Applies To:

Show Versions Show Versions

Manual Chapter: BIG-IP Network and System Management Guide v9.0.x: Introducing BIG-IP Network and System Management
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>


1

Introducing BIG-IP Network and System Management


Introducing the BIG-IP system

BIG-IP system is a port-based, multilayer switch. Using a BIG-IP system means that you can reduce the need for routers and IP routing by managing traffic at the data-link layer (layer 2). This in turn reduces equipment costs and boosts overall network performance. At the same time, the BIG-IP system's multilayer capabilities allow the system to process traffic at other OSI layers when it is advantageous to do so. The BIG-IP can perform IP routing at layer 3 when needed, as well as manage TCP and application traffic at layers 4 and 7.

Overview of BIG-IP network management features

The BIG-IP system consists of several fundamental network components that you can configure in the way that best utilizes BIG-IP system capabilities.

Interfaces, spanning tree protocols, and trunks

A BIG-IP system has either four, eight, or sixteen interfaces for switching or routing traffic from various hosts or other devices on the network. Interfaces are the hardware ports that the BIG-IP system uses to send and receive traffic. For more information, see Chapter 5, Working with Interfaces .

When you connect multiple switches to the BIG-IP system in parallel, you can configure your hosts to make use of spanning tree protocols. Spanning tree protocols provide path redundancy while preventing unwanted loops in the network. You can view spanning tree instances, configure global spanning tree options, and configure spanning tree settings for each interface. For optimal performance, you can use spanning tree protocols in conjunction with the trunks feature. For more information, see Chapter 9, Configuring Spanning Tree Protocols .

Trunks are a feature you can use to aggregate your links. When you create trunks, you group interfaces together to function as one larger interface and to provide redundancy if one interface in the trunk becomes unavailable. When that occurs, traffic can be processed on another interface in the trunk. For more information, see Chapter 8, Working with Trunks .

VLANs and self IP addresses

A virtual local area network, or VLAN, is a logical collection of hosts on the network. Each VLAN has one or more BIG-IP system interfaces associated with it. VLANs have these primary advantages:

  • VLANs define boundaries for a broadcast domains.
    Traditionally, network administrators have deployed routers within the same IP network, to define smaller broadcast boundaries. A better solution is to use VLANs. When a host in a VLAN sends a broadcast message to find the MAC address of a destination host, the message is sent to only those hosts in the VLAN. Using VLANs to control the boundaries of broadcast domains prevents messages from flooding the network, thus enhancing network performance.
  • VLANs ease system and network maintenance
    Normally, the way to enable hosts to share network resources, such as storage devices and printers, has been to group hosts into the same physical location. Continually moving and re-cabling hosts to other locations on the network, as well as manually updating routing tables, can be a costly and time-consuming task for a system or network administrator. Using VLANs, you can avoid these problems. All hosts that you group within a VLAN can share network resources, regardless of their physical location on the network.

To enhance performance and flexibility, the BIG-IP system comes with two existing virtual local area networks (VLANs), one for your external network, and one for your internal network. Each of these VLANs has a BIG-IP system interface already assigned to it. You can use these two VLANs as is, you can assign additional interfaces to these VLANs, or you can create more VLANs and assign interfaces to them, too. For more information, see Chapter 7, Configuring VLANs and VLAN Groups .

Each VLAN you create has its own self IP address. The BIG-IP system uses this address as the source IP address when sending requests to hosts in a VLAN, and hosts in a VLAN use this IP address as the destination IP address when sending responses to the BIG-IP system.

When you first ran the Setup utility, you assigned a self IP address to the internal VLAN, and another self IP address to the external VLAN. As you create other VLANs, you assign self IP addresses to them, too. Also, units of a redundant system can share a self IP address, to ensure that the BIG-IP system can process server responses successfully when failover has occurred. For more information, see Chapter 6, Configuring Self IP Addresses .

Overview of BIG-IP system management features

This guide addresses some of the system management options that are common to all BIG-IP systems. These options include creating and maintaining administrative user accounts, configuring System Network Management Protocol (SNMP), and configuring and maintaining redundant systems.

You partially configure some of these options by running the Setup utility on the BIG-IP system. Once you have run the Setup utility, you can use the Configuration utility to complete the configuration of these options and to manage the BIG-IP system on an ongoing basis.

Liquid crystal display and lights-out management

Using the liquid crystal display (LCD), you can control the BIG-IP unit without attaching a serial or network cable.With the lights out management feature, you can remotely manage certain aspects of the operation of the hardware unit and the BIG-IP traffic management operating system in the event that the traffic management software becomes incapacitated. For more information, see Chapter 2, Operating the LCD Panel , and Chapter 3, Lights-Out Management .

User accounts

You can create or manage user accounts for BIG-IP system administrators. These accounts can reside either locally on the BIG-IP system, or remotely on a separate authentication server such as a Lightweight Directory Access Protocol (LDAP) server. You can also manage the three special user accounts root, admin, and support.

For each new user account that you create, you can assign a user role that defines the type and level of access granted to that user. The available user roles are: Administrator, Operator, Guest, and No Access.

The types of remote authentication servers that you can use to store user accounts for BIG-IP system administrators are: Active DirectoryTM servers, Lightweight Directory Access Protocol (LDAP) servers, and Remote Authentication Dial-in User Service (RADIUS) servers. For more information, see Chapter 10, Managing User Accounts .

System Network Management Protocol (SNMP)

System Network Management Protocol (SNMP) is an industry-standard protocol that allows you to manage the BIG-IP system remotely, along with other devices on the network. The BIG-IP system provides the SNMP agent and the MIB files that you need to manage the system remotely using SNMP. For more information, see Chapter 11, Configuring SNMP .

Redundant systems

To ensure high-availability of the BIG-IP system, you can set up a redundant-system configuration. Then, if one BIG-IP system becomes unavailable, another BIG-IP system can immediately take over to process the traffic.

When you first run the Setup utility on a BIG-IP system, you specify whether the system is a unit of a redundant pair. When you configure two BIG-IP systems to function as units of a redundant system, a process known as failover occurs when one of those units becomes unavailable for any reason. Failover ensures that the BIG-IP system can still process traffic when a unit is unavailable.

Every redundant system has a mode that you specify, either active/standby or active-active. If you choose active/standby mode and failover occurs later, then by default the standby unit becomes active, and remains active, until failover occurs again. If you choose active-active mode, the surviving unit begins processing connections targeted for the failed unit, while continuing to process its own connections. In this way, users experience no interruption in service in the event of system unavailability. For more information, see Chapter 12, Setting up a Redundant System .

Getting started

Before you use this guide, we recommend that you run the Setup utility on the BIG-IP system to configure basic network elements such as static and floating self IP addresses, interfaces, and VLANs, to name a few. After running the Setup utility, you can further customize your system by using the Configuration utility to configure local traffic management objects such as virtual servers, load balancing pools, and profiles. Finally, you can return to this guide to configure and maintain the features introduced in Introducing the BIG-IP system .

Before you use this guide, we recommend that you do the following:

  • Choose a configuration tool.
  • Familiarize yourself with additional resources such as product guides and online help.
  • Review the stylistic conventions that appear in this chapter.

Choosing a configuration tool

The BIG-IP system offers a browser-based utility for managing the BIG-IP system, and, as an alternative, various command line utilities. Note that all procedures in this guide describe how to manage the system using the browser-based utility.

The Configuration utility

The Configuration utility is a browser-based application that you use to configure and monitor the load balancing setup on the BIG-IP system. Once you complete the instructions for the Setup utility described in this guide, you can use the Configuration utility to perform additional configuration steps necessary for your chosen load balancing solution. In the Configuration utility, you can also monitor current system performance, and download administrative tools such as the SNMP MIBs or the SSH client. The Configuration utility requires Netscape Navigator version 4.7, or Microsoft Internet Explorer version 5.0 or 5.5.

Command-line utilities

In addition to using the Configuration utility, you can also manage the BIG-IP system using command-line utilities such as the bigpipe utilityTM. To monitor the BIG-IP system, you can use certain bigpipe commands, or you can use the bigtop™ utility, which provides real-time system monitoring. You can use the command line utilities directly on the BIG-IP system console, or you can run commands using a remote shell, such as the SSH client or a Telnet client. For more information on command-line utilities, see the online man pages.

Finding additional help and technical support resources

You can find additional technical information about this product in the following locations:

  • BIG-IP system product guides
    The AskF5 site offers PDF versions of these guides:
    • Platform Guide: 1500, 3400, 6400, and 6800
      This guide includes information about the BIG-IP unit. It also contains important environmental warnings.
    • Installation, Licensing, and Upgrades for BIG-IP Systems
      This guide includes information you need to initially install or upgrade the BIG-IP system.
    • Configuration Guide for Local Traffic Management
      This guide provides detailed step-by-step procedures for configuring the local traffic management system, using the browser-based Configuration utility.
    • System Management Guide (this guide)
      This guide provides concepts and detailed step-by-step procedures for maintaining certain parts of the BIG-IP system such as user accounts and SNMP, using the browser-based Configuration utility.
    • New and Updated Commands
      This guide provides information about various command-line utilities, such as the bigpipe utility, that you can use to configure and manage a BIG-IP system.
  • Online help
    In addition to the product guides, the following types of help are available online:
    • Online solutions
      Through our AskF5 Web site, you can view examples of common load balancing solutions. Before you begin installing the hardware, we recommend that you browse this site to find the load balancing solution that works best for you.
    • Online help screens
      The browser-based Configuration utility includes online help for each screen. Simply click the Help button.
    • man pages
      Individual bigpipe commands have online help, including command syntax and examples, in standard UNIX man page format. Simply type the command followed by the word help, and the BIG-IP system displays the syntax and usage associated with the command.

Understanding stylistic conventions

To help you easily identify and understand important information, all of our documentation uses the stylistic conventions described here.

Using the solution examples

All examples in this document use only private class IP addresses. When you set up the solutions we describe, you must use valid IP addresses suitable to your own network in place of our sample addresses.

Identifying new terms

To help you identify sections where a term is defined, the term itself is shown in bold italic text. For example, a floating IP address is an IP address assigned to a VLAN and shared between two computer systems.

Identifying references to objects, names, and commands

We apply bold text to a variety of items to help you easily pick them out of a block of text. These items include web addresses, IP addresses, utility names, and portions of commands, such as variables and keywords. For example, with the bigpipe self <ip_address> show command, you can specify a specific self IP address to show by specifying an IP address for the <ip_address> variable.

Identifying references to other documents

We use italic text to denote a reference to another document. In references where we provide the name of a book as well as a specific chapter or section in the book, we show the book name in bold, italic text, and the chapter/section name in italic text to help quickly differentiate the two. For example, you can find information about SNMP traps in the Network and System Management Guide, Appendix A, Troubleshooting SNMP Traps .

Identifying command syntax

We show complete commands in bold Courier text. Note that we do not include the corresponding screen prompt, unless the command is shown in a figure that depicts an entire command line screen. For example, the following command shows the configuration of the specified pool name:

bigpipe self <ip_address> show

or

b self <ip_Address> show

Table 1.1 explains additional special conventions used in command line syntax.

Table 1.1 Command line syntax conventions
Item in text Description
\
Indicates that the command continues on the following line, and that users should type the entire command without typing a line break.
< >
Identifies a user-defined parameter. For example, if the command has <your name>, type in your name, but do not include the brackets.
|
Separates parts of a command.
[]
Indicates that syntax inside the brackets is optional.
...
Indicates that you can type a series of items.


Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)