Applies To:

Show Versions Show Versions

Manual Chapter: BIG-IP® Network and System Management Guide version 9.2.3: Configuring BIG-IP System Services - 18
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>


Configuring BIG-IP System Services

Introducing BIG-IP System Services

The BIG-IP system includes several services that you can start or stop. Also known as daemons, services perform a variety of functions, such as handling messaging and configuration data, managing application traffic, and monitoring the health and performance of load balancing servers.

Services also log events. Thus, within the Configuration utility, some of the logging screens display, for each message, the service that reported the event. The logging screens that show service names are the System screen, the Packet Filters screen, and the Local Traffic screen.

You can think of services as belonging to two categories: core services, which start up when you boot the BIG-IP system and run continually, and optional services, which are not essential for basic operation. The tasks required to manage all of these services differ depending on whether the service is a core service or an optional service.


You must have an Administrator user role assigned to your user account to stop, start, or restart a service.

Managing core services

The BIG-IP system starts a number of services at boot time, and they remain running as long as the BIG-IP system is operational. Most of these services are essential to the basic operation of the system.

Summarizing the core services

A number of system services start up automatically when you boot the BIG-IP system. Table 18.1 lists the BIG-IP system services that start up at boot time, and indicates the impact to BIG-IP system operation if the service is not running:

Table 18.1 Core system services
Impact When Unavailable
Monitors error messages and triggers proper action.
Cannot send alerts to front panel; cannot send SNMP traps; cannot monitor and handle error messages.
Controls the BIG-IP switch hardware.
Cannot process switch traffic; LEDs, Link Aggregation Control Protocol (LACP) and spanning tree protocols (STP) cannot function..
Controls health monitoring.
Cannot monitor health or performance of network devices.
Provides initial BIgDBTM database values to the MCPD service and persists any database changes to the BigDB.dat file.
Cannot initialize MCPD service; cannot load or save BigDBTM database values.
Provides chassis monitoring and configuration, as well as other related functions.
Cannot perform platform identification, send platform information to MCPD service, or start SCCP services.
Runs scheduled commands.
Cannot run daily or weekly scripts.
Performs configuration synchronization for redundant systems.
Cannot perform configuration synchronization.
Handles front-panel display functions.
Cannot provide front panel data.
Provides HTTP web server functions.
Cannot provide Configuration utility or iControl.
Creates trunks based on the industry-standard Link Aggregation Control Protocol (LACP) and controls the Switchboard Fail-safe feature for redundant systems.
Cannot aggregate links.
Known as the Master Control Program, controls messaging and configuration.
Cannot manage traffic; cannot retrieve or update system status; users cannot reconfigure system; disables some of the other services.
Provides System Network Management Protocol (SNMP) functions. Also includes the two subagents rmondsnmpd and tmsnmpd.
Cannot perform SNMP functions.
Controls failover for redundant systems.
Removes failover capability.
Provides remote access to the BIG-IP system command line interface.
Cannot provide remote access to the command line interface.
Implements the IEEE spanning tree protocols for preventing bridging loops.
Cannot detect bridging loops.
Performs system logging based on the syslog-ng utility.
Cannot generate system logs.
Provides remote authentication and authorization.
Cannot perform remote authentication/authorization.
Known as the Traffic Management Microkernel, manages switch traffic.
Cannot process user application traffic or any UDP traffic.

Starting and stopping core services

In almost no case do you ever need to explicitly stop a core service from running. (The TMM service is a notable exception.) For this reason, you cannot use the Configuration utility to start or stop a core service. If you want to explicitly stop or start a core service, you use the bigstart command line utility. For information on the bigstart utility, see the bigstart man page. For information on stopping the TMM service, see Traffic Management Microkernel service .

Configuring core services to control failover

System services have heartbeats. A service heartbeat is a recurring signal that a service generates. The BIG-IP system continually monitors service heartbeats to determine whether the service is still running. For some services, if the system does not detect a heartbeat, the system takes some action with respect to failover. These services are:

  • MCPD
  • TMM
  • SOD
  • BIGD

You can use the Configuration utility to control the way that the BIG-IP system behaves with respect to failover when the system no longer detects the heartbeat of these services. For example, you can configure the MCP service so that if its heartbeat is undetected, the BIG-IP system automatically fails over to the peer unit. For more information, see Chapter 13, Setting up a Redundant System .

Understanding the MCPD, TMM, and SOD services

The core services MCPD, TMM, and SOD are important because they support key functions of the BIG-IP system. These services run automatically unless you specifically shut them down. They provide essential functions such as maintaining the BIG-IP system configuration data, passing application traffic through TMM switch interfaces, and performing failover for redundant system configurations.

The Master Configuration Process service

The Master Configuration Process service (MCPD) manages the configurations on a BIG-IP system. The primary purpose of the MCPD service is to:

  • Receive and process configuration change requests from MCP clients, validate configuration change requests based on database schema and other complex BIG-IP system business rules, and update storage for the target configuration. The service also returns success or failure results to clients.
  • Receive and process statistics and configuration query requests from MCP clients and return query results to the clients.
  • Support a publish-and-subscribe interface, where the service can notify all interested MCP clients of any configuration changes that might be of interest to those clients.

Traffic Management Microkernel service

The Traffic Management Microkernel (TMM) service is the process running on the BIG-IP system that performs most traffic management for the product. As such, the TMM service supports all system and networking components that the BIG-IP system needs in order to process application and administrative traffic. The TMM service controls all system interfaces, except for the management interface (MGMT).

A separate instance of the TMM service runs for each active processor on the BIG-IP system.

The TMM service affects the type of interface (TMM switch interface or management interface) that the BIG-IP system uses for network traffic. The effect on the use of BIG-IP interfaces differs depending on the type of traffic. Normally, when the TMM service is running, certain types of network traffic use the management interface, while other types of traffic use the TMM switch interfaces:

  • User application traffic
    This type of traffic is typically application traffic either destined for or coming from a load balancing server or other network device. User application traffic always uses TMM switch interfaces, and never uses the management interface. Therefore, if the TMM service is stopped, the BIG-IP system does not process this type of traffic.
  • Administrative traffic destined for the BIG-IP system
    This type of traffic is traffic destined for the IP address of the BIG-IP system's management interface. The BIG-IP system then sends its responses to these requests back through the management interface. (The exception to this is UDP traffic, which the BIG-IP system sends out using the TMM default route.) Because administrative traffic uses the management interface, the BIG-IP system can still process this type of traffic when the TMM service is not running.
  • Administrative traffic coming from the BIG-IP system
    The BIG-IP system generates this type of administrative traffic, and the source for this type of traffic is the IP address of the management interface. When the TMM service is running, the BIG-IP system sends this type of traffic through a TMM switch interface, using the TMM default route. If the TMM service becomes unavailable, this type of traffic uses the management interface.

When the TMM service is running, make sure that you have defined a default route in the main TMM routing table. Defining a TMM default route prevents high volumes of administrative traffic generated by the BIG-IP system from using the management interface. For more information, see Chapter 8, Configuring Routes .

To summarize, Figure 18.2 lists the three main traffic types, and shows the type of BIG-IP system interface that each traffic type uses when the TMM service is running:

Table 18.2 BIG-IP interfaces used when TMM is running
Traffic Type
Incoming Interface
Outgoing Interface
User application traffic
Administrative traffic destined for management interface IP address
(for non-UDP traffic)
(for UDP traffic, when TMM default route is defined)
Administrative traffic that the BIG-IP system generates
Not Applicable
(when TMM default route is defined)
Note: See note following this table.


Traffic generated by the nptd service in particular does not normally use a TMM interface when the TMM is running. Instead, the service uses the MGMT interface. The only case in which the ntpd service uses a TMM interface is when the ntpd service has been restarted for some reason. In this case, the service switches from using the MGMT interface to using a TMM interface. For more information on the ntpd service, see Chapter 4, Configuring the BIG-IP Platform and General Properties .

There are certain administrative tasks, however, such as a BIG-IP software installation, that you should never perform while the TMM service is running. Prior to performing these tasks, you should shut down the TMM service.

When you stop the TMM service and therefore make the TMM interfaces unavailable, the management interface becomes the only available interface on the BIG-IP system for administrative traffic. Figure 18.3 shows the type of interface that each traffic type uses when the TMM is stopped.

Table 18.3 BIG-IP interfaces used when TMM is stopped
Traffic Type
Incoming Interface
Outgoing Interface
User application traffic
None available
None available
Administrative traffic destined for management interface IP address
Administrative traffic that the BIG-IP system generates
Not Applicable


The BIG-IP system drops UDP packets when the TMM service is running but no TMM default route is defined.

Other administrative tasks that you should perform using the management interface only (because they require you to stop the TMM service) are a PXE installation and boot, and remote management using SSH and HTTPS.


The BIG-IP system normally routes remote authentication traffic through a Traffic Management Microkernel (TMM) switch interface (that is, an interface associated with a VLAN and a self IP address), rather than through the management interface. Therefore, if the TMM service has been stopped for any reason, remote authentication is not available until the service is running again. For information on configuring remote authentication of application traffic, see the Configuration Guide for Local Traffic Management.

SOD service

The SOD service runs on a unit of a redundant system and monitors the peer unit. If the redundant system is an active/standby configuration, the SOD service runs on the standby unit and monitors the active unit. If the redundant system is an active-active configuration, the SOD service runs on both units, and each SOD service monitors the peer unit. When the SOD service determines that the peer unit is no longer responding, the service initiates failover.

The SOD service can monitor the active unit in two ways, either through a serial line (known as hardwired failover) or through the network (known as network failover). The default configuration for the SOD service is to perform hardwired failover.

To summarize, the primary purpose of the SOD service is to:

  • Monitor and communicate with the peer unit of a redundant system
  • Scan for requests by other processes for the SOD service to initiate a failover
  • Initiate failover

For more information on managing a redundant system, see Chapter 13, Setting up a Redundant System , and Appendix B, Configuring bigdb Database Keys .

Managing optional services

The BIG-IP system includes a number of services that you can start, stop, or restart using the Configuration utility. This ability to start or stop services from within the Configuration utility is useful when you want to run only those services that you need to successfully manage network traffic.

The services that you might want to stop or start with the Configuration utility are:

  • ntpd
    Sets and maintains the system time of day.
  • postfix
    An alternative to the sendmail utility, sends and receives email.
  • radvd
    Used by hosts to configure their interfaces, listens to router solicitations, and answers with router advertisement.
  • snmpd
    Receives and processes SNMP requests, and sends trap notifications. Note that you must stop this service before updating the SNMP v3 file /config/net-snmp/snmpd.conf, which specifies SNMP user names.
  • sshd
    Provides secure remote login between untrusted hosts.

For any services that you should run continually, such as the MCPD or TMM service, you cannot start or stop them using the Configuration utility. For more information on managing these essential services, see Managing core services .

The Configuration utility screen for managing optional services lists the name of each service and its current status.

To stop, start, or restart an optional service

  1. On the Main tab of the navigation pane, expand System, and click Services.
    The Services screen opens.
  2. In the Service column, locate the name of the service you want to start, stop, or restart.
  3. To the left of the service name, click the Select box.
  4. Click Start, Stop, or Restart.
  5. In the History column, check the status of the service.


You can also start and stop optional services using the bigstart utility. For more information, see the bigstart man page.

Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?

NOTE: Please do not provide personal information.

Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)