LTM

19056 Topics

Viprion F5 sending logs to Qradar need the slot number removed
when sending the log to qradar it comes up in the format of slot/hostname <132>Aug 11 15:27:37 slot1/testf502 warning tmm[11723]: 01260026:4: No shared ciphers between SSL peers 185.181.102.18.56372:192.168.10.156.443. looking to remove the slot from the log entry before sending to qradar to allow for better sorting.
tbriscoe_90614
Nov 20, 2024 Place Technical Forum
959Views
0likes
7Comments
BIG-IP Report
Problem this snippet solves: Overview This is a script which will generate a report of the BIG-IP LTM configuration on all your load balancers making it easy to find information and get a comprehensive overview of virtual servers and pools connected to them. This information is used to relay information to NOC and developers to give them insight in where things are located and to be able to plan patching and deploys. I also use it myself as a quick way get information or gather data used as a foundation for RFC's, ie get a list of all external virtual servers without compression profiles. The script has been running on 13 pairs of load balancers, indexing over 1200 virtual servers for several years now and the report is widely used across the company and by many companies and governments across the world. It's easy to setup and use and only requires auditor (read-only) permissions on your devices. Demo/Preview Interactive demo http://loadbalancing.se/bigipreportdemo/ Screen shots The main report: The device overview: Certificate details: How to use this snippet: Installation instructions BigipReport REST This is the only branch we're updating since middle of 2020 and it supports 12.x and upwards (maybe even 11.6). Downloads: https://loadbalancing.se/downloads/bigipreport-v5.7.13.zip Documentation, installation instructions and troubleshooting:https://loadbalancing.se/bigipreport-rest/ Docker support https://loadbalancing.se/2021/01/05/running-bigipreport-on-docker/ Kubernetes support https://loadbalancing.se/2021/04/16/bigipreport-on-kubernetes/ BIG-IP Report (Legacy) Older version of the report that only runs on Windows and is depending on a Powershell plugin originally written by Joe Pruitt (F5) BIG-IP Report (only download this if you have v10 devices): https://loadbalancing.se/downloads/bigipreport-5.4.0-beta.zip iControl Snapin https://loadbalancing.se/downloads/f5-icontrol.zip Documentation and Installation Instructions https://loadbalancing.se/bigip-report/ Upgrade instructions Protect the report using APM and active directory Written by DevCentral member Shann_P: https://loadbalancing.se/2018/04/08/protecting-bigip-report-behind-an-apm-by-shannon-poole/ Got issues/problems/feedback? Still have issues? Drop a comment below. We usually reply quite fast. Any bugs found, issues detected or ideas contributed makes the report better for everyone, so it's always appreciated. --- Join us on Discord: https://discord.gg/7JJvPMYahA Code : BigIP Report Tested this on version: 12, 13, 14, 15, 16
Patrik_Jonsson
Nov 19, 2024 Place CodeShare
13KViews
20likes
96Comments
High CPU utilization (100%).
I observed high CPU utilization (100%) on F5 device, resource provision ASM nominal. I checked the client-side throughput and server-side throughput both are normal but found management interface throughput is very high and what i noticed this is happening in same time period for last 30 days. What could be the reason for this spike. Many thanks in advanced for your time and consideration.
Militza
Nov 18, 2024 Place Technical Forum
129Views
0likes
14Comments
NAT for specific IPs
Hi All, Looking for suggestions on how I can accomplish NAT for a couple of specific IPs, without NATting all the incoming traffic. My scenario is as following: source client ips 10.10.10.100 & 10.10.10.102 destination VS1(10.10.20.1.), load balancers to servers 10.10.10.10 & 10.10.10.20 (same subnet as the source address). I would like to NAT traffic from these client addresses to the floating IP 10.10.10.1, and all other client traffic no NAT is applied. I can't create a NAT Pool for 10.10.10.100 & 10.10.10.102 as they are members of pool for a different VS. Any ideas/suggestions on how I can accomplish this? I appreciate your assistance. Thanks Deena
Solved
Deena
Nov 14, 2024 Place Technical Forum
35Views
0likes
1Comment
VIP needed for many UDP ports
Greetings, I have been asked to create an F5 solution for UDP. There a dozen or so ports, so I was going to make a pool for each (same servers are in all of them, but listening on different ports) My plan was to make 1 VIP listening on port 0 and have a policy look at the requested UDP port to send to the correct pool. Trouble is, at least in my version of LTM 13.1.5 UDP port match is not an option. TCP is there... My question , will I be able to do this in a newer version of LTM? Or will an Irule work for this ? Thanks,
Solved
JD_Tomzak
Nov 14, 2024 Place Technical Forum
47Views
0likes
2Comments
Alert Mail when virtual server down trubleshooting
I use this script on /config/user_alert.conf alert VIRTUAL_SERVER_DOWN "/Common/gslb_test_vs has become unavailable" { snmptrap OID=".1.3.8.1.4.1.3475.2.4.0.500" } alert BIGIP_TMM_TMMERR_LAST_PMBR_DOWN { snmptrap OID=".1.3.8.1.4.1.3475.2.4.0.500"; email toaddress="netinfra@example.com" fromaddress="root" body="Virtual Server Down" } But when I capture the packet here to_address(postmaster@hostname.example.com) is showing. I am expecting here:netinfra@example.com 10.10.10.208 10.10.10.225 SMTP 145 C: HELO hostname.example.com 10.10.10.225 10.10.10.208 SMTP 157 S: 250 mailserver.example.com Hello [192.168.1.208] 10.10.10.208 10.10.10.225 SMTP 157 C: MAIL FROM:<root@hostname.example.com> 10.10.10.225 10.10.10.208 SMTP 124 S: 250 2.1.0 Sender OK 10.10.10.208 10.10.10.225 SMTP 161 C: RCPT TO:<postmaster@hostname.example.com> 10.10.10.225 10.10.10.208 SMTP 170 S: 550 5.7.54 SMTP; Unable to relay recipient in non-accepted domain netinfra@example.com is our group mail. Is there anyone face this issue and how can I solve this issue. Thanks in advance :)
Emon_423837
Nov 12, 2024 Place Technical Forum
55Views
0likes
3Comments
How to disable RC4 Cipher on SSL
Hi team, Can you help us to disable RC4 Cipher on SSL. Big-IP Version 11.5 Thanks! Goldz
Goldz_180077
Nov 12, 2024 Place Technical Forum
794Views
0likes
8Comments
HSTS is not working.
Hi there, We have one irule is configured on VIP which is redirecting to maintenance page if user access the wrong url on that page HSTS is not working but if we access the right url then HSTS is working. We have enabled HSTS in http profile and that is attached to the same VIP with irule. Is there any way to enable HSTS on maintenance page or any remediation to fix that issue. if { $DEBUG } { log local0. "TEST - Source IP address: [IP::client_addr]" } switch -glob $uri_ext { "/httpfoo*" {set uri_int [string map {"/httpfoo" "/adapter_plain"} $uri_ext]} "/httptest*" {set uri_int [string map {"/httptest" "/adapter_plain"} $uri_ext]} default { HTTP::respond 200 content [ifile get ifile_service_unavailable_html] set OK 0 } } Many thanks in advance.
Solved
Militza
Nov 07, 2024 Place Technical Forum
103Views
0likes
1Comment
Unstable communication L2 and ARP
Hi, I have a very wired problem with one of our F5. This is a single armed partition, so the LB VS and pool members and everything is all on the same L2 network segment. The thing is, the pool memebers (four) are going down every other minute, and then come back after a while, maybe a few minutes. Digging into the issue, I found that I am not able to ping those nodes from the F5 tmsh when they are down, while I can ping them from my workstation just fine. Just the F5 looses communication for a reason. I checked the ARP table, and the entries for those hosts are in there with the right MAC address. However, when the problem occurs, as soon as I clear the ARP table entry for any of these hosts, I am immideately able to ping them again - for some minutes, then the ping dies again. Clearing the ARP again brings them back to life right away - and so on. As I said, I can see the correct ARP table entry when the ping is not working, so I dont get why clearing the ARP entry brings them back to life. All other communication to those hosts is just running fine, e.g. I run a RDP session from my workstation to them which just runs fine while they are not ping-able from the tmsh. Question is, whats up with the F5 it looses communication. I tried to add static ARP entries for those pool members as I am running out of ideas, but that didnt change anything. Also, we have the same set up in our dev environment, same F5, same versions, all the same, which just runs fine. Any help or ideas are appreciated, Tx&Greetings, Jo
Solved
jo123
Oct 29, 2024 Place Technical Forum
43Views
0likes
3Comments
Need iRule to block the traffic for specific URL
Hello Can somebody help on this please? I have LTM appliance &Virtual server 'https://www100.test.com' hosted. The requirement I have is to block all the traffic destinated to one of the application 'https://www100.test.com/ce' - is this something achievable by iRule If so do you have any idea on the iRule? Would appreciate somebody can help. Have seen this - https://support.f5.com/csp/article/K74012450 but that is looking too complex to me. Thanks
JamesB12
Oct 29, 2024 Place Technical Forum
2KViews
0likes
6Comments