BigIP F5

About 1 month ago, the company I am working for purchased some F5 BIGIP HA+ load balancers. These are 4U high rackmount units. Essentially, they are just PC's with two ethernet cards running a modified variant of BSD unix. The only unique part is the one special card, a watchdog board.

Here is the version I'm using:

F5 Networks, Inc. BIG/ip Version 3.0Build48
Domestic HA Edition

Why use one of these over something like a Cisco Local Director, or an Alteon, or something else? In a nutshell, because they really work. The network vendors out there are quick to point out how their devices are 'in silicon' etc. However, most of them use the supervisor or management processor to handle filtering, load-balance host selection, etc. So you really aren't getting that. People don't notice

Other problems with non-F5 loadbalancers is the whole 'are we a switch or a router' problem. Other load balancers cannot effectively be a firewall or a NAT. They generally do their task only when packets match a profile, and then let packets that don't match through. This is dangerous, and I've been burned by this in the past.


Since I bought these used, I didn't get the latest software or support from F5. So, here are some notes for others to use in case they are in the same situation.

My biggest problem when starting up was getting the high-availability working and resetting the configuration that was in the product.

Since we bought these off of eBay, we had to figure out how to start fresh. I found another web page talking about F5's, but it recommended the wrong commands. For these units, the command is: config. It will allow you to reset all of the configuration settings in the bigdb.

Once I got the devices working, I couldn't get the failover to work. Both of the units would stay in an ACTIVE state, which is wrong. At first I thought it was the cable, but that wasn't the problem. It turns out that when the devices are in stateful-mirror failover mode, they couldn't communicate with each other. I turned this off and then things worked. This must have been a bug in their software.

FACT: - The BigIp failover cable is just a null-modem serial cable. Don't let anybody charge you a lot of money for one of these. When I looked at the ports, I didn't detect hardware flow control either.

FACT: - Can't see certain things in the Web UI? The problem is the javascript. It is Microsoft Internet Explorer specific. This can be a problem when you are trying to use Mozilla to configure the device.