Applies To:Show Versions
BIG-IP versions 1.x - 4.x
- 3.3.1 PTF-01
Apply the PTF to BIG-IP Controller version 3.3.1 using the following process:
Note: Note that the installation procedure has changed slightly from the one you used with previous versions of the software. With this version, you need only untar the install script upgrade_ptf. When you run the install script, the script untars and installs only the files required to upgrade your installation. If the BIG-IP Controller you are upgrading has a solid state drive (SSD), you must use the new procedure.
- Click here and follow the instructions for using the F5 Networks FTP site.
Use FTP in passive mode from the BIG-IP Controller to download the file. To place FTP in passive mode, type pass from the command line before transferring the file.
- Download the bigip3.3.1ptf-01kit.tar file to the /var/tmp/ directory on the target BIG-IP Controller
- Enter the following commands to install this PTF:
tar -xvpf bigip3.3.1ptf-01kit.tar upgrade_ptf
- Run the following commands:
- Follow on-screen instructions.
The install automatically creates a backup of the /etc/syslog.conf file in /var/save/backupyymmdd_hhmm/ on the BIG-IP Controller and removes any old files that are no longer used. If you have made changes to the /etc/syslog.conf file, you may need to edit that file and retype your modifications.
The checksums for this PTF are available in a file called sums, which can be downloaded from the FTP site.
Once you have installed the PTF software, please refer to the Configuring and using the updated software.
- Under all known circumstances, including when the second packet or later is holding the cookie and the packet ends on a CRLF, the BIG-IP Controller can now detect its cookie.
- When the IP Forwarding feature is enabled, ICMP Destination Unreachable Need Fragmentation packets are now forwarded.
- Traceroute now uses the correct destination address when encountering a wildcard virtual server that matches the destination address.
- Reduced state mirroring daemon (sfd) logging sensitivity and verbosity.
- Included new security patches for BIND by upgrading the version of BIND to version 8.2.3.
- The BIG-IP Controller serial number displays in the web-based Configuration utility.
This release provides the following configuration options.
The BIG-IP Controller SSL gateway supports Verisign Global Certificates. To install a Global Certificate, you need the intermediate-ca.cert file provided by Verisign. Use the following procedure to install a Global Certificate.
- Copy the intermediate-ca.cert file into the /var/asr/gateway/CA/ directory. To do this, type the following command.
cp intermediate-ca.cert /var/asr/gateway/CA/
- Next, restart the proxy. The easiest way to do this is to simply reload the configuration file. To reload the configuration file, type the following command.
bigpipe -f /etc/bigip.conf
The proxy should now be working with the new certificate.
If you are using the force_master flag to set a specific controller to be the preferred active unit, we recommend that that you set the force_slave flag on the controller you want to run primarily as a secondary controller. This flag must be set if you are using network fail-over. For more information about these flags, see the BIG-IP Controller Reference Guide, v.3.3, Setting a specific controller to be the preferred active unit, on page 1-100.
The following are known issues with the BIG-IP Controller, version 3.3.1 PTF-01 as of the release date. For known issues subsequent to the release date, please go to AskF5. Once you have logged in, type "known issues" and click Ask. Select the correct version number and click Ask again.
Setting the interface fail-safe timeout
We recommend that you set the interface fail-safe timeout to 30 seconds or more.