Solved

How to extract out all NAT entries in F5 loadbalancer (into csv or text format)

Posted on 2014-10-11
5
1,399 Views
Last Modified: 2014-11-03
Currently we key in IP addr one by one into a URL to get the NAT'ing entries.
I want all of them extracted out in one go to a csv / text file as I have lots of
searching to do for my reporting purpose.

Q1:
How to export out all NAT entries in F5 loadbalancer (into csv or text format)?

Q2:
Does F5 LB run a custom Linux/Unix which I can login at command prompt
to 'copy out' files?
0
Comment
Question by:sunhux
  • 3
  • 2
5 Comments
 

Author Comment

by:sunhux
ID: 40374519
>Does F5 LB run a custom Linux/Unix which I can login at command prompt
>to 'copy out' files?
In one older version of F5, I've seen a collegue login to the Linux command
prompt but I don't know which file in which folder hold the NAT info
0
 

Author Comment

by:sunhux
ID: 40374520
What's the default F5 Linux login id & password?
0
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 40375228
(1) F5 F5 (asumming v10.x) has config text file which will have the NAT in the virtual pool
https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos_management_guide_10_1/tmos_save_and_load_cmds.html

e.g. some of the common files are
/config/bigip.conf      main configuration file containing objects for local application traffice such as pools, virtuals servers, pools etc.
/config/bigip.license      system licenses
/config/bigip_base.conf      networking components (bigpipe base load) not sync`d for HA setups.
/config/bigip_local.conf      stores virtuals servers for GTM
/config/bigip_sys.conf      stores the Linux/UNIX configuration objects
/etc/alertd/alert.conf      defines custom SNMP OID`s.

also there is a UCS file that contain all BIG-IP specific configuration files, BIG-IP product licenses, User accounts and password information, DNS zone files and ZoneRunner configuration and SSL certificates and keys. You should be able to export this out as well. By default, the BIG-IP system saves the UCS archive file in the /var/local/ucs directory. See the TMSH (cmd line) which is handy

https://elguber.wordpress.com/tag/f5/
e.g. show /ltm snat, show /ltm snatpool

http://satish-linuxbug.blogspot.sg/2013/02/bigip-f5-command-line-bigpipe-vs-tmsh.html
e.g. show /ltm nat all or list /ltm nat all-properties

(2) You can catch "SOL175: Transferring files to or from an F5 system".
https://support.f5.com/kb/en-us/solutions/public/0000/100/sol175.html
Hostname/IP address: <Enter the IP address of either your F5 device Management Port or self IP that is configured to accept SSH traffic on port 22>
Port: 22
Username: <Enter the desired F5 device user account that is configured with Advanced Shell (bash) access>
Password: <Enter the password for the desired F5 device user account>
0
 

Author Comment

by:sunhux
ID: 40388949
> ... the NAT in the virtual pool
https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos_management_guide_10_1/tmos_save_and_load_cmds.html

Read the above URL & I think it refers to SNAT; if I'm not mistaken, SNAT
(Static NAT?) is different from NAT with SNAT used only in GTM, not LTM.


The following look promising & I'll try them when I'm back in office in
2 weeks' time:
e.g. show /ltm snat, show /ltm snatpool
e.g. show /ltm nat all or list /ltm nat all-properties
0
 
LVL 63

Assisted Solution

by:btan
btan earned 500 total points
ID: 40389503
IN F5 parlance, SNAT meant secure NAT (https://support.f5.com/kb/en-us/solutions/public/7000/800/sol7820.html) - maps the source client IP address in a request to a translation address defined on the BIG-IP devices. In other words, applicable to GTM too. E.g. Packet flow can be using "snat automap" settings in ltm virtual "DNS_listener".

SNAT is used in the show in the tmsh will help  and actually alll the config is in the UCS files. Entries in the bigip.conf file represent the result of using the Configuration utility to configure the BIG-IP system.
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question