Manual :
BIG-IP Controller Administrator Guide, version 3.3
Applies To:
Show VersionsBIG-IP versions 1.x - 4.x
- 3.3.1 PTF-06, 3.3.1 PTF-05, 3.3.1 PTF-04, 3.3.1 PTF-03, 3.3.1 PTF-02, 3.3.1 PTF-01, 3.3.1, 3.3.0
Original Publication Date: 09/27/2007
Introduction
Getting started
Using the Administrator Kit
What's new in version 3.3
Learning more about BIG-IP Controller product family
Basic Web Site and e-Commerce Configuraton
Basic web site and e-commerce configuration
Setting up the topology
A Simple Intranet Configuration
A simple intranet configuration
Configuring an SSL Accelerator
Introducing the SSL Accelerator
Hardware acceleration options
Configuring the SSL Accelerator
- Generating a key and obtaining a certificate
- Installing certificates from the certification authority (CA)
- Create an HTTP virtual server
- Create an SSL gateway
- Enabling, disabling, or deleting an SSL gateway
- Displaying the configuration for an SSL gateway from the command line
Optional SSL Accelerator configuration
- Create a last hop pool that includes additional network devices
- Modify the SSL gateway so that it references the last hop pool
Introducing the SSL accelerator cell configuration
- Configuration tasks
- Configuring the BIG-IP Controller which load balances the SSL accelerator cells
- Configuring an SSL accelerator for use in a cell
- Setting the default route on each node in a cell
Introducing the SSL accelerator half sandwich configuration
- Configuration tasks
- Configuring the BIG-IP Controllers handling inbound traffic
- Configuring each SSL accelerator
- Configuring the BIG-IP Controller that load balances the content servers
- Configuring the content servers
VPN Load Balancing
VPN load balancing
VPN and router load balancing
- Configuring interfaces for VPN load balancing
- Configuring virtual servers for VPN and router load balancing
ISP Load Balancing
ISP load balancing
- Configuring interfaces for the additional internet connection
- Configuring virtual servers for an additional internet connection
One IP Network Topologies
One IP network topology with one interface
- Configuring the interface in the single interface topology
- Defining a pool for the servers
- Virtual server configuration
- Client SNAT configuration
One IP network topology with two interfaces
- Configuring the interfaces in the single IP network with two interfaces topology
- Routing issues
- Defining a pool for the servers
- Virtual server configuration
- Client SNAT configuration
nPath Routing
nPath routing
- Defining a virtual server with address translation disabled
- Setting the route through the BIG-IP Controller
- Setting the idle connection time-out
Balancing Traffic Inbound to Enterprise Servers
Introducing firewall load balancing for inbound traffic
Configuration tasks
Configuring routing to the internal network
Creating pools for firewalls and servers
- Creating a pool for outside firewall interfaces
- Creating a pool for servers
- Creating a pool for inside firewall interfaces
Creating virtual servers for the firewall sandwich
- Creating a wildcard virtual server to load balance the outside firewall interfaces
- Creating a standard virtual server to load balance the enterprise servers
- Designating the last hop pool
Configuring interfaces
Configuring administrative routing
Balancing Traffic Outbound to the Internet
Introducing firewall load balancing for outbound traffic
Configuration tasks
Verifying user network routing
Creating a pool for the firewalls
Creating a wildcard virtual server
Configuring interfaces
Configuring network address translation on firewalls
Creating a route for return traffic
Balancing Two-Way Traffic With Destination Processing
Introducing two-way firewall load balancing with destination processing
Configuration tasks
Configuring routing to the internal network
Creating pools for firewalls and servers
- Creating a pool for outside firewall interfaces
- Creating a pool for inside firewall interfaces
- Creating a pool for servers
Creating virtual servers for inbound traffic
- Creating a network virtual server to load balance the firewalls
- Creating a standard virtual server to load balance intranet servers
- Designating a last hop pool for inbound traffic
Creating virtual servers for outbound traffic
- Creating a wildcard virtual server for balancing traffic to the firewalls
- Creating a forwarding wildcard virtual server to forward traffic to the Internet
- Designating a last hop pool for outbound traffic
Configuring interfaces
Configuring administrative routing
Balancing Two-Way Traffic
Introducing firewall load balancing for two-way traffic
Configuration tasks
Configuring routing to the internal network
Creating pools for the firewalls
Creating virtual servers for inbound traffic
- Creating a network virtual server
- Creating a forwarding virtual server
- Designating a last hop pool for inbound traffic
Creating virtual servers for outbound traffic
- Creating a wildcard virtual server for balancing outbound traffic to the firewalls
- Creating a forwarding wildcard virtual server to forward traffic to the Internet
- Designating a last hop pool for outbound traffic
Configuring interfaces
Configuring administrative routing
Configuring Local Server Acceleration
Introducing local server acceleration
Configuration tasks
Creating pools
- Creating a pool for the cache servers
- Creating a pool for the origin server
- Creating a pool for hot content
Creating a cache control rule
Creating a virtual server
Configuring for intelligent cache population
Configuring Remote Server Acceleration
Introducing remote server acceleration
Configuration tasks
Creating pools
- Creating a pool for the cache servers
- Creating a pool for the origin server
- Creating a pool for hot content
Creating a cache control rule
Creating a virtual server
Configuring for intelligent cache population
Configuring Forward Proxy Caching
Introducing forward proxy caching
Configuration tasks
Creating pools
- Creating a pool for the cache servers
- Creating a pool for the origin server
- Creating a pool for hot content
Creating a cache control rule
Creating a virtual server
SNAT and Virtual Servers Combined
SNAT and virtual servers combined
Setting up 802.1q VLAN Trunk Mode
Setting up 802.1q VLAN trunk mode
- Adding VLAN tag definitions to /etc/netstart
- Adding VLAN tag definitions to BIG/db
- Configuring multiple VLANs on one interface
- To enable or disable VLAN tags on the command line
- Using ifconfig to add another VLAN
- Using netstat to view VLAN tags
- Disabling and enabling VLAN tags using the Configuration utility
Essential Configuration Tasks
Determing which configuration tasks to do
Configuring a pool
Configuring virtual servers
- Using standard or wildcard virtual servers
- Using additional features with virtual servers
- Defining standard virtual servers
- Defining wildcard virtual servers
Allowing access to ports and services
Configuring the timer settings
- Setting the node ping timer
- Setting the timer for reaping idle connections
- Setting the service check timer
- Service checking for wildcard servers and ports
Changing the global load balancing mode
Configuring NATs and IP forwarding for nodes
- Defining a standard network address translation (NAT)
- Defining a secure network address translation (SNAT)
- Setting up IP forwarding
Configuring Extended Content Verification service checking
- ECV service check properties
- Writing send and receive strings for ECV service checks
- Setting up ECV service check using the Configuration utility
- Manually configuring and testing the /etc/bigd.conf file
Configuring persistence for e-commerce and other dynamic content sites
Configuring and synchronizing redundant systems
- Preparing to use the synchronization command
- Synchronizing configurations between controllers
- Configuring fail-safe settings
Monitoring and Administration
Monitoring and administration utilities provided on the BIG-IP Controller
Using the bigpipe command utility as a monitoring tool
- Monitoring the BIG-IP Controller
- Monitoring virtual servers, virtual addresses, and services
- Monitoring nodes and node addresses
- Monitoring NATs
- Monitoring SNATs
Working with the BIG/stat utility
Working with the BIG/top utility
Working with the Syslog utility
Removing and returning items to service
- Removing the BIG-IP Controller from service
- Removing individual virtual servers, virtual addresses, and ports from service
- Removing individual nodes and node addresses from service
- Viewing the currently defined virtual servers and nodes