Applies To:
Show VersionsBIG-IP versions 1.x - 4.x
- 3.3.1 PTF-06, 3.3.1 PTF-05, 3.3.1 PTF-04, 3.3.1 PTF-03, 3.3.1 PTF-02, 3.3.1 PTF-01, 3.3.1, 3.3.0
1
Introduction
Getting started
Before you start installing the controller, we recommend that you browse the Administrator Guide and find the load balancing solution that most closely addresses your needs. Briefly review the basic configuration tasks and the few pieces of information you should gather in preparation for completing the tasks, such as IP addresses, and host names.
Once you find your solution and gather the necessary network information, turn to the Installation Guide for hardware installation instructions, and then return to the Administrator Guide to follow the steps for setting up your chosen solution.
Choosing a solution
The BIG-IP HA Controller supports the following types of solutions. The subsequent chapters in this guide each outline a solution and provide configuration instructions for the solution.
Basic web site and e-commerce configuration
This chapter covers the most common application of the BIG-IP Controller. In this configuration, traffic is distributed across an array of web servers that host standard web traffic, including e-commerce traffic.
A simple intranet configuration
This chapter describes how to set up the BIG-IP Controller to load balance a basic corporate intranet.
Load balancing virtual private networks (VPNs)
This chapter describes two scenarios for load balancing virtual private networks (VPNs) with the BIG-IP Controller.
ISP load balancing
This chapter describes how you can use the BIG-IP Controller to create separate connections to the internet. This functionality is useful if you need to add an additional connection to the internet.
Topologies for single IP networks
This chapter describes two load balancing scenarios on a single IP network.
nPath routing
This chapter describes nPath routing. nPath routing allows you to route outgoing server traffic around the BIG-IP Controller directly to an outbound router. This method of traffic management increases outbound throughput of the BIG-IP Controller because packets do not need to be transmitted to the BIG-IP Controller for translation and forwarding to the next hop.
Per-connection routing
This chapter describes how to configure the BIG-IP Controller in situations where it accepts connections for virtual servers from more than one router. The per-connection routing feature allows you to send the return data back through the same device from which the connection originated. You can use this option to spread the load among outbound routers, or to ensure that connections go through the same device if that device is connection-oriented, such as a proxy, cache, firewall, or VPN router.
SNAT and virtual servers combined
In some cases you may want to configure outbound transparent device load balancing and SNAT source translations. In the configuration described in this chapter, the BIG-IP Controller changes the source address of the clients to the external SNAT address. In this way, the actual IP addresses are not exposed to the internet. At the same time the BIG-IP Controller can load balance the same connection across multiple nodes. Therefore, both SNAT translation and virtual server load balancing can operate on the same connection in this configuration.
802.1q VLAN trunk mode
This chapter describes how to set up the BIG-IP Controller to use IEEE 802.1q VLAN Trunks. VLAN tags are not supported on the external interfaces. You can define a single VLAN tag for each IP address defined for each BIG-IP Controller internal interface. This includes node network addresses, administrative addresses, shared administrative aliases, and additional aliases.
Choosing a configuration tool
The BIG-IP platform offers both web-based and command line configuration tools, so that users can work in the environment that they are most comfortable with.
The First-Time Boot utility
All users will use the First-Time Boot utility, a wizard that walks you through the initial system set up. The First-Time Boot utility automatically starts the first time you turn the controller on, and it prompts you to enter basic system information including a root password and the IP addresses that will be assigned to the network interfaces. The Installation Guide provides detailed information about the specific pieces of information that the First-Time Boot utility prompts you to enter.
The Configuration utility
The Configuration utility is a web-based administrative application that you use to configure and monitor the load balancing setup on the BIG-IP Controller. In the Configuration utility, you can view, change, or add any setting supported by the BIG-IP Controller. You can also monitor current system performance, and download administrative tools such as the SNMP MIB or the SSH client. The Configuration utility requires Netscape Navigator version 4.7 or later, or Microsoft Internet Explorer version 4.1 or later.
The bigpipe and bigtop command line utilities
The bigpipeTM utility is the command line counter-part to the Configuration utility. Using bigpipe commands, you can configure virtual servers, open ports to network traffic, and configure a wide variety of features. To monitor the BIG-IP Controller, you can use certain bigpipe commands, or you can use the bigtopTM utility, which provides real-time system monitoring. You can use the command line utilities directly on the BIG-IP Controller, or you can execute commands via a remote shell, such as the SSH client (included with the global release only), or a Telnet client (for countries restricted by cryptography export laws). The Reference Guide provides detailed information about command line syntax.
Using the Administrator Kit
The BIG-IP® Controller Administrator Kit provides simple steps for quick, basic configuration, and also provides detailed information about more advanced features and tools, such as the bigpipe command line utility. The information is organized into the guides described below.
- Installation Guide
The Installation Guide walks you through the basic steps needed to get the hardware plugged in and the system connected to the network. Most users turn to this guide only the first time that they set up a BIG-IP Controller. The Installation Guide also covers general network administration issues, such as setting up common network administration tools including Sendmail. - Administrator Guide
The Administrator Guide provides examples of common load balancing solutions supported by the particular type of BIG-IP Controller you purchased. For example, in the BIG-IP HA Controller Administrator Guide, you can find everything from a basic web server load balancing solution to a more firewall load balancing solution. - Reference Guide
The Reference Guide provides basic descriptions of individual BIG-IP objects, such as pools, nodes, and virtual servers. It also provides syntax information for bigpipe commands, configuration utilities, configuration files, and system utilities. - F-Secure SSH User Guide
This guide is distributed only with BIG-IP Controllers that support the F-Secure SSH client (a tool used for remote command line access). It provides information about setting up and using the SSH client.
Stylistic conventions
To help you easily identify and understand certain types of information, all F5 Networks administrative documentation uses the stylistic conventions described below.
Warning: All examples in F5 Networks' documentation use only non-routable IP addresses. When you set up the solutions we describe, you must use IP addresses suitable to your own network in place of our sample addresses.
Identifying new terms
When we first define a new term, the term is shown in bold italic text. For example, a virtual server is a the combination of an IP address and port that maps to a set of back-end servers.
Identifying references to objects, names, and commands
We apply bold text to a variety of items to help you easily pick them out of a block of text. These items include web addresses, IP addresses, utility names, and portions of commands, such as variables and keywords. For example, the bigpipe vip command requires that you include at least one <node> variable.
Identifying references to other documents
We use italic text to denote a reference to another document. In references where we provide the name of a book as well as a specific chapter or section in the book, we show the book name in bold, italic text, and the chapter/section name in italic text to help quickly differentiate the two. For example, you can find information about bigpipe commands in the bigpipe Command Reference section of the BIG-IP Controller Reference Guide.
Identifying command syntax
We show actual, complete commands in bold Courier text. Note that we do not include the corresponding screen prompt, unless the command is shown in a figure that depicts an entire command line screen. For example, the following command sets the BIG-IP Controller load balancing mode to Round Robin:
bigpipe lb rr
Table 1.1 explains additional special conventions used in command line syntax.
Finding additional help and technical support resources
In addition to this administrator guide, you can find technical documentation about the BIG-IP Controller in the following locations:
- Release notes
The release note for the current version of the BIG-IP Controller is available from the web server on the BIG-IP Controller. The release note contains the latest information for the current version, including a list of new features and enhancements, a list of fixes, and, in some cases, a list of known issues. - Online help for BIG-IP Controller features
You can find help online in three different locations:- The web server on the BIG-IP Controller has a PDF version of this administrator guide. Note that some BIG-IP Controller upgrades replace the online Getting Started Guide, Administrator Guide, and Reference Guide with updated versions.
- The web-based Configuration utility has online help for each screen. Simply click the Help button in the toolbar.
- Individual bigpipe commands have online help, including command syntax and examples, in standard UNIX man page format. Simply type the command followed by the question mark option (-?), and the BIG-IP Controller displays the syntax and usage associated with the command.
- Third-party documentation for software add-ons
The web server on the BIG-IP Controller contains online documentation for all third-party software included with the BIG-IP Controller, such as GateD. - Technical support via the World Wide Web
The F5 Networks Technical Support web site, http://tech.F5.com, provides the latest technical notes, answers to frequently asked questions, updates for administrator guides (in PDF format), and the AskF5 natural language question and answer engine. To access this site, you need to obtain a customer ID and a password by sending an e-mail to the F5 Help Desk at askf5@f5.com.
What's new in version 3.3
The BIG-IP Controller offers the following major new features in version 3.3, in addition to many smaller enhancements.
BIG-IP e-Commerce Controller
This version of the BIG-IP Controller is available as the BIG-IP e-Commerce Controller. You can use the BIG-IP e-Commerce Controller to process SSL connections to your network. This controller contains a specific set of software and hardware features that accelerate SSL connections.
BIG-IP Cache Load Balancer
This version of the BIG-IP Controller is available as the BIG-IP Cache Controller. The BIG-IP Cache Controller version contains a specific set of features from the BIG-IP Controller that maximizes the efficiency of caches in your network. In addition to the load balancing features available with this controller, this version of the controller has new rule syntax that provides the ability to redirect HTTP requests to caches in your network. These features include:
- Cacheable content determination
This feature enables you to determine the type of content you cache on the basis of any combination of elements in the header of an HTTP request. - Content affinity
This feature assures that the same cache serves the same content subset even when caches become temporarily unavailable or when caches are added to or deleted from the cache pool. - Hot content load balancing
When configured, this feature identifies highly requested content and redirects these requests to a hot pool for load balancing. - Intelligent cache population
When configured, this feature allows caches to retrieve content from other caches in addition to the origin web server.
Performance enhancements
This version of the BIG-IP Controller includes internal performance enhancements. These enhancements improve the overall performance of the BIG-IP Controller.
Learning more about BIG-IP Controller product family
The BIG-IP Controller platform offers many different software systems. These systems can be stand-alone, or can run in redundant pairs, with the exception of the BIG-IP e-Commerce Controller, which is only available as a stand-alone system. You can easily upgrade from any special-purpose BIG-IP Controller to the BIG-IP HA Controller, which supports all BIG-IP Controller features.
- The BIG-IP LB Controller
The BIG-IP LB Controller provides basic load balancing features. - The BIG-IP FireGuard Controller
The BIG-IP FireGuard Controller provides load balancing features that maximize the efficiency and performance of a group of firewalls. - The BIG-IP Cache Controller
The BIG-IP Cache Controller uses content-aware traffic direction to maximize the efficiency and performance of an group of cache servers. - The BIG-IP e-Commerce Controller
The BIG-IP e-Commerce Controller uses SSL acceleration technology to increase the speed and reliability of the secure connections that drive e-commerce sites. - The BIG-IP HA Controller
The BIG-IP HA Controller provides all features from the basic BIG-IP LB Controller to the advanced BIG-IP FireGuard, BIG-IP Cache Controller, and BIG-IP e-Commerce Controller products.Note: BIG-IP Controllers distributed outside of the United States to a select few countries, regardless of system type, do not support encrypted communications. They do not include the F-Secure SSH client, nor do they support SSL connections to the BIG-IP web server. Instead, you can use the standard Telnet, FTP, and HTTP protocols to connect to the unit and perform administrative functions.