The First-Time Boot utility is a wizard that walks you through a brief series of required configuration tasks, such as defining a root password, and configuring IP addresses for the interfaces. Once you complete the First-Time Boot utility, you can connect to the BIG-IP Controller from a remote workstation and begin configuring your load balancing setup.
The First-Time Boot utility is organized into three phases: configure, confirm, and commit. Each phase guides you through a series of screens, presenting the information in the following order:
First, you configure all of the required information. Next, you have the opportunity to confirm each individual setting or correct it if necessary. Last, your confirmed settings are committed and saved to the system. Note that the screens you see are tailored to the specific hardware and software configuration that you have. If you have a stand-alone system, for example, the First-Time Boot utility skips the redundant system screens.
Before you run the First-Time Boot utility on a specific BIG-IP Controller, you should have the following information ready to enter:
The First-Time Boot utility starts automatically when you turn on the BIG-IP Controller (the power switch is located on the front of the BIG-IP Controller). The first screen the BIG-IP Controller displays is the License Agreement screen. You must scroll through the screen, read it, and accept the agreement before you can move to the next screen. If you agree to the license statement, the next screen you see is the Welcome screen. From this screen, simply press any key on the keyboard to start the First-Time Boot utility, and then follow the instructions on the subsequent screens to complete the process.
A root password allows you command line administrative access to the BIG-IP Controller system. The password must contain a minimum of 6 characters, but no more than 32 characters. Passwords are case-sensitive, and we recommend that your password contain a combination of upper- and lower-case characters, as well as numbers and punctuation characters. Once you enter a password, the First-Time Boot utility prompts you to confirm your root password by typing it again. If the two passwords match, your password is immediately saved. If the two passwords do not match, the First-Time Boot utility provides an error message and prompts you to re-enter your password.
Warning: The root password is the only setting that is saved immediately, rather than confirmed and committed at the end of the First-Time Boot utility process. You cannot change the root password until the First-Time Boot utility completes and you reboot the BIG-IP Controller (see the BIG-IP Controller Administration Guide, Monitoring and Administration). Note that you can change other system settings when the First-Time Boot utility prompts you to confirm your configuration settings.
The host name identifies the BIG-IP Controller itself. Host names must start with a letter, and must be at least two characters. They may contain numbers, letters, and the symbol for dash ( - ). There are no additional restrictions on host names, other than those imposed by your own network requirements.
If a BIG-IP Controller does not have a predefined route for network traffic, the controller automatically sends traffic to the IP address that you define as the default route. Typically, a default route is set to a router's IP address.
Next, you need to specify your time zone. This ensures that the clock for the BIG-IP Controller is set correctly, and that dates and times recorded in log files correspond to the time zone of the system administrator. Scroll through the list to find the time zone at your location. Note that one option may appear with multiple names. Select the time zone you want to use, and press the Enter key to continue.
You only need to complete this step if you want machines inside your BIG-IP managed network to use DNS servers outside of that network (e.g., for reverse DNS lookup from a web server).
Specify the DNS name server and domain name for DNS proxy forwarding by the BIG-IP Controller.
On the Configure BIG-IP Interfaces screen, select Yes if you have a redundant system.
If you are configuring a redundant system, the First-Time Boot utility prompts you to provide a unit ID and the IP address for fail-over for the BIG-IP Controller. The default unit ID number is 1. If this is the first controller in the redundant system, use the default. When you configure the second controller in the system, type 2. These unit IDs are used for active-active redundant controller configuration.
If you are configuring a redundant system, after you type in a unit number, the First-Time Boot utility prompts you to provide an IP address for fail-over. Type in the IP address configured on the internal interface of the other BIG-IP Controller.
We recommend that you configure at least one external interface, and at least one internal interface on each controller. The external interface is the one on which the BIG-IP Controller receives connection requests. The internal interface is the one that is connected to the network of servers, firewalls, or other equipment that the BIG-IP Controller load balances. The utility prompts you for each interface, and asks you to provide the IP address, netmask, broadcast address, and the interface media type. With this release of the BIG-IP Controller, the concept of interfaces as internal and external is changing. You can now choose each attribute you want to assign to an interface. In effect, this means that you can configure one interface with the properties of both an internal and external interface. Table 3.1 shows the attributes that determine the way an interface handles connections.
|Internal||Process source addresses
Administrative ports open
|External||Process destination addresses
Administrative ports locked
If you have a redundant system, the First-Time Boot utility prompts you to provide the IP address that serves as an alias for both BIG-IP Controllers. The IP alias is shared between the units, and is used by active controllers. Each unit also uses unique internal and external IP addresses. The First-Time Boot utility guides you through configuring the interfaces, based on your hardware configuration.
We recommend that you set the internal alias as the default route for the node servers. Note that for each IP address or alias that you assign to an interface, you have the option of assigning a custom netmask and broadcast address as well.
The Select Interfaces screen shows a list of the installed interfaces. Select the one you want to use for the external network, and press the Enter key.
Note: The IP address of the external network interface is not the IP address of your site or sites. The IP addresses of the sites themselves are specified by the virtual IP addresses associated with each virtual server you configure.
Warning: The configuration utility lists only the network interface devices that it detects during boot up. If the utility lists only one interface device, the network adapter may have come loose during shipping. Check the LED indicators on the network adapters to ensure that they are working and are connected.
Once you select the interface, the utility prompts you for the following information, in many cases offering you a default:
If you are configuring a BIG-IP Controller that has more than two network interface cards installed, the First-Time Boot utility prompts you to configure more external interfaces. When you complete the configuration of an interface, you return to the Interface Configuration screen and repeat the steps described above.
When you configure the interface that connects the BIG-IP Controller to the internal network (the servers and other network devices that sit behind the BIG-IP Controller), the First-Time Boot utility prompts you for the following information:
Note:We recommend that you set the default route of each network device behind the BIG-IP redundant system to the internal IP alias of the BIG-IP Controllers. This guarantees that the network devices always communicate with an active BIG-IP Controller in the redundant system.
If you configure more than one internal interface on a redundant system, the First-Time Boot utility prompts you to choose one as the primary internal interface. The interface you choose as the primary internal interface is used for exchanging network based fail-over and state fail-over information with the other controller in a redundant system.
On most BIG-IP Controllers, the first screen you see is the Configure SSH screen, which prompts you to type an IP address for SSH command line access. If SSH is not available, you are prompted to configure access through Telnet and FTP instead.
When you configure shell access, the First-Time Boot utility prompts you to create a support account for that method. You can use this support account to provide an F5 Networks engineer access to the BIG-IP Controller.
When the First-Time Boot utility prompts you to enter an IP address for administration, you can type a single IP address or a range of IP addresses, from which the BIG-IP Controller will accept administrative connections (either remote shell connections, or connections to the BIG-IP web server). To specify a range of IP addresses, you can use the asterisk (*) as a wildcard character in the IP addresses.
The following example allows remote administration from all hosts on the 192.168.2 network:
Note: For administration purposes, you can connect to the BIG-IP Controller IP alias, which always connects you to an active controller. To connect to a specific controller, simply connect directly to the IP address of that BIG-IP Controller.
The BIG-IP web server requires you to define a fully qualified domain name (FQDN) for the server on each interface. The BIG-IP web server configuration also requires that you define a user ID and password. If SSL is available, the configuration also generates authentication certificates.
The First-Time Boot utility guides you through a series of screens to set up web server access.
Once you have completed this screen, the First-Time Boot utility moves into the confirmation phase.
Warning: If you ever change the IP addresses or host names on the BIG-IP Controller interfaces, you must reconfigure the BIG-IP web server to reflect your new settings. You can run the re-configuration utility from the command line using the following command:
You can also add users to the existing password file, change a password for an existing user, or recreate the password file, without actually going through the BIG-IP web server configuration process. For more information, see the BIG-IP Controller Reference Guide, BIG-IP Controller Configuration Utilities.
Warning: If you have modified the BIG-IP web server configuration outside of the configuration utility, be aware that some changes may be lost when you run the reconfig-httpd utility. This utility overwrites the httpd.conf file, and several other files, but it does warn you before doing so.
At this point, you have entered all the configuration information, and now you simply have to confirm each setting. Each confirmation screen displays a setting, and prompts you to accept or re-enter it. If you choose to edit it, the utility displays the same configuration screen in which you defined the setting the first time. When you finish editing the item, you return directly to the Confirmation screen for that item, and continue the confirmation process. Note that once you accept a setting in the Confirmation screen, you do not have another opportunity to review it.
You confirm or edit the settings in the same order that you configured them:
Once you have confirmed the last setting, the First-Time Boot utility moves directly into the commit phase, where you are not able to make any changes.
Once you confirm all of the configuration settings, the configuration utility saves the configuration settings. During this commit process, the First-Time Boot utility creates the following files and configuration database records:
If you want to change any information in these files at a later time, you can edit the files directly, you can change the information in the web-based Configuration utility, or for certain settings, you can change them using command line utilities. If necessary, you can also re-run the First-Time Boot utility.