F5 Logo MyF5
Search
  1. MyF5 Home
  2. End-of-Life Products
  3. Link Controller 4.x
  4. BIG-IP Link Controller Solutions Guide, version 4.3
  5. BIG-IP Link Controller Solutions Guide v4.3: Using the Setup Utility
Manual Chapter : BIG-IP Link Controller Solutions Guide v4.3: Using the Setup Utility

Applies To:

Show Versions Show Versions

Link Controller

  • 4.3 PTF-02, 4.3 PTF-01, 4.3.0
Manual Chapter
Table of Contents | << Previous Chapter | Next Chapter >>

2

Using the Setup Utility


Creating the initial configuration with the Setup utility

Once you install and connect the hardware, the next step in the installation process is to turn the system on and run the Setup utility. The Setup utility defines the initial configuration settings required to install the Link Controller into the network. You can run the Setup utility remotely from a web browser, or from an SSH client, or you can run it directly from the console.

Before you connect to the controller, we recommend that you gather the list of information outlined in the configuration worksheet provided with the Link Controller. Note that the screens you see are tailored to the specific hardware and software configuration that you have. For example, if you have a stand-alone system, the Setup utility prompts you to skip the redundant system screens.

Once you have configured the base network elements with the Setup utility, you might want to further enhance the configuration of these elements. For additional information about these configuration tasks, see Chapter 1, Additional Base Network Configuration, in the BIG-IP Link Controller Reference Guide.

Connecting to the Link Controller for the first time

The Setup utility prompts you to enter the same information, whether you run the utility from a web browser or from the command line. When the utility completes, we recommend that you reboot the controller. This automatically removes the default IP address and root password provided specifically for the purposes of running the Setup utility remotely. The Link Controller replaces the default IP address and root password with the password and IP addresses that you define while running the utility.

Running the Setup utility from a console or serial terminal

Before you can run the Setup utility from either the console or a serial terminal, you must first log in. Use the following default user name and password to log in.

Username: root

Password: default

After you log in, you can start the utility directly from the console or serial terminal by typing the command setup. Once you complete the utility, we recommend that you reboot the Link Controller. The Link Controller automatically reboots if you are running the utility for the first time from the console.

Note: If you want to set up a terminal connection directly to the Link Controller, see the BIG-IP Link Controller Reference Guide, Chapter 7, Using a serial terminal with the Link Controller.

Running the Setup utility remotely

You can run the Setup utility remotely only from a workstation that is on the same LAN as the controller. To allow remote connections for the Setup utility, the Link Controller comes with two pre-defined IP addresses, and a pre-defined root password. The default root password is default, and the preferred default IP address is 192.168.1.245. If this IP address is unsuitable for your network, the Link Controller uses an alternate IP address, 192.168.245.245. However, if you define an IP alias on an administrative workstation in the same IP network as the Link Controller, the controller detects the network of the alias and uses the corresponding default IP address.

Once the utility finishes and the system reboots, these default IP addresses are replaced by the information that you entered in the Setup utility.

Setting up an IP alias for the default IP address before you start the controller

You must set up an IP alias for your remote workstation before you turn on the controller and start the Setup utility. The remote workstation must be on the same IP network as the controller. If you add this alias prior to booting up the Link Controller, the controller detects the alias and uses the corresponding address.

To set up an IP alias for the alternate IP address

The IP alias must be in the same network as the default IP address you want the Link Controller to use. For example, on a UNIX workstation, you might create one of the following aliases:

  • If you want the controller to use the default IP address 192.168.1.245, then add an IP alias to the machine you want to use to connect to the controller using the following command:

    ifconfig exp0 add 192.168.1.1

  • If you want to use the default IP address 192.168.245.245, then add an IP alias such as:

    ifconfig exp0 add 192.168.245.1

Warning: On Microsoft Windows® or Windows NT® machines, you must use a static IP address, not DHCP. Within the network configuration, add an IP alias in the same network as the IP in use on the controller. For information about adding a static IP address to a Microsoft Windows operating system, please refer to your vendor's documentation.

Determining which default IP address is in use

After you configure an IP alias on the administrative workstation in the same IP network as the Link Controller and you turn the system on, the Link Controller sends ARPs on the internal VLAN to see if the preferred 192.168.1.245 IP address is in use. If the address is appropriate for your network and is currently available, the Link Controller assigns it to the internal VLAN. You can immediately use it to connect to the controller and start the Setup utility.

If the alternate network is present on the LAN, 192.168.245.0/24, or if the node address 192.168.1.245 is in use, then the Link Controller assigns the alternate IP address 192.168.245.245 to the internal VLAN instead.

Starting the utility from a web browser

When you start the utility from a web browser, you use the selected default IP address as the application URL.

To start the Setup utility in a web browser

  1. Open a web browser on a workstation connected to the same IP network as the internal VLAN of the controller.
  2. Type the following URL, where <default IP> is the IP address in use on the Link Controller internal VLAN.
    https://<default IP>
  3. At the login prompt, type root for the user name, and default for the password.
    The Configuration utility screen opens.
  4. On the Configuration utility welcome screen, click Setup Utility.
  5. Fill out each screen using the information from the Setup utility configuration list.
    After you complete the Setup utility, the Link Controller reboots and uses the new settings you defined

Note: You can rerun the Setup utility from a web browser at any time by clicking the Setup utility link on the welcome screen.

Starting the utility from the command line

You can run the command line version of the Setup utility from the console or serial terminal, or from a remote SSH client or from a Telnet client.

To start the Setup utility from the console

  1. At the login prompt, type root for the user name, and default for the password.
  2. At the Link Controller prompt, type the following command to start the command-line based Setup utility.

    setup

  3. Fill out each screen using the information from the Configuration worksheet.
    After you complete the Setup utility, the Link Controller reboots and uses the new settings you defined.

To start the Setup utility from the command line from a remote administrative workstation

  1. Start an SSH client on a workstation connected to the same IP network as the internal VLAN of the controller. (See the BIG-IP Link Controller Reference Guide, Chapter 7, Downloading the SSH client to your administrative workstation, for information on downloading the SSH client from the Link Controller.)
  2. Type the following command, where <default IP> is the IP address in use on the Link Controller internal VLAN.

    ssh <default IP>

  3. At the login prompt, type root for the user name, and default for the password.
  4. At the Link Controller prompt, type the following command to start the command-line based Setup utility.

    setup

  5. Fill out each screen using the information from the Configuration worksheet. After you complete the Setup utility, reboot the Link Controller by typing the following command:

    reboot

Note: You can rerun the Setup utility at any time using the setup command.

Using the Setup utility for the first time

The following sections provide detailed information about the settings that you define in the Setup utility.

Keyboard type

Select the type of keyboard you want use with the Link Controller. The following options are available:

  • Belgian
  • Bulgarian MIK
  • French
  • German
  • Japanese - 106 key
  • Norwegian
  • Spanish
  • Swedish
  • US + Cyrillic
  • US - Standard 101 key (default)
  • United Kingdom

Link Controller root password

A root password allows you command line administrative access to the Link Controller. We recommend that the password contain a minimum of 6 characters, but no more than 32 characters. Passwords are case-sensitive, and we recommend that your password contain a combination of upper- and lower-case characters, as well as numbers and special characters, for example, !@#$%^&*. Once you enter a password, the Setup utility prompts you to confirm your root password by typing it again. If the two passwords match, your password is immediately saved. If the two passwords do not match, the Setup utility provides an error message and prompts you to re-enter your password.

Host name

The host name identifies the Link Controller itself. Host names must be fully qualified domain names (FQDNs). The host portion of the name must start with a letter, and must be at least two characters. The name, or host part of the name, must be 39 characters or less. The label part of the name must be 63 characters or fewer. For example:

<host 39 characters or less>.<label 63 characters or less>.net

Configuring a default gateway pool

You configure the default gateway pool for outbound link load balancing. The default gateway pool is a pool of the default routes for all links that you want the Link Controller to manage. Type an IP address for each link you want to load balance. If a gateway in the default gateway pool becomes inactive, existing connections through the inactive gateway are routed through another gateway in the default gateway pool. After you complete the Setup utility, if you typed more than one default gateway IP address, a pool named default_gateway_pool is created.

Warning: Default gateway IP addresses must have a corresponding self IP address/netmask combination on the Link Controller.

Redundant system settings

There are two types of settings you need to define for redundant systems: unit IDs, and fail-over IP addresses.

Unit IDs

The default unit ID number is 1. If this is the first unit in the redundant system, use the default. When you configure the second unit in the system, type 2.

Choosing a fail-over IP address

A fail-over IP address is the IP address of the unit which will take over if the current unit fails. Type in the IP address configured on the internal interface of the other Link Controller in the redundant pair.

Setting the interface media type

Configure media settings for each interface. The media type options depend on the network interface cards included in your hardware configuration. The Setup utility prompts you with the settings that apply to the interfaces installed in the controller. The Link Controller supports the following media types:

  • auto
  • 10baseT
  • 10baseT, FDX
  • 100baseTX
  • 100baseTX, FDX
  • Gigabit Ethernet

Note: For best results, choose the auto setting. In some cases, devices configured for the auto media are incompatible, and the proper duplex setting is not negotiated. In these cases, you may need to set the media settings to the same speed and duplex on this device and the corresponding switch or host. Check your switch or hub documentation for this information.

Warning: The Setup utility lists only the network interface devices that it detects during system boot. If the utility lists only one interface device, the additional network adapters may have come loose during shipping. Check the LED indicators on the network adapters to ensure that they are working and are connected.

Configuring VLANs and IP addresses

You create a VLAN for each link in the configuration. The Link Controller has two default VLANs, internal and external. You can rename these VLANs to link names for easier management. In most configurations, you need to add VLANs to represent all of your external links. Follow the onscreen prompts to configure any additional VLANs that you need.

Determine whether you want to have security turned on for a VLAN, or off for the VLAN. Then, type the IP address settings for the VLAN. The IP address settings include:

  • Security settings
  • IP address, netmask, and broadcast
  • Floating self IP address, netmask, and broadcast (for redundant systems only)

    We recommend that you set the floating self IP address as the default route for target devices, such as servers. The floating self IP address is owned by the active unit in an active/standby configuration.

Note: The IP addresses of the external VLANs are not the IP address of your site or sites. The IP addresses of the sites themselves are specified by the virtual IP addresses associated with each virtual server you configure.

Assigning interfaces to VLANs

After you configure the VLANs for each link on the Link Controller, you assign interfaces to the VLANs. Note that each VLAN should be associated with an interface.

Associating the primary IP address and VLAN with the host name

After you assign interfaces to VLANs, you can choose one VLAN/IP address combination as the primary IP address to associate with the controller host name.

Configuring remote web server access

The Link Controller web server provides the ability to set up remote web access on each VLAN. When you set up web access on a VLAN, you can connect to the web-based Configuration utility through the VLAN. To enable web access, specify a fully qualified domain name (FQDN) for each VLAN. The Link Controller web server configuration also requires that you define a user ID and password. If SSL is available, the configuration also generates authentication certificates.

The Setup utility guides you through a series of screens to set up remote web access.

  • The first screen prompts you to select the VLAN you want to configure for web access. After you select an interface to configure, the utility prompts you to type an FQDN for the interface. You can configure web access on one or more interfaces.
  • After you configure the interface, the utility prompts you for a user name and password. After you type a user name and password, the utility prompts you for a vendor support account. The vendor support account is not required.
  • The certification screen prompts you for country, state, city, company, and division.

You can also add users to the existing password file, change a password for an existing user, or recreate the password file, without actually repeating the remote web server configuration process.

Warning: If you ever change the IP addresses or host names on the Link Controller interfaces, you must reconfigure the Link Controller web server and the portal to reflect your new settings.

Warning: If you have modified the remote web server configuration outside of the Configuration utility, be aware that some changes may be lost when you run the Setup utility. This utility overwrites the httpd.conf file and openssl.conf.

Setting the time zone

Next, you specify the time zone for the Link Controller. This ensures that the clock for the Link Controller is set correctly, and that dates and times recorded in log files correspond to the time zone of the system administrator. Scroll through the list to find the time zone at your location. Note that one option may appear with multiple names.

Configuring the DNS proxy forwarding settings

You need to complete this step only if you want machines inside your Link Controller managed network to use DNS servers outside of that network (for example, for reverse DNS lookup from a web server).

Specify the DNS name server and domain name for DNS proxy forwarding by the Link Controller. For more information on DNS proxy forwarding, see the BIG-IP Link Controller Reference Guide, Chapter 7, Configuring DNS on the Link Controller.

Configuring remote administrative access

After you configure remote web access, the Setup utility prompts you to configure remote command line access. The first screen you see is the Configure SSH screen, which prompts you to type an IP address for SSH command line access.

When you configure shell access, the Setup utility prompts you to create a support account for that shell. You can use this support account to provide access to a support engineer.

When the Setup utility prompts you to enter an IP address for administration, you can type a single IP address, or a list of IP addresses from which the Link Controller will accept administrative connections. (These can be either remote shell connections, or connections to the web server on the Link Controller.) To specify a range of IP addresses, you can use the asterisk (*) as a wildcard character in the IP addresses.

The following example allows remote administration from all hosts on the 192.168.2.0/24 network:

192.168.2.*

Note: For administration purposes, you can connect to the Link Controller floating self IP address, which always connects you to the active unit in an active/standby redundant system. To connect to a specific unit, connect directly to the IP address of that Link Controller.

Configuring NTP support

You can synchronize the time on the controller to a public time server by using Network Time Protocol (NTP). NTP is built on top of TCP/IP and assures accurate, local timekeeping with reference to clocks located on the Internet. This protocol is capable of synchronizing distributed clocks, within milliseconds, over long periods of time. If you choose to enable NTP, make sure UDP port 123 is open in both directions when the controller is behind a firewall.

Completing the initial configuration

Once you have configured the previous settings, the Link Controller commits the configuration and reboots the system. Once the controller has rebooted, you can log in to the Configuration utility and configure the Link Controller. Refer to Chapter 3, Configuring Links for Simple ISP Load Balancing , for instructions on setting up the Link Controller to manage multiple ISP links.

Running the Setup utility to change settings

You normally run the Setup utility when the system is first installed, as part of the installation procedure. However, you can also use the command line Setup utility to change existing settings at any time. This section describes running the Setup utility to change settings after you run it initially.

To run the Setup utility from the command line, type in the following command:

setup

After you complete the initial configuration, the Setup utility presents a menu of individual configuration options.

The Setup utility menu is divided into two different sections: required and optional. The Setup utility includes the following required configuration options:

  • Set the default gateway pool
  • Configure VLANs and networking
  • Set host name
  • Set the root password
  • Configure web servers
  • Steps for redundant systems (redundant systems only)

The following configuration selections are optional:

  • Configure DNS
  • Configure FTP
  • Set keyboard type
  • Define time servers
  • Initialize the iControl portal
  • Configure SSH
  • Configure telnetd
  • Set time zone

Figure 2.1 The Setup utility menu. Some of these options may not be available on your system. 

 lqq I N I T I A L   S E T U P   M E N U qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk    
   x                                                                              x    
   x                                                                              x    
   x    Choose the desired configuration function from the list below.            x    
   x                                                                              x    
   x                                                                              x    
   x    (A) All configuration steps        (R) Steps for redundant systems        x    
   x                                                                              x    
   x    REQUIRED                                                                  x    
   x    (E) Set default gateway pool       (V) Configure VLANs & networking       x    
   x    (H) Set host name                  (W) Configure web servers              x    
   x    (P) Set root password                                                     x    
   x                                                                              x    
   x    OPTIONAL                                                                  x    
   x    (D) Configure DNS                  (O) Configure remote access            x    
   x    (F) Configure FTP                  (S) Configure SSH                      x    
   x    (I) Initialize iControl portal     (T) Configure Telnetd                  x    
   x    (K) Set keyboard type              (R) Configure RSH                      x    
   x    (M) Define time servers            (Z) Set time zone                      x    
   x                                       (Q) Quit                               x    
   x                                                                              x    
   x    Enter Choice:                                                             x    
   x                                                                              x    
   mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqj

Options available only through the Setup utility menu

This section contains descriptions of options that are available only through the Setup utility menu. These options include:

  • Initializing the iControl portal
  • Configuring remote access
  • Configure RSH

Initialize the iControl portal

This option is available in the menu only after you create the initial software configuration. Select this option to configure the CORBA ports (IIOP and FSSL). This option prompts you for a list of IP addresses or host names you want to embed as objects in the Portal object reference. Typically, in a redundant system, this list includes the fail-over IP address of the other Link Controller in the redundant system.

This option prompts you to set the Portal to use IP addresses instead of DNS names. If the Portal is set to use IP addresses, the Link Controller does not have to do a DNS lookup.

In addition to these settings, you can change the following iControl portal settings:

  • You can set the security mode of the portal. You can allow the portal to handle non-secure requests.
  • You can change the name of the Portal object reference file.
  • You can specify the Portal PID file name.

Configuring remote access

This option is available in the menu only after you create the initial configuration. Use this option to modify remote access settings.

Configuring RSH

You can configure an RSH shell for non-secure access to the Link Controller. Use this option only if you are unable to set up an SSH shell.

Table of Contents | << Previous Chapter | Next Chapter >>
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5 Networks, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information