Sharing Session

Telkomsel Regional Team

A Consolidated Approach with F5
Simplifying the delivery of L4-L7 network services
Physical Component view
No. Description

1 Management 10/100/1000 port

2 USB ports

3 Console serial port

4 Serial (hard-wired) failover port

5 1/10G SFP+ ports

6 40GbE QSFP+ fiber ports

7 Indicator LEDs

8 LCD display

9 LCD control buttons

Physical Components (Rear View)
No. Description

1 Power input panel 1

2 Power input panel 2

3 Power input panel 3

4 Power input panel 4

5 Fan tray

6 Chassis ground lugs

Scale-Enabled VIPRION Line Up

TBS Buaran
VIP4800 5 5
VIPRION 4800 / 7 x 4300 TBS
Blade Each BOX Total
Throughput
70 Gb

VIPRION 4800 / 7 x 4300 Buaran

Blade Each BOX Total
Throughput
70 Gb
F5 Basics
Architecture TMOS

• Traffic Management Microkernel (TMM).

• End-to-end TCP optimization (IPv4 and IPv6).
• Pluggable software modules (SSL, caching, compression, WAF, etc.).
• Traffic Management Shell (TMSH)- Allow Acces to allow complete features.
• Extendable functionality (iRules, iControl API)
BIG-IP Traffic Management Operating System
(TMOS)
TCP Handshaking
Virtual Server

• IP Address + Service (Port)

Combination
• “Listens” for and manages traffic
• Normally Associated with a Pool
Member and Node Status
• Status Options
• Available – Green Circle
• Offline – Red Diamond
• Unknown – Blue Square
• Connection Limit
– Yellow Triangle
• Parent-Child Relationship
• Node
• Member
• Pool
• Virtual Server
F5 Operations
OAM Access – How to Connect
Clear Alarm on unit LCD Display
• Use X button, to put LCD in
menu mode.

• Use Arrow button for

directional purpose

• For clearing any alert, press

Check button. If there’s
confirmation show up, press
the Check button again.
Hardware Configuration – Blades/Slots
Go to “System”  “Clusters”  “Properties”
 Software Configuration
Go to “System”  “Software Management”
OAM Configuration
 F5 Network Configuration – VLAN List

Go to “Network”  “VLANs”
F5 Network Configuration – Create Trunk

• LACP mode : Active or Passive

• Link Selection Policy : BIG-IP system

determine which links are eligible for
aggregation.

• Frame Distribution Hash : Ensures

that the frames belonging to a
particular conversation are neither
mis-ordered nor duplicated at the
receiving end
F5 Network Configuration – Trunk List

In Telkomsel implementation, there are always two trunks:

- HA Trunk
- Service Traffic Trunk
 F5 Network Configuration – Self IP List

• Each IP address must be defined belong to which VLAN with specific TrafficGroup.
• Based on traffic-group, IP address can be decided whether it is floating IP or not.
F5 Configuration – Create Virtual Server
F5 Configuration – Virtual Server List
F5 Configuration – Pool List
Backup And Restore Procedure
Performance Measurement
What can be monitored?
• Memory
• CPU
• Connection
• Throughput
• etc
F5 Maintenance &
Troubleshooting
QKView File
- the qkview utility is a program that you can use to automatically collect configuration and
diagnostic information from BIG-IP systems
- the qkview utility is an executable program that generates machine-readable (XML) diagnostic
data and combines the data into a single compressed Tape ARchive (TAR) file
- How to collect the qkview file :
- Log in to the Configuration utility on PRIMARY BLADE
- Navigate to System > Support. The QKView option is already selected.
- Click Start.
- When prompted, click Download Snapshot File to download the output file.
Log in to the
Configuration
utility
 Navigate to
System > Support.
The QKView
option is already
selected
Click Start
When prompted,
click Download
Snapshot File to
download the
output file
 Upload the QKView file into BIG-IP iHealth

To upload into iHealth, need to create an account.

TCPDump
The tcpdump utility is a command line packet sniffer with many features and options

Selecting an Interface or VLAN

The tcpdump utility's interface or -i option accepts only one option. This option may be a numbered interface or a named Virtual
Local Area Network (VLAN).
To view traffic, use the -i flag as follows:
tcpdump -i <option>

For example:
To view the traffic on a single specific interface:
tcpdump -i 2.1
To view the traffic on a specific VLAN called internal:
tcpdump -i internal
To view the traffic on the management interface:
tcpdump -i eth0
To view the traffic on all interfaces:
tcpdump -i 0.0
TCPDump
Disabling name resolution
By default, tcpdump attempts to look up IP addresses and use names, rather than numbers, in the output. The BIG-IP
system must wait for a response from the DNS server, so the lookups can be time consuming and the output may be
confusing.
To disable name resolution, use the -n flag as in the following examples:
tcpdump -n
tcpdump -ni internal

Saving tcpdump output to a file

tcpdump -w <filename>

For example:
tcpdump -w dump1.pcap
TCPDump Filters
Filtering on a host address
• To view all packets that are traveling to or from a specific IP address, type the following command:tcpdump host <IP address>
For example:
tcpdump host 10.90.100.1

• To view all packets that are traveling from a specific IP address, type the following command:tcpdump src host <IP address>
For example:
tcpdump src host 10.90.100.1

• To view all packets that are traveling to a particular IP address, type the following command:tcpdump dst host <IP address>
For example:
tcpdump dst host 10.90.100.1
TCPDump Filters
Filtering on a port
• To view all packets that are traveling through the BIG-IP system and are either sourced from or destined to a specific port, type
the following command:tcpdump port <port number>
For example:
tcpdump port 80

• To view all packets that are traveling through the BIG-IP system and sourced from a specific port, type the following
command:tcpdump src port <port number>
For example:
tcpdump src port 80

• To view all packets that are traveling through the BIG-IP system and destined to a specific port, type the following
command:tcpdump dst port <port number>
For example:
tcpdump dst port 80
TCPDump Filters
Combining filters with the 'and' operator

You can use the and operator to filter for a mixture of output.
Following are some examples of useful combinations:

tcpdump host 10.90.100.1 and port 80

tcpdump src host 172.16.101.20 and dst port 80
tcpdump src host 172.16.101.20 and dst host 10.90.100.1
TCPDump Filters
Combining tcpdump options
This article contains the most essential tcpdump options. You will generally need to use most of the options in
combination.

Following are examples of how to combine the tcpdump options to provide the most meaningful output:

tcpdump -ni internal -w dump1.pcap

tcpdump -n -r dump1.pcap host 10.90.100.1
tcpdump -ni 2.1 host 10.90.100.1 and port 80
tcpdump -ni 1.10 src host 172.16.101.20 and dst port 80 > dump1.pcap

tcpdump -nni 0.0:nnn -s0 host <client-ip> or host <server-ip> -w /shared/tmp/issue.pcap –vvv
==> the above syntax captures traffic between client and F5, F5 and server
Reviewing BIG-IP log files
 Reviewing
BIG-IP log
files

Review the LTM log file during

the time period when problem
was reported
Reviewing BIG-IP log files
 Reviewing BIG-IP log files

crit tmm4[20395]: 01010201:2: Inet port exhaustion on 192.168.41.60 to 192.168.41.12:1813 (proto 17)

alert alertd[6642]: 01100045:1: /var/log disk usage exceeds 90%. Reduce log disk space now

notice mcpd[6408]: 01070727:5: Pool /Common/PL_BR_TBS_WAP_GW_9200 member /Common/192.168.41.12:9200

monitor status up. [ /Common/udp: up ] [ was down for 0hr:0min:36sec ]

info lacpd[6981]: 01160016:6: Interface 4/1.1, link admin status: enabled, link status: down, duplex mode: half, lacp
operation state: down