Thursday, April 30, 2015

f5 tmos commands

Log in to the Traffic Management Shell (tmsh) by entering the following command:
Tmsh
delete a partition

 To delete the VLAN named vlan-rd1234 that belongs to administrative partition named ResourceA, type the following command:
delete /net vlan /ResourceA/vlan-rd1234
Delete the affected route domain, using the following command syntax:
delete /net route-domain //

For example, to delete the affected route domain named rd1234 that belongs to administrative partition named ResourceA, type the following command:
delete /net route-domain /ResourceA/rd1234

Save the configuration using the following command:
save /sys config
Create a partition
create /auth

For example, to create a new administrative partition named ResourceA, type the following command:

create /auth partition ResourceA
Change tmsh path to the desired administrative partition, using the following command syntax:

cd /

For example, to change to the tmsh path to administrative partition named ResourceA, type the following command:

cd /ResourceA
Under the desired administrative partition created in Step 3, create the required VLAN, using the following command syntax:

create /net vlan interfaces add { } tag

For example, to create the VLAN named vlan-rd1234 with network interface 1.1 and tag it with a VLAN ID 1234, type the following command:

create /net vlan vlan-rd1234 interfaces add { 1.1 } tag 1234
Create the required route-domain and add the VLAN created in Step 4, using the following command syntax:

create /net route-domain { id vlans add { } }

For example, to create the route-domain named rd1234 with ID value 1234 and add the VLAN vlan-rd1234 as a member to the route-domain, type the following command:

create /net route-domain rd1234 { id 1234 vlans add { vlan-rd1234 } }
Set the route domain created in Step 5 as the Partition Default Route Domain, using the following command syntax:

modify /auth partition default-route-domain

For example, to set the partition named ResourceA to use route domain ID 1234 as the partition default route domain, type the following command:

modify /auth partition ResourceA default-route-domain 1234
Create the desired self IP address with the VLAN create in Step 4, using the following command syntax:

create /net self / vlan

For example, to create a self IP address of 10.0.0.100 with netmask 255.255.255.0 with the VLAN vlan-rd1234, type the following command:

create /net self 10.0.0.100/255.255.255.0 vlan vlan-rd1234
Continue to create any additional required self IP addresses.
Save the configuration, using the following command:

save /sys config

Change to the top-level administrative partition using the following command:
cd /
List the self IP address that is currently configured in the BIG-IP system, by typing the following command:
list /net self recursive
Create  VLAN
To create a VLAN on an untagged interface, use the following command syntax:

create net vlan interfaces add { }

For example:

create net vlan test-vlan interfaces add { 1.1 }
Save the change by typing the following command:

save /sys config
You can view the BIG-IP systems VLAN configuration by typing the following command:

show net vlan
Modifying the untagged interface associated with an existing VLAN

Impact of procedure: The impact of this procedure depends on the specific environment. F5 recommends testing any changes during a maintenance window, with consideration to the possible impact on your specific environment.

Log in to the Traffic Management Shell (tmsh) by typing the following command:

tmsh
To modify the untagged interface for a VLAN, use the following command syntax:

modify net vlan interfaces replace-all-with { }

For example:

modify net vlan test-vlan interfaces replace-all-with { 1.3 }
Save the change by typing the following command:

save /sys config
You can view the BIG-IP systems VLAN configuration by typing the following command:

show net vlan
Creating a VLAN with a tagged interface

Impact of procedure: The impact of this procedure depends on the specific environment. F5 recommends testing any changes during a maintenance window, with consideration to the possible impact on your specific environment.
Log in to the Traffic Management Shell (tmsh) by typing the following command:
tmsh
To create a VLAN with a tagged interface, use the following command syntax:
create net vlan interfaces add { { tagged }} tag
For example:
create net vlan test-vlan interfaces add { 1.1 { tagged }} tag 4093
Save the change by typing the following command:
save /sys config
You can view the BIG-IP systems VLAN configuration by typing the following command:
show net vlan
Modifying a VLAN to be associated with another tagged interface

Impact of procedure: The impact of this procedure depends on the specific environment. F5 recommends testing any changes during a maintenance window, with consideration to the possible impact on your specific environment.

To modify the VLAN associated with an existing tagged interface, use the following command syntax:

modify net vlan interfaces replace-all-with { { tagged }} tag

For example:

tmsh modify net vlan test-vlan interfaces replace-all-with { 1.3 { tagged }} tag 4093
Save the change by typing the following command:

save /sys config
You can view the BIG-IP systems VLAN configuration by typing the following command:

show net vlan
Modifying the VLAN tag number on an existing tagged interface

Impact of procedure: The impact of this procedure depends on the specific environment. F5 recommends testing any changes during a maintenance window, with consideration to the possible impact on your specific environment.

Log in to the Traffic Management Shell (tmsh) by typing the following command:

tmsh
To modify the VLAN tag number on an existing tagged interface, use the following command syntax:

modify net vlan tag

For example:

modify net vlan test-vlan tag 4092
Save the change by typing the following command:

save /sys config
You can view the BIG-IP systems VLAN configuration by typing the following command:

show net vlan
list ltm rule UDP_TUNNEL_DISCOVER_NODE to show IRule
run util bash to change to bash 
show sys connection cs-client-addr 10.30.164.xxx%338 all-properties
show net arp for mac-address
List auth partition/user/
modify ltm node POLICY-03 state user-down
cd /PARTITION
show sys connection | grep 10.30.xxx.1
list ltm rule [[partition name]]
list ltm node/node monitor/pool/pool members
ping 172.16.38.11%338
tcpdump -ni 0.0 host 172.yy.xx.11
tcpdump -ni 0.0:p dst host 172.xx.yy.20
tcpdump  -ni  /partiotin name/vlan name host 172.xx.xx.14

show ltm persistence persist-records client-addr 172.16.xxx.yyy
show ltm persistence persist-records
delete ltm persistence persist-records NAME
list net vlan/route/route-domain/self
show net arp/
show ltm node/pool/rule/policy/snat/snat-translation/virtual/virtual-address
/ect/init.d/ntpd dtop or start
TMM Traffic manager micro cirnal
tail -f  /var/log/ltm 
run cm config-sync to-group F5_HA
show ltm pool http_ACTIVE detail
show net route static/dynamic
show net arp | grep MAC ADDRESS

list ltm data-group
run util bash
PROD_F5_BACKUP
save /sys ucs backup.ucs
y
run util bash
SCP file transfer:
scp -P 22 /var/local/ucs/backip.ucs Guest@ftpserver:/${NodeCaption}-${Date}-${Time}.ucs
run util bash
cd /var/local/ucs
 SCP :
scp -P 22 cs_backup.ucs Guest@ftp server:/

show interfaces | include line_protocol|input_rate|output_rate

 create VIP
create ltm virtual XIPLINK_AC2_VIP6 destination 172.16.13.212:any ip-protocol udp persist replace-all-with {  STICKY_MASK24 } pool  XS-03 source 0.0.0.0/0 VLANS ADd {  XIPLINK_CLIENT  } vlans-enabled

Add monitor to pool
modify ltm pool XS-03 monitor



CREATE LTM NODE
create ltm node PIL_VM_trest_91 address 172.17.x.x
create ltm node PIL_VM_trest_92 address 172.7.x.x
create ltm pool trest members add {PIL_VM_trest_91:any PIL_VM_trest_92:any }
create ltm virtual trest POOl trest destination 172.x.x.x.30:any source 0.0.0.0/0 vlans-enabled vlans add { trest_CLIENT_522 } ip-protocol tcp
modify ltm pool trest members none
show sys connection cs-client-addr 10.x.x.85%338


Turn off pop notifications in chrome browser from major news outlets

 On Chrome browser, go to settings select privacy and security select site settings select Java Script Select Don't allow sites to use J...