt/shared/telemetry/pullconsumer/metrics we see nothing useful. Any help would be appreciated.
Samuel_
Aug 14, 2025 Place Technical Forum
68Views
0likes
1Comment
The children pool members are down
Hello, I am new with F5. When configured F5 to load balancing traffic with SSL feature for Azure VMs, we use Azure load balancer as interface which will receive all traffic from Internet then distribute to F5 and Web backend server. After created Virtual server, Pool and Node in F5, also enabled Azure NSG rules which allowed communicate between F5 and Web backend, the pool shows that the children pool members are down. By telnet from another VM to Web backend server, it is said that port service is working well. Not sure what did we miss with the configuration. Looking forward to your advice.
HanhTrinh
Aug 11, 2025 Place Technical Forum
91Views
0likes
3Comments
content-encoding response error
need help please! when i connect direct to a server i get response content-encoding as gzip however when i go to the server via a f5 virtual server no response header is received. do i need http compression file? how can i resolve any pointers would be great
mikey_webb
Jul 28, 2025 Place Technical Forum
393Views
0likes
2Comments
SSO Not working with RDP through Webtop
We have Published a Webtop in which a remote desktop is linked. When logging into the webtop the Remote Desktop requires an additional logon (same credentials) Once logging onto the Remote Desktop, published apps are displayed
Jeffrey_Paul_Br
Jul 22, 2025 Place Technical Forum
438Views
0likes
1Comment
REST API example change password
I need to change the password for admin and root accounts on our big-ip servers. I found this api end point but need more info on the parameters or a working example. https://clouddocs.f5.com/api/icontrol-rest/APIRef_tm_auth_password.html
lowone
Jul 16, 2025 Place Technical Forum
2.1KViews
0likes
4Comments
Need- F5 webserver for to setup own lab (not LAMP server in the partner portal)
Hi Team / Experts, Anyone please share me the F5 webserver(backend server) which is used to setup F5 official lab for training. I got lamp server from f5 partner portal, but i want to setup same F5 training lab in my home to prepare and practice with F5 official training material. It would be more helpful if anyone guided me or share me those official lab setup with webserver(backend server). Thanks, RK
RKRam
Jul 06, 2025 Place Technical Forum
2.1KViews
0likes
10Comments