Manual Chapter : Initial VIPRION Setup

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 11.6.5, 11.6.4, 11.6.3, 11.6.2, 11.6.1, 11.5.10, 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1

BIG-IP GTM

  • 11.6.5, 11.6.4, 11.6.3, 11.6.2, 11.6.1, 11.5.10, 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1

BIG-IP LTM

  • 11.6.5, 11.6.4, 11.6.3, 11.6.2, 11.6.1, 11.5.10, 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1

BIG-IP AFM

  • 11.6.5, 11.6.4, 11.6.3, 11.6.2, 11.6.1, 11.5.10, 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1

BIG-IP ASM

  • 11.6.5, 11.6.4, 11.6.3, 11.6.2, 11.6.1, 11.5.10, 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1
Manual Chapter

Overview: Initial VIPRION setup

To set up a newly installed VIPRION® chassis, you configure a number of BIG-IP® system objects. First trunks (external and internal), then VLANs (external, internal, and high availability), and finally, self IP addresses.

This illustration depicts a VIPRION chassis configured with a single active blade.

Single blade in chassis

Task summary

VIPRION deployment worksheet

There are a number of points during the VIPRION® deployment process at which you will need to make decisions or provide values. Use this table as a prompt for gathering the answers and values you will need, so that you can provide them when performing the initial setup.

Configuration component Considerations
External gateway address What is the gateway address (next hop) for external traffic?
FQDN What is the fully-qualified domain name (FQDN) for your BIG-IP® system?
Link aggregation control protocol Do your trunks require LACP mode?
Network mask What is the network mask?
Primary cluster IP address What is the primary cluster IP address? The management IP address assigned to the chassis' primary cluster during chassis installation is used to access the VIPRION.
User role Do you have a user role of Administrator? You need to have a user role of Administrator to perform the tasks in this process.

Activating the BIG-IP license for VIPRION

To activate the BIG-IP® license, you need access to a browser and the base registration key. The base registration key is a character string that the license server uses to verify the type and number of F5 Networks products that you are entitled to license. If you do not have a base registration key, contact the F5 Networks sales group (http://www.f5.com).
You activate the BIG-IP license from the Setup Utility License screen.
  1. From a workstation attached to the network on which you configured the management interface, use a browser and type the following URL syntax where <management_IP_address> is the address you configured for device management: https://<management_IP_address>
  2. At the prompts, type the user name admin and the password admin.
  3. Click Log in. The Setup Utility screen opens.
  4. Click Activate. The License screen opens.
  5. In the Base Registration Key field, paste your base registration key.
  6. Click Next. The End User License Agreement (EULA) displays.
  7. Review the EULA. When you click Accept, the Platform screen opens.

Creating trunks

To configure trunks for the VIPRION® system, the four external interfaces must be cabled to your Internet gateway, external bridge, or vendor switch.
The first objects you configure are trunks that tie the internal and external vendor switch interfaces to the corresponding VIPRION interfaces.
  1. Use a browser to log in to the VIPRION® chassis's management IP address. This logs you in to the floating IP address for the cluster.
  2. On the peer (vendor) switch on the external network, create a trunk that includes the four external interfaces to which you have physically connected the external interfaces of the four blades. If the peer switch is configured to use Link Aggregation Control Protocol (LACP), you must enable LACP.
  3. Create a trunk, and if the peer switch is configured to use LACP, enable LACP on the new trunk:
    1. On the Main tab, expand Network, and click Trunks. The Trunks screen opens.
    2. At the upper right corner of the screen, click Create. The New Trunk screen opens.
    3. Assign the name trunk_ext, and assign an external interface of blade 1 to the trunk.
    4. Enable LACP mode, if required.
    5. Click Finished.
  4. Repeat the previous step, but this time, configure a trunk that ties the vendor switch internal interface to the VIPRION internal interface. Assign the name trunk_int.

Creating VLANs

VLANs associate with your trunks.
  1. Use a browser to log in to the VIPRION® chassis's management IP address. This logs you in to the floating IP address for the cluster.
  2. On the Main tab, expand Network, and click VLANs. The VLANs screen opens.
  3. Click Create. The New VLAN screen opens.
  4. Configure a VLAN named external, and assign it to the trunk named trunk_ex as an untagged interface.
  5. Click Finished.
  6. Repeat the last three steps, but this time, configure a VLAN named internal, and assign it to the trunk named trunk_int.
  7. Repeat steps 3 through 5 one more time, but this time, configure a VLAN named HA, assign it to the trunk named trunk_int as a tagged interface.

Creating self IP addresses for VLANs

You need at least one VLAN or VLAN group configured before you create a self IP address.
Self IP addresses enable the BIG-IP® system, and other devices on the network, to route application traffic through the associated VLAN or VLAN group. Repeat the steps in this task for each VLAN.
  1. On the Main tab, click Network > Self IPs. The Self IPs screen opens.
  2. Click Create. The New Self IP screen opens.
  3. In the Name field, type a unique name that readily identifies the VLAN to which it will associate for the self IP. Name the self IP for the internal VLAN Internal, name the external VLAN External, and name the HA VLAN HA.
  4. In the IP Address field, type an IP address. This IP address must be within the address space that corresponds to the VLAN for which it is created (Internal, External or HA). The system accepts IP addresses in both the IPv4 and IPv6 formats.
  5. In the Netmask field, type the network mask for the specified IP address.
  6. From the VLAN/Tunnel list, select the VLAN to associate with this self IP address:
    • For the internal network, select the VLAN that is associated with an internal interface or trunk.
    • For the external network, select the VLAN that is associated with an external interface or trunk.
    • For the HA network, select the VLAN that is associated with an internal interface or trunk.
  7. From the Port Lockdown list, select Allow Default.
  8. Repeat the last 4 steps, but this time specify an address from your external network in step 4 and select the VLAN named external in step 6.
  9. Repeat steps 3 through 7 one more time, but this time specify an address on your internal network in step 4 and select the VLAN named HA in step 6.
  10. Click Finished. The screen refreshes, and displays the new self IP address in the list.
The BIG-IP system can send and receive traffic through the specified VLAN or VLAN group.

Overview: Verifying initial VIPRION configuration

Verifying your VIPRION configuration confirms that the setup performed up to this point is functioning properly. Once you establish that the VIPRION® configuration is correct, you will likely need to create a profile, pools, and virtual server that are tailored to your network topology before you can begin processing LTM® traffic.

Creating a pool to manage HTTP traffic

You can create a pool to manage HTTP connections.
  1. On the Main tab, click Local Traffic > Pools. The Pool List screen opens.
  2. Click Create. The New Pool screen opens.
  3. In the Name field, type a unique name for the pool.
  4. For the Health Monitors setting, from the Available list, select the http monitor, and click << to move the monitor to the Active list.
  5. From the Load Balancing Method list, select how the system distributes traffic to members of this pool. The default is Round Robin.
  6. For the Priority Group Activation setting, specify how to handle priority groups:
    • Select Disabled to disable priority groups. This is the default option.
    • Select Less than, and in the Available Members field, type the minimum number of members that must remain available in each priority group in order for traffic to remain confined to that group.
  7. Using the New Members setting, add each resource that you want to include in the pool:
    1. Type an IP address in the Address field, or select a node address from the Node List.
    2. Type 80 in the Service Port field, or select HTTP from the list.
    3. (Optional) Type a priority number in the Priority field.
    4. Click Add.
  8. Click Finished.
The new pool appears in the Pools list.

Creating a virtual server to manage HTTP traffic

You can create a virtual server to manage HTTP traffic as either a host virtual server or a network virtual server.
  1. On the Main tab, click Local Traffic > Virtual Servers. The Virtual Server List screen displays a list of existing virtual servers.
  2. Click the Create button. The New Virtual Server screen opens.
  3. In the Name field, type a unique name for the virtual server.
  4. For the Destination setting, in the Address field, type the IP address you want to use for the virtual server. The IP address you type must be available and not in the loopback network.
  5. In the Service Port field, type 80, or select HTTP from the list.
  6. From the HTTP Profile list, select http.
  7. In the Resources area of the screen, from the Default Pool list, select a pool name.
  8. Click Finished.
The HTTP virtual server appears in the list of existing virtual servers on the Virtual Server List screen.