Manual Chapter : Working with DSC Devices

Applies To:

Show Versions Show Versions

BIG-IP AAM

  • 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0

BIG-IP APM

  • 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0

BIG-IP Analytics

  • 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0

BIG-IP Link Controller

  • 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0

BIG-IP LTM

  • 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0

BIG-IP PEM

  • 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0

BIG-IP AFM

  • 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0

BIG-IP DNS

  • 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0

BIG-IP ASM

  • 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0
Manual Chapter

Working with DSC Devices

What is a DSC device?

A DSC®
device
is a physical or virtual BIG-IP® system that is also:
  • A member of a local trust domain. Each device has a set of unique identification properties that the BIG-IP system generates, such as a serial number, a device certificate, and so on. When devices join a trust domain, they exchange this information through a process called
    device discovery
    .
  • A device group member. Each device has connectivity addresses (for config sync, failover, and mirroring) that you define on that device. Other device group members use these addresses to communicate with the device.
The definition of what constitutes a device group member varies depending on the platform type:
For this BIG-IP® platform....
Each device group member is...
An appliance model
An individual appliance
An appliance model, provisioned for vCMP®
A vCMP guest running on an appliance. Each guest as a device group member must reside on a separate appliance.
VIPRION® chassis with blades (bare-metal)
An individual chassis with blades
VIPRION system with blades, provisioned for vCMP
A vCMP guest running on a chassis. Each guest as a device group member must reside on a separate chassis.

About IP addresses for config sync, failover, and mirroring

Each device in a device group must contain
device connectivity
information, that is, the IP addresses that you define on the device for configuration synchronization (config sync), failover, and connection mirroring.

Config sync IP address

This is the IP address that you want other devices to use when synchronizing configuration objects to the local device.
By default, the system uses the self IP address of VLAN
internal
. This is the recommended IP address to use for config sync. You can, however, use a different self IP address for config sync.
A self IP address is the only type of BIG-IP system address that encrypts the data during synchronization. For this reason, you cannot use a management IP address for config sync.

Failover IP addresses

These are the IP addresses that you want another device to use when failing over to the local device. You can specify two types of addresses: unicast and multicast.
For appliance platforms, specifying two unicast addresses should suffice. For VIPRION platforms, you should also retain the default multicast address that the BIG-IP system provides.
The recommended unicast addresses for failover are:
  • The self IP address that you configured for either VLAN
    HA
    or VLAN
    internal
    . If you created VLAN
    HA
    when you initially ran the Setup utility on the local device, F5 recommends that you use the self IP address for that VLAN. Otherwise, use the self IP address for VLAN
    internal
    .
  • The IP address for the local management port.

Mirroring IP addresses

These are the IP addresses that you want another device to use for mirroring connections to the loca device. You specify both a primary address, as well as a secondary address for the system to use if the primary address is unavailable. If you configured VLAN
HA
, the system uses the associated self IP address as the default address for mirroring. If you did not configure VLAN
HA
, the system uses the self IP address of VLAN
internal
.
You can only mirror connections between identical hardware or virtual platforms. On a VIPRION system, you can mirror connections between blades within the cluster or between two separate clusters in a device group. If you are mirroring between clusters in a device group, then for VIPRION systems that are not provisioned for vCMP, each chassis must have the same number of blades in the same slot numbers. For vCMP systems, each guest must be assigned to the same number of blades in the same slot numbers, with the same number of cores allocated per slot.
For the VLAN associated with the self IP address that you specify for connection mirroring, make sure that the VLAN's
CMP Hash
setting is set to the default value. Otherwise, the system cannot establish the HA connection.

About device properties

From the local BIG-IP device, you can view or configure the properties of any device within the local trust domain, including the local device.

Viewing device properties

On each member of the local trust domain, the BIG-IP system generates a set of information. This information consists of properties such as the device name, serial number, and management IP address. By default, every BIG-IP device in the local trust domain has a set of device properties. You can use the BIG-IP Configuration utility to view these properties.
  1. On the Main tab, click
    Device Management
    Devices
    .
    This displays a list of device objects discovered by the local device.
  2. In the Name column, click the name of the device for which you want to view properties.
    This displays a table of properties for the device.

Specifying values for device properties

Using the BIG-IP Configuration utility, you can specify values for a few of the properties for a device. Device properties provide information about the device that you can refer to when needed.
  1. On the Main tab, click
    Device Management
    Devices
    .
    This displays a list of device objects discovered by the local device.
  2. In the Name column, click the name of the device for which you want to specify properties.
    This displays a table of properties for the device.
  3. In the
    Description
    field, type a description of the device.
  4. In the
    Location
    field, type a location for the device.
  5. In the
    Contact
    field, type contact information for the device.
  6. In the
    Comment
    field, type a comment about the device.
  7. Click
    Update
    .

Device properties

The following table lists and describes the properties of a device.
Property
Description
Name
The name of the device, such as
siterequest
.
Description
A user-created description of the device.
Location
The location of the device, such as
Seattle, Bldg. 1
Contact
The name of the person responsible for this device.
Comment
Any user-specified remarks about the device.
Hostname
The host name of the device, such as
www.siterequest.com
IP address
The IP address for the management port.
Serial Number
The serial number of the device.
MAC Address
The MAC address for the management port.
Time Zone
The time zone in which the device resides.
Platform ID
An identification for the platform.
Platform Name
The platform name, such as
BIG-IP 8900
.
Software Version
The BIG-IP version number, such as BIG-IP 11.0.0.
Status
The status of the device, such as
Device is active
Active Modules
The complete list of active modules, that is, the modules for which the device is licensed.

About device status

A BIG-IP device can have any status shown in the following table.
Status
Description
Active
A minimum of one floating traffic group is currently active on the device. This status applies to Sync-Failover device groups only.
Forced offline
An administrator has intentionally made the device unavailable for processing traffic.
Offline
The device is unavailable for processing traffic.
Standby
The device is available for processing traffic, but all traffic groups on the device are in a standby state. This status applies to Sync-Failover device groups only.
Unknown
The status of the device is unknown.

Viewing possible status types for a device

You can view a list of possible status types for a device.
  1. On the Main tab, click
    Device Management
    Devices
    .
    This displays a list of device objects discovered by the local device.
  2. In the status column, click
    Status
    .
    This displays a list of all possible status types for a device.

Viewing the status of a device

You can view the status of a device in a device group. Viewing the status of a device can help with troubleshooting or to verify that the devices in the device group are working properly.
  1. On the Main tab, click
    Device Management
    Devices
    .
    This displays a list of device objects discovered by the local device.
  2. In the Name column, locate the name of the device for which you want to view status.
  3. In the Status column, view the status of the device.

Device status

At all times, the BIG-IP system displays a specific status for each device in a device group.
Possible statuses of a DSC device
Device status
Description
Active
The device is available and is processing traffic on the network. If the device is a member of a Sync-Failover device group, this status indicates that at least one traffic group is active on the device.
Forced Offline
An authorized user has intentionally taken the device offline, usually for maintenance purposes.
Offline
The device is offline for a reason other than being forced offline by an authorized user.
Standby
The device is available but is not processing traffic on the network. This applies to devices in a Sync-Failover device group only, and all traffic groups on the device are Standby traffic groups only.
Unknown/Not Watched
The BIG-IP system cannot determine the status of the device. This status usually occurs when the device has not yet joined a device group.