Saturday, 18 June 2022

The First 54 BIG-IP Commands You Need to Know

 An important detail, all commands in this list have been validated in TMOS v13. Older or newer versions may have differences, so confirm in the release notes of your release. Let's get down to business.


Access or exit the TMOS prompt after connecting via SSH on BIG-IP

[root@bigip1:Active:In Sync] config # tmsh
root@(bigip1)(cfg-sync In Sync)(Active)(/Common)(tmos)# quit
[root@bigip1:Active:In Sync] config #

Change the current big-IP partition and then go back to /Common

root@(bigip1)(cfg-sync In Sync)(Active)(/Common)(tmos)# cd /WEB-APP/
root@(bigip1)(cfg-sync In Sync)(Active)(/WEB-APP)(tmos)# cd /Common/

View the history of commands used in TMSH

(tmos)# show cli history

List the nodes configured in the current partition

(tmos)# list ltm node

List all nodes configured in all partitions

(tmos)# list ltm node /*/*

List pools configured in the current partition

(tmos)# list ltm pool

List all pools configured in all partitions

(tmos)# list ltm pool /*/*

List the virtual-servers configured in the current partition

(tmos)# list ltm virtual

List all virtual-servers configured in all partitions

(tmos)# list ltm virtual /*/*

View statistics of the nodes of the current partition

(tmos)# show ltm node

View node statistics for all partitions

(tmos)# show ltm node /*/*

View partition pools statistics

(tmos)# show ltm pool

View pool statistics for all partitions

(tmos)# show ltm pool /*/*

Check the statistics of the pool members of the current partition

(tmos)# show ltm pool members

Check pool member statistics for all partitions

(tmos)# show ltm pool members /*/*

View statistics from the virtual-servers of the current partition

(tmos)# show ltm virtual

View virtual-server statistics for all partitions

(tmos)# show ltm virtual /*/*

Check SSL profile statistics called profile_WEB-APP-01

(tmos)# show ltm profile profile_WEB-APP-01

Zero nodes, pool, virtual-server and snat statistics

(tmos)# reset-stats ltm node
(tmos)# reset-stats ltm pool
(tmos)# reset-stats ltm virtual
(tmos)# reset-stats ltm snat

View total CPU consumption of the box/VE/vCMP (total and per CPU)

(tmos)# show sys cpu

View hardware, serial number, and derived information

(tmos)# show sys hardware

View the status and statistics of network interfaces

(tmos)# show net interface

View trunks/port-channels status and statistics

(tmos)# show net trunk

Check the status and statistics of self/float IPs

(tmos)# show net self

View the ARP table with only dynamic entries

(tmos)# show net arp dynamic

Check the full ARP table of big-IP

(tmos)# show net arp

Check that mac address f0:f7:55:96:86:c2 has been learned by BIG-IP

(tmos)# show net arp dynamic | grep f0:f7:55:96:86:c2

Check the selected route for destination 172.16.100.100

(tmos)# show net route lookup 172.16.100.100

Check the selected route to destination 172.16.100.100 if the packet arrives by RD-99

(tmos)# show net route lookup 172.16.100.100%99

View connection table for virtual-server10.0.0.1 listening on port 80

(tmos)# show sys connection cs-server-addr 10.0.0.1 cs-server-port 80

View connection table for virtual-server10.0.0.1 listening on port 80 and running on route-domain 10

(tmos)# show sys connection cs-server-addr 10.0.0.1%10 cs-server-port 80

Check that client IP 10.0.0.1 is in a persistence table

(tmos)# show ltm persistence persist-records client-addr 10.0.0.1

Check virtual-server persistence table vs_WEB-APP-80

(tmos)# show ltm persistence persist-records virtual vs_WEB-APP-80

Delete client persistence entry 10.0.0.1 from vs_WEB-APP-80

(tmos)# delete ltm persistence persist-records virtual vs_WEB-APP-80 client-addr 10.0.0.1

View the connection table for the SNAT IP 10.0.0.2

(tmos)# show sys connection ss-client-addr 10.0.0.2

View the connection table for the SNAT 10.0.0.2 IP in route-domain 10

(tmos)# show sys connection ss-client-addr 10.0.0.2%10

View the connection table for client 192.168.10.10

(tmos)# show sys connection cs-client-addr 192.168.10.10

View the connection table for client 192.168.10.10 that connected in virtual-server 10.0.0.1 on port 80

(tmos)# show sys connection cs-client-addr 192.168.10.10 cs-server-addr 10.0.0.1 cs-server-port 80

Check that port 3389 virtual-server 10.0.0.1 connections are being properly mirrored to the standby device

(tmos)# show sys connection cs-client-addr 10.0.0.1 cs-server-port 3389 type mirror*** Executar o comando sempre na caixa standby. Se o comando não retornar nada, ou a conexão já saiu da tabela ou não foi espelhada corretamente.

Delete ALL client connections 192.168.10.10

(tmos)# delete sys connection cs-client-addr 192.168.10.10

Delete all client 192.168.10.10 connections established for virtual-server 10.0.0.1 on port 80

(tmos)# delete sys connection cs-client-addr 192.168.10.10 cs-server-addr 10.0.0.1 cs-server-port 80

View client connection table 192.168.10.10 from RD-10

(tmos)# show sys connection cs-client-addr 192.168.10.10%10

Drip the IP 172.16.100.100 with the source 192.168.0.9 (need to be a box self)

(tmos)# ping -s 192.168.0.9 172.16.100.100

Continuous ly check /var/log/ltm

(bash)# tailf /var/log/ltm*** Atentar que o comando deve ser executado no bash e não no tmsh.

Check which traffic-groups are active and standby

(tmos)# show cm traffic-group

Check the BIG-IP mirror process

(tmos)# show sys ha-mirror*** Será exibido estatísticas por processo do TMM.

Perform a failover of ALL traffic-groups to another device

(tmos)# run sys failover standby*** Executar o comando do device ativo.

Failover of traffic-group WEB-APP to another device

(tmos)# run sys failover standby traffic-group WEB-APP

Perform tcpdump on 10.0.0.1 client traffic screen on port 80

(tmos)# tcpdump -nni 0.0 ‘host 10.0.0.1 and port 80’

Perform tcpdump of the first 50 packets on the 10.0.0.1 client traffic screen on port 80

(tmos)# tcpdump -nni 0.0 -c 50 ‘host 10.0.0.1 and port 80’

Perform tcpdump for a file called 10.0.0.1 client traffic captures 01.pcap on port 80 of only the first 50 packets

(tmos)# tcpdump -nni 0.0 -s0 -c 50 ‘host 10.0.0.1 and port 80’ -w captura01.pcap

Perform a UCS backup of BIG-IP to the bigip1_backup.ucs file

(tmos)# save sys ucs bigip1_backup.ucs

Restore ucs backup of name bigip1_backup.ucs in BIG-IP

(tmos)# load sys ucs bigip1_backup.ucs*** Toda restauração de backup UCS executa um reload do processo do BIG-IP. Isso significa indisponibilidade de tráfego em caixas processando tráfego.

Check the license/key applied to BIG-IP

(tmos)# show sys license
-
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

iRule

  iRule: -- o iRule is a powerful and flexible feature within the BIG-IP local traffic management (LTM). o IRule is a powerful & flexibl...