Updated Date: 04/26/2007
This technical note documents the process of installing on a 520/540 (D35) platform the BIG-IP software version 9.3 using a CD mounted on an installation server. For information about installing the software, please refer to the instructions below.
The minimum system requirements for this release are:
The supported browsers for the browser-based Configuration utility are:
Note that we recommend that you leave the browser cache options at the default settings.
Important: Popup blockers and other browser add-ons or plug-ins may affect the usability of the browser-based Configuration utility. If you experience issues with navigation, we recommend that you disable these types of browser plug-ins and add-ons.
This technical note describes how to upgrade version 4.x software to version 9.3 on the 520/540 platform. The 520/540 platforms are not switch-based platforms. Some BIG-IP system features and requirements are slightly different, or are not supported, on the 520/540 platforms. The following section describes these features.
When you install BIG-IP version 9.3 on a 520/540 platform, the interface 1.1 is converted to the management interface. The interface 1.2 becomes interface 1.1. Other additional interfaces remain numbered as they were in version 4.x. See Converting the BIG-IP system configuration data using the OTCU section for other details on the numbering changes. The minimal configuration is two built-in interfaces, however, we recommend that you add network interface cards (NICs) to bring to the total number of interfaces to at least three.
The minimum memory supported is 512 MB. Most 520 platforms shipped with only 256 MB of RAM. The recommended amount of RAM is 1 GB. If you upgrade the memory on a unit, to avoid complications stemming from combining dissimilar brands of DIMMs, we recommend that you discard the old DIMMs and replace them with a single 512 MB or 1024 MB DIMM.
BIG-IP Link Controller and combination BIG-IP Local Traffic Manager/Global Traffic Manager installations require a minimum of 768 MB of memory. However, the recommended amount of RAM is 1 GB.
The front panel LED behavior is the same as version 9.x behavior. For more information, see SOL4263: Change in Behavior: New front panel LED indicator behavior in BIG-IP version 9.x.
The behavior described in this section applies to BIG-IP 9.3 installations. In some cases, the behavior does not occur until after you install the software.
For details about obtaining supported network interface cards, contact F5 Networks.
Some switch-based BIG-IP system features are not supported on the 520/540 platforms. This section describes these features and their behavior.
The following add-in hardware cards are not supported in this release on the 520/540 platforms:
Link Aggregation Control Protocol (LACP) and spanning tree protocol (STP) are not supported on the 520/540 platform. LACP switchboard fail-safe is not active on these platforms. The HA Table displays the switchboard fail-safe entry as disabled. LACP is enforced when the user attempts to set lacp_enable 'true' on a trunk.
STP is enforced by the global stp mode setting. The allowed modes are passthru and disabled. Note that you can view and modify the other STP-related parameters without affecting system operation. These commands include the bigpipe stp commands, bigpipe stp instance commands, and bigpipe interface stp, bigpipe auto edge, and the link type commands.
Most of the bigpipe commands are supported fully by the 520/540 platform, with the following exceptions:
|daemon||Displays the bcm56xxd. Not functional.|
|db boot.netreboot||Cannot enable. Not functional.|
|ha table||Displays switchboard fail-safe as disabled. Not functional.|
|interface [stp | auto edge | link type ]||Can be configured. Has no effect.|
|interface pause||Not supported|
|mirror||Port mirror not supported and gives an error when configured.|
|stp||Cannot set mode. Not functional.|
|stp instance||Can be configured. Not functional.|
|trunk||Cannot enable LACP.|
Quiet boot is supported. You can set this variable using the bigdb boot.quiet setting. The D35 Tyan 2515 motherboard does not support a CMOS setting for quiet boot, so you must must use the BIOS setup utility to configure the BIOS quiet boot setting. (This is the same as version 4.x.)
The bigpipe command netboot enable | disable is not supported on the 520/540 platform. You must use the front panel Netboot button.
As in BIG-IP version 4.x, you cannot configure port mirroring on the 520/540 platform.
You can use the command bigpipe baud rate to modify the current serial console (ttyS0), and the grub baud rate setting. This baud rate is maintained across reboots and power cycles. However, the Tyan 251x BIOS does not support a CMOS setting for baud rate. As a result, for the PXE installation, you must use the BIOS baud rate setting (default 19200) for the serial console.
The following sensors are not supported: chassis fan, chassis power supply, chassis temperature, and CPU status.
If the BIG-IP system is currently running version 4.x or version 9.0.5 through 9.2.5, you can upgrade directly to version 9.3, using the following procedure.
If you are running a pre-4.5 PTF-04 version of the BIG-IP software, you must first upgrade to version 4.5 PTF-04, and then upgrade to version 9.3.
Important: A valid service contract is required to complete this installation.
Warning: You must reactivate the license on the BIG-IP system on which you intend to install before you begin installing.
Important: You cannot upgrade to version 9.3 from versions 9.0 through 9.0.4. You must first upgrade to 9.0.5, or a later 9.x release.
The process of upgrading to BIG-IP version 9.3 requires completing the following steps:
The following sections describe how to perform these tasks.
Before you upgrade to BIG-IP version 9.3, you need to save your version 4.x configuration data. This file is used by the one-time configuration utility (OTCU) to convert your version 4.x configuration files to the 9.x configuration file format. In addition, this prevents loss of data if, for any reason, the version 9.3 upgrade is not successful.
Collect and archive the version 4.x configuration files, by typing the following command. Note that config.ucs is the name you must use for the UCS file, and the file must be saved at the / partition.
bigpipe config save /config.ucs
Important: If you are upgrading a system that is using zone files with named, you must manually back up all necessary zone files and save them to a remote location. After the upgrade is complete, you can place them on the 9.x system. There is a new location on the 9.x system for these files: /var/named/config/namedb.
Important: It is critical that you back up the archived configuration files to a secure remote location. In the event installation fails, you must use the remotely stored file in order to restore your configuration data. For more information about UCS archive files, see SOL4423: Overview of UCS archives.
Before you begin the installation process, download the installation CD-ROM ISO image from http://tech.f5.com. For details about downloading the ISO image, see SOL167: Downloading software from F5 Networks.
Note: Before you continue, we recommend downloading the associated MD5 checksum file and performing the MD5 checksum operation to ensure that the file downloaded correctly. For more information about running the MD5 checksum, see Verifying the MD5 checksum of the installation file .
Before you perform a network boot from a CD, you must designate and configure a remote host to be a Pre-boot Execution Environment (PXE) server. This remote host must meet all the following criteria:
Note: You must connect the installation server to the same network to which the BIG-IP unit is connected.
Once you have designated a host, complete the following steps:
Select terminal type? [vt100]
Press the Enter key to use vt100 emulation, or type the name of the terminal emulator you are using.
Maintenance OS Options Serve Provide network installation services Install Install software onto hard disk Reboot Reboot to your current system Exit Exit to maintenance shell
Use existing DHCP server on subnet [no]?
IP network [10.1.10]? IP address of server 10.1.10[n] ? Lower range for clients 10.1.10.[n] ? Upper range for clients 10.1.10.[n] ?
Note: When you specify the IP address of the server, you need to enter only the last octet. When completing the lower and upper ranges for the clients, type the network numbers where the clients are situated.
If the settings displayed are correct, type yes. If they are not, type no and you are prompted to re-enter the addresses.
After you designate and configure a remote host to be a installation server, you are ready to perform the network boot from the console of the platform on which you wish to install the software.
Note: You must connect the installation server directly to the management port on the BIG-IP unit, or to the network to which the management interface is connected.
bigpipe db boot.netreboot enable reboot
You might receive the following message after you type the reboot command:
The requested operation is not supported by the hardware.
If you see this error message, use a paperclip to push the RESET button on the front panel. Then, within ten seconds, use a paperclip to push the NETboot button.
Press M or Control-SPACE to view menu.
Let the timer count down to auto-select the installation options. After the timer counts down, the installer prompts you for the terminal type.
Terminal type? [vt100]
Press the Enter key to continue, or specify the terminal type you are using. We recommend that you use vt100.
The system posts a number of messages, and then installation starts. Once installation starts, you can use the arrow and Tab keys to navigate the presented options. You can select an option from a menu using the Enter key or the highlighted character key, and you can toggle select boxes on or off using the spacebar.
Note: The syslog option is not present when the controlling terminal is the console. You see this option only when you are performing the installation through an SSH connection.
The software takes only a few minutes to install. Once the installation is complete, the unit reboots to the installation in slot 0 or CF (CompactFlash®). You can use the switchboot utility to specify which installation you want to boot by default. For more information about the switchboot utility, see Using the switchboot utility .
After you complete the installation of the software, and before you license the software, run the config command to configure an IP address, net mask, and gateway on the management port (MGMT). The config command is a command line utility created for this purpose. You can run the config command from the serial console you used during installation.
To run the config command, type the following command:
After you run this utility and add an IP address, net mask, and gateway to your management port, you can log on to the browser-based Configuration utility, and license the unit.
Before you can convert your configuration files or configure the system, you must license the version 9.3 software. To activate the license for the system, you must have a base registration key. The registration key is a 27-character string that lets the license server know which F5 products you are entitled to license. If you do not already have a registration key, you can obtain one using the dossier from a licensed version 4.x system (http://license.f5.com).
Note: If you create a stand-alone Global Traffic Manager installation or a Local Traffic Manager/Global Traffic Manager installation, after licensing the Global Traffic Manager, the system requests that you perform a software reboot. This statement is intended to indicate that you should restart the system (such as through the command bigstart restart before moving the system into a production environment.
After you install and license the 9.3 software, you can configure the 9.3 system from scratch, or you can convert the existing configuration you rolled forward on the system. If you want to configure the new software from scratch, you can skip this step. This section describes how the OTCU works.
To convert your existing version 4.x configuration files to 9.x configuration files, you use the One-Time Conversion Utility (OTCU). The OTCU parses version 4.x configuration files and uses the data to create a 9.x configuration database. Due to the complexity of the 9.3.0 release, and differences in the version 4.x and 9.3 feature sets (which depend on your configuration), the OTCU may produce some unexpected results. We ask that you use the OTCU as a starting point for converting your version 4.x configuration files. Keep in mind that, in most cases, you will need to examine the resulting configuration files, troubleshoot the contents, and make adjustments where necessary. To view an example of a converted file, see conversion example . The following notes are to help you understand the conversion process and interpret the output of the OTCU.
When you run the OTCU, the files in /otcu.ucs are extracted and placed in /var/tmp/otcu_4.x. These files remain in their original state. They are not altered during the conversion process. Selected files used for the upgrade are moved into /var/tmp/otcu_9.3.0. For example, /etc/hosts is moved to /var/tmp/otcu_9.3.0/etc/hosts . After the files are moved, they are converted as much as possible into the version 9.x format and then placed in the version 9.x system. After the conversion is complete, the /otcu.ucs is renamed to /renamed_otcu.ucs. Renaming the file prevents you from being prompted to run the OTCU every time you start the system.
During this process a log file is created and saved as /var/tmp/otcu.log. This file contains everything printed on screen during the installation. This information is useful for understanding what files are converted, and for reviewing or troubleshooting the resulting configuration. The files in /var/tmp/otcu_9.3.0 remain in the state they were in before being moved to the version 9.3 system.
If you want to refer to your version 4.x configuration files, these files are saved in /var/tmp/otcu_4.x. The /var/tmp/otcu_4.x_miscellaneous directory may contain some version 4.x files that are not carried forward during the conversion that may be of interest to you. This could include the version 4.x license file, inetd.conf file, openssl.conf file, or monitor files that were not converted. You can also find these with the rest of the files located in /var/tmp/otcu_4.x, however they are moved here for convenience.
Warning: You should run the OTCU only one time. If you need to run the OTCU again, we recommend that you reinstall version 9.3 and then run the OTCU.
The following version 4.x files are removed during the conversion:
/config/default_base.conf (no user alert)
/etc/ssh_host_key (no user alert)
/etc/ssh_host_key.pub (no user alert)
/etc/ssh_config (no user alert)
/etc/sshd_config (no user alert)
/etc/ssh3/hostkey (no user alert)
/etc/ssh3/hostkey.pub (no user alert)
/etc/ssh3/ssh3_config (no user alert)
/etc/ssh3/sshd2_config (no user alert)
/etc/snmptrap.conf (no user alert)
/etc/rc.local (no user alert)
/etc/syslog.conf (no user alert)
/etc/login.conf (no user alert)
/usr/local/www/bigipgui/.users (no user alert)
/config/bigconfig/slapd.txt (no user alert)
/etc/irs.conf, /etc/irs.conf.dns, /etc/irs.conf.nodns (no user alert)
The following version 4.x files are moved forward with no conversion:
/root/.ssh/id_dsa.pub (no user alert)
/root/.ssh/id_dsa (no user alert)
/root/.ssh/identify.pub (no user alert)
/root/.ssh/identify (no user alert)
/root/.ssh/authorized_keys (no user alert)
/root/.ssh/authorized_keys2 (no user alert)
/root/.ssh/known_hosts (no user alert)
The following table lists the files that are moved and converted during the OTCU process.
|version 4.x config files||9.3 conversion notes|
|/config/routes||Routes commands are converted to 9.x bigpipe commands.|
|/config/bigconf/httpd.conf||The ServerName line from this file is inserted into the new httpd.conf located at /config/httpd/conf/httpd.conf.|
|/config/bigconfig/ssl.crl/||is moved to /config/httpd/conf/ssl.crl.|
|/config/bigconfig/ssl.crt/||is moved to /config/httpd/conf/ssl.crt.|
|/config/bigconfig/ssl.key||is moved to /config/httpd/conf/ssl.key.|
|etc/named.conf||is converted to BIND version 9, and references to 3-DNS are removed.|
|/etc/snmpd.conf||sysip is deleted and com2sec is changed to com2sec6.|
|/etc/snmpd.conf.disabled||sysip is deleted and com2sec is changed to com2sec6.|
Use the following procedure to convert your existing version 4.x configuration data to version 9.3.
Note: If at any point you want to go back to version 4.x, you must re-install the version 4.x software. For information on how to install the version 4.x software, please refer to the associated release notes. For instructions on how to reinstall your previous version 4.x configuration files, see SOL3135: Backing up and restoring BIG-IP or 3-DNS configuration files.
The utility prompts you for the following information:
Once the 9.x conversion is complete, the files are moved to their correct locations and loaded.
If you skipped the step to consolidate profiles and rename virtual servers, profiles, pools, and SNAT pools, you can run the consolidation utility by typing the following command:
You can run the renaming utility by typing the following command:
Note: In order for the renaming to take effect, you must reload the configuration file.