qkview: revealing pool members & pools
A qkview file, when uploaded to F5's iHealth website, can easily show the entire lists of virtual servers, pools and nodes. Question: Is there any easy / quick way (whether in iHealth website, or in the F5 device's GUI or CLI) to somehow show: 1. the entire lists of node(s) (that are pool members) per pool in a qkview file 2. the entire lists of pool(s) that are associated with each virtual server in a qkview file
Big IP FQDN Pool Member Resolution from /etc/hosts
Hi, I've added entries to the Big IP /etc/hosts file to map custom FQDNs to IP addresses (in an attempt to workaround the restriction of having LTM nodes with the same address). I then created an LTM Pool with a member using the custom FQDN hoping it would resolve to the IP address in the /etc/hosts file but unfortunately this is failing. The pool member is displaying the error "Unavailable (Enabled) - No records returned". Seems like the pool is only able to auto-populate via direct DNS queries. Is there any way to configure the Big IP to consult the /etc/hosts file first? Thanks
AS3 Monitoring multiple ports selectively
Hi, I have nodes listening on port 80, 81, 82, 83. the port 80 is mandatory and at least one out of the other 3 ports is mandatory. with manual configuration, I put the port 80 monitor at the node level and the other 3 ports at pool member level. with AS3, the node level monitoring does not exist. what are the other options given that all my deployments are based on AS3. thanks. OM
Pool round Robin not working with standard virtual server
I have a standard HTTPS virtual server configured with two nodes in the pool. There is no persistence setting enabled and the load balancing method is round robin. For some reason, after I browse to the site and establish a connection with a backend server in the pool, all my future requests go to the same server and it behaves in a way that indicates some persistence is enabled. For example, when I refresh my browser, open the site in a new browser, and open the site in an incognito browser, all my requests keep going to the same node. You can see below that I tried this multiple times and kept getting connected to one server and the number of connections on that server was increasing. According to my research, because there is no persistence profile setting, the load balancing method is round robin, and both servers are available and able to accept traffic, every time I refresh or open the site in a new tab or browser, I should be randomly assigned to a server for that connection via round robin load balancing. But this is not what I observe. Is there a reason that my virtual servers are showing persistence by default? Any ideas? Here are some images of my config:F5 Not sending traffic to Pool Members
Hello guys, I have an issue with our F5 devices, we have 2 devices in a cluster in an Active and standby state. we noticed the issue started about two weeks ago, the active F5 just stops sending traffic to the pool member behind the VS, we tried some couple of troubleshooting whenever this occurs we check the var/log/ltm and var/log/monitor logs for the pool affected but we cant see any stating a failure. we changed the health monitor and it is still the same. we can confirm that it is not the network because the other pools are working fine and checkup was done on the affected server to confirm all services and functions are working as should. Even after deleting and adding the pool member back to the pool, F5 doesn't send traffic to it. what i noticed is the statistics page show bits in without any bits outs also for packets Please what can cause this as it is an intermittent issue that occurs almost daily. we have to failover to the secondary device before F5 starts sending traffic out to pool member, this is a production issue as application server stops working(stops recieving traffic) until an administrator is able to do this.
Redirect to pool member based on URI with persistence
We are implementing Kronos 8 with SSL offloading on our LTM. The SSL offload options in Kronos forces all traffic through the LTM so our Kronos admin can no longer hit the application directly on the individual servers. To accomplish this I need to direct traffic directly to the pool member based on URI. I also need to append /wfc/logon to all URIs. I have built an iRule based on examples I have found here, but it doesn't work correctly. It lands on the initial logon page correctly, but after the logon doesn't persist to the pool member. Process I am trying to accomplish: http://kronos.xxx.edu/ap1 -> https://kronos.xxx.edu/wfc/logon on pool member 1 http://kronos.xxx.edu/ap2 -> https://kronos.xxx.edu/wfc/logon on pool member 2 http://kronos.xxx.edu/ -> https://kronos.xxx.edu/wfc/logon default LB for clients Allow server selection via uri when HTTP_REQUEST { if {[HTTP::uri] contains "ap1" } { HTTP::uri "/wfc/logon" pool Kronos member 192.168.1.121 80 } elseif {[HTTP::uri] contains "ap2"} { HTTP::uri "/wfc/logon" pool Kronos member 192.168.1.122 80 } elseif {[HTTP::uri] eq "/"} { HTTP::uri "/wfc/logon" pool Kronos } } Any suggestions are greatly appreciated.tmsh script modify pool member status
Hi, I am trying to modify pool member admin status via tmsh script using such command: tmsh::modify /ltm pool lamp_opi_pl members modify {lamp12_nd:http {session user-disabled}} but every time script is executed I've got such errors: pool-status.tcl: script failed to complete: can't eval proc: "script::run" members: required brace is missing "{" while executing "tmsh::modify /ltm pool "lamp_opi_pl" members modify {"lamp12_nd:http" {session user-disabled}}" (procedure "script::run" line 35) invoked from within "script::run" line:1 script did not successfully complete, status:1 What is wrong with my command? Is that not possible to change admin status for pool member in script? Piotr
Question on Priority Group Activation
Hi, I want to make my virtual server with 9 pool member automatically disabled when four of its pool member are down. Can I achieve this with below settings : 1. Put all the pool members to the same priority group for example 5 2. Under Priority Group Activation, I would select 6 viz., traffic should be processed by the pool members of group 5 till the pool have 6 minimum active members failing which the group shall not process the traffic. Now, as all the pool members belong to same priority group 5 and when PGA conditions fails would the virtual server would be down as there are no more pool members to accept the traffic ?? Please provide your inputs. Thanks, MSKDisable Multiple Pools Members At Once
Making a single rest call, has anyone been able to disable multiple pool members? I'm running into a problem where I want to only disable 2 of the 4 members, but every time I use the PATCH or PUT method, it wipes out the members that are not referenced in the JSON data. I should mention that I'm also using the latest version of iControlRest. Example: URL: https://myf5.foobar.com/mgmt/tm/ltm/pool/testpool/ Method: PATCH Current Pool Members: member1,member2,member3,member4 Data: { "members":[ {"name":"member1:80","state": "user-up", "session": "user-disabled"}, {"name":"member2:80","state": "user-up", "session": "user-disabled"} ] } Expected Result: Half of the pool members will be disabled (1 and 2), while the other half are enabled (3 and 4) Actual Result: Pool members 3 and 4 are wiped out and only 1 and 2 are showing as part of the pool.iRule for combination of FQDN pool member and route domains
I'm trying to configure an FQDN pool member for consuming a web service. The FQDN changes it's IP addreses resolution periodically. I configured the pool member inside its non-default Partition and Route Domain. That means the pool member is not in the default 'Common' partition and not in the default route domain '0'. As soon as I created the FQDN pool member, I noticed that the dynamically created node, created as a result of the FQDN resolution IP, was assigned the default route domain '0'. I opened a case with support to get some clarification on this and got the following response: "Unfortunately, Route domains are not supported with fqdn. We have logged in a Request For Enhancement, this, however, has no release date as of yet. 522465 RFE: Route domain support for FQDN nodes The most I can offer you is to request that this service request be added to that RFE. This will let our product development team that another customer is requesting this. Please let me know if you are interested in this." After doing some research I found the following iRules on Codeshare: https://devcentral.f5.com/s/articles/dynamic-ephemeral-node-fqdn-resolution-with-route-domains-with-dns-caching-irule-1148 https://devcentral.f5.com/s/question/0D51T00006j3E1I/fqdn-node-with-route-domains I've tried both iRules on versions 12.1.2 and 14.1.2, but am getting different TCL errors. Has anyone been able to get the combination of FQDN pool members with a non-default route domain?
