Home > Storage > ObjectScale and ECS > Product Documentation > ECS with F5 Deployment Reference Guide > BIG-IP LTM
List of primary configuration files:
[root@f5-ltm-s1-1:Active:In Sync] config # ls -la bigip_base.conf bigip.conf
-rw-r-----. 1 root root 11345 2017-07-13 13:38 bigip_base.conf
-rw-r-----. 1 root root 12740 2017-07-13 13:38 bigip.conf
Node
ltm node /Common/ecs-1-1 { fqdn {
autopopulate enabled
name ecs-1-1.kraft101.net
}
}
Virtual Server
ltm virtual /Common/virtual-server-80-to-9020 { destination /Common/10.246.150.90:80
ip-protocol tcp
mask 255.255.255.255
persist {
/Common/source_addr { default yes
}
}
pool /Common/pool-all-nodes-9020 profiles {
/Common/tcp { }
}
source 0.0.0.0/0 translate-address enabled translate-port enabled
}
Pool
ltm pool /Common/pool-all-nodes-9020 {
load-balancing-mode least-connections-node members {
/Common/ecs-1-1:9020 { fqdn {
autopopulate enabled
name ecs-1-1.kraft101.net
}
}
/Common/ecs-1-2:9020 { fqdn {
autopopulate enabled
name ecs-1-2.kraft101.net
}
}
/Common/ecs-1-3:9020 { fqdn {
autopopulate enabled
name ecs-1-3.kraft101.net
}
}
/Common/ecs-1-4:9020 { fqdn {
autopopulate enabled
name ecs-1-4.kraft101.net
}
}
/Common/ecs-1-5:9020 { fqdn {
autopopulate enabled
name ecs-1-5.kraft101.net
}
}
}
monitor /Common/tcp service-down-action reset
}
Monitor
ltm monitor http /Common/monitor-ecs-s3-ping-9020 { adaptive disabled
defaults-from /Common/http destination *:9020 interval 5
ip-dscp 0
password $M$lI$FW1BV3+GAmVjOk/qdhnFNw==
recv <Name>MAINTENANCE_MODE</Name><Status>OFF</Status>
recv-disable <Name>MAINTENANCE_MODE</Name><Status>ON</Status> send "GET /?ping HTTP/1.1\nHost:f5\n\n"
time-until-up 0
timeout 16 username admin
}
Profile, client-ssl
ltm profile client-ssl /Common/client-ssl-profile-ecs { app-service none
cert /Common/default.crt cert-key-chain {
default {
cert /Common/default.crt key /Common/default.key
}
}
chain none
defaults-from /Common/clientssl inherit-certkeychain true
key /Common/default.key passphrase none
proxy-ca-cert /Common/ssl-certificate-ecs.crt proxy-ca-key /Common/ssl-key-ecs.key
}
Profile, fastl4
ltm profile fastl4 /Common/protocol-profile-custom-fastl4-nfs { app-service none
defaults-from /Common/fastL4 idle-timeout 3600
}
Routes
net route /Common/default { gw 10.246.150.1
mtu 1500 network default
}
net route /Common/route102net { gw 10.246.150.89
mtu 1500
network 192.168.102.0/24
}
Self IP
net self /Common/selfip1.2local { address 10.246.150.86/24 allow-service {
default
}
traffic-group /Common/traffic-group-local-only vlan /Common/vlanexternal
}
net self /Common/selfip1.1floating { address 192.168.101.5/24
allow-service { default
}
traffic-group /Common/traffic-group-1 vlan /Common/vlaninternal
}
VLAN
net vlan /Common/vlanha { interfaces {
1.3 { }
}
tag 4092
}
Devices
cm device /Common/f5-ltm-s1-1.ecstme.org {
active-modules { "BIG-IP, VE Trial|EZHDWMD-WHJVHIY|Rate Shaping|External Interface and Network HSM, VE|SDN Services, VE|SSL, Forward Proxy, VE|Max Compression, VE|BIG-IP VE, Multicast Routing|SSL, VE|DNS (1K QPS), VE|Routing Bundle, VE|AFM, VE|ASM, VE|Crytpo Offload, VE, Tier 1 (25M - 200M)|DNSSEC|Anti- Virus Checks|Base Endpoint Security Checks|Firewall Checks|Network Access|Secure Virtual Keyboard|APM, Web Application|Machine Certificate Checks|Protected Workspace|Remote Desktop|App Tunnel|CGN, BIG-IP VE, AFM ONLY|PSM, VE" }
base-mac 00:50:56:8f:79:26 build 2.0.1671
cert /Common/dtdi.crt
chassis-id 420fdac5-59ea-53b5-763185f6e91c configsync-ip 192.168.255.4
edition "Hotfix HF2"
hostname f5-ltm-s1-1.ecstme.org key /Common/dtdi.key
management-ip 172.16.3.2
marketing-name "BIG-IP Virtual Edition" mirror-ip 192.168.255.4
mirror-secondary-ip 10.246.150.86 platform-id Z100
product BIG-IP self-device true
time-zone America/Toronto unicast-address {
{
effective-ip management-ip effective-port 1026
ip management-ip
}
{
effective-ip 192.168.255.4
effective-port 1026
ip 192.168.255.4
}
}
version 13.0.0
}
cm device /Common/f5-ltm-s1-2.ecstme.org {
active-modules { "BIG-IP, VE Trial|VEWOCES-VNHDLKP|Rate Shaping|External Interface and Network HSM, VE|SDN Services, VE|SSL, Forward Proxy, VE|Max Compression, VE|BIG-IP VE, Multicast Routing|SSL, VE|DNS (1K QPS), VE|Routing Bundle, VE|AFM, VE|ASM, VE|Crytpo Offload, VE, Tier 1 (25M - 200M)|DNSSEC|Anti- Virus Checks|Base Endpoint Security Checks|Firewall Checks|Network Access|Secure Virtual Keyboard|APM, Web Application|Machine Certificate Checks|Protected Workspace|Remote Desktop|App Tunnel|CGN, BIG-IP VE, AFM ONLY|PSM, VE" }
base-mac 00:50:56:8f:57:85 build 2.0.1671
chassis-id 420f0d1e-817c-ad57-214b40151423 configsync-ip 192.168.255.5
edition "Hotfix HF2"
hostname f5-ltm-s1-2.ecstme.org management-ip 172.16.3.3
marketing-name "BIG-IP Virtual Edition" mirror-ip 192.168.255.5
mirror-secondary-ip 10.246.150.87 platform-id Z100
product BIG-IP
time-zone America/Toronto unicast-address {
{
effective-ip management-ip effective-port 1026
ip management-ip
}
{
effective-ip 192.168.255.5
effective-port 1026
ip 192.168.255.5
}
}
version 13.0.0
}
Device group
cm device-group /Common/device-group-a { devices {
/Common/f5-ltm-s1-1.ecstme.org { }
/Common/f5-ltm-s1-2.ecstme.org { }
}
type sync-failover
}
Device trust
cm device-group /Common/device_trust_group { auto-sync enabled
devices {
/Common/f5-ltm-s1-1.ecstme.org { }
/Common/f5-ltm-s1-2.ecstme.org { }
}
hidden true
network-failover disabled
}
Mirroring
sys state-mirroring { addr 192.168.255.4
secondary-addr 10.246.150.86
}