Original Publication Date: 01/13/2008
Updated Date: 07/25/2016
This article applies to BIG-IP version 9.x through 10.x. For information about other versions, refer to the following article:
When deploying the BIG-IP GTM system, one of the steps includes configuring the different systems with which the BIG-IP GTM system interacts when managing DNS traffic. For example, a typical BIG-IP GTM device may communicate with one or more of the following systems:
The BIG-IP GTM configuration scripts allow you to establish communications between the BIG-IP GTM systems and other external F5 systems. Before you run any of the BIG-IP GTM configuration scripts, you should use the BIG-IP GTM Configuration utility to define any other BIG-IP GTM systems, BIG-IP systems with which the BIG-IP GTM will communicate. Once you have defined the other systems with which the BIG-IP GTM system will communicate, you should run one or more of the BIG-IP GTM configuration scripts.The BIG-IP GTM configuration scripts are defined as follows:
Note: For more information about defining servers on the BIG-IP GTM system, refer to the BIG-IP GTM Configuration Guide.
The gtm_add script
The gtm_add script is an interactive script used to integrate a new BIG-IP GTM into a sync group that is already defined on one or more remote BIG-IP GTM Controllers. The script will wipe out the current configuration of the BIG-IP GTM on which it is run, and replace it with the same configuration of the remote BIG-IP GTM system in the specified sync group. The remote BIG-IP GTM's SSL certificates are copied to the local BIG-IP GTM system using the SSH protocol.
Running the gtm_add script
You can run the gtm_add script on the new BIG-IP GTM system that you are integrating within a network that is configured with one or more existing BIG-IP GTM systems. The gtm_add script will copy the remote BIG-IP GTM configuration to the local BIG-IP GTM system. The new BIG-IP GTM system needs to be defined in the existing BIG-IP GTM system's configuration prior to running the gtm_add script.
To run the gtm_add script, log in to the command line of the BIG-IP GTM system and type the following command:
The big3d_install script
The big3d daemon runs on all BIG-IP devices, and provides metrics collection data for F5 systems. The big3d_install script is an interactive script that uses the SSH protocol to install the current version of the big3d daemon on remote F5 systems. If the current or newer version of the big3d daemon is found to be running on the remote F5 system, installation is skipped for that F5 system. The big3d_install script also copies the trusted device certificate from the local BIG-IP GTM system to the /config/big3d/client.crt file on the remote BIG-IP system, and the trusted server certificate from the remote BIG-IP system to the /config/gtm/server.crt file on the local BIG-IP GTM system.
Note: When running big3d_install, the utility may incorrectly skip a big3d installation or install the incorrect version of the big3d process. For more information, refer to SOL10992: The big3d_install utility may incorrectly skip a big3d installation or install the incorrect version of the big3d process.
Running the big3d_install script
When you deploy the first BIG-IP GTM system within a network that includes existing BIG-IP and BIG-IP version 4.x systems, you should run the big3d_install utility. The big3d_install script copies the BIG-IP GTM system's big3d daemon to the remote BIG-IP and BIG-IP version 4.x systems.
Note: iQuery communication is not supported between BIG-IP or 3-DNS 4.x and BIG-IP or GTM in 10.1.0 and later.
To run the big3d_install utility, log in to the command line of the BIG-IP GTM system and type the following command:
Note: If no IP addresses are specified, the script will attempt to install the current version of the big3d daemon on all the BIG-IP controllers listed in the /config/gtm/wideip.conf file.
Note: For information about how to locate F5 product guides, refer to SOL12453464: Finding product documentation on AskF5.
The bigip_add script
The bigip_add script is an interactive script that uses the SSH protocol to exchange iquery SSL certificates with a remote BIG-IP system. The bigip_add script appends the local BIG-IP GTM system's SSL certificate to the remote BIG-IP system's list of authorized certificates (contained in the /config/big3d/client.crt file). The script then appends the remote BIG-IP system's iquery SSL certificate to the BIG-IP GTM system's local list of authenticated iquery SSL certificates (/config/gtm/server.crt).
Running the bigip_add script
The bigip_add script is run from the local BIG-IP GTM system when adding a BIG-IP to the wide IP configuration.
To run the bigip_add script, log in to the command line of the BIG-IP GTM system and type the following command:
Note: For more information about troubleshooting F5 device certificates, refer to SOL8187: Overview of BIG-IP device certificates (9.x - 10.x).