Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

How to change netmask on self ip in version 12

Network guys changed the mask for two of my GTMs I need to change my mask to match. IOS version 12.1.2 I only need to change the self ip mask.

0
Rate this Question
Comments on this Question
Comment made 01-Feb-2018 by Gadget 1

I should have been more specific. The address that shows up as my GTM and LTM listeners I have an H/A pair with X.X.156.228/28 shared and system 1 had X.X.156.233/28 System B X.X.156.236/28. I wish to change the netmasks of these all to /27

0

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Edit the self ip in webui and change the netmask.

If you have both self and floating ip, you have to do it with tmsh.

First get the current self configuration

list net self one-line    

Then modify it with your favorite text editor and import the new config

load sys config merge from-terminal    

PASTE CONFIG    
Apply with CTRL-D
1
Comments on this Answer
Comment made 01-Feb-2018 by mplaksin 169

The Piron solution is best. If not possible to do it from web, the only option to this case from web its to delete self ip and all rules asossiated to that ip (very complex) and create another one.

0
Comment made 01-Feb-2018 by Gadget 1

I should have been more specific. The address that shows up as my GTM and LTM listeners I have an H/A pair with X.X.156.228/28 shared and system 1 had X.X.156.233/28 System B X.X.156.236/28. I wish to change the netmasks of these all to /27

0
Comment made 01-Feb-2018 by Stanislas Piron 10454

So use the tmsh solution!

0
Comment made 01-Feb-2018 by Stanislas Piron 10454

@mplaksin : no need to remove existing ips.

0
Comment made 02-Feb-2018 by FMA 282

Hi Stanislas,

I was wondering what am I doing wrong? Do I need to delete existing object first? Thanks I'm running 11.5.3

LTMV-02)(cfg-sync In Sync)(Standby)(/Common)(tmos)# list net self one-line
net self DBVlan_Self { address 10.136.53.7/24 allow-service { default } traffic-group traffic-group-local-only vlan DBVlan_Self }

LTMV-02)(cfg-sync In Sync)(Standby)(/Common)(tmos)# load sys config from-terminal merge verify
Enter configuration. Press CTRL-D to submit or CTRL-C to cancel.
net self DBVlan_Self { address 10.136.53.7/23 allow-service { default } traffic-group traffic-group-local-only vlan DBVlan_Self }
Validating configuration...
01070601:3: A self IP matching the old network / mask 10.136.53.0 / 255.255.255.0 still exists in the configuration
Unexpected Error: Validating configuration process failed.
0
Comment made 02-Feb-2018 by Stanislas Piron 10454

you have to change both self and floating IPs at the same time.

if you only change self, it fails because floating is still configured with the same network.

1
Comment made 02-Feb-2018 by FMA 282

Thanks a lot! It worked like a charm.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hi Michael,

There is another and easy way to change the subnet mask of a self IP address.

So, /config/bigip_base.conf is the configuration file which includes the networking components of the device.

When you open this file with an editor like "vi" , you should see the Ip address configuration of a specific IP like this.

net self /Common/192.168.10.2 {
    address 192.168.10.2/24
    traffic-group /Common/traffic-group-local-only
    vlan /Common/Vlan328
}

Then, what you need to do is only to change the related subnet mask fields with the new one and save the file.

Finally, run the command tmsh load sys config

0
Comments on this Answer
Comment made 02-Feb-2018 by Stanislas Piron 10454

Modifying files is a wrong idea. I once made a change of this file with a mistake... the appliance detected it, rebooted because of system fallback... then rebooted after 20 seconds... then rebooted...

the same configuration can be made with load sys config merge from-terminal where you paste the expected configuration. if there is a wrong format, it will not apply change and warn you.

0
Comment made 02-Feb-2018 by Emre Ovali 203

Do you remember what you changed in the configuration file? I offered this as a solution, because it should be pretty easier to change only 2 numbers in a file for an F5 administrator. I would not be commented about your problem without knowing what you changed in this file. I agree with you if a more detailed change was needed.

0
Comment made 02-Feb-2018 by Stanislas Piron 10454

i's an old issue (6-7 years ago).

I never recommend to edit the configuration file except if tmsh can't do the same. In this case, it is possible with tmsh, so don't edit file.

0