Applies To:

Show Versions Show Versions

Manual Chapter: General Configuration Properties
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Part of managing the BIG-IP® system involves configuring and maintaining a set of global system properties. These properties allow you to configure:
When you configure general device properties, you are affecting the operation of the BIG-IP system as a whole, rather than just one aspect of it. Similarly, when you configure the general properties related to local traffic or global traffic, you are globally affecting the operation of the local traffic management and global traffic management systems.
The BIG-IP system includes some general properties that you can configure, as well as properties related to Network Time Protocol (NTP), Domain Name System (DNS), and host names on the network.
To manage these properties, log in to the BIG-IP Configuration utility, and on the Main tab, expand System, and click Configuration.
You can also reload the default geolocation data files that the BIG-IP system uses to source the origin of a name resolution request.
The BIG-IP system uses an IP geolocation database to source data about the origin of a name resolution request. The default database provides geolocation data for IPv4 addresses at the continent, country, state, ISP, and organization levels. The state-level data is worldwide, and thus includes designations in other countries that correspond to the U.S. state-level in the geolocation hierarchy, for example, provinces in Canada. Note that you can only access the ISP and organization-level geolocation data for IPv4 addresses using the iRules® whereis command. For more information, about iRules, see http://devcentral.f5.com/.
Tip: If you require geolocation data at the city-level, contact your F5 Networks sales representative to purchase additional database files.
Network Time Protocol (NTP) is a protocol that synchronizes the clocks on a network. You can use the Configuration utility to specify a list of IP addresses of the servers that you want the BIG-IP system to use when updating the time on network systems. You can also edit or delete the entries in the server list.
Domain Name System (DNS) is an industry-standard distributed internet directory service that resolves domain names to IP addresses. If you plan to use DNS in your network, you can use the Configuration utility to configure DNS for the BIG-IP system.
When you configure DNS, you create two lists: a DNS lookup server list, and a BIND forwarder server list. The DNS lookup server list allows BIG-IP system users to use IP addresses, host names, or fully-qualified domain names (FQDNs) to access virtual servers, nodes, or other network objects.
The BIND forwarder server list provides DNS resolution for servers and other equipment load balanced by the BIG-IP system, that is, for the servers that the BIG-IP system uses for DNS proxy services.
You can create and manage a list of IP addresses and their associated host names, to identify and locate hosts on the network.
The BIG-IP system includes a set of properties that apply globally to the local traffic management system. These properties fall into two main categories: general local-traffic properties, and persistence properties. You can use the Configuration utility to configure and maintain these properties.
You can configure a number of properties that affect the general behavior of the BIG-IP local traffic management system. In most cases, these properties are not directly related to any one type of local traffic management object, such as a virtual server or a load balancing pool.
Table 4.1 lists and describes the properties that you can configure to manage the behavior of the local traffic management system.
Specifies, when checked (enabled), that the system automatically maps the last hop for pools.
Specifies, when checked (enabled), that the unit is in maintenance mode. In maintenance mode, the system stops accepting new connections and slowly completes the processing of existing connections.
Disabled (unchecked)
Check this setting to enable VLAN-keyed connections. VLAN-keyed connections are used when traffic for the same connection must pass through the system several times, on multiple pairs of VLANs (or in different VLAN groups).
Specifies, when checked (enabled), that the system discovers the maximum transmission unit (MTU) that it can send over a path without fragmenting TCP packets.
Specifies that the BIG-IP system sends a TCP RST packet in response to a non-SYN packet that matches a virtual server address and port or self IP address and port, but does not match an established connection. The BIG-IP system also sends a TCP RST packet in response to a packet matching a virtual server address or self IP address but specifying an invalid port. The TCP RST packet is sent on the client-side of the connection, and the source IP address of the reset is the relevant BIG-IP LTM object address or self IP address for which the packet was destined. If you disable this setting, the system silently drops unmatched packets.
Specifies the number of seconds a node can be left idle by the Fastest load balancing mode. The system sends fewer connections to a node that is responding slowly, and periodically recalculates the response time of the slow node.
Specifies, in percent, the memory usage at which the system silently purges stale connections, without sending reset packets (RST) to the client. If the memory usage remains above the low-water mark after the purge, then the system starts purging established connections closest to their service timeout. To disable the adaptive reaper, set the high-water mark to 100.
Specifies, in percent, the memory usage at which the system starts establishing new connections. Once the system meets the reaper high-water mark, the system does not establish new connections until the memory usage drops below the reaper low-water mark. To disable the adaptive reaper, set the low-water mark to 100.
Note: This setting helps to mitigate the effects of a denial-of-service attack.
SYN CheckTM Activation Threshold
Specifies the number of new or untrusted TCP connections that can be established before the system activates the SYN Cookies authentication method for subsequent TCP connections.
Specifies, in seconds, the amount of time that records remain in the Layer 2 forwarding table, when the MAC address of the record is no longer detected on the network.
Specifies, when checked (enabled), that all VLANs share a single MAC address. If you use the default value (unchecked), the BIG-IP gives each VLAN the MAC address of the VLANs lowest-numbered interface. Use this setting when configuring an active/standby redundant system.
Disabled (unchecked)
Specifies the type of traffic for which the system attempts to forward (instead of reject) Any-IP packets, when the traffic originates from a member of a SNAT. There are two possible values:
TCP and UDP Only: Specifies that the system forwards, for TCP and UDP traffic only, Any-IP packets originating from a SNAT member.
All Traffic: Specifies that the system forwards, for all traffic types, Any-IP packets originating from a SNAT member.
Using the Configuration utility, you can perform certain persistence-related tasks such as managing the way that destination IP addresses are stored in the persistence table, and specifying a data group that contains proxy IP addresses.
Table 4.2, lists and describes the properties that you can configure to manage general persistence-related properties.
Specifies how the system manages the destination IP address entries in the persistence table. Note that when either the timeout value or the maximum number of persistence entries is reached, the BIG-IP system no longer adds destination address entries to the persistence table. To ensure that the BIG-IP system can always add entries to the persistence table, either increase the timeout value in the Destination Address Affinity persistence profile, or increase the maximum number of entries allowed.
Timeout: Specifies that entries remain in the persistence table until the BIG-IP system times them out, based on the timeout value configured in the corresponding persistence profile.
Maximum Entries: Specifies that the system stops adding entries to the persistence table when the number of entries reaches the value specified in the Maximum Entries setting, following.
Specifies the maximum entries allowed in the persistence table before the BIG-IP system stops addding entries. Note that you can increase this value with no significant impact to the amount of memory consumed.
Specifies the data group that contains proxy IP addresses. You use this data group to identify the addresses that are to be treated as proxies when you enable the Map Proxies option on a persistence profile.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)