Friday 27 May 2016

Base Configuring an F5 Big-IP with LTM Module Device

You can get a trial of the F5 Big-IP device from their website, it provides a full Big-IP device (with the LTM module) for up to 90 days from the date of activation. I am looking to load balance Exchange 2016 and VMware View through a pair of Big-IP's with the LTM module so I thought I would spin it up and get it working in my lab prior to doing it for real. The Big-IP is much like Citrix NetScaler in the sense that it's an Application Delivery Controller, therefore many of the concepts are the same. I am using VMware Workstation, the Virtual Appliance is available for VMware, Citrix and Hyper-V. I have found the OVA hardware spec is a little low, the box seems to be pretty slow if you leave it at 2Gb of memory, I would recommend upping it to 4Gb.
Import the OVA into either vSphere or VMware Workstation.
Configure the Network Interfaces
·        vmnet0 - bridged (mgmt)
·        vmnet1 - host only (int)
·        vmnet2 - host only (ext)
·        vmnet 3 - host only (ha)
Your network topology could of course be different, I am choosing to build a topology close to the one I will be deploying the devices into in live. Obviously if you are deploying physical appliances instead of putting interfaces on to logical networks in VMware, you would have each of your interfaces in the corresponding VLAN's.
The default credentials for the vAppliance are root/default.

Type "config" at the initial prompt to launch the initial configuration utility. You can use native Linux commands such as ifconfig to set the mgmt address etc, but this way is easier.

In VMware I have found that the F5 sometimes screws up the order of the vnic's that are attached to the VM. Therefore I would recommend attaching a single vnic to the appliance, configuring your mgmt address then attaching the other vnics when you know what interface the F5 is interpreting as it's mgmt interface.

If you are having issues with the order of your network interfaces use the netstat -i to display all the physical interfaces that F5 has. In F5 TMOS mgmt IP's are also known as Self IP's, these are the much like NSIP's on the NetScaler platform.
The web interface has a different set of credentials admin/admin out of the box.

Before you can do anything you have to license the F5. Under Setup Utility and click Next.

Select the method of activation that suits you best. My F5 did not have a route to the Internet at this stage so I opted for the manual method. The Registration Key is the code F5 provide to you within an e-mail at the time you download a trial.

After a minute of so the verification will complete and you are free to start configuring some of the F5 features. The trial license comes with the Local Traffic (LTM) and Application Visibility and Reporting modules.

After bouncing my F5 a couple of times I started getting this when I logged in via the web interface "The Big-IP system has encountered a configuration problem that may prevent the configuration utility from functioning properly". I never managed to work out why, other that the F5 was shut down incorrectly. I just re provisioned another F5 device.