Hello, version 10!  Product launches are always exciting, for the vendors as well as the vendees, and this is no exception.  I was a customer when F5 made the jump to v9, and having used the BIG-IP/3-DNS products for a couple years at that point, I was a little concerned at the magnitude of change.  That evaporated quickly as I began navigating around the UI and diving into the pleasure that is iRules.  So it is today with the announcement of version 10.  There is an astounding level of product growth in v.10, not just with GTM, but that's our focus today.

GTM has a command-line interface!

Fresh in v.10, the GTM now has a cli, deployed as a module in tmsh, v.10's new traffic management shell.  The tmsh is tree structured, so you can drop down into a branch or stay in the trunk to list or configure.  Whereas bigpipe is an object/action model, tmsh is action/object.  The tiered menu functionality is shown in the examples below.

root@golgotha(Active)(tmos)# create gtm datacenter spiderman

root@golgotha(Active)(tmos)# gtm
root@golgotha(Active)(tmos.gtm)# datacenter
root@golgotha(Active)(tmos.gtm.datacenter)# create batman

root@golgotha(Active)(tmos.gtm.datacenter)# show running-config
datacenter batman { }
datacenter spiderman { }

In this example, you can see that the syntax is available in-line during configuration:

root@golgotha(Active)(tmos.gtm.wideip)# create myWIP ?


  • [object identifier]     If you have many wide IPs, you can use two different wildcard characters, * and ?, to represent one or more characters in the wide IP alias, which reduces the number of aliases you have to add to the configuration. The asterisk character ( * ) represents several characters. The question mark character ( ? ) represents a single character.


  •   "{"                     Optional delimiter
  •   aliases               Specifies alternate domain names for the web site content you are load balancing. You can use two different wildcard characters, * and ?, to represent one or more characters.
  •   disabled                Specifies that the wide IP and its resources are not available for load balancing.
  •   enabled                 Specifies that the wide IP and its resources are available for load balancing.
  •   ipv6-no-error-response
  •   last-resort-pool        Specifies which pool for the system to use as the last resort pool when load balancing requests for this wide IP.
  •   persistence             Specifies that when a local DNS server makes repetitive requests on behalf of a client, the system reconnects the client to the same resource as previous requests.
  •   pool-lb-mode            Specifies the load balancing method used to select a pool in this wide IP. This option is relevant only when multiple pools are configured for this wide IP. The load balancing methods are global availability (Specifies that the system selects a pool by following the order of the Pool List. The system repeatedly selects the first pool in the list for as long as its status is available. If the pool becomes unavailable for any reason, the system then repeatedly selects the next pool in the list, and so on.), random (Specifies that the system selects a pool in no pattern or order.), ratio (Specifies that the system selects a pool based on the ratio that you assign to the pool.), round robin (Specifies that the system selects pools sequentially.), and topology (Specifies that the system selects a pool based on topology information in the incoming LDNS request. Note that this load balancing method works only if you have configured a topology statement.).
  •   pools                   Specifies the pools for the system to use when load balancing requests for this wide IP.
  •   rules                   Specifies the iRules that this wide IP uses for load balancing decisions. The system evaluates the iRules in the order in which they are listed, until it finds a matching iRule.
  •   ttl-persistence         Specifies, in seconds, the length of time for which a persistence entry is valid. This value can range from 0 to 2147483648 seconds.      

Don has a great article on tmsh that dives way deeper into this powerful new shell, you should definitely check it out!  You should also check out the tmsh reference guide.

 New iRules Commands!

I wrote a tech tip covering these new commands (available here), but here's the summary:

  • whoami, returns the server name for the local GTM
  • whereami, returns the datacenter name for the local GTM
  • uptime, returns the number of seconds the local GTM has been up
  • members [-list] [blue|green|yellow|red|gray], returns the number or list of pool members in the specified state.  If you do not specify a state, returns all pool members.
  • pools [-list] [blue|green|yellow|red|gray], returns the number of pools or a list of pools in the wide IP that are in the specified state.  If you do not specify a state, returns all pools.
  • persist [enable|disable], returns the persistence state value, when enabled.  If you specify arguments, returns the previous state value.
  • nodes_up [ | ], returns the number of up nodes behind a virtual server.  LTM virtual servers can have a pool with multiple nodes.  If there is not a monitor on the LTM side, the server is blue.  However, the GTM interprets this blue virtual server as green, and the nodes_up value is 1.

 Best of the Rest

There are several other small enhancements, a few which I find particularly interesting:

  • Probe information is now available in the logs, giving you an additional weapon in tuning/troubleshooting probes
  • Fallback IP can now be IPv6
  • IPv6 NoError response when receiving a request for a AAAA request


Follow me on Twitter Follow me on LinkedIn Follow me on Facebook