Platform: https://racks.uninets.com
Lab Name: F5 LTM
Access full Palo Alto lab guide here: F5 LTM Workbook
Instructor-led Training – https://www.uninets.com/
Task
Explanation
Big ip 11050 platform
Front view
Big ip F5 is an network device that mainly manages and load balances the traffic for networking equipment such as servers, routers and firewalls. We generally deploy it to increase the reliability in our network. The BIG-IP system uses the following two network connection entry points:
Either the Traffic Management Microkernel (TMM) switch interfaces or the MGMT interface can provide administrative access to the BIG-IP system. However, F5 recommends that you use the management port.The TMM switch ports are the interfaces that the BIG-IP system uses to send and receive load-balanced traffic.
The system uses the MGMT interface to perform system management functions. The MGMT interface is intended for administrative traffic and cannot be used for load-balanced traffic.By default eth0 is is the management port of f5 device having and pre-configured ip address of 192.168.1.245/24
Configuration
Login to BGIP-1 (ip- 192.168.1.245) via ssh Open software putty. Select ssh as shown below:
In the hostname or ip address field type the ip address of bigip-1 192.168.1.245 And click on open.
Use credentials login as “ROOT” and password “DEFAULT”
login as: root
Using keyboard-interactive authentication.
Password:default
Last login: Mon Mar 27 05:06:32 2017 from 192.168.1.29
[root@BIGIP-1:NO LICENSE:Standalone] config #Change the hostname of bigip1 from default to BIGIP-1
BIGIP-1.NET
[root@BIGIP-1:NO LICENSE:Standalone] config #Verify and Change the default ip address of management port eth0 of bigip1 By default the eth0 has the preconfigured management ip address of 192.168.1.245/24. we can verify and change it by two method
bigip-1:
sys management-ip 192.168.1.245/24 {
description static-fallback
}
[root@BIGIP-1:NO LICENSE:Standalone] config # ifconfig eth0eth0 Link encap:EthernetHWaddr 00:50:12:00:02:00
inet addr:192.168.1.245 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::250:12ff:fe00:200/64 Scope:Link
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
———————————–
RX packets:14656 errors:0 dropped:0 overruns:0 frame:0
TX packets:435 errors:0 dropped:0 overruns:0
carrier:0 collisions:0 txqueuelen:1000
RX bytes:1618408 (1.5 MiB) TX bytes:24787 (24.2 KiB)
Changing the management ip address;
Give the command config we can add the ip address assign a mask and default
route [root@BIGIP-1:NO LICENSE:Standalone] config # config
Following window will appear and take the cursor to ok it will turn green and the press enter
After pressing enter the following window will occur: take the cursor to ok by using arrow key and press enter when the ok turns green Now following window will appear:
Now change the ip address from 192.168.1.245 to 172.16.10.1 and take the cursor to ok and press enter as shown
Now window will occur that will ask to configure netmask or subnet mask if want to change You can change but in this example we want to keep the mask same so just press enter on ok
Now it will ask create the default route or you can say the default gateway: Press enter on yes
now another window will open that will ask you to give the ip address of default-gateway
take the cursor to the ip and change it to 172.16.10.11 and press enter on ok.
another window will occur that will ask to save the setting or the changes you have made. Press enter on yes.
Note: Now you have successfully change the default management ip address, subnet mask and default-gateway of bigip-1.At this time you will lose the connectivity because you have change the management ip address through which you are accessing. And again, we have to take the ssh via new management ip address of the big-ip 1 that is 172.16.10.1
Again, it will ask for the username and password use the same values as earlier username –root and password as default
Verification:
eth0 Link encap:EthernetHWaddr 00:50:12:00:02:00
inet addr:172.16.10.1 Bcast:172.16.10.255 Mask:255.255.255.0
—————————————————————————
inet6 addr: fe80::250:12ff:fe00:200/64 Scope:Link
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:1340 errors:0 dropped:0 overruns:0 frame:0
TX packets:349 errors:0 dropped:0 overruns:0
carrier:0 collisions:0 txqueuelen:1000
RX bytes:113397 (110.7 KiB) TX bytes:133187 (130.0 KiB) [root@BIGIP-1:NO LICENSE:Standalone]
config # tmsh /list /sys management-ip sys management-ip
sys management-ip 172.16.10.1/24 {
{ description configured-statically }
Changing the ip address using tmsh-Go into the tmshell by typing tmsh-
(cfg-sync Standalone)(NO LICENSE)(/Common)(tmos)#
create sys management-ip 172.16.10.1/24
Note: while changing the management-ip via tmsh as above a following error message willcome and that is because dhcp is enable and it will ask you to disable the dhcp first.
ERROR:
01071635:3: /Common/management-ip: Conflicting configuration. Management-ip can’t be deleted manually while DHCP is enabled. Within tmsh run ‘modify sys global-settings mgmt-dhcp disabled’ before manually changing the management-ip.
Disabling the dhcp service on bigip-2 via following command
root@(BIGIP-2)(cfg-sync Standalone)(NO LICENSE)(/Common)(tmos)#modify sys global-settings mgmt-dhcp disabled
now it will accept the ip address without any error message
root@(BIGIP-2)(cfg-sync Standalone)(NO LICENSE)(/Common)(tmos)# create sys management-ip172.16.10.1/24