Applies To:

Show Versions Show Versions

Archived Manual Chapter: BIG-IP Installation guide v3.3: Working with the First-Time Boot Utility
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

This article has been archived, and is no longer maintained.



3

Working with the First-Time Boot Utility



The First-Time Boot utility

The First-Time Boot utility is a wizard that walks you through a brief series of required configuration tasks, such as defining a root password, and configuring IP addresses for the interfaces. Once you complete the First-Time Boot utility, you can connect to the BIG-IP Controller from a remote workstation and begin configuring your load balancing setup.

The First-Time Boot utility is organized into three phases: configure, confirm, and commit. Each phase guides you through a series of screens, presenting the information in the following order:

  • Root password
  • Host name
  • Default route (typically a router's IP address)
  • Time zone
  • DNS forwarding proxy
  • Interface settings for each network interface
  • Configuration for BIG-IP Controller redundant systems (fail-over IP address)
  • IP address for remote administration
  • Settings for the web server on the BIG-IP Controller

First, you configure all of the required information. Next, you have the opportunity to confirm each individual setting or correct it if necessary. Last, your confirmed settings are committed and saved to the system. Note that the screens you see are tailored to the specific hardware and software configuration that you have. If you have a stand-alone system, for example, the First-Time Boot utility skips the redundant system screens.

Gathering the information

Before you run the First-Time Boot utility on a specific BIG-IP Controller, you should have the following information ready to enter:

  • Passwords for the terminal login and for the BIG-IP web server
  • Host names for the terminal login and for the BIG-IP web server
  • A default route (typically a router's IP address)
  • Settings for the network interfaces, including IP addresses, media type, and optionally a custom netmask and broadcast addresses
  • Configuration information for redundant systems, including an IP alias for the shared address, and the IP address of the corresponding unit
  • The IP address or IP address range for remote administrative connections

Starting the First-Time Boot utility

The First-Time Boot utility starts automatically when you turn on the BIG-IP Controller (the power switch is located on the front of the BIG-IP Controller). The first screen the BIG-IP Controller displays is the License Agreement screen. You must scroll through the screen, read it, and accept the agreement before you can move to the next screen. If you agree to the license statement, the next screen you see is the Welcome screen. From this screen, simply press any key on the keyboard to start the First-Time Boot utility, and then follow the instructions on the subsequent screens to complete the process.

Note: You can re-run the First-Time Boot utility after you run it for initial configuration. To re-run the First-Time Boot utility, type config on the command line.

Defining a root password

A root password allows you command line administrative access to the BIG-IP Controller system. The password must contain a minimum of 6 characters, but no more than 32 characters. Passwords are case-sensitive, and we recommend that your password contain a combination of upper- and lower-case characters, as well as numbers and punctuation characters. Once you enter a password, the First-Time Boot utility prompts you to confirm your root password by typing it again. If the two passwords match, your password is immediately saved. If the two passwords do not match, the First-Time Boot utility provides an error message and prompts you to re-enter your password.

Warning: The root password is the only setting that is saved immediately, rather than confirmed and committed at the end of the First-Time Boot utility process. You cannot change the root password until the First-Time Boot utility completes and you reboot the BIG-IP Controller (see the BIG-IP Controller Administration Guide, Monitoring and Administration). Note that you can change other system settings when the First-Time Boot utility prompts you to confirm your configuration settings.

Defining a host name

The host name identifies the BIG-IP Controller itself. Host names must start with a letter, and must be at least two characters. They may contain numbers, letters, and the symbol for dash ( - ). There are no additional restrictions on host names, other than those imposed by your own network requirements.

Configuring a default route

If a BIG-IP Controller does not have a predefined route for network traffic, the controller automatically sends traffic to the IP address that you define as the default route. Typically, a default route is set to a router's IP address.

Configuring a time zone

Next, you need to specify your time zone. This ensures that the clock for the BIG-IP Controller is set correctly, and that dates and times recorded in log files correspond to the time zone of the system administrator. Scroll through the list to find the time zone at your location. Note that one option may appear with multiple names. Select the time zone you want to use, and press the Enter key to continue.

Configuring the DNS forwarding proxy settings

You only need to complete this step if you want machines inside your BIG-IP managed network to use DNS servers outside of that network (e.g., for reverse DNS lookup from a web server).

Specify the DNS name server and domain name for DNS proxy forwarding by the BIG-IP Controller.

Configuring the interfaces

On the Configure BIG-IP Interfaces screen, select Yes if you have a redundant system.

Selecting a unit ID

If you are configuring a redundant system, the First-Time Boot utility prompts you to provide a unit ID and the IP address for fail-over for the BIG-IP Controller. The default unit ID number is 1. If this is the first controller in the redundant system, use the default. When you configure the second controller in the system, type 2. These unit IDs are used for active-active redundant controller configuration.

Choosing a fail-over IP address

If you are configuring a redundant system, after you type in a unit number, the First-Time Boot utility prompts you to provide an IP address for fail-over. Type in the IP address configured on the internal interface of the other BIG-IP Controller.

Configuring internal and external interfaces

We recommend that you configure at least one external interface, and at least one internal interface on each controller. The external interface is the one on which the BIG-IP Controller receives connection requests. The internal interface is the one that is connected to the network of servers, firewalls, or other equipment that the BIG-IP Controller load balances. The utility prompts you for each interface, and asks you to provide the IP address, netmask, broadcast address, and the interface media type. With this release of the BIG-IP Controller, the concept of interfaces as internal and external is changing. You can now choose each attribute you want to assign to an interface. In effect, this means that you can configure one interface with the properties of both an internal and external interface. Table 3.1 shows the attributes that determine the way an interface handles connections.

Attributes of internal and external interfaces
Interface type Attributes
Internal Process source addresses
Administrative ports open
External Process destination addresses
Administrative ports locked

Note: After you complete the First-Time Boot utility, you can change the individual attributes of an interface. For information about changing interface attributes, see the Reference Guide.

If you have a redundant system, the First-Time Boot utility prompts you to provide the IP address that serves as an alias for both BIG-IP Controllers. The IP alias is shared between the units, and is used by active controllers. Each unit also uses unique internal and external IP addresses. The First-Time Boot utility guides you through configuring the interfaces, based on your hardware configuration.

We recommend that you set the internal alias as the default route for the node servers. Note that for each IP address or alias that you assign to an interface, you have the option of assigning a custom netmask and broadcast address as well.

Configuring an interface for the external network

The Select Interfaces screen shows a list of the installed interfaces. Select the one you want to use for the external network, and press the Enter key.

Note: The IP address of the external network interface is not the IP address of your site or sites. The IP addresses of the sites themselves are specified by the virtual IP addresses associated with each virtual server you configure.

Warning: The configuration utility lists only the network interface devices that it detects during boot up. If the utility lists only one interface device, the network adapter may have come loose during shipping. Check the LED indicators on the network adapters to ensure that they are working and are connected.

Once you select the interface, the utility prompts you for the following information, in many cases offering you a default:

  • IP address
  • Netmask
    Note that the BIG-IP Controller uses a default netmask appropriate to the subnetwork indicated by the IP address.
  • Broadcast address
    The default broadcast address is a combination of the IP address and the netmask.
  • Shared IP alias (redundant systems only)
    The external IP alias associated with each unit's external interface
  • Shared IP alias netmask (redundant systems only)
  • Shared IP alias broadcast address (redundant systems only)
  • Media type for Interface
    The media type options depend on the network interface card included in your hardware configuration. The BIG-IP Controller supports the following types:
    • auto
    • 10baseT
    • 10baseT,FDX
    • 100baseTX
    • 100baseTX,FDX
    • FDDI
    • Gigabit Ethernet

    If you are configuring a BIG-IP Controller that has more than two network interface cards installed, the First-Time Boot utility prompts you to configure more external interfaces. When you complete the configuration of an interface, you return to the Interface Configuration screen and repeat the steps described above.

Tip: We recommend that you configure at least one internal interface.

Configuring an interface for the internal network

When you configure the interface that connects the BIG-IP Controller to the internal network (the servers and other network devices that sit behind the BIG-IP Controller), the First-Time Boot utility prompts you for the following information:

  • IP address
  • Netmask
    Note that the BIG-IP Controller uses a default netmask appropriate to the subnetwork indicated by the IP address.
  • Broadcast address
    The default broadcast address is a combination of the IP address and the netmask.
  • Shared IP alias (redundant systems only)
    An IP alias associated with each unit's internal interface
  • Shared IP alias netmask (redundant systems only)
  • Shared IP alias broadcast address (redundant systems only)
  • Media type for Interface
    The media type options depend on the network interface card included in your hardware configuration. The BIG-IP Controller supports the following types:
    • auto
    • 10baseT
    • 10baseT,FDX
    • 100baseTX
    • 100baseTX,FDX
    • FDDI
    • Gigabit Ethernet

Note:We recommend that you set the default route of each network device behind the BIG-IP redundant system to the internal IP alias of the BIG-IP Controllers. This guarantees that the network devices always communicate with an active BIG-IP Controller in the redundant system.

If you configure more than one internal interface on a redundant system, the First-Time Boot utility prompts you to choose one as the primary internal interface. The interface you choose as the primary internal interface is used for exchanging network based fail-over and state fail-over information with the other controller in a redundant system.

Configuring remote administration

On most BIG-IP Controllers, the first screen you see is the Configure SSH screen, which prompts you to type an IP address for SSH command line access. If SSH is not available, you are prompted to configure access through Telnet and FTP instead.

When you configure shell access, the First-Time Boot utility prompts you to create a support account for that method. You can use this support account to provide an F5 Networks engineer access to the BIG-IP Controller.

When the First-Time Boot utility prompts you to enter an IP address for administration, you can type a single IP address or a range of IP addresses, from which the BIG-IP Controller will accept administrative connections (either remote shell connections, or connections to the BIG-IP web server). To specify a range of IP addresses, you can use the asterisk (*) as a wildcard character in the IP addresses.

The following example allows remote administration from all hosts on the 192.168.2 network:

  192.168.2.*

Tip: In order to use the configuration synchronization feature for redundant units, you must configure the BIG-IP Controller for command line access.

Note: For administration purposes, you can connect to the BIG-IP Controller IP alias, which always connects you to an active controller. To connect to a specific controller, simply connect directly to the IP address of that BIG-IP Controller.

Configuring settings for the BIG-IP web server

The BIG-IP web server requires you to define a fully qualified domain name (FQDN) for the server on each interface. The BIG-IP web server configuration also requires that you define a user ID and password. If SSL is available, the configuration also generates authentication certificates.

The First-Time Boot utility guides you through a series of screens to set up web server access.

  • The first screen prompts you to select the interface you want to configure for web access. After you select an interface to configure, the utility prompts you to type a fully qualified domain name (FQDN) for the interface. You can configure web access on one or more interfaces.
  • After you configure the interface, the utility prompts you for a user name and password. After you type a user name and password, the utility prompts you for a vendor support account. The vendor support account is not required.
  • The certification screen prompts you for country, state, city, company, and division.

    Once you have completed this screen, the First-Time Boot utility moves into the confirmation phase.

Warning: If you ever change the IP addresses or host names on the BIG-IP Controller interfaces, you must reconfigure the BIG-IP web server to reflect your new settings. You can run the re-configuration utility from the command line using the following command:

  reconfig-httpd

You can also add users to the existing password file, change a password for an existing user, or recreate the password file, without actually going through the BIG-IP web server configuration process. For more information, see the BIG-IP Controller Reference Guide, BIG-IP Controller Configuration Utilities.

Warning: If you have modified the BIG-IP web server configuration outside of the configuration utility, be aware that some changes may be lost when you run the reconfig-httpd utility. This utility overwrites the httpd.conf file, and several other files, but it does warn you before doing so.

Confirming your configuration settings

At this point, you have entered all the configuration information, and now you simply have to confirm each setting. Each confirmation screen displays a setting, and prompts you to accept or re-enter it. If you choose to edit it, the utility displays the same configuration screen in which you defined the setting the first time. When you finish editing the item, you return directly to the Confirmation screen for that item, and continue the confirmation process. Note that once you accept a setting in the Confirmation screen, you do not have another opportunity to review it.

You confirm or edit the settings in the same order that you configured them:

  • Confirm Host name
  • Confirm Default route
  • Confirm time zone
  • Confirm all interface settings
  • Confirm fail-over IP address, if necessary
  • Confirm administrative IP address
  • Confirm web server options

    Once you have confirmed the last setting, the First-Time Boot utility moves directly into the commit phase, where you are not able to make any changes.

Committing your configuration settings to the system

Once you confirm all of the configuration settings, the configuration utility saves the configuration settings. During this commit process, the First-Time Boot utility creates the following files and configuration database records:

  • An /etc/hosts.allow file
    This file stores the IP address, or IP address range, from which the BIG-IP Controller accepts administrative connections.
  • Interface entries in BIG/db
  • An /etc/bigip.conf file
  • An /etc/netstart file
  • An /etc/hosts file
  • An /etc/ethers file
  • A /var/f5/httpd/conf/httpd.conf file
  • An /etc/sshd_config file

    If you want to change any information in these files at a later time, you can edit the files directly, you can change the information in the web-based Configuration utility, or for certain settings, you can change them using command line utilities. If necessary, you can also re-run the First-Time Boot utility.

Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)