Applies To:Show Versions
BIG-IP versions 1.x - 4.x
- 4.2 PTF-10, 4.2 PTF-09, 4.2 PTF-08, 4.2 PTF-07, 4.2 PTF-06, 4.2 PTF-05, 4.2 PTF-04, 4.2 PTF-03, 4.2 PTF-02, 4.2 PTF-01, 4.2.0
- Getting started
- Using the Administrator Kit
- What's new in version 4.2
- Learning more about the BIG-IP product family
Before you start installing the BIG-IP, we recommend that you browse the BIG-IP e-Commerce Solutions Guide and find the solution that most closely addresses your needs. Briefly review the basic configuration tasks and the few pieces of information, such as IP addresses and host names, that you should gather in preparation for completing the tasks.
Once you find your solution and gather the necessary network information, turn back to the Configuration Worksheet and Hardware Orientation poster for hardware installation instructions, and then return to the BIG-IP e-Commerce Solutions Guide to follow the steps for setting up your chosen solution.
Choosing a configuration tool
The BIG-IP offers both web-based and command line configuration tools, so that users can work in the environment that they are most comfortable with.
The Setup utility
All users will use the Setup utility (formerly known as First-Time Boot utility). This utility walks you through the initial system set up. You can run the Setup utility from the command line, or from a web browser. The Setup utility prompts you to enter basic system information including a root password and the IP addresses that will be assigned to the network interfaces. For more information, see Chapter 2 of the BIG-IP Reference Guide.
The Configuration utility
The Configuration utility is a web-based application that you use to configure and monitor the setup on the BIG-IP. Once you complete the installation instructions described in this guide, you can use the Configuration utility to perform the configuration steps necessary for your chosen load balancing solution. In the Configuration utility, you can also monitor current system performance, and download administrative tools such as the SNMP MIB or the SSH client. The Configuration utility requires Netscape Navigator version 4.7, or Microsoft Internet Explorer version 5.0 or later.
The bigpipe and bigtop command line utilities
The bigpipeTM utility is the command line counter-part to the Configuration utility. Using bigpipe commands, you can configure virtual servers, open ports to network traffic, and configure a wide variety of features. To monitor the BIG-IP, you can use certain bigpipe commands, or you can use the bigtopTM utility, which provides real-time system monitoring. You can use the command line utilities directly on the BIG-IP console, or you can run commands using a remote shell, such as the SSH client (encrypted communications only), or a Telnet client (for countries restricted by cryptography export laws). For detailed information about the command line syntax, see the Chapter 7 of the BIG-IP Reference Guide.
Using the Administrator Kit
The BIG-IP Administrator Kit provides all of the documentation you need to work with the BIG-IP. The information is organized into the guides described below. The following printed documentation is included with the BIG-IP unit.
- Hardware Orientation Poster
This poster includes information about the BIG-IP unit. It also contains important environmental warnings.
- Configuration Worksheet
This worksheet provides you with a place to plan the basic configuration for the BIG-IP.
The following guides are available in PDF format from the CD-ROM provided with the BIG-IP. These guides are also available from the first Web page you see when you log in to the administrative web server on the BIG-IP.
- BIG-IP e-Commerce Solutions Guide
This guide provides examples of common load balancing solutions. Before you begin installing the hardware, we recommend that you browse this guide to find the load balancing solution that works best for you.
- BIG-IP Reference Guide
This guide provides detailed configuration information for the BIG-IP. It also provides syntax information for bigpipe commands, other command line utilities, configuration files, system utilities, and monitoring and administration information.
To help you easily identify and understand important information, our documentation uses the stylistic conventions described below.
Using the solution examples
All examples in this documentation use only non-routable IP addresses. When you set up the solutions we describe, you must use IP addresses suitable to your own network in place of our sample addresses.
Identifying new terms
To help you identify sections where a term is defined, the term itself is shown in bold italic text. For example, a virtual server is a specific combination of a virtual address and virtual port, associated with a content site that is managed by a BIG-IP or other type of host server.
Identifying references to objects, names, and commands
We apply bold text to a variety of items to help you easily pick them out of a block of text. These items include web addresses, IP addresses, utility names, and portions of commands, such as variables and keywords. For example, with the bigpipe pool <pool_name> show command, you can specify a specific pool to show by specifying a pool name for the <pool_name> variable.
Identifying references to other documents
We use italic text to denote a reference to another document. In references where we provide the name of a book as well as a specific chapter or section in the book, we show the book name in bold, italic text, and the chapter/section name in italic text to help quickly differentiate the two. For example, you can find information about bigpipe commands in the BIG-IP Reference Guide, Chapter 7, bigpipe Command Reference.
Identifying command syntax
We show complete commands in bold Courier text. Note that we do not include the corresponding screen prompt, unless the command is shown in a figure that depicts an entire command line screen. For example, the following command shows the configuration of the specified pool name:
bigpipe pool <pool_name> show
b pool <pool_name> show
Table Intro.1 explains additional special conventions used in command line syntax.
Finding additional help and technical support resources
You can find additional technical information about this product in the following locations:
- Release notes
Release notes for the current version of this product are available from the product web server home page, and are also available on the technical support site. The release notes contain the latest information for the current version, including a list of new features and enhancements, a list of fixes, and, in some cases, a list of known issues.
- Online help
You can find help online in three different locations:
- The web server on the product has PDF versions of the guides included in the Administrator Kit.
- The web-based Configuration utility has online help for each screen. Simply click the Help button.
- Individual bigpipe commands have online help, including command syntax and examples, in standard UNIX man page format. Simply type the command followed by the word help, and the BIG-IP displays the syntax and usage associated with the command.
- Third-party documentation for software add-ons
The web server on the product contains online documentation for all third-party software, such as GateD.
- Technical support via the World Wide Web
The F5 Networks Technical Support web site, http://tech.F5.com, provides the latest technical notes, answers to frequently asked questions, updates for administrator guides (in PDF format), and the AskF5 natural language question and answer engine. To access this site, you need to obtain a customer ID and a password from the F5 Help Desk.
What's new in version 4.2
The BIG-IP offers the following major new features in version 4.2, in addition to many smaller enhancements.
Improved BIG-IP licensing procedure
With this release, you can now re-license your BIG-IP systems using the web-based Configuration utility. This new method of licensing simplifies the BIG-IP licensing process in general.
The Setup Utility
This release includes a new Setup utility for initially configuring your BIG-IP system. The Setup utility replaces the web-based and console-based First-Time Boot utility. For more information, see the BIG-IP Reference Guide, Chapter 2, Using the Setup Utility.
Enhanced pools support
This release provides a feature to specify a pool of multiple default gateways, used for handling administrative traffic such as SSH, telnet, FTP, and HTTPS connections. For more information, see the Pools section in the BIG-IP Reference Guide, Chapter 4, Configuring the High-Level Network.
SSL Accelerator proxy enhancements
This release includes several important enhancements to the SSL Accelerator proxy. For example, you can now configure options such as specifying ways for an SSL proxy to manage client certificates, inserting headers into HTTP requests, specifying ciphers and protocol versions, and configuring SSL session cache size and timeout values.
This release also supports the SSL-to-Server option, which allows you to re-encrypt traffic after it has been decrypted by the BIG-IP. Previously available on the IP Application Switch only, this feature is now available on the e-Commerce and BIG-IP Controller platform also. Moreover, this feature has been enhanced in this release to further ensure the security of SSL connections between the proxy and the server.
For a complete list of all new SSL Accelerator proxy options, see the Proxies section in Chapter 4 of the BIG-IP Reference Guide.
New filter for rewriting HTTP redirections
This release provides an ISAPI filter, called redirectfilter.dll, which allows IIS servers running Netscape to rewrite HTTP redirections. Rewriting HTTP redirections helps to ensure that SSL connections remain on a secure channel. By installing this filter on your IIS server, you offload the task of rewriting HTTP redirections from your SSL Accelerator proxy to your IIS server. For more information, see the Rewriting HTTP redirection section (which is a subsection of the HTTP Redirection section) in Chapter 4 of the BIG-IP Reference Guide.
Support for the NCipher FIPS 140-compatible hardware security module
For BIG-IP Controller platforms, option is available to install a FIPS 140-1-certified cryptographic network module. The BIG-IP FIPS hardware option is specifically designed for processing SSL traffic within environments that require FIPS 140-1 Level 3 compliant solutions. It comes with the FIPS 140-1 level 3 certified PCI based encryption processing module, attached smart card reader, and 5 smart cards. This product can be installed in any BIG-IP Controller platform that has BIG-IP software version 4.2 and is authorized by your vendor. For more information, see Configuring FIPS 140 Security World on the BIG-IP in the Documentation section of the Software and Documentation CD.
Enhanced support for Secure Network Address Translations (SNATs)
In previous releases, BIG-IP allowed you to automatically map VLANs to translation IP addresses during SNAT creation. In this release, you can now use this automapping feature not only for VLANs, but for one or more individual IP addresses. For more information, see the Address Translation: NATs, SNATs, and IP Forwarding section in the BIG-IP Reference Guide, Chapter 4, Configuring the High-Level Network.
Enhanced interface statistics
This release features enhanced statistics for BIG-IP interfaces. The following state information and statistics are now available: MTU, Speed, MAC address, packets in, errors in, packets out, errors out, collisions, dropped packets, bits in, bits out. Previously available on the IP Application Switch, this feature is new for the BIG-IP Controller platform. For more information, see the BIG-IP Reference Guide, Chapter 11, Monitoring and Administration.
Support for LDAP and RADIUS logins
With this release, BIG-IP can now authenticate SSH users by way of an LDAP or a RADIUS server. For information on configuring this feature, see the To configure RADIUS login support section and the Configuring LDAP login support section (which are a subsections of the Configuring RADIUS or LDAP authentication section) in Chapter 12 of the BIG-IP Reference Guide.
Enhanced system logging
System logging in this release provides more detailed information, such as up or down status for nodes. For more information, see the BIG-IP Reference Guide, Chapter 11, Monitoring and Administration.
Web-based Configuration utility enhancements
This release includes a number of improvements to the web-based Configuration utility. All new features for this release are supported by the Configuration utility.
Learning more about the BIG-IP product family
The BIG-IP platform offers many different software systems. These systems can be stand-alone, or can run in redundant pairs, with the exception of the BIG-IP e-Commerce Controller, which is only available as a stand-alone system. You can easily upgrade from any special-purpose BIG-IP to the BIG-IP HA software, which supports all BIG-IP features.
- The BIG-IP
The BIG-IP HA, and HA+ software provides the full suite of local area load balancing functionality. The BIG-IP unit also has an optional 3-DNS software module which supports wide-area load balancing.
- The BIG-IP e-Commerce Controller
The BIG-IP e-Commerce Controller uses SSL acceleration technology to increase the speed and reliability of the secure connections that drive e-commerce sites.
- The BIG-IP special purpose products
The special purpose BIG-IP provides the ability to choose from three different BIG-IP feature sets. When you run the Setup utility, you specify one of three types:
- The BIG-IP Load Balancer
The BIG-IP Load Balancer provides basic load balancing features.
- The BIG-IP FireGuard
The BIG-IP FireGuard provides load balancing features that maximize the efficiency and performance of a group of firewalls.
- The BIG-IP Cache Controller
The BIG-IP Cache Controller uses content-aware traffic direction to maximize the efficiency and performance of a group of cache servers.
- The BIG-IP Load Balancer