COMMAND abort
DESCRIPTION Abort a configuration session.
ARGUMENTS This command has no arguments.
COMMAND annotate
DESCRIPTION Associate an annotation (comment) with a given configuration or validation statement or pattern. To remove an annotation, leave the text empty.
Note: Only available when the system has been configured with attributes enabled.
ARGUMENTS
COMMAND clear
DESCRIPTION Remove all configuration changes.
ARGUMENTS
COMMAND commit
DESCRIPTION Commit the current set of changes to the running configuration.
ARGUMENTS
persist-id <id> argument.persist-id argument.COMMAND compare
DESCRIPTION Compare two configuration subtrees.
ARGUMENTS
COMMAND copy
DESCRIPTION Copy the running configuration.
ARGUMENTS
COMMAND describe
DESCRIPTION Display detailed information about a command.
ARGUMENTS
COMMAND do
DESCRIPTION Run a command in operational (user) mode.
ARGUMENTS
COMMAND end
DESCRIPTION Exit configuration mode. If no changes have been made to the configuration, you are prompted to save before exiting configuration mode.
ARGUMENTS
COMMAND exit
DESCRIPTION Exit from the current mode in the configuration or exit configuration mode completely.
ARGUMENTS
COMMAND help
DESCRIPTION Display help information about a specified command.
ARGUMENTS
COMMAND insert
DESCRIPTION Insert a parameter or element.
ARGUMENTS
COMMAND load
DESCRIPTION Load configuration from an ASCII file or from terminal.
ARGUMENTS
COMMAND move
DESCRIPTION Move an element or parameter.
ARGUMENTS
COMMAND no
DESCRIPTION Delete or unset a configuration command.
ARGUMENTS
COMMAND pwd
DESCRIPTION Display the current path in the configuration hierarchy.
ARGUMENTS This command has no arguments.
COMMAND rename
DESCRIPTION Rename an instance.
ARGUMENTS
COMMAND resolved
DESCRIPTION Indicate that conflicts have been resolved.
ARGUMENTS This command has no arguments.
COMMAND revert
DESCRIPTION Copy the running configuration.
ARGUMENTS
COMMAND rollback
DESCRIPTION Returns the configuration to a previously committed configuration.
ARGUMENTS
EXAMPLES
Return to the configuration changes made in rollback versions 0 and 1:
appliance-1# rollback configuration 1
Return to the configuration changes made only in rollback version 1:
appliance-1# rollback selective 1
COMMAND save
DESCRIPTION Save the whole or parts of the current configuration to a file.
ARGUMENTS
COMMAND service
DESCRIPTION
Configures the CLI prompt. By default, the CLI prompt consists of the system name followed by an angle bracket (>) for user mode or a pound sign (#) for privileged mode. Use the the prompt string or the no service prompt config command to customize the CLI prompt for your system.
ARGUMENTS
COMMAND show
DESCRIPTION Display a specified parameter.
ARGUMENTS
COMMAND tag
DESCRIPTION Configure statement tags.
ARGUMENTS
COMMAND top
DESCRIPTION Exit to the top level of the configuration hierarchy. You can optionally run a command after exiting to the top level.
ARGUMENTS
COMMAND validate
DESCRIPTION
Verify that the candidate configuration contains no errors. This performs the same operation as commit check.
ARGUMENTS This command has no arguments.
COMMAND cluster nodes node
DESCRIPTION Configure whether a node is enabled or disabled on the system.
ARGUMENTS
EXAMPLE
Disable node-1 on the system:
appliance-1(config)# cluster nodes node node-1 config disabled
COMMAND cluster nodes node reboot
DESCRIPTION Reboot a node on the system.
ARGUMENTS
This command has no arguments.
COMMAND cluster disk-usage-threshold
DESCRIPTION Configure options for triggering disk usage alarms.
ARGUMENTS
COMMAND components
DESCRIPTION
Configure properties for hardware components.
ARGUMENTS
The availability of options for this command depends on which hardware component you are configuring.
COMMAND fdb mac-table entries entry
DESCRIPTION Configure a Layer 2 forwarding database (FDB) entry in the system.
IMPORTANT: The FDB table is managed by the system, and manual configuration requires intricate knowledge of the hardware data path. You should configure an FDB object only under the guidance of F5 Technical Support. Manually configuring FDB objects can potentially impact the flow of network traffic through the system.
ARGUMENTS
xx:xx:xx:xx:xx:xx.COMMAND file config concurrent-operations-limit
DESCRIPTION Specify how many concurrent file operations are allowed at a time.
ARGUMENTS
EXAMPLE
Limit the number of concurrent file operations to 10:
appliance-1-active# file config concurrent-operations-limit 10
COMMAND file known-hosts known-host
DESCRIPTION
Add the IP address (and therefore, the public key) of a specified remote-host to the system known_hosts file.
ARGUMENTS
COMMAND file import
DESCRIPTION
Transfer a remote file to the system. These directories are available for use for file import operations on the system:
ARGUMENTS
EXAMPLE
Transfer a file named myfile.iso from the remote host files.company.com on port 443 to the images/staging directory on the system:
appliance-1(config)# file import local-file images/staging remote-file images/myfile.iso remote-host files.company.com remote-port 443
result File transfer is initiated.(images/staging/myfile.iso)
COMMAND file export
DESCRIPTION
Transfer a file from the system to a remote system. These directories are available for use for file export operations on the system:
EXAMPLE
Transfer a file named appliance.log from the local host to the /home/jdoe/ directory at files.company.com, using the username jdoe:
appliance-1(config)# file export local-file log/host/appliance.log remote-host files.company.com remote-file home/jdoe/appliance.log username jdoe password
Value for 'password' (<string>): *********
result File transfer is initiated.(log/host/appliance.log)
COMMAND file delete
DESCRIPTION
Delete a specified file from the system. You can use file delete only on files in the diags/shared and core directories.
ARGUMENTS
EXAMPLE
Delete a specified QKView file from the system:
appliance-1(config)# file delete file-name diags/shared/qkview/qkview.tar
result Deleting the file
COMMAND file list
DESCRIPTION Display a list of directories and files in a specified path.
ARGUMENTS
EXAMPLE
Display a list of files in images/staging:
appliance-1(config)# file list path images/staging
entries {
name
F5OS-A-1.0.0-1234.CANDIDATE.iso
}
COMMAND file show
DESCRIPTION Display the contents of a specified file. This command works only in operational mode, not config mode.
ARGUMENTS
EXAMPLE
Display the contents of the file log/appliance.log:
appliance-1# file show log/host/appliance.log
2021-11-08 13:48:56.925181150 - Registry port is 2000 for orchestration-manager
2021-11-08 21:49:07.870995 - OMD log is initialized
2021-11-08 21:49:07.870995 - 8:1266673408 - applianceMainEventLoop::Orchestration manager startup.
2021-11-08 21:49:07.873428 - 8:1249888000 - Can now ping appliance-1.chassis.local (100.65.60.1).
2021-11-08 21:54:13.842022 - 8:1266673408 - Waiting for connectivity checks on System.
2021-11-08 21:54:39.498702 - 8:1249888000 - Successfully ssh'd to appliance 127.0.0.1.
2021-11-08 21:54:55.758399 - 8:1266673408 - Connectivity checks passed for System.
2021-11-08 21:55:38.332719 - 8:1266673408 - K3S cluster installation in appliance is succeeded.
2021-11-08 21:56:00.811884 - 8:1266673408 - Appliance 1 is ready in k3s cluster.
appliance-flannel_image|localhost:2000/appliance-flannel:0.13.0
...
COMMAND file tail
DESCRIPTION Display only the last 10 lines of a specified file. This command works only in operational mode, not config mode.
ARGUMENTS
EXAMPLES
Display only the last 10 lines of log/host/appliance.log:
appliance-1# file tail log/host/appliance.log
Upgrade found appliance-flannel_image|localhost:2001/appliance-flannel:0.13.0
appliance-multus_image|localhost:2001/appliance-multus:3.6.0
Upgrade found appliance-multus_image|localhost:2001/appliance-multus:3.6.0
2021-11-10 17:33:36.195643 - 8:695531264 - K3s IMAGE update is succeeded.
2021-11-11 21:46:29.832495 - 8:469759744 - K3S cluster is NOT ready.
2021-11-11 21:46:52.979390 - 8:695531264 - K3S cluster is ready.
2021-11-12 21:45:04.247298 - 8:695531264 - K3S cluster is NOT ready.
2021-11-12 21:45:27.427003 - 8:695531264 - K3S cluster is ready.
2021-11-13 03:57:32.937910 - 8:469759744 - Failed to ssh to 127.0.0.1.
2021-11-13 03:58:03.353815 - 8:469759744 - Successfully ssh'd to appliance 127.0.0.1.
Display the last 10 lines of log/host/appliance.log and keep appending output as the file grows:
appliance-1(config)# file tail -f log/host/appliance.log
Upgrade found appliance-flannel_image|localhost:2001/appliance-flannel:0.13.0
appliance-multus_image|localhost:2001/appliance-multus:3.6.0
Upgrade found appliance-multus_image|localhost:2001/appliance-multus:3.6.0
2021-11-10 17:33:36.195643 - 8:695531264 - K3s IMAGE update is succeeded.
2021-11-11 21:46:29.832495 - 8:469759744 - K3S cluster is NOT ready.
2021-11-11 21:46:52.979390 - 8:695531264 - K3S cluster is ready.
2021-11-12 21:45:04.247298 - 8:695531264 - K3S cluster is NOT ready.
2021-11-12 21:45:27.427003 - 8:695531264 - K3S cluster is ready.
2021-11-13 03:57:32.937910 - 8:469759744 - Failed to ssh to 127.0.0.1.
2021-11-13 03:58:03.353815 - 8:469759744 - Successfully ssh'd to appliance 127.0.0.1.
Display only the last five lines of log/appliance.log:
appliance-1(config)# file tail -n 5 log/host/appliance.log
2021-11-11 21:46:52.979390 - 8:695531264 - K3S cluster is ready.
2021-11-12 21:45:04.247298 - 8:695531264 - K3S cluster is NOT ready.
2021-11-12 21:45:27.427003 - 8:695531264 - K3S cluster is ready.
2021-11-13 03:57:32.937910 - 8:469759744 - Failed to ssh to 127.0.0.1.
2021-11-13 03:58:03.353815 - 8:469759744 - Successfully ssh'd to appliance 127.0.0.1.
COMMAND file transfer-status
DESCRIPTION Display the status of file transfer operations. This command works in both operational mode and config mode.
ARGUMENTS
EXAMPLE
Check the status of file transfers:
appliance-1(config)# file transfer-status
result
S.No.|Operation |Protocol|Local File Path |Remote Host |Remote File Path |Status
1 |Import file|HTTPS |images/staging/myfile.iso |files.company.com |images/myfile.iso |In Progress (15.0%)
````
COMMAND images remove
DESCRIPTION Remove tenant image.
ARGUMENTS
EXAMPLE
Remove the .bundle file named BIGIP-15.1.5-0.0.11.ALL-F5OS.zip.bundle:
appliance-1(config)# images remove name BIGIP-15.1.5-0.0.11.ALL-F5OS.zip.bundle
result Successful.
COMMAND interfaces interface
DESCRIPTION Configure network interface attributes.
ARGUMENTS
ieee8023adLag when creating LAG interfaces.EXAMPLE
Configure a description for interface 1.0 and verify that it was configured correctly:
appliance-1(config)# interfaces interface 1.0 config description "100G Link"
appliance-1(config-interface-1/1.0)# commit
Commit complete.
appliance-1(config-interface-1.0)# exit
appliance-1(config)# end
appliance-1# show running-config interfaces interface 1.0 config
interfaces interface 1/1.0
config name 1.0
config type ethernetCsmacd
config description "100G Link"
config enabled
!
COMMAND interfaces interface <lag-name> aggregation config
DESCRIPTION Configure link aggregation groups (LAGs) and their attributes.
ARGUMENTS
EXAMPLE
Create a LAG named test-lag that uses dst-mac for the hash, assign trunk VLAN IDs 99 and 101, and then verify that it was configured correctly:
appliance-1(config)# interfaces interface test-lag aggregation config distribution-hash dst-mac
appliance-1(config)# commit
appliance-1(config)# interfaces interface test-lag aggregation switched-vlan config trunk-vlans [ 99 101 ]
appliance-1(config)# commit
appliance-1# show running-config interfaces interface test-lag aggregation switched-vlan config
interfaces interface test-lag
aggregation switched-vlan config trunk-vlans [ 99 101 ]
!
COMMAND interfaces interface <interface-name> ethernet
DESCRIPTION Configure physical interfaces attributes.
ARGUMENTS
COMMAND interfaces interface <interface-name> ethernet config
DESCRIPTION Configure Ethernet options for a specified interface.
ARGUMENTS
COMMAND interfaces interface mgmt ethernet config
DESCRIPTION Configure Ethernet options for the management interface.
ARGUMENTS
true to enable auto negotiate or false to disable it.FULL to enable full duplex on an interface or set to HALF to enable half duplex on an interface.EXAMPLE
Configure the management interface to use the FULL duplex mode:
appliance-1(config)# interfaces interface mgmt ethernet config duplex-mode FULL
COMMAND lacp config system-priority
DESCRIPTION
System priority and system MAC are combined as system-id, which is required by the LACP protocol. System MAC is not configurable.
ARGUMENTS
32768.EXAMPLES
Configure system priority to be 1000:
appliance-1(config)# lacp config system-priority 1000
COMMAND lacp interfaces interface <lag-interface> config name <interface>
DESCRIPTION
Configure LACP to manage the LAG interface. To use LACP to manage a LAG interface, the LAG interface must already exist or be created first. LAG interfaces can have multiple interface members, and the LAG interface state is up as long as there is at least one active member. There must be valid VLANs attached to LAG interface to pass user traffic. Be sure that the VLAN exists before attaching it to a LAG interface.
ARGUMENTS
FAST to have packets sent every second. Set the interval to SLOW to have packets sent every 30 seconds.PASSIVE to place a port into a passive negotiating state, in which the port responds to received LACP packets, but does not initiate LACP negotiation. Set to ACTIVE to place a port into an active negotiating state, in which the port initiates negotiations with other ports by sending LACP packets.xx:xx:xx:xx:xx:xx.EXAMPLES
Configure an LACP interface, set it to place the port into an active negotiating state, and set the interval to have packets sent every second:
appliance-1(config)# lacp interfaces interface lag1 config lacp-mode ACTIVE interval FAST
Create a LAG interface named lag1 with the type ieee8023adLag:
appliance-1(config)# interfaces interface lag1 config type ieee8023adLag; commit
Enable LACP on a LAG interface named lag1:
appliance-1(config)# interfaces interface lag1 aggregation config lag-type LACP; commit
Create an LACP interface named lag1 with default parameters (internal is set to SLOW, lacp-mode is set to ACTIVE):
appliance-1(config)# lacp interfaces interface lag1 config name lag1; commit
Add interface 1/1.0 and 1/2.0 as interface members into a LAG named lag1:
appliance-1(config)# interfaces interface 1/1.0 ethernet config aggregate-id lag1
appliance-1(config)# interfaces interface 1/2.0 ethernet config aggregate-id lag1
appliance-1(config)# commit
Attach VLANs 1000 and 1001 to a LAG interface named lag1:
appliance-1(config)# interfaces interface lag1 aggregation switched-vlan config trunk-vlans [ 1000 1001 ]
appliance-1(config)# commit
COMMAND lldp config
DESCRIPTION Configure Link Layer Discovery Protocol (LLDP) on the system.
ARGUMENTS
10.2.2.4.30.EXAMPLE
Configure a system-description for LLDP and verify that it was configured correctly:
appliance-1(config)# lldp config system-description "Test system description"
appliance-1(config)# commit
Commit complete.
appliance-1(config)# end
appliance-1# show running-config lldp config
lldp config enabled
lldp config system-description "Test system description"
lldp config tx-interval 30
lldp config tx-hold 4
lldp config reinit-delay 2
lldp config tx-delay 2
lldp config max-neighbors-per-port 10
COMMAND lldp interfaces interface <interface-name> config
DESCRIPTION Configure LLDP attributes for an interface.
ARGUMENTS
EXAMPLE
Configure a tlv-advertisement-state for LLDP interface 1.0 and verify that it was configured correctly:
appliance-1(config)# lldp interfaces interface 1.0 config tlv-advertisement-state txrx
appliance-1(config-interface-1.0)# commit
Commit complete.
appliance-1(config-interface-1.0)# top
appliance-1(config)# end
appliance-1# show running-config lldp interfaces interface 1.0
lldp interfaces interface 1.0
config name 1.0
config enabled
config tlv-advertisement-state txrx
config tlvmap chassis-id,port-id,ttl,port-description,system-name,system-description,system-capabilities,pvid,ppvid,vlan-name,protocol-identity,macphy,link-aggregation,power-mdi,mfs,product-model
!
COMMAND port-mappings port-mapping
DESCRIPTION Configure port mapping for front-panel interfaces.
ARGUMENTS
COMMAND portgroups portgroup
DESCRIPTION Configure port group attributes.
ARGUMENTS
EXAMPLE
Configure a port group on interface 1 to use a DDM polling frequency of 20 seconds:
appliance-1(config)# portgroups portgroup 1 config ddm ddm-poll-frequency 20
Configure the port mode on interface 1 to be MODE_25GB:
appliance-1(config)# portgroups portgroup 1 config mode MODE_25GB
COMMAND stp
DESCRIPTION Configure Spanning Tree Protocol (STP) on the system.
COMMAND stp global config enabled-protocol
DESCRIPTION
Configures whether Spanning Tree Protocol (STP) is enabled on the system. If empty, STP is disabled. There can be only one spanning tree protocol enabled at a time. When configuring anything for stp stp, stp rstp, or stp mstp, ensure that the respective protocol has been configured as the global enabled-protocol.
When any spanning-tree protocol is configured, all interfaces in the system not configured for the respective spanning-tree protocol will be blocked to avoid broadcast storms. Deleting the enabled-protocol removes the blocking state.
ARGUMENTS
EXAMPLE
Enable STP as the as the global STP protocol and verify that it was configured correctly:
appliance-1(config)# stp global config enabled-protocol [ STP ] ; commit
Commit complete.
appliance-1(config)# show full-configuration stp global
stp global config enabled-protocol [ STP ]
Enable RSTP as the as the global STP protocol and verify that it was configured correctly:
appliance-1(config)# stp global config enabled-protocol [ RSTP ] ; commit
Commit complete.
appliance-1(config)# show full-configuration stp global
stp global config enabled-protocol [ RSTP ]
Enable MSTP as the as the global STP protocol and verify that it was configured correctly:
appliance-1(config)# stp global config enabled-protocol [ MSTP ] ; commit
Commit complete.
appliance-1(config)# show full-configuration stp global
stp global config enabled-protocol [ MSTP ]
Disable STP on the system:
appliance-1(config)# no stp global config enabled-protocol ; commit
Commit complete.
appliance-1(config)# show full-configuration stp global
% No entries found.
COMMAND stp interfaces interface
DESCRIPTION Configure specific STP features for an interface.
ARGUMENTS
COMMAND stp mstp config
DESCRIPTION Configure the system to handle spanning tree frames (BPDUs) in accordance with the MSTP protocol.
ARGUMENTS
EXAMPLES
Configure MSTP named my-region with a forwarding delay of 16 seconds, a hello time of 3 seconds, a maximum age of 21 seconds, a hold count of 7 BPDUs per second, a revision level of 1, and a maximum hop of 21 hops, and then verify that it was configured correctly:
appliance-1(config)# stp mstp config forwarding-delay 16 hello-time 3 max-age 21 hold-count 7 name my-region revision 1 max-hop 21 ; commit
Commit complete.
appliance-1(config)# show full-configuration stp mstp config
stp mstp config name my-region
stp mstp config revision 1
stp mstp config max-hop 21
stp mstp config hello-time 3
stp mstp config max-age 21
stp mstp config forwarding-delay 16
stp mstp config hold-count 7
COMMAND stp mstp mst-instances mst-instance
DESCRIPTION Configure a specific MST instance.
ARGUMENTS
EXAMPLE
Configure MST instance 5 with a bridge priority of 36864, MST identifier of 5, and mapped to VLANs 100 and 101, and then verify that it was configured correctly:
appliance-1(config)# stp mstp mst-instances mst-instance 5 config bridge-priority 36864 mst-id 5 vlan [ 100 101 ]
appliance-1(config-mst-instance-5)# commit
Commit complete.
appliance-1(config-mst-instance-5)# show full
stp mstp mst-instances mst-instance 5
config mst-id 5
config vlan [ 100 101 ]
config bridge-priority 36864
!
COMMAND stp mstp mst-instances mst-instance {mst-id} interfaces interface
DESCRIPTION Configure data for MSTP on each interface. Must be configured in conjunction with an STP interface
ARGUMENTS
EXAMPLE
Configure MST instance 5 with interface 1, with a cost of 100 and a port priority of 128, and then verify that it was configured correctly:
appliance-1(config)# show full-configuration stp interfaces
stp interfaces interface 1
config name 1
config edge-port EDGE_AUTO
config link-type P2P
!
appliance-1(config)# stp mstp mst-instances mst-instance 5 interfaces interface 1 config name 1 cost 100 port-priority 128 ; commit
Commit complete.
appliance-1(config-interface-1)# top
appliance-1(config)# show full-configuration stp mstp mst-instances mst-instance 5
stp mstp mst-instances mst-instance 5
config mst-id 5
config vlan [ 100 101 ]
config bridge-priority 36864
interfaces interface 1
config name 1
config cost 100
config port-priority 128
!
COMMAND stp rstp config
DESCRIPTION Configure the system to handle spanning tree frames (BPDUs) in accordance with the RSTP protocol.
ARGUMENTS
EXAMPLES
Configure RSTP with a bridge priority of 36864, a forwarding delay of 16 seconds, a hello time of 3 seconds, a maximum age of 21 seconds, a hold count of 7 BPDUs per seconds, and then verify that it was configured correctly:
appliance-1(config)# stp rstp config bridge-priority 36864 forwarding-delay 16 hello-time 3 max-age 21 hold-count 7 ; commit
Commit complete.
appliance-1(config)# show full-configuration stp rstp config
stp rstp config hello-time 3
stp rstp config max-age 21
stp rstp config forwarding-delay 16
stp rstp config hold-count 7
stp rstp config bridge-priority 36864
COMMAND stp rstp interfaces interface
DESCRIPTION Configuration data for MSTP on each interface. Must be configured in conjunction with an STP interface.
ARGUMENTS
EXAMPLE
Configure RSTP instance 1 with interface 1, with a cost of 100 and a port priority of 128, and then verify that it was configured correctly:
appliance-1(config)# show full-configuration stp interfaces
stp interfaces interface 1
config name 1
config edge-port EDGE_AUTO
config link-type P2P
!
appliance-1(config)# stp rstp interfaces interface 1 config name 1 cost 100 port-priority 128 ; commit
Commit complete.
appliance-1(config-interface-1)# show full
stp rstp interfaces interface 1
config name 1
config cost 100
config port-priority 128
!
COMMAND stp stp config bridge-priority
DESCRIPTION Configure the system to handle spanning tree frames (BPDUs) in accordance with the MSTP protocol.
ARGUMENTS
EXAMPLES
Configure STP with a bridge priority of 36864, a forwarding delay of 16 seconds, a hello time of 3 seconds, a maximum age of 21 seconds, a hold count of 7 BPDUs per seconds, and then verify that it was configured correctly:
appliance-1(config)# stp stp config bridge-priority 36864 forwarding-delay 16 hello-time 3 hold-count 7 max-age 21 ; commit
Commit complete.
appliance-1(config)# show full-configuration stp stp config
stp stp config hello-time 3
stp stp config max-age 21
stp stp config forwarding-delay 16
stp stp config hold-count 7
stp stp config bridge-priority 36864
COMMAND stp stp interfaces interface
DESCRIPTION Configuration data for MSTP on each interface. Must be configured in conjunction with an STP interface.
ARGUMENTS
EXAMPLE
Configure STP instance 1 with interface 1, with a cost of 100 and a port priority of 128, and then verify that it was configured correctly:
appliance-1(config)# show full-configuration stp interfaces
stp interfaces interface 1
config name 1
config edge-port EDGE_AUTO
config link-type P2P
!
appliance-1(config)# stp stp interfaces interface 1 config name 1 cost 100 port-priority 128 ; commit
Commit complete.
appliance-1(config-interface-1)# show full
stp stp interfaces interface 1
config name 1
config cost 100
config port-priority 128
!
COMMAND
system aaa authentication config authentication-method
DESCRIPTION
Specify which authentication methods can be used to authenticate and authorize users. You can enable all methods and indicate the order in which you'd like the methods to be attempted when a user logs in.
ARGUMENTS
EXAMPLE
Attempt to authenticate in this order: LDAP, then RADIUS, and then local (/etc/password):
appliance-1(config)# system aaa authentication config authentication-method [ LDAP_ALL RADIUS_ALL LOCAL ]
COMMAND system aaa authentication ldap active_directory
DESCRIPTION
Specify whether to enable LDAP Active Directory (AD).
ARGUMENTS
true to enable LDAP AD or false to disable it. The default value is false.EXAMPLE
Enable LDAP AD on the system:
appliance-1(config)# system aaa authentication ldap active_directory true
COMMAND
system aaa authentication ldap base
DESCRIPTION
Specify the search base distinguished name (DN) for LDAP authentication. Note that the configuration of base values are case-sensitive and must be a full DN path. This includes spaces, commas, and other characters. These must be the same as what is configured in the LDAP server.
ARGUMENTS
EXAMPLE
appliance-1(config)# system aaa authentication ldap base dc=xyz,dc=com
appliance-1(config)# system aaa authentication ldap base [ dc=xyz,dc=com dc=abc,dc=com ]
COMMAND system aaa authentication ldap bind_timelimit
DESCRIPTION
Specify a maximum amount of time to wait for LDAP authentication to return a result.
ARGUMENTS
30.EXAMPLE
Set a maximum bind time limit of 60 seconds:
appliance-1(config)# system aaa authentication ldap bind_timelimit 60
COMMAND
system aaa authentication ldap binddn
DESCRIPTION
Specify the distinguished name (DN) of an account that can search the base DN. If no account is specified, the LDAP connection establishes without authentication. Note that the configuration of binddn values are case-sensitive and must be a full DN path. This includes spaces, commas, and other characters; these must be the same as what is configured in the LDAP server.
ARGUMENTS
EXAMPLE
Set the distinguished name of a specified account for searching the base DN:
appliance-1(config)# system aaa authentication ldap binddn cn=admin,dc=xyz,dc=com
COMMAND
system aaa authentication ldap bindpw
DESCRIPTION
Specify the password of the search account identified in binddn.
ARGUMENTS
EXAMPLE
Specify a password for the search account on the LDAP server:
appliance-1(config)# system aaa authentication ldap bindpw <password>
COMMAND
system aaa authentication ldap idle_timelimit
DESCRIPTION
Configure the maximum amount of time before the LDAP connection can be inactive before it times out.
ARGUMENTS
30.EXAMPLE
Set a maximum idle timeout of 60 seconds:
appliance-1(config)# system aaa authentication ldap idle_timelimit 60
COMMAND
system aaa authentication ldap ldap_version
DESCRIPTION
Specify the LDAP protocol version number.
ARGUMENTS
3.EXAMPLE
Specify that LDAPv3 is used for the LDAP server:
appliance-1(config)# system aaa authentication ldap ldap_version 3
COMMAND
system aaa authentication ldap ssl
DESCRIPTION
Specify whether to enable Transport Layer Security (TLS) functionality for the LDAP server.
ARGUMENTS
EXAMPLE
Specify that TLS is enabled for all connections:
appliance-1(config)# system aaa authentication ldap ssl on
COMMAND
system aaa authentication ldap timelimit
DESCRIPTION
Specify a maximum time limit to use when performing LDAP searches to receive an LDAP response.
ARGUMENTS
EXAMPLE
Specify a maximum time limit of 60 seconds for LDAP searches:
appliance-1(config)# system aaa authentication ldap timelimit 60
COMMAND
system aaa authentication ldap tls_cacert
DESCRIPTION
Specify the CA certificate to be used for authenticating the TLS connection with the CA server. Also validates an issued certificate from a CA prior to accepting it into the system.
ARGUMENTS
EXAMPLE
Specify a certificate for authenticating the TLS connection:
appliance-1(config)# system aaa authentication ldap tls_cacert <path-to-cacert>.pem
COMMAND
system aaa authentication ldap tls_cert
DESCRIPTION
Specify the file that contains the certificate for the client's key.
ARGUMENTS
EXAMPLE
Specify a file that contains the certificate for a client's key:
appliance-1(config)# system aaa authentication ldap tls_cacert <path-to-cacert>.pem
COMMAND
system aaa authentication ldap tls_ciphers
DESCRIPTION
Specify acceptable cipher suites for the TLS library in use. For example, ECDHE-RSAAES256-GCM-SHA384 or ECDHE-RSA-AES128-GCM-SHA256.
The cipher string can take several additional forms. It can consist of a single cipher suite such as RC4-SHA. It can represent a list of cipher suites containing a certain algorithm, or cipher suites of a certain type. For example, SHA1 represents all cipher suites using the digest algorithm SHA1, and SSLv3 represents all SSLv3 algorithms. You can combine lists of cipher suites into a single cipher string using the + character as a logical AND operation. For example, SHA1+DES represents all cipher suites containing the SHA1 and DES algorithms.
ARGUMENTS
EXAMPLE
Specify the cipher suite for the TLS library in use:
appliance-1(config)# system aaa authentication ldap tls_cyphers <cipher-suite>
COMMAND
system aaa authentication ldap tls_key
DESCRIPTION
Specify the file that contains the the private key that matches the certificates that you configured with the system aaa authentication ldap tls_cert command.
ARGUMENTS
system aaa authentication ldap tls_cert command.COMMAND
system aaa authentication ldap tls_reqcert
DESCRIPTION
Specify what checks to perform on certificates in a TLS session. The default value is never.
ARGUMENTS
EXAMPLE
Specify that a certificate is not required for a TLS session:
appliance-1(config)# system aaa authentication ldap tls_reqcert never
COMMAND
system aaa authentication roles role
DESCRIPTION
Specify the primary role assigned to the user.
ARGUMENTS
EXAMPLE
Configure which rolename and system group ID is used for a specified role:
appliance-1(config)# system aaa authentication roles role <rolename> config rolename <rolename> gid <unix-gid>
COMMAND
system aaa authentication users user
DESCRIPTION
Configure options for users.
ARGUMENTS
-1 (no expiration date). Use 1 to indicate expired.0 (zero) to indicate that the user must change the password at their next log in.EXAMPLE
Configure a user named jdoe so that the user must change their password at their next log in and indicate that the account has no expiration date:
appliance-1(config)# system aaa authentication users user jdoe config last-change 0 expiry-date -1
COMMAND
system aaa password-policy config apply-to-root
DESCRIPTION
Specify whether to enforce password policies when the user configuring passwords is the root user. If enabled (true), the system returns an error on failed check if the root user changing the password. If disabled (false), the system displays a message about the failed check, but allows the root user to change the password and bypass password policies.
ARGUMENTS
true to enforce password policies even if it is the root user configuring passwords or false to disable it. The default value is false.COMMAND
system aaa password-policy config max-age
DESCRIPTION
Configure the number of days that users can keep using the same password without changing it.
ARGUMENTS
COMMAND
system aaa password-policy config max-login-failures
DESCRIPTION
Configure the maximum number of unsuccessful login attempts that are permitted before a user is locked out.
ARGUMENTS
COMMAND
system aaa password-policy config min-length
DESCRIPTION
Configure a minimum acceptable size for the new password (plus one if credits are not disabled which is the default). In addition to the number of characters in the new password, credit (of +1 in length) is given for each different kind of character (other, upper, lower and digit). The default value is 9. If you want to allow passwords that are as short as 5 characters, you should not use min-length.
ARGUMENTS
COMMAND
system aaa password-policy config reject-username
DESCRIPTION
Check whether the user name is contained in the new password, either in straight or reversed form. If it is found, the new password is rejected.
ARGUMENTS
false to allow the user name in a new password or true to reject new passwords that contain the user name in some form. The default value is false.COMMAND
system aaa password-policy config required-differences
DESCRIPTION
Configure the number of character changes that are required in the new password that differentiate it from the old password.
ARGUMENTS
5.COMMAND
system aaa password-policy config required-lowercase
DESCRIPTION
Configure the minimum number of lowercase character required for a password.
ARGUMENTS
COMMAND
system aaa password-policy config required-numeric
DESCRIPTION
Configure the minimum number of numeric characters required for a password.
ARGUMENTS
COMMAND
system aaa password-policy config required-special
DESCRIPTION
Configure the minimum number of numeric characters required for a password.
ARGUMENTS
COMMAND
system aaa password-policy config required-uppercase
DESCRIPTION
Configure the minimum number of numeric characters required for a password.
ARGUMENTS
COMMAND
system aaa password-policy config retries
DESCRIPTION
Configure the number of retries allowed when user authentication is unsuccessful.
ARGUMENTS
COMMAND
system aaa password-policy config root-lockout
DESCRIPTION
Configure whether the root account can be locked out after unsuccessful login attempts.
ARGUMENTS
false to disable root lockout after a number of unsuccessful login attempts or true to enable it. The default value is false.COMMAND system aaa password-policy config root-unlock-time
DESCRIPTION
Configure the time in seconds before the root user can retry logging in after exceeding the maximum number of allowed unsuccessful authentication attempts.
ARGUMENTS
COMMAND
system aaa password-policy config unlock-time
DESCRIPTION
Configure the time in seconds before a user can retry logging in after exceeding the maximum number of allowed unsuccessful authentication attempts. If this option is not configured, the account is locked until the lock is removed manually by an administrator.
ARGUMENTS
COMMAND
system aaa primary-key set
DESCRIPTION
Change the system primary encryption key with passphrase and salt. This is useful while migrating configuration from one machine to another.
ARGUMENTS
EXAMPLE
Change the primary key, set a passphrase and salt, and then display the status of the key migration process:
appliance-1(config)# system aaa primary-key set
Value for 'passphrase' (<string, min: 6 chars, max: 255 chars>): ******
Value for 'confirm-passphrase' (<string, min: 6 chars, max: 255 chars>): ******
Value for 'salt' (<string, min: 6 chars, max: 255 chars>): *********
Value for 'confirm-salt' (<string, min: 6 chars, max: 255 chars>): *********
response description: Key migration is initiated. Use 'show system primary-key state status' to get status
appliance-1# show system aaa primary-key state
system aaa primary-key state hash Jt221bA3Xj73bClXPY9pdfQzauNUGO92hv1eXZbKcD/4G+Dr3u6hyFoahL+r3iIopJm4IzIInSwYsilAGdY08w==
system aaa primary-key state status "COMPLETE Initiated: Fri Dec 10 22:33:02 2021"
COMMAND
system aaa server-groups server-group
DESCRIPTION
Configure one or more AAA servers of type RADIUS, LDAP, or TACACS+. The first server in the list is always used by default unless it is unavailable, in which case the next server in the list is used. You can configure the order of servers in the server group.
ARGUMENTS
COMMAND system aaa tls ca-bundles ca-bundle
DESCRIPTION Configure a certificate authority bundle.
ARGUMENTS
COMMAND
system aaa tls config certificate
DESCRIPTION
Configure an SSL server certificate to be used for the webUI (HTTPS) or REST interface of the system.
ARGUMENTS
EXAMPLE
Add a certificate and key to the system. When you press Enter, you will enter multi-line mode, at which point you can copy in the certificate/key. After you have added a certificate, you must add a key using system aaa tls config key, commit the changes:
appliance-1(config)# system aaa tls config certificate
(<string>):
[Multiline mode, exit with ctrl-D.]
> ...
appliance-1(config)# system aaa tls config key
(<string>):
[Multiline mode, exit with ctrl-D.]
> ...
appliance-1(config)# commit
Commit complete.
COMMAND
system aaa tls config key
DESCRIPTION
Configure a PEM-encoded private key to be used for the webUI (HTTPS) or REST interface of the system. Key value is encrypted in DB storage.
ARGUMENTS
EXAMPLE
Add a TLS key and certificate to the system. When you press Enter, you will enter multi-line mode, at which point you can copy in the key/certificate. After you have added a key, you must add a certificate using system aaa tls config certificate:
appliance-1(config)# system aaa tls config key
(<string>):
[Multiline mode, exit with ctrl-D.]
> ...
appliance-1(config)# system aaa tls config certificate
(<string>):
[Multiline mode, exit with ctrl-D.]
> ...
appliance-1(config)# commit
Commit complete.
COMMAND system aaa tls crls crl
DESCRIPTION Configure a Certificate Revocation List Entry (CRL).
ARGUMENTS
EXAMPLE
Add a new CRL to the system. When you press Enter, you will enter multi-line mode, at which point you can copy in the CRL key.
appliance-1(config)# system aaa tls crls crl *crl Name*
Value for 'config revocation-key' (<string>):
[Multiline mode, exit with ctrl-D.]
> ...
appliance-1(config)# commit
Commit complete.
COMMAND system aaa tls create-self-signed-cert
DESCRIPTION Create an OpenSSL key for use with AAA/TLS.
ARGUMENTS
RSA and ECDSA (Elliptic Curve Digital Signature Algorithm).secp521r1. Available options are:true to store the self-signed certificate pair in the the system-aaa-tls-config or false to specify that it should not be stored.EXAMPLE
Create a private key and self-signed certificate:
appliance-1(config)# system aaa tls create-self-signed-cert city Seattle country US days-valid 365 email j.doe@company.com key-type ecdsa name company.com organization "Company" region Washington unit IT version 1 curve-name prime239v2 store-tls false
response
-----BEGIN EC PRIVATE KEY-----
MHECA1d8wiyJEVihDTnVi+v9RjfK3LhZ2Pd4R7B1MJf3lyXaoaAKBggqhkjOPQMB
BaFAAz4ABHFISUTEi8wEdG0iBF3iqTi5m5b62xUSbhOJrXR8d0S6h+anvpo9xrH3
QKbVuacd9H4cMj2tX/wyqVNePg==
-----END EC PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIICAzCCAa4CCQCR5RKtuBFcxTAKBggqhkjOPQQDAjCBjTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCl1t462pbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEzARBgNVBAoM
CkY1IE5ldG9ya3MxEDAOBgNVBAsMB1NXRElBR1MxETAPBgNVBAMMCEdvZHppbGxh
MR0wGwYJKoZIhvcNAQkBFg5qLm1vb3JlQGY1LmNvbTAeFw0yMTAzMjcwMjE2NTFa
Fw0yMjAzMjcwMjE2NTFaMIGNMQswCQYDVQQGEwJVUzORBTWGA1UECAwKV2FzaGlu
Z3RvbjEQMA4GA1UEBwwHU2VhdHRsZTETMBEGA1UECgwKRjUgTmV0b3JrczEQMA4G
A1UECwwHU1dESUFHUzERMA8GA1UEAwwIR29kemlsbGExHTAbBgkqhkiG9w0BCQEW
DmoubW9vcmVAZRWPuB9tMFUwEwYHKoZIzj0CAQYIKoZIzj0DAQUDPgAEcUhJRMSL
zAR0bSIEXeKpOLmblvrbFRJuE4mtdHx3RLqH5qe+mj3GsfdAptW5pwXtlI0yPa1f
/DKpU14+MAoGCCqGSM49BAMCA0MAMEACHh38OAyBB5T9ScBklBXZUIuynHq3/tr4
3VUQsMtYHQIeeP3vCrRm2qjPtK62QwtbkqDA9h2qTvuDj6uYL8EI
-----END CERTIFICATE-----
COMMAND system aaa tls create-csr
DESCRIPTION Create a certificate signing request (CSR).
ARGUMENTS
EXAMPLE
Create a CSR:
system aaa tls create-csr name company.com email j.doe@company.com organization "Company" unit IT
response -----BEGIN CERTIFICATE REQUEST-----
JRISPzCCAbsCAQEwgY0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9u
MRAwDgYDVQQHEwdTZWF0dGxlMRQwEgYDVQQKFAtGNVH4TW03b3JrczEUMBIGA1UE
CxMLZGV2ZWxvcG1lbnQxGTAXBgkqhkiG9w0BCQEWCmRldkBmNS5jb20xEDAOBgNV
BAMTB3Rlc3Rjc3IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCinnAV
Dv/G6+qbiBVO7zIPmFFatYcrzdUnvpTGXfPuh6VBRqcW90jJy12FwtYOL8P6mED+
gfjpxRWe+PNursjZSIDpyh7Dn+F3MRF3zkgnSKlYKI9qqzlRHRAwi2U7GfujeR5H
CXrJ4uxYK2Wp8WVSa7TWwj6Bnps8Uldnj0kenBJ1eUVUXoQAbUmZQg6l+qhKRiDh
3E/xMOtaGWg0SjD7dEQij5l+8FBEHVhQKEr93GT1ifR62/MZSnPw2MY5OJ69p2Wn
k7Fr7m4I5z9lxJduYDNmiddVilpWdqRaCB2j29XCmpVJduF2v6EsMx693K18IJ1h
iRice6oKL7eoI/NdAgMBAAGgADANBgkqhkiG9w0BAQUFAAOCAQEAGjWSAqKUPqMY
eLlSDJ9Bc4R+ckia5r/TITqamMN+m8TqQI8Pk0tAnwHCl8HHS+4cI8QuupgS/3aU
ls7OtxceoQZ1VFX2sQFkrDJFe0ewZQLm5diip5kxFrnap0oA0wRy84ks0wxeiCWD
New3hgSXfzyXI0g0auT6KNwsGaO8ZuhOX3ICNnSLbfb9T4zbhfI9jKopXQgZG/LO
pOct33fdpf/U6kQA9Rw/nzs3Hz/nsVleOrl3TH1+9veMMF+6eq8KKPpbYKh9bhA+
pYI3TtbZHuyRyQbq/r4gf4JkIu/PGszzy/rsDWy+b9g9nXMh1oFj+xhTrBjBk8a2
0ov+Osy2iA==
-----END CERTIFICATE REQUEST-----
COMMAND system allowed-ips allowed-ip
DESCRIPTION
Configure the system to allow traffic only from specified IP addresses. This is applicable only for ports 161, 8888, 443, 80, and 7001.
ARGUMENTS
EXAMPLE
Add a specified IPv4 address to the system allow list:
appliance-1(config)# system allowed-ips allowed-ip test config ipv4 address 192.0.2.33 port 161
COMMAND system appliance-mode config
DESCRIPTION Configure whether appliance mode is enabled or disabled on the system. Appliance mode adds a layer of security by restricting user access to root and the bash shell. When enabled, the root user cannot log in to the device by any means, including from the serial console. You can enable appliance mode at these levels:
system appliance-mode on the system.tenants tenant <tenant-name\> config appliance-mode on the system.ARGUMENTS
enabled to enable appliance mode on the system. Specify disabled to disable it.EXAMPLE
Enable appliance mode and then verify that appliance mode is enabled:
appliance-1(config)# system appliance-mode config enabled
appliance-1(config)# commit
appliance-1(config)# end
appliance-1# show system appliance-mode
system appliance-mode state enabled
Disable appliance mode and then verify that appliance mode is disabled:
appliance-1(config)# system appliance-mode config disabled
appliance-1(config)# commit
appliance-1(config)# end
appliance-1# show system appliance-mode
system appliance-mode state disabled
COMMAND system clock config timezone-name
DESCRIPTION Configure the time zone (tz) database name (for example, Europe/Stockholm) to use for the system. For a list of valid time zone names, see www.iana.org/time-zones.
ARGUMENTS
EXAMPLES
Configure the system to use the America/Los_Angeles time zone:
appliance-1(config)# system clock config timezone-name America/Los_Angeles
Configure the system to use the Asia/Calcutta time zone:
appliance-1(config)# system clock config timezone-name Asia/Calcutta
COMMAND system config hostname
DESCRIPTION Configure a hostname for the system.
ARGUMENTS
EXAMPLE
Configure the hostname to be test.company.com:
appliance-1(config)# system config hostname test.company.com
COMMAND system config login-banner
DESCRIPTION
Configure a banner message to be displayed before users log in to the system.
ARGUMENTS
EXAMPLE
Configure a banner message:
appliance-1(config)# system config login-banner
(<string>):
[Multiline mode, exit with ctrl-D.]
UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED
COMMAND system config motd-banner
DESCRIPTION
Configure a message of the day (MOTD) banner to display after users log in to the system.
EXAMPLE
Configure a MOTD banner message:
appliance-1(config)# system config motd-banner
(<string>):
[Multiline mode, exit with ctrl-D.]
ATTENTION!
This system is scheduled for maintenance in two days.
COMMAND system database config-backup
DESCRIPTION Generate a backup of the system configuration in the form of an XML file.
ARGUMENTS
yes to overwrite the file if a file by that name exists or no to disable the file overwrite. The default value is no.EXAMPLE
Create a backup file of the system configuration named backup-nov2021 and overwrite it if a file by that name already exists:
appliance-1(config)# system database config-backup name backup-nov2021 overwrite yes
response Succeeded.
COMMAND system database config-restore
DESCRIPTION Restore the system configuration from an XML backup file.
ARGUMENTS
yes to overwrite the configuration database or no to disable the overwrite. The default value is no.EXAMPLE
Restore the system configuration from a backup file named backup-nov2021:
appliance-1(config)# system database config-restore name backup-nov2021
COMMAND system database reset-to-default
DESCRIPTION Revert the system to the default configuration and clear any existing configuration information.
IMPORTANT: This deletes all configuration on the system, including IP addresses, passwords, and tenant images.
ARGUMENTS
no to show a confirmation prompt prior to resetting the configuration to the default. Specify yes to bypass a confirmation prompt.EXAMPLE
Revert the system to the default configuration:
appliance-1(config)# system database config reset-to-default yes
COMMAND system diagnostics core-files list
DESCRIPTION List core files for the system.
EXAMPLE
List all core files on the system:
appliance-1# system diagnostics core-files list
files [ appliance-1:/var/shared/core/container/RAIDMonitorMain-1.core.gz appliance-1:/var/shared/core/container/RAIDMonitorMain-2.core.gz ]
COMMAND system diagnostics core-files delete
DESCRIPTION Delete core files from the system.
ARGUMENTS
EXAMPLE
List all core files on the system and specify one to delete:
appliance-1(config)# system diagnostics core-files list
files [ appliance-1:/var/shared/core/container/RAIDMonitorMain-1.core.gz appliance-1:/var/shared/core/container/RAIDMonitorMain-2.core.gz appliance-1:/var/shared/core/container/platform-mgr-1.core.gz appliance-1:/var/shared/core/host/vm-default_big--1.core.gz ]
appliance-1# system diagnostics core-files delete files [ appliance-1:/var/shared/core/container/RAIDMonitorMain-1.core.gz ]
COMMAND system diagnostics ihealth config authserver
DESCRIPTION Specify a separate endpoint for authenticating and uploading QKView files to the iHealth service. The authserver config element enables you to specify an authentication server URL for the iHealth service. By default, authserver is set to the F5 iHealth authentication server https://api.f5.com/auth/pub/sso/login/ihealth-api.
ARGUMENTS
EXAMPLE
Specify an authentication server for the iHealth service:
appliance-1(config)# system diagnostics ihealth config authserver
(<string>) (https://api.f5.com/auth/pub/sso/login/ihealth-api): https://api.f5networks.net/auth/pub/sso/login/ihealth-api
COMMAND system diagnostics ihealth config password
DESCRIPTION Specify the password used to log in to iHealth. This password is given in plain text, but will be encrypted when stored in the system.
ARGUMENTS
EXAMPLE
Specify a password to be used for logging in to iHealth:
appliance-1(config)# system diagnostics ihealth config password
(<AES encrypted string>): **********
COMMAND system diagnostics ihealth config server
DESCRIPTION Specify the iHealth service has a separate endpoint for authenticating and uploading QKView files. The server config element enables you to specify an upload server URL for the iHealth service. By default, the server is set to the F5 iHealth upload server https://ihealth-api.f5.com/qkview-analyzer/api/qkviews?visible_in_gui=True.
ARGUMENTS
EXAMPLE
Specify an upload server for the iHealth service:
appliance-1(config)# system diagnostics ihealth config server
(<string>) (https://ihealth-api.f5.com/qkview-analyzer/api/qkviews?visible_in_gui=True): https://ihealth-api.f5networks.net/qkview-analyzer/api/qkviews?visible_in_gui=True
COMMAND system diagnostics ihealth config username
DESCRIPTION Specify the username used to access the iHealth service.
ARGUMENTS
EXAMPLE
Specify a user name to be used when logging in to iHealth:
appliance-1(config)# system diagnostics ihealth config username
(<string>) (user@f5.com): user2@f5.com
COMMAND system diagnostics ihealth upload
DESCRIPTION Initiate a QKView file upload to iHealth. It returns a upload id, which is needed to check upload status or cancel an upload.
ARGUMENTS
system diagnostics qkview list command to see a list of available files.
Note: Be sure to add /diags/shared/QKView/ as a prefix to the QKView file name.EXAMPLE
Upload a file named /diags/shared/qkview/test.qkview to iHealth:
appliance-1(config)# system diagnostics ihealth upload qkview-file /diags/shared/qkview/test.qkview description testing service-request-number C523232
message HTTP/1.1 202 Accepted
Location: /support/ihealth/status/iuw53AYW
Date: Tue, 30 Nov 2021 12:09:08 GMT
Content-Length: 0
COMMAND system diagnostics ihealth cancel
DESCRIPTION Cancel a QKView upload that is in progress. If the upload is already complete, it cannot be cancelled. To remove the QKView, log in to the iHealth server and manually delete the QKView, if needed.
ARGUMENTS
EXAMPLE
Cancel the QKView upload with an upload-id of iuw53AYW.
appliance-1(config)# system diagnostics ihealth cancel upload-id iuw53AYW
message HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Location: /support/ihealth/status/iuw53AYW
Date: Tue, 30 Nov 2021 12:10:01 GMT
Content-Length: 44
COMMAND system diagnostics qkview capture
DESCRIPTION
Generate a system diagnostic snapshot, called a QKView. The system can support only one snapshot collection at a time. QKView files are stored in the host directory: diags/shared/qkview/.
ARGUMENTS
<system-name>.qkview.0, which indicates no timeout.true if core files should be excluded from QKView. The default value is false.25 MB.500 MB.EXAMPLE
Generate a QKView and name the file client-qkview.tar, exclude core files, set the maximum core size to 500 MB, set the maximum file size to 500 MB, and set a timeout value of 0 (zero), which indicates no timeout, and then check the status of the QKView generation process:
appliance-1(config)# system diagnostics qkview capture filename client-qkview exclude-cores true maxcoresize 500 maxfilesize 500 timeout 0
result Qkview file client-qkview is being collected
return code 200
appliance-1(config)# system diagnostics qkview status
result {"Busy":true,"Percent":12,"Status":"collecting","Message":"Collecting Data","Filename":"client-qkview"}
resultint 0
COMMAND system diagnostics qkview cancel
DESCRIPTION Cancel a QKView that is in progress.
ARGUMENTS This command has no arguments.
EXAMPLE
Cancel the currently running QKView:
appliance-1(config)# system diagnostics qkview cancel
result Qkview with filename client-qkview.tar was canceled
return code 200
resultint 0
COMMAND system diagnostics qkview status
DESCRIPTION Get the status of a QKView that is in progress or the status of the last QKView collected.
ARGUMENTS This command has no arguments.
EXAMPLE
View the status of the currently running QKView:
appliance-1(config)# system diagnostics qkview status
result {"Busy":true,"Percent":73,"Status":"collecting","Message":"Collecting Data","Filename":"myqkview.tar"}
resultint 0
appliance-1(config)# system diagnostics qkview status
result {"Busy":false,"Percent":100,"Status":"canceled","Message":"Collection canceled by user. Partial qkview saved.","Filename":"client-qkview.tar.canceled"}
resultint 0
COMMAND system diagnostics qkview delete
DESCRIPTION Delete a QKView file.
ARGUMENTS
EXAMPLE
Delete the QKView file named client-qkview.tar.canceled.
appliance-1(config)# system diagnostics qkview delete filename client-qkview.tar.canceled
result Deleted Qkview file client-qkview.tar.canceled
return code 200
resultint 0
COMMAND system diagnostics qkview list
DESCRIPTION Show a list of QKView files.
ARGUMENTS This command has no arguments.
EXAMPLE
List all QKView files on the system:
appliance-1(config)# system diagnostics qkview list
result {"Qkviews":[{"Filename":"client-qkview.tar.canceled","Date":"2021-11-26T23:39:48.783066588Z","Size":131310},{"Filename":"myqkview.tar","Date":"2021-11-26T23:37:43.786269089Z","Size":668708104}]}
resultint 0
COMMAND system dns config search
DESCRIPTION Configure a DNS search domain for the system to use.
ARGUMENTS
COMMAND system dns host-entries host-entry
DESCRIPTION Configure a DNS host entry for the system to use.
ARGUMENTS
COMMAND system dns servers
DESCRIPTION Configure a DNS server for the system to use.
ARGUMENTS
53.EXAMPLE
Configure a DNS server and then verify that it was completed:
appliance-1(config)# system dns servers server 192.0.2.11 config port 53
appliance-1(config-server-192.0.2.11)# commit
Commit complete.
appliance-1(config-server-192.0.2.11)# exit
appliance-1(config)# end
appliance-1# show running-config system dns
system dns servers server 192.0.2.11
config port 53
!
COMMAND system image check-version
DESCRIPTION Check whether the system is compatible with a specific system image service version upgrade version.
ARGUMENTS
EXAMPLE
Verify that the system is compatible with service version number 1.0.0-3456:
appliance-1(config)# system image check-version service-version 1.0.0-3456
COMMAND system image remove
DESCRIPTION Remove a system image.
ARGUMENTS
COMMAND system image set-version
DESCRIPTION Trigger an install after verifying schema compatibility using check-version.
ARGUMENTS
no to show a confirmation prompt prior to resetting the configuration to the default. Specify yes to bypass a confirmation prompt.EXAMPLE
Upgrade the system to iso version 1.0.0-3456:
appliance-1(config)# system image set-version iso-version 1.0.0-3456
Upgrade the os version to 1.0.0-3456:
appliance-1(config)# system image set-version os-version 1.0.0-3456
Upgrade the service version to 1.0.0-3456:
appliance-1(config)# system image set-version service-version 1.0.0-3456
COMMAND system licensing install
DESCRIPTION Perform an automatic system license installation. The system must be connected to the Internet to use the automatic method.
ARGUMENTS
EXAMPLE
Install a base license on the system:
appliance-1(config)# system licensing install registration-key A1234-56789-01234-56789-0123456
result License installed successfully.
COMMAND system licensing manual-install
DESCRIPTION Perform a manual system license installation.
ARGUMENTS
system licensing manual-install, you use system licensing get-dossier to get the system dossier text, and then activate the license at activate.f5.com.EXAMPLE
License the system using license information from activate.f5.com:
appliance-1(config)# system licensing manual-install license
Value for 'license' (<string>):
[Multiline mode, exit with ctrl-D.]
> #
> Auth vers : 5b
> #
> #
> # BIG-IP System License Key File
> # DO NOT EDIT THIS FILE!!
> #
> # Install this file as "/config/bigip.license".
> #
> # Contact information in file /CONTACTS
> #
> #
> # Warning: Changing the system time while this system is running
> # with a time-limited license may make the system unusable.
> #
> Usage : F5 Internal Product Development
> #
> #
> # Only the specific use referenced above is allowed. Any other uses are prohibited.
> #
> Vendor : F5, Inc.
> #
> # Module List
> #
> active module : Local Traffic Manager, r10900 |K284576-4014992|Rate Shaping|Anti-Virus Checks|Base Endpoint Security Checks|Firewall Checks|Machine Certificate Checks|Network Access|Protected Workspace|Secure Virtual Keyboard|APM, Web Application|App Tunnel|Remote Desktop
...
COMMAND system licensing get-dossier
DESCRIPTION Generate an encrypted system dossier that can be used for retrieving a license from the F5 license server. This is used to perform a manual license installation.
ARGUMENTS
EXAMPLE
Get a system licensing dossier from F5:
appliance-1(config)# system licensing get-dossier
system-dossier 48d05131e8688755efde6b1081af5e190793e5a0cfb70cd2da9da8c4c9d9d412a6360a11b869f2dfc779ef7c91df246f7184fe0010b7bcbd420e1664cb1d13b9890ec812bedf05d8cd530c87t82d13a7b63b9823ebdafc5f9061d6c12eb09a5a973361681d31a07dc92d774345cc52e70f8026729df4e2b5c9e6c22f96764e1cdd402f9e499841253259122877a85d7145a658a8444b0b6bc2dc8b9ef4a0156b8af2baa14500e9ce8c3ebcdf4060b35e1748aee093f0bb2349f53bf72f94c61979d1b8ccaf01c84235acf025f3cb3cad3f2cac9938b7481635280cc1589fac997aa4f6db9e8e04d02af5d91f5cd570fc261612233a1204e27a0d2ffd62e4107f89ad286a42ae07cea0918a7be0ba50e307664f8aaf9334051abb6d1559771d2fbfeb8f67335a8325b63a00ddfed563a926d595f1fe049bedf418dd997120945b1d622a574bd957fe6c60924c5562e6cf8ba837124a16bd2a49d1af0ace1f9dbe02af626336e073e8a2802949812eb0227faed9ad787c945c486dbc6d45327688025bcac81e472f3720c615f52455c8e0b235262cb4c8f2dd1ef8c753966fe11798db01714fd95e11348e1036f1ff69da16342595650c91b771cf7a28970c3caffa988faaf8f01cbd846151cd17201c3c8e58b18587e52a8be18f2ac9f175a41296fe9de3532433e94817f9b08ab2d9f66cdb76506e7d4156f9eb8af96aee363e8ab18eec930f6cc1c2dc80e2b254fbc9e31851a10f34506d71e1e5d60344a1ed5ec021c0e63513fd833ea8286258f6094592c7d04f9d29db93114518024b9129acb36ce41b1d1c7405db549f3aaa697919592a6dabfece7295cf57d8b950fcfed6cc40286d830be12097b0e3c0f9acbc07ccdb110b3cc98ca5a1ac09d6b152b2ace004d613364242a031e21057d3dc270ba00fe6918b3075b4692f55ca71fe6cd76c91f4beb19af97bb47dd677a77159e78adfa7e7cf0feb8a3490fc59fe660b26eb5268ecfed6f03c41ea0edadc7bc7573e91d0ad01313ee07e8719ec4d59fd6c90fcdbd29407f0a7666ff9de33251b04e270eb2d46c6cf8583d163c47d5768
COMMAND system licensing get-eula
DESCRIPTION Retrieve the End User License Agreement (EULA) from the F5 License Server.
ARGUMENTS
EXAMPLE
Gets the contents of the latest F5 EULA:
appliance-1(config)# system licensing get-eula
eula-text END USER LICENSE AGREEMENT
DOC-0355-16
IMPORTANT " READ BEFORE INSTALLING OR OPERATING THIS PRODUCT
YOU AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE BY INSTALLING,
HAVING INSTALLED, COPYING, OR OTHERWISE USING THE SOFTWARE. IF YOU
DO NOT AGREE, DO NOT INSTALL OR USE THE SOFTWARE.
This End User License Agreement ("License") applies to the software
product(s) ("Software") you have licensed from us whether on
a stand-alone basis or as part of any hardware ("Hardware") you
purchase from us, (the Hardware and Software together, the "Product").
...
COMMAND system locator config enabled
DESCRIPTION Configure whether the system locator function is enabled. Enabling this function illuminates the F5 logo ball so that you can more easily locate a chassis in a data center.
ARGUMENTS
enabled to enable the chassis locator function. Specify disabled to disable it.COMMAND system logging remote-servers remote-server
DESCRIPTION Configure information about remote logging servers.
ARGUMENTS
udp.514.EXAMPLE
Create a logging destination:
appliance-1(config)# system logging remote-servers remote-server 192.0.2.240 config proto tcp
appliance-1(config-remote-server-192.0.2.240)# commit
Commit complete.
Delete a logging destination:
appliance-1(config)# no system logging remote-servers remote-server 192.0.2.240
appliance-1(config)# commit
Commit complete.
COMMAND system logging host-logs
DESCRIPTION Configure settings for sending host logs to remote logging servers.
ARGUMENTS
enabled to enable remote forwarding of active node host logs. Specify disabled to disable it.host-logs is enabled and a remote server configuration is present. Available options are:EXAMPLE
Enable remote forwarding:
appliance-1(config)# system logging host-logs config remote-forwarding enabled
COMMAND system logging sw-components sw-component
DESCRIPTION Configure logging for platform software components. Available options are:
ARGUMENTS
INFORMATIONAL. Available options, in decreasing order of severity, are:COMMAND system mgmt-ip config dhcp-enabled
DESCRIPTION Enable or disable DHCP for the system management IP address. DHCP is supported only on static interfaces.
ARGUMENTS
true to enable DHCP for the management IP address or false to disable it. The default value is false.EXAMPLE
Enable DHCP for the management IP address:
appliance-1(config)# system mgmt-ip config dhcp-enabled true
COMMAND system mgmt-ip config ipv4 gateway
DESCRIPTION Configure a gateway IPv4 address.
ARGUMENTS
EXAMPLE
Configure the gateway IPv4 address to be 192.0.2.1:
appliance-1(config)# system mgmt-ip config ipv4 gateway 192.0.2.1
COMMAND system mgmt-ip config ipv4 prefix-length
DESCRIPTION Configure the IPv4 prefix length.
ARGUMENTS
EXAMPLE
Configure the IPv4 prefix length to be 24:
appliance-1(config)# system mgmt-ip config ipv4 prefix-length 24
COMMAND system mgmt-ip config ipv4 system address
DESCRIPTION
Configure an IPv4 management IP address for the system.
ARGUMENTS
COMMAND system mgmt-ip config ipv6 gateway
DESCRIPTION
Configure a gateway IPv6 address.
ARGUMENTS
EXAMPLE
Configure the gateway IPv6 address to be ::1:
appliance-1(config)# system mgmt-ip config ipv6 gateway ::1
COMMAND system mgmt-ip config ipv6 prefix-length
DESCRIPTION Configure IPv6 prefix length.
ARGUMENTS
EXAMPLE
Configure the IPv6 prefix length to be 64:
appliance-1(config)# system mgmt-ip config ipv6 prefix-length 64
COMMAND system mgmt-ip config ipv6 system address
DESCRIPTION Configure an IPv6 management IP address for the system.
ARGUMENTS
DESCRIPTION Configure the internal address range.
ARGUMENTS
prefix. This is the default value.EXAMPLE
Configure the range type to be RFC6598:
appliance-1(config)# system network config network-range-type RFC6598
COMMAND system network config network-range-type RFC1918 chassis-id
DESCRIPTION Set the chassis ID that is used to determine internal address ranges.
IMPORTANT: F5 strongly recommends that you do not change this setting.
ARGUMENTS
1.COMMAND system network config network-range-type RFC1918 prefix
DESCRIPTION
Configure the internal network prefix index that is used to select the range of IP addresses used internally within the appliance. If needed, select a network prefix that ensures that internal appliance addresses do not overlap with site-local addresses that are accessible to the system.
ARGUMENTS
EXAMPLE
Configure the internal network range to use 10.[16-31].0.0/16:
appliance-1(config)# system network config network-range-type RFC1918 prefix 1
COMMAND system ntp config
DESCRIPTION
Enable the Network Time Protocol (NTP) protocol and indicate that the system should synchronize the system clock with an NTP server defined in the ntp/server list.
ARGUMENTS
enabled to enable using NTP. Specify disabled to disable it.EXAMPLE
Disable the use of NTP:
appliance-1(config)# system ntp config disabled
COMMAND system ntp ntp-keys ntp-key
DESCRIPTION Configure the list of Network Time Protocol (NTP) authentication keys.
ARGUMENTS
COMMAND system ntp servers server
DESCRIPTION
Configure which NTP servers can be used for system clock synchronization. If system ntp is enabled, then the system will attempt to contact and use the specified NTP servers.
ARGUMENTS
SERVER.true to enable iburst for the NTP service. Specify false to disable it.123.true to indicate that this server should be the preferred one. Specify false if not.EXAMPLES
Configure an NTP server with the address pool.ntp.org, where the association type is POOL, and it is the preferred server:
appliance-1(config)# system ntp servers server pool.ntp.org config association-type POOL prefer true
appliance-1(config-server-pool.ntp.org)# top
appliance-1(config)# system ntp config enabled
appliance-1(config)# commit
Commit complete.
Configure an NTP server with the address time.f5net.com, where the association type is SERVER, iburst is enabled, port is 123, it is the preferred server, and version number is 4:
appliance-1(config)# system ntp servers server time.f5net.com
appliance-1(config-server-time.f5net.com)# config address time.f5net.com
appliance-1(config-server-time.f5net.com)# config association-type SERVER
appliance-1(config-server-time.f5net.com)# config iburst true
appliance-1(config-server-time.f5net.com)# config port 123
appliance-1(config-server-time.f5net.com)# config prefer true
appliance-1(config-server-time.f5net.com)# config version 4
appliance-1(config-server-time.f5net.com)# commit
Commit complete.
COMMAND system raid add
DESCRIPTION Add a new drive to the RAID array.
ARGUMENTS
EXAMPLE
Add ssd1 to the system's RAID array:
appliance-1(config)# system raid add drive ssd1
COMMAND system raid remove
DESCRIPTION Remove a drive from the RAID array.
ARGUMENTS
EXAMPLE
Remove ssd1 from the system's RAID array:
appliance-1(config)# system raid remove drive ssd1
COMMAND system reboot
DESCRIPTION Trigger a restart of the system. This resets the management IP connection.
ARGUMENTS
This command has no arguments.
EXAMPLE
Reboot the system and when prompted whether to confirm the reboot, enter yes:
appliance-1(config)# system reboot
The reboot of the system results in data plane and management connectivity to be disrupted. Proceed? [no,yes]
COMMAND system set-datetime
DESCRIPTION Configure the date and time for the system.
ARGUMENTS
EXAMPLES
Configure the system date to be 2021-11-11:
appliance-1(config)# system set-datetime date 2021-11-11
Configure the system time to be 11:11:00:
appliance-1(config)# system set-datetime date 11:11:00
COMMAND tenants tenant
DESCRIPTION Provision and deploy a tenant on the system.
ARGUMENTS
enabled to enable appliance node at the tenant level. Specify disabled to disable it.enabled to enable crypto devices for the tenant level. Specify disabled to disable it.deployed state.76 GB. The range is from 22 to 700 GB.EXAMPLE
Configure a tenant named bigip-vm of type BIG-IP, using a specified image file, assigned to node 1, using port 22, a management IP address of 192.0.2.61, a netmask of 255.255.255.0, a gateway of 192.0.2.1, using VLAN 100, and a running state of deployed.
appliance-1(config)# tenants tenant bigip-vm config type BIG-IP image BIGIP-bigip15.1.6.123.ALL-F5OS.qcow2.zip.bundle nodes 1 port 22 mgmt-ip 192.0.2.71 netmask 255.255.255.0 gateway 192.0.2.254 vlans 100 running-state deployed
COMMAND vlan-listeners vlan-listener
DESCRIPTION A vlan-listener is a system-generated object and should only be configured manually under the guidance of F5 Technical Support. Manually configuring a vlan-listener object could potentially impact the flow of network traffic through the system.
ARGUMENTS
COMMAND vlans vlan
DESCRIPTION Creates a VLAN object that can be referenced by other configuration commands. This command is intended to be expanded for future use and is currently not necessary for proper configuration of the system.
ARGUMENTS
EXAMPLE
Configure VLAN 100, with the name 100 and a vlan-id of 100:
appliance-1(config)# vlans vlan 100 config name 100 vlan-id 100
Configure a VLAN range of 100-101:
appliance-1(config)# vlans vlan range 100-101
COMMAND autowizard
DESCRIPTION Specify whether to query automatically for mandatory elements.
ARGUMENTS
true to query automatically for mandatory elements. Specify false to disable it.COMMAND cd
DESCRIPTION Change the working directory to a specific folder.
ARGUMENTS
COMMAND clear
DESCRIPTION Remove all configuration changes.
ARGUMENTS
COMMAND compare
DESCRIPTION Compare two configuration subtrees.
ARGUMENTS
COMMAND complete-on-space
DESCRIPTION Specify whether to have the CLI complete a command name automatically when you type an unambiguous string and then press the space bar, or have the CLI list all possible completions when you type an ambiguous string and then press the space bar.
ARGUMENTS
true to enable the ability to have the CLI complete a command name automatically when you press the space bar. Specify false to disable it.COMMAND config
DESCRIPTION
Enter configuration mode. In configuration mode, you are editing a copy of the running configuration, called the candidate configuration, not the actual running configuration. Your changes take effect only when you issue a commit command.
ARGUMENTS
COMMAND describe
DESCRIPTION Display internal information about how a command is implemented.
ARGUMENTS
COMMAND devtools
DESCRIPTION Enable/disable development tools.
ARGUMENTS
true to enable development tools or false to disable it.COMMAND display-level
DESCRIPTION Set the depth of the configuration shown for show commands.
ARGUMENTS
<depth> can be a value from 1 to 64.COMMAND exit
DESCRIPTION Exit the CLI session.
ARGUMENTS This command has no arguments.
COMMAND file
DESCRIPTION Perform file operations.
ARGUMENTS
For detailed information about these arguments, see the file page under config-mode-commands.
COMMAND help
DESCRIPTION Display help information about a specified command.
ARGUMENTS
COMMAND history
DESCRIPTION Configure the command history cache size.
ARGUMENTS
<size> can be a value from 0 through 1000.COMMAND id
DESCRIPTION Display information about the current user, including user, gid, group, and gids.
ARGUMENTS This command has no arguments.
COMMAND idle-timeout
DESCRIPTION Set how long the CLI is inactive before a user is logged out of the system. If a user is connected using an SSH connection, the SSH connection is closed after this time expires.
ARGUMENTS
1800 seconds (30 minutes).COMMAND ignore-leading-space
DESCRIPTION Specify whether to consider or ignore leading whitespace at the beginning of a command.
ARGUMENTS
false to ignore leading whitespace or true to consider it.COMMAND job
DESCRIPTION Perform job operations.
ARGUMENTS
COMMAND leaf-prompting
DESCRIPTION Specify whether to enable or disable automatic querying for leaf values.
ARGUMENTS
false to disable leaf prompting and specify true to enable it.COMMAND logout
DESCRIPTION Log out a specific session or user from all sessions.
ARGUMENTS
<session-id>.<user-name>.COMMAND no
DESCRIPTION Delete or unset a configuration command.
ARGUMENTS
COMMAND output-file
DESCRIPTION Copy command output to a file or terminal.
ARGUMENTS
COMMAND paginate
DESCRIPTION Specify whether to control the pagination of CLI command output.
ARGUMENTS
false to display command output continuously, regardless of the CLI screen height. Specify true to display all command output one screen at a time. To display the next screen of output, press the space bar. This is the default setting.COMMAND prompt1
DESCRIPTION Set the operational mode prompt.
ARGUMENTS
COMMAND prompt2
DESCRIPTION Set the configuration mode prompt.
ARGUMENTS
COMMAND pwd
DESCRIPTION Display the current path in the configuration hierarchy.
ARGUMENTS This command has no arguments.
COMMAND quit
DESCRIPTION Exit the CLI session.
ARGUMENTS This command has no arguments.
COMMAND screen-length
DESCRIPTION Configure the length of the terminal window.
ARGUMENTS
<number-of-rows> can be from 0 through 256. When you set the screen length to 0 (zero), the CLI does not paginate command output.COMMAND screen-width
DESCRIPTION Configure the width of the terminal window.
ARGUMENTS
<number-of-rows> can be from 200 through 256.COMMAND script
DESCRIPTION Perform script actions.
ARGUMENTS
COMMAND send
DESCRIPTION Send a message to the terminal of a specified user or all users.
ARGUMENTS
all to send a message to all users. Specify username <username> to send a message only to a specified user.COMMAND show
DESCRIPTION Show information about the system.
ARGUMENTS
COMMAND show-defaults
DESCRIPTION Specify whether to display the default configuration.
ARGUMENTS
true to display the default values. Specify false to hide the default values.COMMAND source
DESCRIPTION Run commands from <file> as if they had been entered by the user.
ARGUMENTS
COMMAND system
DESCRIPTION Perform system operations. Available options are:
system aaa.system database.system diagnostics.COMMAND terminal
DESCRIPTION Set the terminal type.
ARGUMENTS
COMMAND timestamp
DESCRIPTION Configure whether to display the timestamp.
ARGUMENTS
enable to show the timestamp. Specify disable to hide the timestamp.COMMAND who
DESCRIPTION Display information on currently-logged on users. The command output displays the session ID, user name, context, from (IP address), protocol, date, and mode (operational or configuration).
ARGUMENTS This command has no arguments.
COMMAND write
DESCRIPTION
Display the running configuration of the system on the terminal. This command is equivalent to the show running-config command.
ARGUMENTS
COMMAND annotation
DESCRIPTION Display only statements whose annotation matches a provided configuration statement or pattern.
Note: Only available when the system has been configured with attributes enabled.
ARGUMENTS
COMMAND append
DESCRIPTION Append command output text to a file.
ARGUMENTS
COMMAND begin
DESCRIPTION Display the command output starting at the first match of a specified string.
ARGUMENTS
COMMAND best-effort
DESCRIPTION Display command output or continue loading a file, even if a failure has occurred that might interfere with this process.
ARGUMENTS This command has no arguments.
COMMAND context-match
DESCRIPTION Display the upper hierarchy in which a pattern appears in the configuration.
ARGUMENTS
COMMAND count
DESCRIPTION Count the number of lines in the command output.
ARGUMENTS This command has no arguments.
COMMAND csv
DESCRIPTION Display table output in CSV format.
ARGUMENTS This command has no arguments.
COMMAND de-select
DESCRIPTION Do not show a specified field in the command output.
ARGUMENTS
COMMAND debug
DESCRIPTION Display debug information.
ARGUMENTS This command has no arguments.
COMMAND details
DESCRIPTION Display the default values for commands in the running configuration.
ARGUMENTS This command has no arguments.
COMMAND display
DESCRIPTION Display options.
ARGUMENTS This command has no arguments.
COMMAND exclude
DESCRIPTION Exclude lines from the command output that match a string defined by a specified regular expression.
ARGUMENTS
COMMAND extended
DESCRIPTION Display referring entries or elements.
ARGUMENTS This command has no arguments.
COMMAND force
DESCRIPTION Log out any users who are locking the configuration.
ARGUMENTS This command has no arguments.
COMMAND hide
DESCRIPTION Hide display options.
ARGUMENTS This command has no arguments.
COMMAND icount
DESCRIPTION Count the number of matching instances.
ARGUMENTS This command has no arguments.
COMMAND include
DESCRIPTION Include only lines in the command output that contain the string defined by a specified regular expression.
ARGUMENTS
COMMAND linnum
DESCRIPTION Display a line number at the beginning of each line in the displayed output.
ARGUMENTS This command has no arguments.
COMMAND match-all
DESCRIPTION Display the command output that matches all command output filters.
ARGUMENTS This command has no arguments.
COMMAND match-any
DESCRIPTION Display the command output that matches any one of the the command output filters. This is the default behavior when matching command output.
ARGUMENTS This command has no arguments.
COMMAND more
DESCRIPTION Paginate the command output. This is the default behavior.
ARGUMENTS This command has no arguments.
COMMAND nomore
DESCRIPTION Do not paginate command output.
ARGUMENTS This command has no arguments.
COMMAND notab
DESCRIPTION Display tabular command output in a list instead of in a table. If the tabular command output is wider than the screen width, the output automatically displays in a list.
ARGUMENTS This command has no arguments.
COMMAND repeat
DESCRIPTION
Repeat the output of a show command periodically.
ARGUMENTS
COMMAND save
DESCRIPTION Save the command output text to a file.
ARGUMENTS
COMMAND select
DESCRIPTION Display selected fields in the command output.
ARGUMENTS
COMMAND sort-by
DESCRIPTION Display command output with values sorted in a specified field.
ARGUMENTS
COMMAND suppress-validate-warning-prompt
DESCRIPTION Suppress the validation warning prompt.
ARGUMENTS This command has no arguments.
COMMAND tab
DESCRIPTION Display tabular command output in table, even if the table is wider than the screen width. If the command output is wider than the screen width, wrap the output onto two or more lines.
ARGUMENTS This command has no arguments.
COMMAND tags
DESCRIPTION Display only statements with tags that match a pattern.
ARGUMENTS
COMMAND trace
DESCRIPTION Display trace information.
ARGUMENTS This command has no arguments.
COMMAND until
DESCRIPTION Display the command output, ending with the line that matches a specified string.
ARGUMENTS
COMMAND show SNMP-FRAMEWORK-MIB
DESCRIPTION Display information about the SNMP engine Management Information Base (MIB).
EXAMPLES
Display information about the SNMP engine:
appliance-1# show SNMP-FRAMEWORK-MIB
SNMP-FRAMEWORK-MIB snmpEngine snmpEngineID 80:00:61:81:05:01
SNMP-FRAMEWORK-MIB snmpEngine snmpEngineBoots 7
SNMP-FRAMEWORK-MIB snmpEngine snmpEngineTime 127740
SNMP-FRAMEWORK-MIB snmpEngine snmpEngineMaxMessageSize 50000
COMMAND show SNMP-MPD-MIB
DESCRIPTION Display information about the SNMP Message Processing and Dispatching (MPD) MIB.
EXAMPLES
Display SNMP MPD information:
appliance-1# show SNMP-MPD-MIB
SNMP-MPD-MIB snmpMPDStats snmpUnknownSecurityModels 0
SNMP-MPD-MIB snmpMPDStats snmpInvalidMsgs 0
SNMP-MPD-MIB snmpMPDStats snmpUnknownPDUHandlers 0
COMMAND show SNMP-TARGET-MIB
DESCRIPTION Display information about the SNMP TARGET MIB.
EXAMPLES
Display the SNMP TARGET MIB information:
appliance-1# show SNMP-TARGET-MIB
SNMP-TARGET-MIB snmpTargetObjects snmpUnavailableContexts 0
SNMP-TARGET-MIB snmpTargetObjects snmpUnknownContexts 0
COMMAND show SNMP-USER-BASED-MIB
DESCRIPTION Display information about objects that belong to SNMP files based on user-based security.
EXAMPLES
Display the SNMP TARGET user-based information:
appliance-1# show SNMP-USER-BASED-SM-MIB
SNMP-USER-BASED-SM-MIB usmStats usmStatsUnsupportedSecLevels 0
SNMP-USER-BASED-SM-MIB usmStats usmStatsNotInTimeWindows 0
SNMP-USER-BASED-SM-MIB usmStats usmStatsUnknownUserNames 0
SNMP-USER-BASED-SM-MIB usmStats usmStatsUnknownEngineIDs 0
SNMP-USER-BASED-SM-MIB usmStats usmStatsWrongDigests 0
SNMP-USER-BASED-SM-MIB usmStats usmStatsDecryptionErrors 0
COMMAND show SNMPv2-MIB
DESCRIPTION Display information about the SNMP version 2 MIB.
EXAMPLES
Display the SNMP version 2 MIB information:
appliance-1# show SNMPv2-MIB
SNMPv2-MIB system sysDescr "Linux 3.10.0-1160.25.1.F5.4.el7_8.x86_64 : Appliance services version 1.1.0-5810"
SNMPv2-MIB system sysObjectID 1.3.6.1.2.1.1
SNMPv2-MIB system sysUpTime 28545699
SNMPv2-MIB system sysServices 72
SNMPv2-MIB system sysORLastChange 9
SNMPv2-MIB snmp snmpInPkts 0
SNMPv2-MIB snmp snmpInBadVersions 0
SNMPv2-MIB snmp snmpInBadCommunityNames 0
SNMPv2-MIB snmp snmpInBadCommunityUses 0
SNMPv2-MIB snmp snmpInASNParseErrs 0
SNMPv2-MIB snmp snmpSilentDrops 0
SNMPv2-MIB snmp snmpProxyDrops 0
SNMPv2-MIB snmpSet snmpSetSerialNo 836391230
SYS
SYS ORUP
ORINDEX SYS ORID SYS ORDESCR TIME
-----------------------------------------------------------------------------------------------------------------
1 1.3.6.1.4.1.12276.1 F5 Networks enterprise Platform MIB 9
2 1.3.6.1.2.1.31 The MIB module to describe generic objects for network interface sub-layers 9
COMMAND show cli
DESCRIPTION Display the default CLI session settings.
ARGUMENTS
This command has no arguments.
EXAMPLES
Display the current default CLI session settings:
appliance-1# show cli
autowizard true
complete-on-space false
devtools false
display-level 99999999
history 100
idle-timeout 0
ignore-leading-space false
leaf-prompting true
output-file terminal
paginate true
prompt1 \h\M#
prompt2 \h(\m)#
screen-length 70
screen-width 125
service prompt config true
show-defaults false
terminal xterm-256color
timestamp disable
COMMAND show cluster
DESCRIPTION Display the current state of the OpenShift cluster and the last 25 OpenShift events that have occurred during installation and during normal operation.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display the current cluster state:
appliance-1# show cluster
cluster state
cluster disk-usage-threshold state warning-limit 85
cluster disk-usage-threshold state error-limit 90
cluster disk-usage-threshold state critical-limit 97
cluster disk-usage-threshold state growth-rate-limit 10
cluster disk-usage-threshold state interval 60
cluster nodes node node-1
state enabled true
state node-running-state running
state platform fpga-state FPGA_RDY
state platform dma-agent-state DMA_AGENT_RDY
state node-info creation-time 2021-11-08T21:55:12Z
state node-info cpu 48
state node-info pods 110
state node-info memory 26215440Ki
state ready-info ready true
state ready-info last-transition-time 2021-12-04T00:29:25Z
state ready-info message "kubelet is posting ready status"
state out-of-disk-info last-transition-time ""
state out-of-disk-info message ""
state disk-pressure-info disk-pressure true
state disk-pressure-info last-transition-time 2021-12-04T00:29:34Z
state disk-pressure-info message "kubelet has disk pressure"
state disk-usage used-percent 39
state disk-usage growth-rate 1
state disk-usage status in-range
DISK DATA DISK DATA
NAME VALUE
-------------------------
available 68550262784
capacity 117807665152
used 43249483776
TENANT
NAME QAT DEVICE NAME BDF
-----------------------------------
big-ip qat_dev_vf00pf00 53:01.0
qat_dev_vf00pf01 54:01.0
qat_dev_vf00pf02 55:01.0
NAMESPACE TYPE REASON OBJECT MESSAGE
------------------------------------------
-
cluster cluster-status summary-status "K3S cluster is NOT initialized."
INDEX STATUS
---------------------------------------------------------------------------------------------
0 2022-01-04 16:53:01.280210 - applianceMainEventLoop::Orchestration manager startup.
COMMAND show cluster cluster-status
DESCRIPTION Display the current state of a specific OpenShift event that has occurred during installation and during normal operation.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display cluster status:
appliance-1# show cluster cluster-status
cluster cluster-status summary-status "K3S cluster is NOT initialized."
INDEX STATUS
---------------------------------------------------------------------------------------------
0 2022-01-04 16:53:01.280210 - applianceMainEventLoop::Orchestration manager startup.
COMMAND show cluster disk-usage-threshold
DESCRIPTION Display the current configuration of disk usage threshold.
ARGUMENTS
EXAMPLE
Display the current configuration for all disk usage threshold options:
appliance-1# show cluster disk-usage-threshold
cluster disk-usage-threshold state warning-limit 85
cluster disk-usage-threshold state error-limit 90
cluster disk-usage-threshold state critical-limit 97
cluster disk-usage-threshold state growth-rate-limit 10
cluster disk-usage-threshold state interval 60
COMMAND show cluster events
DESCRIPTION Display information about cluster events, including namespace, type, reason, object and message.
ARGUMENTS
COMMAND show cluster install-status
DESCRIPTION Display the status of the OpenShift cluster installation, including the state of the various stages of the OpenShift installation.
ARGUMENTS
This command has no arguments.
COMMAND
show cluster nodes node
DESCRIPTION Display the state of a specific node in the system.
ARGUMENTS
EXAMPLE
Display the state of the node node-1:
appliance-1# show cluster nodes node node-1
cluster nodes node node-1
state enabled true
state node-running-state running
state platform fpga-state FPGA_RDY
state platform dma-agent-state DMA_AGENT_RDY
state node-info creation-time 2021-11-08T21:55:12Z
state node-info cpu 48
state node-info pods 110
state node-info memory 26215440Ki
state ready-info ready true
state ready-info last-transition-time 2021-12-04T00:29:25Z
state ready-info message "kubelet is posting ready status"
state out-of-disk-info last-transition-time ""
state out-of-disk-info message ""
state disk-pressure-info disk-pressure true
state disk-pressure-info last-transition-time 2021-12-04T00:29:34Z
state disk-pressure-info message "kubelet has disk pressure"
state disk-usage used-percent 39
state disk-usage growth-rate 1
state disk-usage status in-range
DISK DATA DISK DATA
NAME VALUE
-------------------------
available 68530409472
capacity 117807665152
used 43269337088
TENANT
NAME QAT DEVICE NAME BDF
-----------------------------------
big-ip qat_dev_vf00pf00 53:01.0
qat_dev_vf00pf01 54:01.0
qat_dev_vf00pf02 55:01.0
COMMAND show cluster state
DESCRIPTION Display the current state of the cluster.
ARGUMENTS
This command has no arguments.
COMMAND show components
DESCRIPTION Display information about hardware inventory and firmware components.
ARGUMENTS
The availability of options for this command depends on which hardware component you are configuring.
running, and it changes to complete when the update completes.show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLES
Display details about psu-1:
appliance-1# show components component psu-1
components component psu-1
state serial-no FZ2104Q71234
state part-no MW2100
state empty false
psu-stats psu-current-in 1.234
psu-stats psu-current-out 17.375
psu-stats psu-voltage-in 202.0
psu-stats psu-voltage-out 12.015
psu-stats psu-temperature-1 39.0
psu-stats psu-temperature-2 41.0
psu-stats psu-temperature-3 41.0
psu-stats psu-fan-1-speed 19680
Display all information about the platform:
appliance-1# show components component platform
components component platform
state description "r10900"
state serial-no f5-abcd-efgh
state part-no "200-0413-02 REV 2"
state empty false
state tpm-integrity-status Valid
state memory available 15305256960
state memory free 14715150336
state memory used-percent 94
state temperature current 27.2
state temperature average 28.6
state temperature minimum 26.8
state temperature maximum 31.3
UPDATE
NAME NAME VALUE CONFIGURABLE STATUS
-------------------------------------------------------------------------------------------
QAT0 - Lewisburg C62X Crypto/Compression false -
QAT1 - Lewisburg C62X Crypto/Compression false -
QAT2 - Lewisburg C62X Crypto/Compression false -
QAT3 - Lewisburg C62X Crypto/Compression false -
QAT4 - Lewisburg C62X Crypto/Compression false -
QAT5 - Lewisburg C62X Crypto/Compression false -
fw-version-bios - 1.02.108.1 false none
fw-version-bios-me - 4.4.4.58 false none
fw-version-cpld - 02.0A.00 false none
fw-version-drive-nvme0 - VDV10170 false none
fw-version-drive-nvme1 - VDV10170 false none
fw-version-drive-u.2.slot1 - VDV10170 false none
fw-version-drive-u.2.slot2 - VDV10170 false none
fw-version-lcd-app - 1.01.057.00.1 false none
fw-version-lcd-bootloader - 1.01.027.00.1 false none
fw-version-lcd-ui - 1.5.1 false none
fw-version-lop-app - 1.00.214.0.1 false none
fw-version-lop-bootloader - 1.02.062.0.1 false none
fw-version-sirr - 1.1.29 false none
storage state disks disk nvme0n1
state model "INTEL SSDPE2KX010T8"
state vendor Intel
...
COMMAND show configuration commit changes
DESCRIPTION Display changes that were made to the running configuration by previous configuration commits, including changes committed for a specified commit ID.
ARGUMENTS
EXAMPLES
Display information about the last commit:
appliance-1# show configuration commit changes
!
! Created by: admin
! Date: 2022-01-05 19:52:30
! Client: rest
!
system clock config timezone-name America/Los_Angeles
Display information about commit ID 2:
appliance-1# show configuration commit changes 2
!
! Created by: admin
! Date: 2022-01-05 00:36:06
! Client: cli
!
system ntp servers server ntp.pool.org
config address ntp.pool.org
!
system ntp servers server ntp.pool.org
!
COMMAND show configuration commit list
DESCRIPTION Display information about the configuration commits stored in the commit database.
ARGUMENTS
EXAMPLE
Display information about the five most recent configuration commits:
appliance-1# show configuration commit list 5
2022-01-06 02:57:46
SNo. ID User Client Time Stamp Label Comment
~~~~ ~~ ~~~~ ~~~~~~ ~~~~~~~~~~ ~~~~~ ~~~~~~~
0 10103 admin rest 2022-01-05 19:52:30
1 10101 admin system 2022-01-05 19:47:06
2 10100 admin cli 2022-01-05 00:36:06
3 10099 admin cli 2022-01-04 17:00:10
4 10098 admin rest 2022-01-04 16:56:09
COMMAND show configuration rollback changes
DESCRIPTION Display changes that would be made by the rollback configuration command or to display the list of commit IDs.
ARGUMENTS
EXAMPLE
Display changes that would be made by rolling back to the most recent configuration commit:
appliance-1# show configuration rollback changes
no system clock config timezone-name America/Los_Angeles
COMMAND
show dag-states
DESCRIPTION
Display system level packet disaggregation (DAG) state. This table is populated by the system with a row per running tenant. The data shows the where a packet can be distributed to when received by an interface.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display the current disaggregation state:
appliance-1# show dag-states
dag-states dag-state big-ip
publisher dagd
publisher-instance 1
publish-time 1638493412
commit-tenant-instance 1
commit-time 1638493412
dag-version 16
tenant-instance-ids [ 15 63 ]
sdag-table "f f f f f f f f f f f f f f f f f f f f f f f f"
sdag-table-hash 0
COMMAND
show dag-states dag-state
DESCRIPTION
Display only a specific dag-state for a given tenant name.
ARGUMENTS
Available options are:
EXAMPLE
appliance-1# show dag-states dag-state big-ip
dag-states dag-state big-ip
publisher dagd
publisher-instance 1
publish-time 1638493412
commit-tenant-instance 1
commit-time 1638493412
dag-version 16
tenant-instance-ids [ 15 63 ]
sdag-table "f f f f f f f f f f f f f f f f f f f f f f f f"
sdag-table-hash 0
COMMAND show fdb
DESCRIPTION Show Layer 2 forwarding database (FDB) entries in the system.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display all FDB information using table output:
appliance-1# show fdb | tab
show fdb | tab
NDI
MAC ADDRESS VLAN TAG TYPE VLAN TAG TYPE VID ENTRY TYPE OWNER AGE ID SVC VTC SEP DMS DID CMDS MIRRORING INTERFACE
-----------------------------------------------------------------------------------------------------------------------------------------------------
00:94:a1:8e:4c:09 1040 tag_type_vid 1040 tag_type_vid 1040 L2-LISTENER - - 4095 8 - - - - 1 - -
00:94:a1:8e:4c:09 1041 tag_type_vid 1041 tag_type_vid 1041 L2-LISTENER - - 4095 8 - - - - 1 - -
Show FDB MAC table information:
appliance-1# show fdb mac-table
fdb mac-table entries entry 00:94:a1:8e:4c:09 100 tag_type_vid
state vlan 100
state tag-type tag_type_vid
state vid 100
state entry-type L2-LISTENER
state owner defaultbip-1
state ifh-fields ndi-id 4095
state ifh-fields svc 8
state ifh-fields cmds 1
fdb mac-table entries entry 00:94:a1:8e:4c:09 101 tag_type_vid
state vlan 101
state tag-type tag_type_vid
state vid 101
state entry-type L2-LISTENER
state owner defaultbip-1
state ifh-fields ndi-id 4095
state ifh-fields svc 8
state ifh-fields cmds 1
COMMAND show file
DESCRIPTION Display current configuration for known hosts and status of file transfers.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.known_hosts file.EXAMPLE
Display the status of recent file transfers:
appliance-1# show file transfer-operations
file transfer-operations transfer-operation images/tenant/BIGIP-15.1.4-0.0.10.ALL-F5OS.qcow2.zip.bundle sea.company.com v15.1.4/daily/build10.0/VM/BIGIP-15.1.4-0.0.10.ALL-F5OS.qcow2.zip.bundle "Import file" "HTTPS "
status "In Progress (41.0%)"
timestamp "Thu Jan 6 03:16:42 2022"
COMMAND show fpga-tables
DESCRIPTION Display current configuration for FPGA tables.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display information about port_mod0:
appliance-1# show fpga-tables xbar-ports xbar-port port0_mod0
fpga-tables xbar-ports xbar-port port0_mod0
state counters rx-pkt-cnt 4125
state counters rx-byte-cnt 1419000
state counters tx-pkt-cnt 0
state counters tx-byte-cnt 0
state counters tx-obuff-drops 0
state counters mcast-rx-full-drops 0
state counters mcast-tx-full-drops 0
state counters rx-cos0-drops 0
state counters rx-cos1-drops 0
state counters rx-cos2-drops 0
state counters rx-cos3-drops 0
state counters rx-cos4-drops 0
state counters rx-cos5-drops 0
state counters rx-cos6-drops 0
state counters rx-cos7-drops 0
state counters tx-cos0-drops 0
state counters tx-cos1-drops 0
state counters tx-cos2-drops 0
state counters tx-cos3-drops 0
state counters tx-cos4-drops 0
state counters tx-cos5-drops 0
state counters tx-cos6-drops 0
state counters tx-cos7-drops 0
state counters rx-mcast-pkt-cnt 0
state counters rx-mcast-byte-cnt 0
state counters rx-mcast-drops 0
state counters tx-mcast-pkt-cnt 0
state counters tx-mcast-byte-cnt 0
state counters tx-mcast-drops 0
state counters rx-dst-dis-pkt-cnt 0
state counters mirror-pkts-cnt 0
state counters mirror-bytes-cnt 0
COMMAND show history
DESCRIPTION Display a history of commands run on the system.
ARGUMENTS
EXAMPLE
Display the last three commands that were run on the system:
appliance-1# show history 3
03:24:37 -- show file transfer-operations state
03:24:57 -- idle-timeout 0
03:25:26 -- show file transfer-operations
COMMAND show images
DESCRIPTION Display all tenant images imported to the system. Also shows which image is currently in use and its status.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display all tenant images on the system:
appliance-1# show images
IN
NAME USE STATUS
------------------------------------------------------------------------------------
BIGIP-15.1.4-0.0.10.ALL-F5OS.qcow2.zip.bundle false verified
COMMAND show interfaces
DESCRIPTION Display information about front-panel network interfaces. This includes options for link aggregation.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLES
Display only the first level of interface information:
appliance-1# show interfaces displaylevel 1
interfaces interface 1.0
interfaces interface 2.0
interfaces interface 3.0
interfaces interface 4.0
interfaces interface 5.0
interfaces interface 6.0
interfaces interface 7.0
interfaces interface 8.0
interfaces interface 9.0
interfaces interface 10.0
interfaces interface 11.0
interfaces interface 12.0
interfaces interface 13.0
interfaces interface 14.0
interfaces interface 15.0
interfaces interface 16.0
interfaces interface 17.0
interfaces interface 18.0
interfaces interface 19.0
interfaces interface 20.0
interfaces interface mgmt
interfaces interface test-lag
Display information only about interface 2.0:
appliance-1# show interfaces interface 2.0
interfaces interface 2.0
state name 2.0
state type ethernetCsmacd
state mtu 9600
state enabled true
state ifindex 24
state oper-status DOWN
state counters in-octets 0
state counters in-unicast-pkts 0
state counters in-broadcast-pkts 0
state counters in-multicast-pkts 0
state counters in-discards 0
state counters in-errors 0
state counters in-fcs-errors 0
state counters out-octets 0
state counters out-unicast-pkts 0
state counters out-broadcast-pkts 0
state counters out-multicast-pkts 0
state counters out-discards 0
state counters out-errors 0
state forward-error-correction auto
state lacp_state LACP_DEFAULTED
ethernet state port-speed SPEED_100GB
ethernet state hw-mac-address 00:94:a1:69:34:12
ethernet state counters in-mac-control-frames 0
ethernet state counters in-mac-pause-frames 0
ethernet state counters in-oversize-frames 0
ethernet state counters in-jabber-frames 0
ethernet state counters in-fragment-frames 0
ethernet state counters in-8021q-frames 0
ethernet state counters in-crc-errors 0
ethernet state counters out-mac-control-frames 0
ethernet state counters out-mac-pause-frames 0
ethernet state counters out-8021q-frames 0
ethernet state flow-control rx on
Display information about a LAG interface named test-lag:
appliance-1# show interfaces interface test-lag
interfaces interface test-lag
state name test-lag
state type ieee8023adLag
state mtu 9600
state oper-status DOWN
state forward-error-correction auto
aggregation state lag-type STATIC
aggregation state lag-speed 0
aggregation state distribution-hash src-dst-ipport
aggregation state mac-address 00:94:a1:69:34:26
aggregation state lagid 1
MEMBER MEMBER
NAME STATUS
----------------
1.0 DOWN
COMMAND
show lacp
DESCRIPTION
Display the current LACP configuration and state information for global and all LACP interfaces.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display information about configured LACP interfaces:
appliance-1# show lacp
lacp state system-id-mac 00:94:a1:69:34:23
lacp interfaces interface lacp-test
state name lacp-test
state interval SLOW
state lacp-mode ACTIVE
COMMAND
show lacp interfaces
DESCRIPTION
Show current LACP state for all LACP interfaces.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.system-priority and the stack MAC address.COMMAND
show lacp interfaces interface
DESCRIPTION
Show current LACP config and state information for an LACP interface.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display information about the testLAG interface:
appliance-1# show lacp interfaces interface testLAG
lacp interfaces interface testLAG
state name testLAG
state interval FAST
state lacp-mode ACTIVE
state system-id-mac 0:94:a1:8e:4c:8
COMMAND
show lacp state
DESCRIPTION
Display global LACP state information.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.system-priority and the stack MAC address.EXAMPLE
Display the global state of LACP:
appliance-1# show lacp state
lacp state system-id-mac 00:94:a1:66:e0:08
COMMAND show lldp
DESCRIPTION Display the information about Link Layer Discovery Protocol (LLDP) on the system.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLES
Display all LLDP information:
appliance-1# show lldp
lldp state enabled
lldp state chassis-id f5-abcd-efgh
lldp state chassis-id-type LOCAL
lldp interfaces interface 1.0
state name 1.0
state enabled
state counters frame-in 0
state counters frame-out 4202
Show whether LLDP is enabled or disabled:
appliance-1# show lldp state enabled
lldp state enabled
COMMAND show parser
DESCRIPTION Display information about available commands and their syntax.
ARGUMENTS
EXAMPLE
Display information about all commands:
appliance-1# show parser dump
autowizard [false/true]
cd <Dir>
cd
clear history
compare file <File> [brief]
compare file <File> [brief] SNMP-COMMUNITY-MIB snmpCommunityTable snmpCommunityEntry
compare file <File> [brief] SNMP-NOTIFICATION-MIB snmpNotifyTable snmpNotifyEntry
compare file <File> [brief] SNMP-TARGET-MIB snmpTargetAddrTable snmpTargetAddrEntry
compare file <File> [brief] SNMP-TARGET-MIB snmpTargetParamsTable snmpTargetParamsEntry
compare file <File> [brief] SNMP-USER-BASED-SM-MIB usmUserTable usmUserEntry
compare file <File> [brief] SNMP-VIEW-BASED-ACM-MIB vacmAccessTable vacmAccessEntry
compare file <File> [brief] SNMP-VIEW-BASED-ACM-MIB vacmSecurityToGroupTable vacmSecurityToGroupEntry
compare file <File> [brief] SNMP-VIEW-BASED-ACM-MIB vacmViewTreeFamilyTable vacmViewTreeFamilyEntry
compare file <File> [brief] SNMPv2-MIB snmp snmpEnableAuthenTraps
compare file <File> [brief] SNMPv2-MIB system sysContact
compare file <File> [brief] SNMPv2-MIB system sysLocation
compare file <File> [brief] SNMPv2-MIB system sysName
compare file <File> [brief] cluster disk-usage-threshold config critical-limit
compare file <File> [brief] cluster disk-usage-threshold config error-limit
compare file <File> [brief] cluster disk-usage-threshold config growth-rate-limit
compare file <File> [brief] cluster disk-usage-threshold config interval
compare file <File> [brief] cluster disk-usage-threshold config warning-limit
compare file <File> [brief] cluster nodes node
compare file <File> [brief] components component
compare file <File> [brief] fdb mac-table entries entry
compare file <File> [brief] file config concurrent-operations-limit
compare file <File> [brief] file known-hosts known-host
compare file <File> [brief] fpga-tables xbar-ports xbar-port
compare file <File> [brief] interfaces interface
compare file <File> [brief] lacp config system-priority
compare file <File> [brief] lacp interfaces interface
compare file <File> [brief] lldp config disabled
compare file <File> [brief] lldp interfaces interface
compare file <File> [brief] port-mappings port-mapping
compare file <File> [brief] portgroups portgroup
compare file <File> [brief] stp global config
compare file <File> [brief] stp interfaces interface
compare file <File> [brief] stp mstp config hold-count
compare file <File> [brief] stp mstp mst-instances mst-instance
compare file <File> [brief] stp rstp config hold-count
compare file <File> [brief] stp rstp interfaces interface
compare file <File> [brief] stp stp config hold-count
compare file <File> [brief] stp stp interfaces interface
...
COMMAND show port-mappings
DESCRIPTION Display information about port mappings.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLES
Display information about all pipelines:
appliance-1# show port-mappings port-mapping pipeline
NUM
CAPACITY ALLOCATED OVERSUBSCRIBE ALLOCATED MAX
NAME INDEX PIPELINE GROUP BW BW STATUS PORTS PORTS PORTS
-----------------------------------------------------------------------------------------------------------------------------
appliance-1 PIPELINE-1 PIPELINEGROUP-1 100 200 OVERSUBSCRIBED 5 8 [ 1.0 3.0 4.0 5.0 6.0 ]
PIPELINE-2 PIPELINEGROUP-1 100 200 OVERSUBSCRIBED 5 8 [ 10.0 2.0 7.0 8.0 9.0 ]
default-2 PIPELINE-3 PIPELINEGROUP-2 100 200 OVERSUBSCRIBED 5 8 [ 11.0 13.0 14.0 15.0 16.0 ]
PIPELINE-4 PIPELINEGROUP-2 100 200 OVERSUBSCRIBED 5 8 [ 12.0 17.0 18.0 19.0 20.0 ]
COMMAND show portgroups
DESCRIPTION Display information about portgroups.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLES
Display all information about portgroup 1:
appliance-1# show portgroups portgroup 1
portgroups portgroup 1
state vendor-name "F5 INC."
state vendor-oui 009065
state vendor-partnum "OPT-0031 "
state vendor-revision A0
state vendor-serialnum "X1KA007 "
state transmitter-technology "850 nm VCSEL"
state media 100GBASE-SR4
state optic-state QUALIFIED
state ddm rx-pwr low-threshold alarm -14.0
state ddm rx-pwr low-threshold warn -11.0
state ddm rx-pwr instant val-lane1 -2.9
state ddm rx-pwr instant val-lane2 -2.8
state ddm rx-pwr instant val-lane3 -2.76
state ddm rx-pwr instant val-lane4 -2.92
state ddm rx-pwr high-threshold alarm 3.4
state ddm rx-pwr high-threshold warn 2.4
state ddm tx-pwr low-threshold alarm -10.0
state ddm tx-pwr low-threshold warn -8.0
state ddm tx-pwr instant val-lane1 -1.19
state ddm tx-pwr instant val-lane2 -0.98
state ddm tx-pwr instant val-lane3 -0.98
state ddm tx-pwr instant val-lane4 -1.1
state ddm tx-pwr high-threshold alarm 5.0
state ddm tx-pwr high-threshold warn 3.0
state ddm temp low-threshold alarm -5.0
state ddm temp low-threshold warn 0.0
state ddm temp instant val 33.3359
state ddm temp high-threshold alarm 75.0
state ddm temp high-threshold warn 70.0
state ddm bias low-threshold alarm 0.003
state ddm bias low-threshold warn 0.005
state ddm bias instant val-lane1 0.00746
state ddm bias instant val-lane2 0.00754
state ddm bias instant val-lane3 0.00753
state ddm bias instant val-lane4 0.007516
state ddm bias high-threshold alarm 0.013
state ddm bias high-threshold warn 0.011
state ddm vcc low-threshold alarm 2.97
state ddm vcc low-threshold warn 3.135
state ddm vcc instant val 3.2288
state ddm vcc high-threshold alarm 3.63
state ddm vcc high-threshold warn 3.465
Display only the optic-state of portgroup 2:
appliance-1# show portgroups portgroup 2 state optic-state
state optic-state QUALIFIED
COMMAND show restconf-state
DESCRIPTION Display capabilities supported by the RESTCONF server.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display all supported capabilities:
appliance-1# show restconf-state
restconf-state capabilities capability urn:ietf:params:restconf:capability:defaults:1.0?basic-mode=report-all
restconf-state capabilities capability urn:ietf:params:restconf:capability:depth:1.0
restconf-state capabilities capability urn:ietf:params:restconf:capability:fields:1.0
restconf-state capabilities capability urn:ietf:params:restconf:capability:with-defaults:1.0
restconf-state capabilities capability urn:ietf:params:restconf:capability:filter:1.0
restconf-state capabilities capability urn:ietf:params:restconf:capability:replay:1.0
restconf-state capabilities capability urn:ietf:params:restconf:capability:yang-patch:1.0
restconf-state capabilities capability http://tail-f.com/ns/restconf/collection/1.0
restconf-state capabilities capability http://tail-f.com/ns/restconf/query-api/1.0
restconf-state capabilities capability http://tail-f.com/ns/restconf/unhide/1.0
COMMAND show running-config
DESCRIPTION Display the current configuration for the system. By default, the whole configuration is displayed. You can limit what is shown by supplying a pathfilter. The pathfilter may be either a path pointing to a specific instance, or if an instance id is omitted, the part following the omitted instance is treated as a filter.
ARGUMENTS
For information about these arguments, see these sections on the show-SNMP-FRAMEWORK-MIB page.
EXAMPLE
Display the current running configuration for file operations:
appliance-1# show running-config file
file config concurrent-operations-limit 5
Display information about interface 11.0:
appliance-1# show running-config interfaces interface 11.0
interfaces interface 11.0
config name 11.0
config type ethernetCsmacd
config enabled
COMMAND show service-instances
DESCRIPTION
Services are deployed for system features such as the Link Aggregation Control Protocol, Spanning Tree Protocol, etc., as well as for tenants deployed on the system. A service might have multiple instances.
This command displays all the service instances on the system.
IMPORTANT: The detailed information displayed by this command is intended for use by F5 support engineers, rather than by end users.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLES
Display the service-type value for each service-instance:
appliance-1# show service-instances service-instance service-type | tab
SLOT INSTANCE
TENANT NAME ID ID SERVICE TYPE
---------------------------------------------------
L2HostLearn 1 4291376965 ST_SYSTEM_SERVICE
L2HostLearn 1 4291376966 ST_SYSTEM_SERVICE
SwRbcaster-1 1 3100278637 ST_SYSTEM_SERVICE
lacpd 1 3495072231 ST_SYSTEM_SERVICE
lldpd 1 2423009794 ST_SYSTEM_SERVICE
stpd 1 3777547480 ST_SYSTEM_SERVICE
COMMAND show service-pods
DESCRIPTION
A system service is deployed in a Pod.
IMPORTANT: The detailed information displayed by this command is intended for use by F5 support engineers, rather than by end users.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLES
Display information about the pod image version:
appliance-1# show service-pods service-pod pod-image-version
SERVICE NAME POD IMAGE VERSION
--------------------------------------------------------------------------------
compute 1.0.17
coredns 1.8.3
helper-job-hnet-big-ip-1 5.1.0-appliance-master.2021-09-21-14-38-09.Sf319b34d
kube-flannel 0.13.0
kube-multus 3.6.0
lb-port-443 v0.2.0
local-path-provisioner v0.0.19
metrics-server v0.3.6
pause 3.1
traefik-ingress-lb 2.4.8
virt-api 1.0.17
virt-controller 1.0.17
virt-handler 1.0.17
COMMAND show services
DESCRIPTION
Services are deployed for system features such as the Link Aggregation Control Protocol, Spanning Tree Protocol, etc., as well as for tenants deployed on the system.
IMPORTANT: The detailed information displayed by this command is intended for use by F5 support engineers, rather than by end users.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLES
Display information about services:
appliance-1# show services
USE USE
SERVICE HASH FIELD FULL TUNNEL IP HASH FIELD FULL TUNNEL IP TENANT
ID ALG SELECT MASK MASK SELECT PROTO ALG SELECT MASK MASK SELECT PROTO NAME
-----------------------------------------------------------------------------------------------------
8 dagv2 port true outer false dagv2 port true outer false big-ip
COMMAND
show stp
DESCRIPTION
Displays the state of Spanning Tree Protocol (STP) on the system.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLES
Display all STP information:
appliance-1# show SNMP-FRAMEWORK-MIB
SNMP-FRAMEWORK-MIB snmpEngine snmpEngineID 80:00:61:81:05:01
SNMP-FRAMEWORK-MIB snmpEngine snmpEngineBoots 7
SNMP-FRAMEWORK-MIB snmpEngine snmpEngineTime 127740
SNMP-FRAMEWORK-MIB snmpEngine snmpEngineMaxMessageSize 50000
appliance-1# show stp
stp global state enabled-protocol [ STP ]
stp rstp state hold-count 6
stp mstp state hold-count 6
stp stp state hello-time 2
stp stp state max-age 20
stp stp state forwarding-delay 15
stp stp state hold-count 6
stp stp state bridge-priority 32768
stp stp state bridge-address 0:94:a1:69:34:23
stp stp state designated-root-priority 32768
stp stp state designated-root-address 0:94:a1:69:34:23
stp stp state root-port 0
stp stp state root-cost 0
stp stp state topology-changes 0
stp stp state time-since-topology-change 1641442985
Display only STP information:
appliance-1# show stp stp
stp stp state hello-time 2
stp stp state max-age 20
stp stp state forwarding-delay 15
stp stp state hold-count 6
stp stp state bridge-priority 32768
stp stp state bridge-address 0:94:a1:69:34:23
stp stp state designated-root-priority 32768
stp stp state designated-root-address 0:94:a1:69:34:23
stp stp state root-port 0
stp stp state root-cost 0
stp stp state topology-changes 0
stp stp state time-since-topology-change 1641443111
COMMAND
show stp global state enabled-protocol
DESCRIPTION
Display which STP protocol is currently enabled for the system. There is either one enabled protocol per system or none.
EXAMPLE
Display the currently-enabled protocol:
appliance-1# show stp global state enabled-protocol
stp global state enabled-protocol [ STP ]
COMMAND
show stp interfaces interface
DESCRIPTION
Display information about configured STP interfaces, including the current link type and edge port status.
ARGUMENTS
EXAMPLE
Display information about all configured STP interfaces:
appliance-1# show stp interfaces
LINK
NAME NAME EDGE PORT TYPE
----------------------------------
1.0 1.0 EDGE_DISABLE P2P
COMMAND
show stp mstp
DESCRIPTION
Display all system state related to the MSTP protocol. These fields are populated only when the STP global enabled-protocol is MSTP.
EXAMPLE
Display MSTP information:
appliance-1# show stp mstp
stp mstp state name 32768:0:94:a1:69:34:23
stp mstp state revision 0
stp mstp state max-hop 20
stp mstp state hello-time 2
stp mstp state max-age 20
stp mstp state forwarding-delay 15
stp mstp state hold-count 6
COMMAND
show stp mstp mst-instances
DESCRIPTION
Display all configured MST instances and their state.
EXAMPLE
Display information about all configured MST instances:
appliance-1# show stp mstp mst-instances
stp mstp mst-instances mst-instance 1
state mst-id 1
state bridge-priority 32768
state designated-root-priority 32768
state designated-root-address 0:94:a1:69:34:23
state root-port 0
state root-cost 0
state topology-changes 0
state time-since-topology-change 1641443429
COMMAND
show stp mstp mst-instances mst-instance
DESCRIPTION
Display information about a specific MST instance and its state. You can optionally specify the interfaces attribute, which lists interfaces configured for this MST instance and their respective spanning-tree state.
EXAMPLE
Display information about mst-instance 555:
appliance-1# show stp mstp mst-instances mst-instance 555
stp mstp mst-instances mst-instance 555
state mst-id 555
state vlan [ 555 ]
state bridge-priority 61440
state designated-root-priority 61440
state designated-root-address 0:94:a1:8d:18:8
state root-port 0
state root-cost 0
state topology-changes 1
state time-since-topology-change 396
COMMAND
show stp mstp state
DESCRIPTION
Display the global state for the MSTP protocol. You can optionally specify a single attribute. Available options are:
EXAMPLE
Display information about the global state for MSTP:
appliance-1# show stp mstp state
stp mstp state name 32768:0:94:a1:69:34:23
stp mstp state revision 0
stp mstp state max-hop 20
stp mstp state hello-time 2
stp mstp state max-age 20
stp mstp state forwarding-delay 15
stp mstp state hold-count 6
COMMAND
show stp rstp
DESCRIPTION
Display all system state related to the RSTP protocol. These fields are populated only when the stp global enabled-protocol is RSTP.
EXAMPLE
Display RSTP information:
appliance-1# show stp rstp
stp rstp state hello-time 2
stp rstp state max-age 20
stp rstp state forwarding-delay 15
stp rstp state hold-count 6
stp rstp state bridge-priority 32768
stp rstp state bridge-address 0:94:a1:69:34:23
stp rstp state designated-root-priority 32768
stp rstp state designated-root-address 0:94:a1:69:34:23
stp rstp state root-port 0
stp rstp state root-cost 0
stp rstp state topology-changes 0
stp rstp state time-since-topology-change 1641443732
COMMAND
show stp rstp interfaces interface
DESCRIPTION
Display information about configured RSTP interfaces
EXAMPLE
Display information about all configured RSTP interfaces:
appliance-1# show stp rstp interfaces
stp rstp interfaces interface 1.0
state name 1.0
state port-priority 128
state port-num 1
state port-state BLOCKING
stp rstp interfaces interface 11.0
state name 11.0
state port-priority 128
state port-num 11
state port-state FORWARDING
COMMAND
show stp stp
DESCRIPTION
Display all system state related to the STP protocol. These fields are only populated
when the STP global enabled-protocol is STP.
EXAMPLE
appliance-1# show stp stp
stp stp state hello-time 2
stp stp state max-age 20
stp stp state forwarding-delay 15
stp stp state hold-count 6
stp stp state bridge-priority 32768
stp stp state bridge-address 0:94:a1:69:34:23
stp stp state designated-root-priority 32768
stp stp state designated-root-address 0:94:a1:69:34:23
stp stp state root-port 0
stp stp state root-cost 0
stp stp state topology-changes 0
stp stp state time-since-topology-change 1641443885
COMMAND
show stp stp interfaces
DESCRIPTION
Display all system state related to interfaces configured for the STP protocol.
EXAMPLE
appliance-1# show stp stp interfaces
stp stp interfaces interface 1.0
state name 1.0
state port-priority 128
state port-num 1
state port-state BLOCKING
stp stp interfaces interface 2.0
state name 2.0
state port-priority 128
state port-num 2
state port-state FORWARDING
appliance-1#
COMMAND
show stp stp interfaces interface
DESCRIPTION
Display information about configured STP interfaces.
EXAMPLE
Display information about STP interface 1.0:
appliance-1# show stp stp interfaces interface 1.0
stp stp interfaces interface 1.0
state name 1.0
state port-priority 128
state port-num 1
state port-state BLOCKING
state designated-root-priority 0
state designated-root-address 0:0:0:0:0:0
state designated-cost 0
state designated-bridge-priority 0
state designated-bridge-address 0:0:0:0:0:0
state designated-port-num 0
state forward-transisitions 0
state counters bpdu-sent 0
state counters bpdu-received 0
COMMAND
show stp stp state
DESCRIPTION
Display any global state specific to the STP protocol. You can optionally specify a single attribute. Available options are:
root-port.stp rstp interfaces interface {name} state port-num.EXAMPLE
Display information about the global state for STP:
appliance-1# show stp stp state
stp stp state hello-time 2
stp stp state max-age 20
stp stp state forwarding-delay 15
stp stp state hold-count 6
stp stp state bridge-priority 32768
stp stp state bridge-address 0:94:a1:69:34:23
stp stp state designated-root-priority 32768
stp stp state designated-root-address 0:94:a1:69:34:23
stp stp state root-port 0
stp stp state root-cost 0
stp stp state topology-changes 0
stp stp state time-since-topology-change 1641443966
COMMAND show system aaa
DESCRIPTION Display system user authentication information, including information about roles, users, primary key, server groups, and TLS.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display the default system accounts:
appliance-1# show system aaa authentication
LAST TALLY EXPIRY
USERNAME CHANGE COUNT DATE ROLE
-----------------------------------------------------
admin 2021-11-08 0 -1 admin
big-ip 0 0 1 tenant-console
root 2021-11-08 0 -1 root
ROLENAME GID USERS
-----------------------------
admin 9000 -
operator 9001 -
root 0 -
tenant-console 9100 -
Display information for the primary key:
appliance-1# show system aaa primary-key
Show the TLS certificate:
appliance-1# show system aaa tls state certificate
Show the current CRLs in the system:
appliance-1# show system aaa tls crls crl
COMMAND show system alarms
DESCRIPTION Display information about system alarms.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display active alarm conditions:
appliance-1# show system alarms
ID RESOURCE SEVERITY TEXT TIME CREATED
--------------------------------------------------------------------------------------------------
65793 psu-1 ERROR PSU fault detected 2021-01-01 10:39:12.113796318 UTC
COMMAND show system appliance-mode
DESCRIPTION Check the current state of appliance mode. It can be either enabled or disabled.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display the current state of appliance mode:
appliance-1# show system diagnostics ihealth
system diagnostics ihealth state username ""
system diagnostics ihealth state server https://ihealth-api.f5.com/qkview-analyzer/api/qkviews?visible_in_gui=True
system diagnostics ihealth state authserver https://api.f5.com/auth/pub/sso/login/ihealth-api
COMMAND show system clock
DESCRIPTION Display the current time configured for the system.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLES
Display the currently-configured time zone name:
appliance-1# show system clock
system clock state timezone-name Etc/UTC
system clock state appliance date-time "2022-01-06 04:54:34 America/Los_Angeles"
Display the current time for the system:
appliance-1# show system clock state appliance
system clock state appliance date-time "2022-01-06 04:51:31 America/Los_Angeles"
COMMAND show system diagnostics
DESCRIPTION Display iHealth information.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display the iHealth configuration for the system:
appliance-1# show system diagnostics ihealth
system diagnostics ihealth state username ""
system diagnostics ihealth state server https://ihealth-api.f5.com/qkview-analyzer/api/qkviews?visible_in_gui=True
system diagnostics ihealth state authserver https://api.f5.com/auth/pub/sso/login/ihealth-api
COMMAND show system dns
DESCRIPTION Display information about DNS servers configured for the system to use.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display all configured DNS servers:
appliance-1# show system dns servers
ADDRESS ADDRESS PORT
-----------------------------
192.168.10.1 - 53
192.168.11.1 - 53
COMMAND show system events
DESCRIPTION Display information about system events.
EXAMPLE
Display system events:
appliance-1# show system events
system events event
log "65550 appliance firmware-update-status EVENT NA \"Firmware update is running for sirr \" \"2021-11-08 21:49:27.507242294 UTC\""
system events event
log "65550 appliance firmware-update-status EVENT NA \"Firmware update completed for sirr \" \"2021-11-08 21:49:29.505202936 UTC\""
system events event
log "65550 appliance firmware-update-status EVENT NA \"Firmware update is running for atse 1\" \"2021-11-08 21:49:29.511148376 UTC\""
...
COMMAND show system health
DESCRIPTION Display health information about system components.
ARGUMENTS
The availability of options for this command depends on the hardware component for which you want to view health information.
EXAMPLES
Display high-level hardware health state for the fan tray:
appliance-1# show system health components component fantray hardware state
KEY NAME HEALTH SEVERITY
--------------------------------------------------------
appliance/hardware/fantray Fan Tray ok info
Display health information about system memory:
appliance-1# show system health components component appliance hardware appliance/hardware/memory
hardware appliance/hardware/memory
state name Memory
state health ok
state severity info
NAME DESCRIPTION HEALTH SEVERITY VALUE UPDATED AT
--------------------------------------------------------------------------------------------------------------------
memory:sensor:temperature Memory DIMM temperature (C) ok info 2021-11-08T21:49:10Z
rasdaemon:mc:corrected:event RAS Daemon MC corrected event ok info 0 2022-01-06T05:13:24Z
rasdaemon:mc:fatal:event RAS Daemon MC fatal event ok info 0 2022-01-06T05:13:24Z
rasdaemon:mc:uncorrected:event RAS Daemon MC uncorrected event ok info 0 2022-01-06T05:13:24Z
v6h:thermal-fault:vddq-abcd-vr-hot VDDQ_ABCD_VR_HOT thermal fault ok info 0 2022-01-04T16:53:23Z
v6h:thermal-fault:vddq-efgh-vr-hot VDDQ_EFGH_VR_HOT thermal fault ok info 0 2022-01-04T16:53:23Z
Display the status of the tcpdump service on the system:
appliance-1# show system health components component appliance services appliance/services/tcpdumpd_manager
services appliance/services/tcpdumpd_manager
state name tcpdumpd_manager
state health ok
state severity info
NAME DESCRIPTION HEALTH SEVERITY VALUE UPDATED AT
----------------------------------------------------------------------------------------------------------------------------
container:event:attach Container attach event ok info 0 2021-11-08T21:49:26Z
container:event:die Container die event ok info 0 2021-11-08T21:49:26Z
container:event:exec-create Container exec create event ok info 0 2021-11-19T22:56:26Z
container:event:exec-detach Container exec detach event ok info 0 2021-11-08T21:49:26Z
container:event:exec-die Container exec die event ok info 0 2021-11-08T21:49:26Z
container:event:exec-start Container exec start event ok info 0 2021-11-19T22:56:26Z
container:event:kill Container kill event ok info 0 2021-12-04T00:19:35Z
container:event:restart Container restart event ok info 0 2022-01-04T16:53:24Z
container:event:restart-last-hour Container restart count in the last hour ok info 0 2021-11-08T21:49:26Z
container:event:start Container start event ok info 0 2021-11-08T21:49:26Z
container:event:stop Container stop event ok info 0 2021-11-08T21:49:26Z
container:running Container running ok info true 2022-01-06T05:13:24Z
COMMAND show system image
DESCRIPTION Display information about the installed Base OS image on the system.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLES
Display the currently-installed Base OS image on the system:
appliance-1# show system image install
system image state install install-os-version 1.0.0-11432
system image state install install-service-version 1.0.0-11432
system image state install install-status success
Display information about all imported Base OS images:
appliance-1# show system image
IN
VERSION OS STATUS DATE USE
----------------------------------------
1.0.0-10234 ready 2021-10-05 false
1.0.0-11432 ready 2021-12-03 true
VERSION IN
SERVICE STATUS DATE USE
----------------------------------------
1.0.0-10234 ready 2021-10-05 false
1.0.0-11432 ready 2021-12-03 true
IN
VERSION ISO STATUS DATE USE
----------------------------------------
1.0.0-10234 ready 2021-10-05 false
1.0.0-11432 ready 2021-12-03 false
COMMAND show system licensing
DESCRIPTION Display information about system license.
EXAMPLE
Display information about the license activated on the system (Note that actual license key values are not shown below):
appliance-1# show system licensing
system licensing license
Licensed version 1.0.0
Registration Key XXXXX-XXXXX-XXXXX-XXXXX-XXXXXXX
Licensed date 2021/12/17
License start 2021/10/06
License end 2022/02/04
Service check date 2022/01/05
Platform ID C128
Appliance SN f5-abcd-efgh
Active Modules
Local Traffic Manager, r10900 (XXXXXXX-XXXXXXX)
FIX Low Latency
LTM to Best Upgrade, r109XX
Carrier-Grade NAT, r10XXX
BIG-IP, DNS and GTM Upgrade (1K TO MAX)
Rate Shaping
DNSSEC
Anti-Virus Checks
Base Endpoint Security Checks
Firewall Checks
Machine Certificate Checks
Network Access
Protected Workspace
Secure Virtual Keyboard
APM, Web Application
App Tunnel
Remote Desktop
DNS Rate Fallback, Unlimited
DNS Licensed Objects, Unlimited
DNS Rate Limit, Unlimited QPS
GTM Rate Fallback, (UNLIMITED)
GTM Licensed Objects, Unlimited
GTM Rate, Unlimited
Carrier Grade NAT (AFM ONLY)
APM, Limited
Routing Bundle
Protocol Security Manager
Access Policy Manager, Base, r109XX
Advanced Web Application Firewall, r10XXX
Max SSL, r10900
Max Compression, r10900
Advanced Firewall Manager, r10XXX
DNS Max, rSeries
COMMAND show system locator
DESCRIPTION Display whether the system locator function is enabled. This function illuminates the F5 logo ball so that you can more easily locate a chassis in a data center.
EXAMPLE
Display whether the system locator is enabled:
appliance-1# show system locator
system locator state disabled
COMMAND show system logging
DESCRIPTION Display information about remote logging.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.COMMAND show system mgmt-ip
DESCRIPTION Display information about configured management IP addresses.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display information about all configured management IP addresses:
appliance-1# show system mgmt-ip
system mgmt-ip state ipv4 system address 192.0.2.102
system mgmt-ip state ipv4 prefix-length 24
system mgmt-ip state ipv4 gateway 192.0.2.254
system mgmt-ip state ipv6 system address ::
system mgmt-ip state ipv6 prefix-length 0
system mgmt-ip state ipv6 gateway ::
Display only the gateway for a configured IPv4 management IP address:
appliance-1# show system mgmt-ip state ipv4 gateway
system mgmt-ip state ipv4 gateway 192.0.2.254
COMMAND show system network
DESCRIPTION Display information about the configured and active internal network addresses.
ARGUMENTS
This command has no arguments.
EXAMPLE
Display information about the currently-configured internal network:
appliance-1# show system network
system network state configured-network-range-type RFC6598
system network state configured-network-range 100.64.0.0/12
system network state active-network-range-type RFC6598
system network state active-network-range 100.64.0.0/12
COMMAND show system ntp
DESCRIPTION Display the current state of the Network Time Protocol (NTP) service.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display the current state of NTP on the system:
appliance-1# show system ntp
system ntp state disabled
COMMAND show system ntp ntp-keys
DESCRIPTION Display a list of configured NTP authentication keys.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.COMMAND show system ntp servers
DESCRIPTION Displays a list of configured NTP servers.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display configured NTP servers:
appliance-1# show system ntp servers
ASSOCIATION ROOT ROOT POLL
ADDRESS ADDRESS PORT VERSION TYPE IBURST PREFER STRATUM DELAY DISPERSION OFFSET INTERVAL
----------------------------------------------------------------------------------------------------------------------
ntp.pool.org ntp.pool.org 123 4 SERVER false false - - - - -
COMMAND show system raid
DESCRIPTION Display the current state of the RAID array.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLES
Display the current status of the RAID array:
appliance-1# show system raid raid-array-status
ARRAY ARRAY
NAME BAYID SERIAL NUMBER MEMBER STATUS SIZE
----------------------------------------------------------
ssd1 0 PHLJ915001PK1R8S44 true ok 684.7G
ssd2 1 PHLJ915001Q61R8T42 true ok 684.7G
Display only the size, in GB, of the drives in the system:
appliance-1# show system raid raid-array-status drive size
NAME SIZE
---------------
ssd1 684.7G
ssd2 684.7G
COMMAND show system state
DESCRIPTION Display information about the system, such as domain name, login banner, and hostname.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLES
Display the current date and time:
appliance-1# show system state current-datetime
system state current-datetime "2022-01-06 05:58:49 America/Los_Angeles"
Display the hostname for the system:
appliance-1# show system state hostname
system state hostname appliance-1
Display the login banner for the system:
appliance-1# show system state login-banner
system state login-banner UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED
Display the message of the day (MOTD) banner for the system:
appliance-1# show system state motd-banner
system state motd-banner ATTENTION! This system is scheduled for maintenance in two days.
COMMAND show tenants
DESCRIPTION Display the state of all configured tenants in the system.
ARGUMENTS This command has no arguments.
EXAMPLE
Display the state of configured tenants on the current system:
appliance-1# show tenants
tenants tenant big-ip
state name big-ip
state unit-key-hash Cl2Hpf4K3RZXmhTEQPQ3orKjj4GsNrlCaLsOAdQ3I9c2SG6uWpan08OkIWKNOyEVnrYBvxA5TQQRaOSm/H+ftQ==
state type BIG-IP
state mgmt-ip 192.0.2.61
state prefix-length 24
state gateway 192.0.2.254
state cryptos enabled
state vcpu-cores-per-node 2
state memory 7680
state storage size 76
state running-state deployed
state mac-data base-mac 00:12:a1:34:56:b1
state mac-data mac-pool-size 1
state appliance-mode disabled
state status Starting
state primary-slot 1
state image-version "BIG-IP 15.1.4 0.0.248"
state instances instance 1
instance-id 1
phase "Allocating resources to tenant is in progress"
image-name BIGIP-bigip15.1.x-europa-15.1.45-0.0.248.ALL-F5OS.qcow2.zip.bundle
creation-time ""
ready-time ""
status " "
COMMAND
show tenants tenant
DESCRIPTION Displays the state of a specific configured tenants in the system.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display the state of a tenant named bigip:
appliance-1# show tenants tenant bigip
tenants tenant big-ip
state name big-ip
state unit-key-hash Cl2Hpf4K3RZXmhTEQPQ3orKjj4GsNrlCaLsOAdQ3I9c2SG6uWpan08OkIWKNOyEVnrYBvxA5TQQRaOSm/H+ftQ==
state type BIG-IP
state mgmt-ip 192.0.2.61
state prefix-length 24
state gateway 192.0.2.254
state cryptos enabled
state vcpu-cores-per-node 2
state memory 7680
state storage size 76
state running-state deployed
state mac-data base-mac 00:12:a1:34:56:b1
state mac-data mac-pool-size 1
state appliance-mode disabled
state status Starting
state primary-slot 1
state image-version "BIG-IP 15.1.4 0.0.248"
state instances instance 1
instance-id 1
phase "Allocating resources to tenant is in progress"
image-name BIGIP-bigip15.1.x-europa-15.1.45-0.0.248.ALL-F5OS.qcow2.zip.bundle
creation-time ""
ready-time ""
status " "
COMMAND show vlan-listeners
DESCRIPTION
Displays configured vlan-listeners. These objects are system-created and available for display for technical support purposes only.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at a depth of three below a given element will be displayed, etc. The range is from 1 to 64.vlan-listener associated with an interface and VLAN pair.EXAMPLE
Display the vlan-listener on interface 1.0 with the VLAN ID of 100:
appliance-1# show vlan-listeners vlan-listener 1.0 100
NDI SERVICE
INTERFACE VLAN ENTRY TYPE OWNER ID SVC VTC SEP DMS DID CMDS MIRRORING IDS
------------------------------------------------------------------------------------------------
1.0 100 VLAN-LISTENER tenant-1 4095 8 - 15 - - - disabled -
COMMAND show vlans
DESCRIPTION Displays configured VLAN objects.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display all configured VLANs:
appliance-1# show vlans
VLAN
ID INTERFACE
-----------------
101 internal
COMMAND abort
DESCRIPTION Abort a configuration session.
ARGUMENTS This command has no arguments.
COMMAND annotate
DESCRIPTION Associate an annotation (comment) with a given configuration or validation statement or pattern. To remove an annotation, leave the text empty.
Note: Only available when the system has been configured with attributes enabled.
ARGUMENTS
COMMAND clear
DESCRIPTION Remove all configuration changes.
ARGUMENTS
COMMAND commit
DESCRIPTION Commit the current set of changes to the running configuration.
ARGUMENTS
persist-id <id> argument.persist-id argument.COMMAND compare
DESCRIPTION Compare two configuration subtrees.
ARGUMENTS
COMMAND copy
DESCRIPTION Copy the running configuration.
ARGUMENTS
COMMAND describe
DESCRIPTION Display detailed information about a command.
ARGUMENTS
COMMAND do
DESCRIPTION Run a command in operational (user) mode.
ARGUMENTS
COMMAND end
DESCRIPTION Exit configuration mode. If no changes have been made to the configuration, you are prompted to save before exiting configuration mode.
ARGUMENTS
COMMAND exit
DESCRIPTION Exit from the current mode in the configuration or exit configuration mode completely.
ARGUMENTS
COMMAND help
DESCRIPTION Display help information about a specified command.
ARGUMENTS
COMMAND insert
DESCRIPTION Insert a parameter or element.
ARGUMENTS
COMMAND load
DESCRIPTION Load configuration from an ASCII file or from terminal.
ARGUMENTS
COMMAND move
DESCRIPTION Move an element or parameter.
ARGUMENTS
COMMAND no
DESCRIPTION Delete or unset a configuration command.
ARGUMENTS
COMMAND pwd
DESCRIPTION Display the current path in the configuration hierarchy.
ARGUMENTS This command has no arguments.
COMMAND rename
DESCRIPTION Rename an instance.
ARGUMENTS
COMMAND resolved
DESCRIPTION Indicate that conflicts have been resolved.
ARGUMENTS This command has no arguments.
COMMAND revert
DESCRIPTION Copy the running configuration.
ARGUMENTS
COMMAND rollback
DESCRIPTION Returns the configuration to a previously committed configuration.
ARGUMENTS
EXAMPLES
Return to the configuration changes made in rollback versions 0 and 1:
appliance-1(config)# rollback configuration 1
Return to the configuration changes made only in rollback version 1:
appliance-1(config)# rollback selective 1
COMMAND save
DESCRIPTION Save the whole or parts of the current configuration to a file.
ARGUMENTS
COMMAND service
DESCRIPTION
Configures the CLI prompt. By default, the CLI prompt consists of the system name followed by an angle bracket (>) for user mode or a pound sign (#) for privileged mode. Use the the prompt string or the no service prompt config command to customize the CLI prompt for your system.
ARGUMENTS
COMMAND show
DESCRIPTION Display a specified parameter.
ARGUMENTS
COMMAND tag
DESCRIPTION Configure statement tags.
ARGUMENTS
COMMAND top
DESCRIPTION Exit to the top level of the configuration hierarchy. You can optionally run a command after exiting to the top level.
ARGUMENTS
COMMAND validate
DESCRIPTION
Verify that the candidate configuration contains no errors. This performs the same operation as commit check.
ARGUMENTS This command has no arguments.
COMMAND cluster nodes node
DESCRIPTION Configure whether a node is enabled or disabled on the system.
ARGUMENTS
EXAMPLE
Disable node-1 on the system:
appliance-1(config)# cluster nodes node node-1 config disabled
COMMAND cluster nodes node reboot
DESCRIPTION Reboot a node on the system.
ARGUMENTS
This command has no arguments.
COMMAND cluster disk-usage-threshold
DESCRIPTION Configure options for triggering disk usage alarms.
ARGUMENTS
COMMAND components
DESCRIPTION
Configure properties for hardware components.
ARGUMENTS
The availability of options for this command depends on which hardware component you are configuring.
COMMAND file config concurrent-operations-limit
DESCRIPTION Specify how many concurrent file operations are allowed at a time.
ARGUMENTS
EXAMPLE
Limit the number of concurrent file operations to 10:
appliance-1-active# file config concurrent-operations-limit 10
COMMAND file known-hosts known-host
DESCRIPTION
Add the IP address (and therefore, the public key) of a specified remote-host to the system known_hosts file.
ARGUMENTS
COMMAND file import
DESCRIPTION
Transfer a remote file to the system. These directories are available for use for file import operations on the system:
ARGUMENTS
EXAMPLE
Transfer a file named myfile.iso from the remote host files.company.com on port 443 to the images/staging directory on the system:
appliance-1(config)# file import local-file images/staging remote-file images/myfile.iso remote-host files.company.com remote-port 443
result File transfer is initiated.(images/staging/myfile.iso)
COMMAND file export
DESCRIPTION
Transfer a file from the system to a remote system. These directories are available for use for file export operations on the system:
EXAMPLE
Transfer a file named appliance.log from the local host to the /home/jdoe/ directory at files.company.com, using the username jdoe:
appliance-1(config)# file export local-file log/host/appliance.log remote-host files.company.com remote-file home/jdoe/appliance.log username jdoe password
Value for 'password' (<string>): *********
result File transfer is initiated.(log/host/appliance.log)
COMMAND file delete
DESCRIPTION
Delete a specified file from the system. You can use file delete only on files in the diags/shared and core directories.
ARGUMENTS
EXAMPLE
Delete a specified QKView file from the system:
appliance-1(config)# file delete file-name diags/shared/qkview/qkview.tar
result Deleting the file
COMMAND file list
DESCRIPTION Display a list of directories and files in a specified path.
ARGUMENTS
EXAMPLE
Display a list of files in images/staging:
appliance-1(config)# file list path images/staging
entries {
name
R2R4.1.1.0-5810.iso
}
COMMAND file show
DESCRIPTION Display the contents of a specified file. This command works only in operational mode, not config mode.
ARGUMENTS
EXAMPLE
Display the contents of the file log/appliance.log:
appliance-1# file show log/host/appliance.log
2022-04-07 15:05:27.612513079 - Registry port is 2000 for orchestration-manager
2022-04-07 22:05:35.755369 - OMD log is initialized
2022-04-07 22:05:35.755369 - 8:-2304 - applianceMainEventLoop::Orchestration manager startup.
2022-04-07 22:05:35.760751 - 8:-16787712 - Can now ping appliance-1.chassis.local (100.65.60.1).
2022-04-07 22:10:51.269193 - 8:-2304 - Waiting for connectivity checks on System.
2022-04-07 22:11:07.949118 - 8:-16787712 - Successfully ssh'd to appliance 127.0.0.1.
2022-04-07 22:11:12.856712 - 8:-2304 - Connectivity checks passed for System.
2022-04-07 22:12:16.603387 - 8:-2304 - K3S cluster installation in appliance is succeeded.
appliance-flannel_image|localhost:2000/appliance-flannel:0.13.0
...
COMMAND file tail
DESCRIPTION Display only the last 10 lines of a specified file. This command works only in operational mode, not config mode.
ARGUMENTS
EXAMPLES
Display only the last 10 lines of log/host/appliance.log:
appliance-1# file tail log/host/appliance.log
Upgrade found appliance-flannel_image|localhost:2001/appliance-flannel:0.13.0
appliance-multus_image|localhost:2001/appliance-multus:3.6.0
Upgrade found appliance-multus_image|localhost:2001/appliance-multus:3.6.0
2021-11-10 17:33:36.195643 - 8:695531264 - K3s IMAGE update is succeeded.
2021-11-11 21:46:29.832495 - 8:469759744 - K3S cluster is NOT ready.
2021-11-11 21:46:52.979390 - 8:695531264 - K3S cluster is ready.
2021-11-12 21:45:04.247298 - 8:695531264 - K3S cluster is NOT ready.
2021-11-12 21:45:27.427003 - 8:695531264 - K3S cluster is ready.
2021-11-13 03:57:32.937910 - 8:469759744 - Failed to ssh to 127.0.0.1.
2021-11-13 03:58:03.353815 - 8:469759744 - Successfully ssh'd to appliance 127.0.0.1.
Display the last 10 lines of log/host/appliance.log and keep appending output as the file grows:
appliance-1(config)# file tail -f log/host/appliance.log
Upgrade found appliance-flannel_image|localhost:2001/appliance-flannel:0.13.0
appliance-multus_image|localhost:2001/appliance-multus:3.6.0
Upgrade found appliance-multus_image|localhost:2001/appliance-multus:3.6.0
2021-11-10 17:33:36.195643 - 8:695531264 - K3s IMAGE update is succeeded.
2021-11-11 21:46:29.832495 - 8:469759744 - K3S cluster is NOT ready.
2021-11-11 21:46:52.979390 - 8:695531264 - K3S cluster is ready.
2021-11-12 21:45:04.247298 - 8:695531264 - K3S cluster is NOT ready.
2021-11-12 21:45:27.427003 - 8:695531264 - K3S cluster is ready.
2021-11-13 03:57:32.937910 - 8:469759744 - Failed to ssh to 127.0.0.1.
2021-11-13 03:58:03.353815 - 8:469759744 - Successfully ssh'd to appliance 127.0.0.1.
Display only the last five lines of log/appliance.log:
appliance-1# file tail -n 5 log/host/appliance.log
No Image Changes Found for normal reboot
sriov-cni_image|localhost:2000/sriov-cni:1.0.2
No Image Changes Found for normal reboot
sriov-network-device-plugin_image|localhost:2000/sriov-network-device-plugin:1.0.0
No Image Changes Found for normal reboot
COMMAND file transfer-status
DESCRIPTION Display the status of file transfer operations. This command works in both operational mode and config mode.
ARGUMENTS
EXAMPLE
Check the status of file transfers:
appliance-1(config)# file transfer-status
result
S.No.|Operation |Protocol|Local File Path |Remote Host |Remote File Path |Status
1 |Import file|HTTPS |images/staging/myfile.iso |files.company.com |images/myfile.iso |In Progress (15.0%)
````
COMMAND images remove
DESCRIPTION Remove tenant image.
ARGUMENTS
EXAMPLE
Remove the .bundle file named BIGIP-15.1.5-0.0.11.ALL-F5OS.zip.bundle:
appliance-1(config)# images remove name BIGIP-15.1.5-0.0.11.ALL-F5OS.zip.bundle
result Successful.
COMMAND interfaces interface
DESCRIPTION Configure network interface attributes.
ARGUMENTS
ieee8023adLag when creating LAG interfaces.EXAMPLE
Configure a description for interface 1.0 and verify that it was configured correctly:
appliance-1(config)# interfaces interface 1.0 config description "100G Link"
appliance-1(config-interface-1/1.0)# commit
Commit complete.
appliance-1(config-interface-1.0)# exit
appliance-1(config)# end
appliance-1# show running-config interfaces interface 1.0 config
interfaces interface 1/1.0
config name 1.0
config type ethernetCsmacd
config description "100G Link"
config enabled
!
COMMAND interfaces interface <lag-name> aggregation config
DESCRIPTION Configure link aggregation groups (LAGs) and their attributes.
ARGUMENTS
EXAMPLE
Create a LAG named test-lag that uses dst-mac for the hash, assign trunk VLAN IDs 99 and 101, and then verify that it was configured correctly:
appliance-1(config)# interfaces interface test-lag aggregation config distribution-hash dst-mac
appliance-1(config)# commit
appliance-1(config)# interfaces interface test-lag aggregation switched-vlan config trunk-vlans [ 99 101 ]
appliance-1(config)# commit
appliance-1# show running-config interfaces interface test-lag aggregation switched-vlan config
interfaces interface test-lag
aggregation switched-vlan config trunk-vlans [ 99 101 ]
!
COMMAND interfaces interface <interface-name> ethernet
DESCRIPTION Configure physical interfaces attributes.
ARGUMENTS
COMMAND interfaces interface <interface-name> ethernet config
DESCRIPTION Configure Ethernet options for a specified interface.
ARGUMENTS
COMMAND interfaces interface mgmt ethernet config
DESCRIPTION Configure Ethernet options for the management interface.
ARGUMENTS
true to enable auto negotiate or false to disable it.FULL to enable full duplex on an interface or set to HALF to enable half duplex on an interface.EXAMPLES
Configure the management interface to use the FULL duplex mode:
appliance-1(config)# interfaces interface mgmt ethernet config duplex-mode FULL
COMMAND lacp config system-priority
DESCRIPTION
System priority and system MAC are combined as system-id, which is required by the LACP protocol. System MAC is not configurable.
ARGUMENTS
32768.EXAMPLES
Configure system priority to be 1000:
appliance-1(config)# lacp config system-priority 1000
COMMAND lacp interfaces interface <lag-interface> config name <interface>
DESCRIPTION
Configure LACP to manage the LAG interface. To use LACP to manage a LAG interface, the LAG interface must already exist or be created first. LAG interfaces can have multiple interface members, and the LAG interface state is up as long as there is at least one active member. There must be valid VLANs attached to LAG interface to pass user traffic. Be sure that the VLAN exists before attaching it to a LAG interface.
ARGUMENTS
FAST to have packets sent every second. Set the interval to SLOW to have packets sent every 30 seconds.PASSIVE to place a port into a passive negotiating state, in which the port responds to received LACP packets, but does not initiate LACP negotiation. Set to ACTIVE to place a port into an active negotiating state, in which the port initiates negotiations with other ports by sending LACP packets.xx:xx:xx:xx:xx:xx.EXAMPLES
Configure an LACP interface, set it to place the port into an active negotiating state, and set the interval to have packets sent every second:
appliance-1(config)# lacp interfaces interface lag1 config lacp-mode ACTIVE interval FAST
Create a LAG interface named lag1 with the type ieee8023adLag:
appliance-1(config)# interfaces interface lag1 config type ieee8023adLag; commit
Enable LACP on a LAG interface named lag1:
appliance-1(config)# interfaces interface lag1 aggregation config lag-type LACP; commit
Create an LACP interface named lag1 with default parameters (internal is set to SLOW, lacp-mode is set to ACTIVE):
appliance-1(config)# lacp interfaces interface lag1 config name lag1; commit
Add interface 1/1.0 and 1/2.0 as interface members into a LAG named lag1:
appliance-1(config)# interfaces interface 1/1.0 ethernet config aggregate-id lag1
appliance-1(config)# interfaces interface 1/2.0 ethernet config aggregate-id lag1
appliance-1(config)# commit
Attach VLANs 1000 and 1001 to a LAG interface named lag1:
appliance-1(config)# interfaces interface lag1 aggregation switched-vlan config trunk-vlans [ 1000 1001 ]
appliance-1(config)# commit
COMMAND lldp config
DESCRIPTION Configure Link Layer Discovery Protocol (LLDP) on the system.
ARGUMENTS
10.2.2.4.30.EXAMPLE
Configure a system-description for LLDP and verify that it was configured correctly:
appliance-1(config)# lldp config system-description "Test system description"
appliance-1(config)# commit
Commit complete.
appliance-1(config)# end
appliance-1# show running-config lldp config
lldp config enabled
lldp config system-description "Test system description"
lldp config tx-interval 30
lldp config tx-hold 4
lldp config reinit-delay 2
lldp config tx-delay 2
lldp config max-neighbors-per-port 10
COMMAND lldp interfaces interface <interface-name> config
DESCRIPTION Configure LLDP attributes for an interface.
ARGUMENTS
EXAMPLE
Configure a tlv-advertisement-state for LLDP interface 1.0 on and verify that it was configured correctly:
appliance-1(config)# lldp interfaces interface 1.0 config tlv-advertisement-state txrx
appliance-1(config-interface-1.0)# commit
Commit complete.
appliance-1(config-interface-1.0)# top
appliance-1(config)# end
appliance-1# show running-config lldp interfaces interface 1.0
lldp interfaces interface 1.0
config name 1.0
config enabled
config tlv-advertisement-state txrx
config tlvmap chassis-id,port-id,ttl,port-description,system-name,system-description,system-capabilities,pvid,ppvid,vlan-name,protocol-identity,macphy,link-aggregation,power-mdi,mfs,product-model
!
COMMAND port-profiles port-profile
DESCRIPTION Configure port profiles for front-panel interfaces (ethernet ports).
ARGUMENTS
EXAMPLE
Configure the port profile to be four ports at 25G:
appliance-1(config)# port-profile config mode 4x25G
COMMAND portgroups portgroup
DESCRIPTION Configure port group attributes.
ARGUMENTS
EXAMPLE
Configure a port group on interface 1 to use a DDM polling frequency of 20 seconds:
appliance-1(config)# portgroups portgroup 1 config ddm ddm-poll-frequency 20
Configure the port mode on interface 1 to be MODE_25GB:
appliance-1(config)# portgroups portgroup 1 config mode MODE_25GB
COMMAND
system aaa authentication config authentication-method
DESCRIPTION
Specify which authentication methods can be used to authenticate and authorize users. You can enable all methods and indicate the order in which you'd like the methods to be attempted when a user logs in.
ARGUMENTS
EXAMPLE
Attempt to authenticate in this order: LDAP, then RADIUS, and then local (/etc/password):
appliance-1(config)# system aaa authentication config authentication-method [ LDAP_ALL RADIUS_ALL LOCAL ]
COMMAND system aaa authentication ldap active_directory
DESCRIPTION
Specify whether to enable LDAP Active Directory (AD).
ARGUMENTS
true to enable LDAP AD or false to disable it. The default value is false.EXAMPLE
Enable LDAP AD on the system:
appliance-1(config)# system aaa authentication ldap active_directory true
COMMAND
system aaa authentication ldap base
DESCRIPTION
Specify the search base distinguished name (DN) for LDAP authentication. Note that the configuration of base values are case-sensitive and must be a full DN path. This includes spaces, commas, and other characters. These must be the same as what is configured in the LDAP server.
ARGUMENTS
EXAMPLE
appliance-1(config)# system aaa authentication ldap base dc=xyz,dc=com
appliance-1(config)# system aaa authentication ldap base [ dc=xyz,dc=com dc=abc,dc=com ]
COMMAND system aaa authentication ldap bind_timelimit
DESCRIPTION
Specify a maximum amount of time to wait for LDAP authentication to return a result.
ARGUMENTS
30.EXAMPLE
Set a maximum bind time limit of 60 seconds:
appliance-1(config)# system aaa authentication ldap bind_timelimit 60
COMMAND
system aaa authentication ldap binddn
DESCRIPTION
Specify the distinguished name (DN) of an account that can search the base DN. If no account is specified, the LDAP connection establishes without authentication. Note that the configuration of binddn values are case-sensitive and must be a full DN path. This includes spaces, commas, and other characters; these must be the same as what is configured in the LDAP server.
ARGUMENTS
EXAMPLE
Set the distinguished name of a specified account for searching the base DN:
appliance-1(config)# system aaa authentication ldap binddn cn=admin,dc=xyz,dc=com
COMMAND
system aaa authentication ldap bindpw
DESCRIPTION
Specify the password of the search account identified in binddn.
ARGUMENTS
EXAMPLE
Specify a password for the search account on the LDAP server:
appliance-1(config)# system aaa authentication ldap bindpw <password>
COMMAND
system aaa authentication ldap idle_timelimit
DESCRIPTION
Configure the maximum amount of time before the LDAP connection can be inactive before it times out.
ARGUMENTS
30.EXAMPLE
Set a maximum idle timeout of 60 seconds:
appliance-1(config)# system aaa authentication ldap idle_timelimit 60
COMMAND
system aaa authentication ldap ldap_version
DESCRIPTION
Specify the LDAP protocol version number.
ARGUMENTS
3.EXAMPLE
Specify that LDAPv3 is used for the LDAP server:
appliance-1(config)# system aaa authentication ldap ldap_version 3
COMMAND
system aaa authentication ldap ssl
DESCRIPTION
Specify whether to enable Transport Layer Security (TLS) functionality for the LDAP server.
ARGUMENTS
EXAMPLE
Specify that TLS is enabled for all connections:
appliance-1(config)# system aaa authentication ldap ssl on
COMMAND
system aaa authentication ldap timelimit
DESCRIPTION
Specify a maximum time limit to use when performing LDAP searches to receive an LDAP response.
ARGUMENTS
EXAMPLE
Specify a maximum time limit of 60 seconds for LDAP searches:
appliance-1(config)# system aaa authentication ldap timelimit 60
COMMAND
system aaa authentication ldap tls_cacert
DESCRIPTION
Specify the CA certificate to be used for authenticating the TLS connection with the CA server. Also validates an issued certificate from a CA prior to accepting it into the system.
ARGUMENTS
EXAMPLE
Specify a certificate for authenticating the TLS connection:
appliance-1(config)# system aaa authentication ldap tls_cacert <path-to-cacert>.pem
COMMAND
system aaa authentication ldap tls_cert
DESCRIPTION
Specify the file that contains the certificate for the client's key.
ARGUMENTS
EXAMPLE
Specify a file that contains the certificate for a client's key:
appliance-1(config)# system aaa authentication ldap tls_cacert <path-to-cacert>.pem
COMMAND
system aaa authentication ldap tls_ciphers
DESCRIPTION
Specify acceptable cipher suites for the TLS library in use. For example, ECDHE-RSAAES256-GCM-SHA384 or ECDHE-RSA-AES128-GCM-SHA256.
The cipher string can take several additional forms. It can consist of a single cipher suite such as RC4-SHA. It can represent a list of cipher suites containing a certain algorithm, or cipher suites of a certain type. For example, SHA1 represents all cipher suites using the digest algorithm SHA1, and SSLv3 represents all SSLv3 algorithms. You can combine lists of cipher suites into a single cipher string using the + character as a logical AND operation. For example, SHA1+DES represents all cipher suites containing the SHA1 and DES algorithms.
ARGUMENTS
EXAMPLE
Specify the cipher suite for the TLS library in use:
appliance-1(config)# system aaa authentication ldap tls_cyphers <cipher-suite>
COMMAND
system aaa authentication ldap tls_key
DESCRIPTION
Specify the file that contains the the private key that matches the certificates that you configured with the system aaa authentication ldap tls_cert command.
ARGUMENTS
system aaa authentication ldap tls_cert command.COMMAND
system aaa authentication ldap tls_reqcert
DESCRIPTION
Specify what checks to perform on certificates in a TLS session. The default value is never.
ARGUMENTS
EXAMPLE
Specify that a certificate is not required for a TLS session:
appliance-1(config)# system aaa authentication ldap tls_reqcert never
COMMAND
system aaa authentication roles role
DESCRIPTION
Specify the primary role assigned to the user.
ARGUMENTS
EXAMPLE
Configure which rolename and system group ID is used for a specified role:
appliance-1(config)# system aaa authentication roles role <rolename> config rolename <rolename> gid <unix-gid>
COMMAND
system aaa authentication users user
DESCRIPTION
Configure options for users.
ARGUMENTS
-1 (no expiration date). Use 1 to indicate expired.0 (zero) to indicate that the user must change the password at their next log in.EXAMPLE
Configure a user named jdoe so that the user must change their password at their next log in and indicate that the account has no expiration date:
appliance-1(config)# system aaa authentication users user jdoe config last-change 0 expiry-date -1
COMMAND
system aaa password-policy config apply-to-root
DESCRIPTION
Specify whether to enforce password policies when the user configuring passwords is the root user. If enabled (true), the system returns an error on failed check if the root user changing the password. If disabled (false), the system displays a message about the failed check, but allows the root user to change the password and bypass password policies.
ARGUMENTS
true to enforce password policies even if it is the root user configuring passwords or false to disable it. The default value is false.COMMAND
system aaa password-policy config max-age
DESCRIPTION
Configure the number of days that users can keep using the same password without changing it.
ARGUMENTS
COMMAND
system aaa password-policy config max-login-failures
DESCRIPTION
Configure the maximum number of unsuccessful login attempts that are permitted before a user is locked out.
ARGUMENTS
COMMAND
system aaa password-policy config min-length
DESCRIPTION
Configure a minimum acceptable size for the new password (plus one if credits are not disabled which is the default). In addition to the number of characters in the new password, credit (of +1 in length) is given for each different kind of character (other, upper, lower and digit). The default value is 9. If you want to allow passwords that are as short as 5 characters, you should not use min-length.
ARGUMENTS
COMMAND
system aaa password-policy config reject-username
DESCRIPTION
Check whether the user name is contained in the new password, either in straight or reversed form. If it is found, the new password is rejected.
ARGUMENTS
false to allow the user name in a new password or true to reject new passwords that contain the user name in some form. The default value is false.COMMAND
system aaa password-policy config required-differences
DESCRIPTION
Configure the number of character changes that are required in the new password that differentiate it from the old password.
ARGUMENTS
5.COMMAND
system aaa password-policy config required-lowercase
DESCRIPTION
Configure the minimum number of lowercase character required for a password.
ARGUMENTS
COMMAND
system aaa password-policy config required-numeric
DESCRIPTION
Configure the minimum number of numeric characters required for a password.
ARGUMENTS
COMMAND
system aaa password-policy config required-special
DESCRIPTION
Configure the minimum number of numeric characters required for a password.
ARGUMENTS
COMMAND
system aaa password-policy config required-uppercase
DESCRIPTION
Configure the minimum number of numeric characters required for a password.
ARGUMENTS
COMMAND
system aaa password-policy config retries
DESCRIPTION
Configure the number of retries allowed when user authentication is unsuccessful.
ARGUMENTS
COMMAND
system aaa password-policy config root-lockout
DESCRIPTION
Configure whether the root account can be locked out after unsuccessful login attempts.
ARGUMENTS
false to disable root lockout after a number of unsuccessful login attempts or true to enable it. The default value is false.COMMAND system aaa password-policy config root-unlock-time
DESCRIPTION
Configure the time in seconds before the root user can retry logging in after exceeding the maximum number of allowed unsuccessful authentication attempts.
ARGUMENTS
COMMAND
system aaa password-policy config unlock-time
DESCRIPTION
Configure the time in seconds before a user can retry logging in after exceeding the maximum number of allowed unsuccessful authentication attempts. If this option is not configured, the account is locked until the lock is removed manually by an administrator.
ARGUMENTS
COMMAND
system aaa primary-key set
DESCRIPTION
Change the system primary encryption key with passphrase and salt. This is useful while migrating configuration from one machine to another.
ARGUMENTS
EXAMPLE
Change the primary key, set a passphrase and salt, and then display the status of the key migration process:
appliance-1(config)# system aaa primary-key set
Value for 'passphrase' (<string, min: 6 chars, max: 255 chars>): ******
Value for 'confirm-passphrase' (<string, min: 6 chars, max: 255 chars>): ******
Value for 'salt' (<string, min: 6 chars, max: 255 chars>): *********
Value for 'confirm-salt' (<string, min: 6 chars, max: 255 chars>): *********
response description: Key migration is initiated. Use 'show system primary-key state status' to get status
appliance-1# show system aaa primary-key state
system aaa primary-key state hash Jt221bA3Xj73bClXPY9pdfQzauNUGO92hv1eXZbKcD/4G+Dr3u6hyFoahL+r3iIopJm4IzIInSwYsilAGdY08w==
system aaa primary-key state status "COMPLETE Initiated: Fri Apr 8 22:33:02 2022"
COMMAND
system aaa server-groups server-group
DESCRIPTION
Configure one or more AAA servers of type RADIUS, LDAP, or TACACS+. The first server in the list is always used by default unless it is unavailable, in which case the next server in the list is used. You can configure the order of servers in the server group.
ARGUMENTS
COMMAND system aaa tls ca-bundles ca-bundle
DESCRIPTION Configure a certificate authority bundle.
ARGUMENTS
COMMAND
system aaa tls config certificate
DESCRIPTION
Configure an SSL server certificate to be used for the webUI (HTTPS) or REST interface of the system.
ARGUMENTS
EXAMPLE
Add a certificate and key to the system. When you press Enter, you will enter multi-line mode, at which point you can copy in the certificate/key. After you have added a certificate, you must add a key using system aaa tls config key, commit the changes:
appliance-1(config)# system aaa tls config certificate
(<string>):
[Multiline mode, exit with ctrl-D.]
> ...
appliance-1(config)# system aaa tls config key
(<string>):
[Multiline mode, exit with ctrl-D.]
> ...
appliance-1(config)# commit
Commit complete.
COMMAND
system aaa tls config key
DESCRIPTION
Configure a PEM-encoded private key to be used for the webUI (HTTPS) or REST interface of the system. Key value is encrypted in DB storage.
ARGUMENTS
EXAMPLE
Add a TLS key and certificate to the system. When you press Enter, you will enter multi-line mode, at which point you can copy in the key/certificate. After you have added a key, you must add a certificate using system aaa tls config certificate:
appliance-1(config)# system aaa tls config key
(<string>):
[Multiline mode, exit with ctrl-D.]
> ...
appliance-1(config)# system aaa tls config certificate
(<string>):
[Multiline mode, exit with ctrl-D.]
> ...
appliance-1(config)# commit
Commit complete.
COMMAND system aaa tls crls crl
DESCRIPTION Configure a Certificate Revocation List Entry (CRL).
ARGUMENTS
EXAMPLE
Add a new CRL to the system. When you press Enter, you will enter multi-line mode, at which point you can copy in the CRL key.
appliance-1(config)# system aaa tls crls crl <crl-name>
Value for 'config revocation-key' (<string>):
[Multiline mode, exit with ctrl-D.]
> ...
appliance-1(config)# commit
Commit complete.
COMMAND system aaa tls create-self-signed-cert
DESCRIPTION Create an OpenSSL key for use with AAA/TLS.
ARGUMENTS
RSA and ECDSA (Elliptic Curve Digital Signature Algorithm).secp521r1. Available options are:true to store the self-signed certificate pair in the the system-aaa-tls-config or false to specify that it should not be stored.EXAMPLE
Create a private key and self-signed certificate:
appliance-1(config)# system aaa tls create-self-signed-cert city Seattle country US days-valid 365 email j.doe@company.com key-type ecdsa name company.com organization "Company" region Washington unit IT version 1 curve-name prime239v2 store-tls false
response
-----BEGIN EC PRIVATE KEY-----
MHECA1d8wiyJEVihDTnVi+v9RjfK3LhZ2Pd4R7B1MJf3lyXaoaAKBggqhkjOPQMB
BaFAAz4ABHFISUTEi8wEdG0iBF3iqTi5m5b62xUSbhOJrXR8d0S6h+anvpo9xrH3
QKbVuacd9H4cMj2tX/wyqVNePg==
-----END EC PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIICAzCCAa4CCQCR5RKtuBFcxTAKBggqhkjOPQQDAjCBjTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCl1t462pbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEzARBgNVBAoM
CkY1IE5ldG9ya3MxEDAOBgNVBAsMB1NXRElBR1MxETAPBgNVBAMMCEdvZHppbGxh
MR0wGwYJKoZIhvcNAQkBFg5qLm1vb3JlQGY1LmNvbTAeFw0yMTAzMjcwMjE2NTFa
Fw0yMjAzMjcwMjE2NTFaMIGNMQswCQYDVQQGEwJVUzORBTWGA1UECAwKV2FzaGlu
Z3RvbjEQMA4GA1UEBwwHU2VhdHRsZTETMBEGA1UECgwKRjUgTmV0b3JrczEQMA4G
A1UECwwHU1dESUFHUzERMA8GA1UEAwwIR29kemlsbGExHTAbBgkqhkiG9w0BCQEW
DmoubW9vcmVAZRWPuB9tMFUwEwYHKoZIzj0CAQYIKoZIzj0DAQUDPgAEcUhJRMSL
zAR0bSIEXeKpOLmblvrbFRJuE4mtdHx3RLqH5qe+mj3GsfdAptW5pwXtlI0yPa1f
/DKpU14+MAoGCCqGSM49BAMCA0MAMEACHh38OAyBB5T9ScBklBXZUIuynHq3/tr4
3VUQsMtYHQIeeP3vCrRm2qjPtK62QwtbkqDA9h2qTvuDj6uYL8EI
-----END CERTIFICATE-----
COMMAND system aaa tls create-csr
DESCRIPTION Create a certificate signing request (CSR).
ARGUMENTS
EXAMPLE
Create a CSR:
system aaa tls create-csr name company.com email j.doe@company.com organization "Company" unit IT
response -----BEGIN CERTIFICATE REQUEST-----
JRISPzCCAbsCAQEwgY0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9u
MRAwDgYDVQQHEwdTZWF0dGxlMRQwEgYDVQQKFAtGNVH4TW03b3JrczEUMBIGA1UE
CxMLZGV2ZWxvcG1lbnQxGTAXBgkqhkiG9w0BCQEWCmRldkBmNS5jb20xEDAOBgNV
BAMTB3Rlc3Rjc3IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCinnAV
Dv/G6+qbiBVO7zIPmFFatYcrzdUnvpTGXfPuh6VBRqcW90jJy12FwtYOL8P6mED+
gfjpxRWe+PNursjZSIDpyh7Dn+F3MRF3zkgnSKlYKI9qqzlRHRAwi2U7GfujeR5H
CXrJ4uxYK2Wp8WVSa7TWwj6Bnps8Uldnj0kenBJ1eUVUXoQAbUmZQg6l+qhKRiDh
3E/xMOtaGWg0SjD7dEQij5l+8FBEHVhQKEr93GT1ifR62/MZSnPw2MY5OJ69p2Wn
k7Fr7m4I5z9lxJduYDNmiddVilpWdqRaCB2j29XCmpVJduF2v6EsMx693K18IJ1h
iRice6oKL7eoI/NdAgMBAAGgADANBgkqhkiG9w0BAQUFAAOCAQEAGjWSAqKUPqMY
eLlSDJ9Bc4R+ckia5r/TITqamMN+m8TqQI8Pk0tAnwHCl8HHS+4cI8QuupgS/3aU
ls7OtxceoQZ1VFX2sQFkrDJFe0ewZQLm5diip5kxFrnap0oA0wRy84ks0wxeiCWD
New3hgSXfzyXI0g0auT6KNwsGaO8ZuhOX3ICNnSLbfb9T4zbhfI9jKopXQgZG/LO
pOct33fdpf/U6kQA9Rw/nzs3Hz/nsVleOrl3TH1+9veMMF+6eq8KKPpbYKh9bhA+
pYI3TtbZHuyRyQbq/r4gf4JkIu/PGszzy/rsDWy+b9g9nXMh1oFj+xhTrBjBk8a2
0ov+Osy2iA==
-----END CERTIFICATE REQUEST-----
COMMAND system allowed-ips allowed-ip
DESCRIPTION
Configure the system to allow traffic only from specified IP addresses. This is applicable only for ports 161, 8888, 443, 80, and 7001.
ARGUMENTS
EXAMPLE
Add a specified IPv4 address to the system allow list:
appliance-1(config)# system allowed-ips allowed-ip test config ipv4 address 192.0.2.33 port 161
COMMAND system appliance-mode config
DESCRIPTION Configure whether appliance mode is enabled or disabled on the system. Appliance mode adds a layer of security by restricting user access to root and the bash shell. When enabled, the root user cannot log in to the device by any means, including from the serial console. You can enable appliance mode at these levels:
system appliance-mode on the system.tenants tenant <tenant-name\> config appliance-mode on the system.ARGUMENTS
enabled to enable appliance mode on the system. Specify disabled to disable it.EXAMPLE
Enable appliance mode and then verify that appliance mode is enabled:
appliance-1(config)# system appliance-mode config enabled
appliance-1(config)# commit
appliance-1(config)# end
appliance-1# show system appliance-mode
system appliance-mode state enabled
Disable appliance mode and then verify that appliance mode is disabled:
appliance-1(config)# system appliance-mode config disabled
appliance-1(config)# commit
appliance-1(config)# end
appliance-1# show system appliance-mode
system appliance-mode state disabled
COMMAND system clock config timezone-name
DESCRIPTION Configure the time zone (tz) database name (for example, Europe/Stockholm) to use for the system. For a list of valid time zone names, see www.iana.org/time-zones.
ARGUMENTS
EXAMPLES
Configure the system to use the America/Los_Angeles time zone:
appliance-1(config)# system clock config timezone-name America/Los_Angeles
Configure the system to use the Asia/Calcutta time zone:
appliance-1(config)# system clock config timezone-name Asia/Calcutta
COMMAND system config hostname
DESCRIPTION Configure a hostname for the system.
ARGUMENTS
EXAMPLE
Configure the hostname to be test.company.com:
appliance-1(config)# system config hostname test.company.com
COMMAND system config login-banner
DESCRIPTION
Configure a banner message to be displayed before users log in to the system.
ARGUMENTS
EXAMPLE
Configure a banner message:
appliance-1(config)# system config login-banner
(<string>):
[Multiline mode, exit with ctrl-D.]
UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED
COMMAND system config motd-banner
DESCRIPTION
Configure a message of the day (MOTD) banner to display after users log in to the system.
EXAMPLE
Configure a MOTD banner message:
appliance-1(config)# system config motd-banner
(<string>):
[Multiline mode, exit with ctrl-D.]
ATTENTION!
This system is scheduled for maintenance in two days.
COMMAND system database config-backup
DESCRIPTION Generate a backup of the system configuration in the form of an XML file.
ARGUMENTS
yes to overwrite the file if a file by that name exists or no to disable the file overwrite. The default value is no.EXAMPLE
Create a backup file of the system configuration named backup-apr2022 and overwrite it if a file by that name already exists:
appliance-1(config)# system database config-backup name backup-apr2022 proceed yes
response Succeeded.
COMMAND system database config-restore
DESCRIPTION Restore the system configuration from an XML backup file.
ARGUMENTS
yes to overwrite the configuration database or no to disable the overwrite. The default value is no.EXAMPLE
Restore the system configuration from a backup file named backup-apr2022:
appliance-1(config)# system database config-restore name backup-apr2022
COMMAND system database reset-to-default
DESCRIPTION Revert the system to the default configuration and clear any existing configuration information.
IMPORTANT: This deletes all configuration on the system, including IP addresses, passwords, and tenant images.
ARGUMENTS
no to show a confirmation prompt prior to resetting the configuration to the default. Specify yes to bypass a confirmation prompt.EXAMPLE
Revert the system to the default configuration:
appliance-1(config)# system database config reset-to-default yes
COMMAND system diagnostics core-files list
DESCRIPTION List core files for the system.
EXAMPLE
List all core files on the system:
appliance-1(config)# system diagnostics core-files list
files [ appliance-1:/var/shared/core/container/test-1.core.gz appliance-1:/var/shared/core/container/test-2.core.gz ]
COMMAND system diagnostics core-files delete
DESCRIPTION Delete core files from the system.
ARGUMENTS
EXAMPLE
List all core files on the system and specify one to delete:
appliance-1(config)# system diagnostics core-files delete files [ appliance-1:/var/shared/core/container/test-1.core.gz ]
COMMAND system diagnostics ihealth config authserver
DESCRIPTION Specify a separate endpoint for authenticating and uploading QKView files to the iHealth service. The authserver config element enables you to specify an authentication server URL for the iHealth service. By default, authserver is set to the F5 iHealth authentication server https://api.f5.com/auth/pub/sso/login/ihealth-api.
ARGUMENTS
EXAMPLE
Specify an authentication server for the iHealth service:
appliance-1(config)# system diagnostics ihealth config authserver
(<string>) (https://api.f5.com/auth/pub/sso/login/ihealth-api): https://api.f5networks.net/auth/pub/sso/login/ihealth-api
COMMAND system diagnostics ihealth config password
DESCRIPTION Specify the password used to log in to iHealth. This password is given in plain text, but will be encrypted when stored in the system.
ARGUMENTS
EXAMPLE
Specify a password to be used for logging in to iHealth:
appliance-1(config)# system diagnostics ihealth config password
(<AES encrypted string>): **********
COMMAND system diagnostics ihealth config server
DESCRIPTION Specify the iHealth service has a separate endpoint for authenticating and uploading QKView files. The server config element enables you to specify an upload server URL for the iHealth service. By default, the server is set to the F5 iHealth upload server https://ihealth-api.f5.com/qkview-analyzer/api/qkviews?visible_in_gui=True.
ARGUMENTS
EXAMPLE
Specify an upload server for the iHealth service:
appliance-1(config)# system diagnostics ihealth config server
(<string>) (https://ihealth-api.f5.com/qkview-analyzer/api/qkviews?visible_in_gui=True): https://ihealth-api.f5networks.net/qkview-analyzer/api/qkviews?visible_in_gui=True
COMMAND system diagnostics ihealth config username
DESCRIPTION Specify the username used to access the iHealth service.
ARGUMENTS
EXAMPLE
Specify a user name to be used when logging in to iHealth:
appliance-1(config)# system diagnostics ihealth config username
(<string>) (user@f5.com): user2@f5.com
COMMAND system diagnostics ihealth upload
DESCRIPTION Initiate a QKView file upload to iHealth. It returns a upload id, which is needed to check upload status or cancel an upload.
ARGUMENTS
system diagnostics qkview list command to see a list of available files.
Note: Be sure to add /diags/shared/QKView/ as a prefix to the QKView file name.EXAMPLE
Upload a file named /diags/shared/qkview/test.qkview to iHealth:
appliance-1(config)# system diagnostics ihealth upload qkview-file /diags/shared/qkview/test.qkview description testing service-request-number C523232
message HTTP/1.1 202 Accepted
Location: /support/ihealth/status/iuw53AYW
Date: Tue, 5 Apr 2022 12:09:08 GMT
Content-Length: 0
COMMAND system diagnostics ihealth cancel
DESCRIPTION Cancel a QKView upload that is in progress. If the upload is already complete, it cannot be cancelled. To remove the QKView, log in to the iHealth server and manually delete the QKView, if needed.
ARGUMENTS
EXAMPLE
Cancel the QKView upload with an upload-id of iuw53AYW.
appliance-1(config)# system diagnostics ihealth cancel upload-id iuw53AYW
message HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Location: /support/ihealth/status/iuw53AYW
Date: Tue, 5 Apr 2022 12:10:01 GMT
Content-Length: 44
COMMAND system diagnostics qkview capture
DESCRIPTION
Generate a system diagnostic snapshot, called a QKView. The system can support only one snapshot collection at a time. QKView files are stored in the host directory: diags/shared/qkview/.
ARGUMENTS
<system-name>.qkview.0, which indicates no timeout.true if core files should be excluded from QKView. The default value is false.25 MB.500 MB.EXAMPLE
Generate a QKView and name the file client-qkview.tar, exclude core files, set the maximum core size to 500 MB, set the maximum file size to 500 MB, and set a timeout value of 0 (zero), which indicates no timeout, and then check the status of the QKView generation process:
appliance-1(config)# system diagnostics qkview capture filename client-qkview exclude-cores true maxcoresize 500 maxfilesize 500 timeout 0
result Qkview file client-qkview is being collected
return code 200
appliance-1(config)# system diagnostics qkview status
result {"Busy":true,"Percent":12,"Status":"collecting","Message":"Collecting Data","Filename":"client-qkview"}
resultint 0
COMMAND system diagnostics qkview cancel
DESCRIPTION Cancel a QKView that is in progress.
ARGUMENTS This command has no arguments.
EXAMPLE
Cancel the currently running QKView:
appliance-1(config)# system diagnostics qkview cancel
result Qkview with filename client-qkview.tar was canceled
return code 200
resultint 0
COMMAND system diagnostics qkview status
DESCRIPTION Get the status of a QKView that is in progress or the status of the last QKView collected.
ARGUMENTS This command has no arguments.
EXAMPLE
View the status of the currently running QKView:
appliance-1(config)# system diagnostics qkview status
result {"Busy":true,"Percent":73,"Status":"collecting","Message":"Collecting Data","Filename":"myqkview.tar"}
resultint 0
appliance-1(config)# system diagnostics qkview status
result {"Busy":false,"Percent":100,"Status":"canceled","Message":"Collection canceled by user. Partial qkview saved.","Filename":"client-qkview.tar.canceled"}
resultint 0
COMMAND system diagnostics qkview delete
DESCRIPTION Delete a QKView file.
ARGUMENTS
EXAMPLE
Delete the QKView file named client-qkview.tar.canceled.
appliance-1(config)# system diagnostics qkview delete filename client-qkview.tar.canceled
result Deleted Qkview file client-qkview.tar.canceled
return code 200
resultint 0
COMMAND system diagnostics qkview list
DESCRIPTION Show a list of QKView files.
ARGUMENTS This command has no arguments.
EXAMPLE
List all QKView files on the system:
appliance-1(config)# system diagnostics qkview list
result {"Qkviews":[{"Filename":"20220412.tar","Date":"2022-04-13T00:51:11.145190991Z","Size":77726151},{"Filename":"client-qkview.canceled","Date":"2022-04-13T01:00:11.796209488Z","Size":83041507}]}
resultint 0
COMMAND system dns config search
DESCRIPTION Configure a DNS search domain for the system to use.
ARGUMENTS
COMMAND system dns host-entries host-entry
DESCRIPTION Configure a DNS host entry for the system to use.
ARGUMENTS
COMMAND system dns servers
DESCRIPTION Configure a DNS server for the system to use.
ARGUMENTS
53.EXAMPLE
Configure a DNS server and then verify that it was completed:
appliance-1(config)# system dns servers server 192.0.2.11 config port 53
appliance-1(config-server-192.0.2.11)# commit
Commit complete.
appliance-1(config-server-192.0.2.11)# exit
appliance-1(config)# end
appliance-1# show running-config system dns
system dns servers server 192.0.2.11
config port 53
!
COMMAND system image check-version
DESCRIPTION Check whether the system is compatible with a specific system image service version upgrade version.
ARGUMENTS
EXAMPLE
Verify that the system is compatible with service version number 1.1.0-3456:
appliance-1(config)# system image check-version service-version 1.1.0-3456
COMMAND system image remove
DESCRIPTION Remove a system image.
ARGUMENTS
COMMAND system image set-version
DESCRIPTION Trigger an install after verifying schema compatibility using check-version.
ARGUMENTS
no to show a confirmation prompt prior to resetting the configuration to the default. Specify yes to bypass a confirmation prompt.EXAMPLE
Upgrade the system to iso version 1.1.0-3456:
appliance-1(config)# system image set-version iso-version 1.1.0-3456
Upgrade the os version to 1.1.0-3456:
appliance-1(config)# system image set-version os-version 1.1.0-3456
Upgrade the service version to 1.1.0-3456:
appliance-1(config)# system image set-version service-version 1.1.0-3456
COMMAND system licensing install
DESCRIPTION Perform an automatic system license installation. The system must be connected to the Internet to use the automatic method.
ARGUMENTS
EXAMPLE
Install a base license on the system:
appliance-1(config)# system licensing install registration-key A1234-56789-01234-56789-0123456
result License installed successfully.
COMMAND system licensing manual-install
DESCRIPTION Perform a manual system license installation.
ARGUMENTS
system licensing manual-install, you use system licensing get-dossier to get the system dossier text, and then activate the license at activate.f5.com.EXAMPLE
License the system using license information from activate.f5.com:
appliance-1(config)# system licensing manual-install license
Value for 'license' (<string>):
[Multiline mode, exit with ctrl-D.]
> #
> Auth vers : 5b
> #
> #
> # BIG-IP System License Key File
> # DO NOT EDIT THIS FILE!!
> #
> # Install this file as "/config/bigip.license".
> #
> # Contact information in file /CONTACTS
> #
> #
> # Warning: Changing the system time while this system is running
> # with a time-limited license may make the system unusable.
> #
> Usage : F5 Internal Product Development
> #
> #
> # Only the specific use referenced above is allowed. Any other uses are prohibited.
> #
> Vendor : F5, Inc.
> #
> # Module List
> #
> active module : Local Traffic Manager, r10900 |K284576-4014992|Rate Shaping|Anti-Virus Checks|Base Endpoint Security Checks|Firewall Checks|Machine Certificate Checks|Network Access|Protected Workspace|Secure Virtual Keyboard|APM, Web Application|App Tunnel|Remote Desktop
...
COMMAND system licensing get-dossier
DESCRIPTION Generate an encrypted system dossier that can be used for retrieving a license from the F5 license server. This is used to perform a manual license installation.
ARGUMENTS
EXAMPLE
Get a system licensing dossier from F5:
appliance-1(config)# system licensing get-dossier
system-dossier 48d05131e8688755efde6b1081af5e190793e5a0cfb70cd2da9da8c4c9d9d412a6360a11b869f2dfc779ef7c91df246f7184fe0010b7bcbd420e1664cb1d13b9890ec812bedf05d8cd530c87t82d13a7b63b9823ebdafc5f9061d6c12eb09a5a973361681d31a07dc92d774345cc52e70f8026729df4e2b5c9e6c22f96764e1cdd402f9e499841253259122877a85d7145a658a8444b0b6bc2dc8b9ef4a0156b8af2baa14500e9ce8c3ebcdf4060b35e1748aee093f0bb2349f53bf72f94c61979d1b8ccaf01c84235acf025f3cb3cad3f2cac9938b7481635280cc1589fac997aa4f6db9e8e04d02af5d91f5cd570fc261612233a1204e27a0d2ffd62e4107f89ad286a42ae07cea0918a7be0ba50e307664f8aaf9334051abb6d1559771d2fbfeb8f67335a8325b63a00ddfed563a926d595f1fe049bedf418dd997120945b1d622a574bd957fe6c60924c5562e6cf8ba837124a16bd2a49d1af0ace1f9dbe02af626336e073e8a2802949812eb0227faed9ad787c945c486dbc6d45327688025bcac81e472f3720c615f52455c8e0b235262cb4c8f2dd1ef8c753966fe11798db01714fd95e11348e1036f1ff69da16342595650c91b771cf7a28970c3caffa988faaf8f01cbd846151cd17201c3c8e58b18587e52a8be18f2ac9f175a41296fe9de3532433e94817f9b08ab2d9f66cdb76506e7d4156f9eb8af96aee363e8ab18eec930f6cc1c2dc80e2b254fbc9e31851a10f34506d71e1e5d60344a1ed5ec021c0e63513fd833ea8286258f6094592c7d04f9d29db93114518024b9129acb36ce41b1d1c7405db549f3aaa697919592a6dabfece7295cf57d8b950fcfed6cc40286d830be12097b0e3c0f9acbc07ccdb110b3cc98ca5a1ac09d6b152b2ace004d613364242a031e21057d3dc270ba00fe6918b3075b4692f55ca71fe6cd76c91f4beb19af97bb47dd677a77159e78adfa7e7cf0feb8a3490fc59fe660b26eb5268ecfed6f03c41ea0edadc7bc7573e91d0ad01313ee07e8719ec4d59fd6c90fcdbd29407f0a7666ff9de33251b04e270eb2d46c6cf8583d163c47d5768
COMMAND system licensing get-eula
DESCRIPTION Retrieve the End User License Agreement (EULA) from the F5 License Server.
ARGUMENTS
EXAMPLE
Gets the contents of the latest F5 EULA:
appliance-1(config)# system licensing get-eula
eula-text END USER LICENSE AGREEMENT
DOC-0355-16
IMPORTANT " READ BEFORE INSTALLING OR OPERATING THIS PRODUCT
YOU AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE BY INSTALLING,
HAVING INSTALLED, COPYING, OR OTHERWISE USING THE SOFTWARE. IF YOU
DO NOT AGREE, DO NOT INSTALL OR USE THE SOFTWARE.
This End User License Agreement ("License") applies to the software
product(s) ("Software") you have licensed from us whether on
a stand-alone basis or as part of any hardware ("Hardware") you
purchase from us, (the Hardware and Software together, the "Product").
...
COMMAND system locator config enabled
DESCRIPTION Configure whether the system locator function is enabled. Enabling this function illuminates the F5 logo ball so that you can more easily locate a chassis in a data center.
ARGUMENTS
enabled to enable the chassis locator function. Specify disabled to disable it.COMMAND system logging remote-servers remote-server
DESCRIPTION Configure information about remote logging servers.
ARGUMENTS
udp.514.EXAMPLE
Create a logging destination:
appliance-1(config)# system logging remote-servers remote-server 192.0.2.240 config proto tcp
appliance-1(config-remote-server-192.0.2.240)# commit
Commit complete.
Delete a logging destination:
appliance-1(config)# no system logging remote-servers remote-server 192.0.2.240
appliance-1(config)# commit
Commit complete.
COMMAND system logging host-logs
DESCRIPTION Configure settings for sending host logs to remote logging servers.
ARGUMENTS
enabled to enable remote forwarding of active node host logs. Specify disabled to disable it.host-logs is enabled and a remote server configuration is present. Available options are:EXAMPLE
Enable remote forwarding:
appliance-1(config)# system logging host-logs config remote-forwarding enabled
COMMAND system logging sw-components sw-component
DESCRIPTION Configure logging for platform software components. Available options are:
ARGUMENTS
INFORMATIONAL. Available options, in decreasing order of severity, are:COMMAND system mgmt-ip config dhcp-enabled
DESCRIPTION Enable or disable DHCP for the system management IP address. DHCP is supported only on static interfaces.
ARGUMENTS
true to enable DHCP for the management IP address or false to disable it. The default value is false.EXAMPLE
Enable DHCP for the management IP address:
appliance-1(config)# system mgmt-ip config dhcp-enabled true
COMMAND system mgmt-ip config ipv4 gateway
DESCRIPTION Configure a gateway IPv4 address.
ARGUMENTS
EXAMPLE
Configure the gateway IPv4 address to be 192.0.2.1:
appliance-1(config)# system mgmt-ip config ipv4 gateway 192.0.2.1
COMMAND system mgmt-ip config ipv4 prefix-length
DESCRIPTION Configure the IPv4 prefix length.
ARGUMENTS
EXAMPLE
Configure the IPv4 prefix length to be 24:
appliance-1(config)# system mgmt-ip config ipv4 prefix-length 24
COMMAND system mgmt-ip config ipv4 system address
DESCRIPTION
Configure an IPv4 management IP address for the system.
ARGUMENTS
COMMAND system mgmt-ip config ipv6 gateway
DESCRIPTION
Configure a gateway IPv6 address.
ARGUMENTS
EXAMPLE
Configure the gateway IPv6 address to be ::1:
appliance-1(config)# system mgmt-ip config ipv6 gateway ::1
COMMAND system mgmt-ip config ipv6 prefix-length
DESCRIPTION Configure IPv6 prefix length.
ARGUMENTS
EXAMPLE
Configure the IPv6 prefix length to be 64:
appliance-1(config)# system mgmt-ip config ipv6 prefix-length 64
COMMAND system mgmt-ip config ipv6 system address
DESCRIPTION Configure an IPv6 management IP address for the system.
ARGUMENTS
DESCRIPTION Configure the internal address range.
ARGUMENTS
prefix. This is the default value.EXAMPLE
Configure the range type to be RFC6598:
appliance-1(config)# system network config network-range-type RFC6598
COMMAND system network config network-range-type RFC1918 chassis-id
DESCRIPTION Set the chassis ID that is used to determine internal address ranges.
IMPORTANT: F5 strongly recommends that you do not change this setting.
ARGUMENTS
1.COMMAND system network config network-range-type RFC1918 prefix
DESCRIPTION
Configure the internal network prefix index that is used to select the range of IP addresses used internally within the appliance. If needed, select a network prefix that ensures that internal appliance addresses do not overlap with site-local addresses that are accessible to the system.
ARGUMENTS
EXAMPLE
Configure the internal network range to use 10.[16-31].0.0/16:
appliance-1(config)# system network config network-range-type RFC1918 prefix 1
COMMAND system ntp config
DESCRIPTION
Enable the Network Time Protocol (NTP) protocol and indicate that the system should synchronize the system clock with an NTP server defined in the ntp/server list.
ARGUMENTS
enabled to enable using NTP. Specify disabled to disable it.EXAMPLE
Disable the use of NTP:
appliance-1(config)# system ntp config disabled
COMMAND system ntp ntp-keys ntp-key
DESCRIPTION Configure the list of Network Time Protocol (NTP) authentication keys.
ARGUMENTS
COMMAND system ntp servers server
DESCRIPTION
Configure which NTP servers can be used for system clock synchronization. If system ntp is enabled, then the system will attempt to contact and use the specified NTP servers.
ARGUMENTS
SERVER.true to enable iburst for the NTP service. Specify false to disable it.123.true to indicate that this server should be the preferred one. Specify false if not.EXAMPLES
Configure an NTP server with the address pool.ntp.org, where the association type is POOL, and it is the preferred server:
appliance-1(config)# system ntp servers server pool.ntp.org config association-type POOL prefer true
appliance-1(config-server-pool.ntp.org)# top
appliance-1(config)# system ntp config enabled
appliance-1(config)# commit
Commit complete.
Configure an NTP server with the address time.f5net.com, where the association type is SERVER, iburst is enabled, port is 123, it is the preferred server, and version number is 4:
appliance-1(config)# system ntp servers server time.f5net.com
appliance-1(config-server-time.f5net.com)# config address time.f5net.com
appliance-1(config-server-time.f5net.com)# config association-type SERVER
appliance-1(config-server-time.f5net.com)# config iburst true
appliance-1(config-server-time.f5net.com)# config port 123
appliance-1(config-server-time.f5net.com)# config prefer true
appliance-1(config-server-time.f5net.com)# config version 4
appliance-1(config-server-time.f5net.com)# commit
Commit complete.
COMMAND system reboot
DESCRIPTION Trigger a restart of the system. This resets the management IP connection.
ARGUMENTS
This command has no arguments.
EXAMPLE
Reboot the system and when prompted whether to confirm the reboot, enter yes:
appliance-1(config)# system reboot
The reboot of the system results in data plane and management connectivity to be disrupted. Proceed? [no,yes]
COMMAND system set-datetime
DESCRIPTION Configure the date and time for the system.
ARGUMENTS
EXAMPLES
Configure the system date to be 2022-04-11:
appliance-1(config)# system set-datetime date 2022-04-11
Configure the system time to be 11:11:00:
appliance-1(config)# system set-datetime date 11:11:00
COMMAND tenants tenant
DESCRIPTION Provision and deploy a tenant on the system.
ARGUMENTS
enabled to enable appliance node at the tenant level. Specify disabled to disable it.enabled to enable crypto devices for the tenant level. Specify disabled to disable it.deployed state.76 GB. The range is from 22 to 700 GB.EXAMPLE
Configure a tenant named bigip-vm of type BIG-IP, using a specified image file, assigned to node 1, using port 22, a management IP address of 192.0.2.61, a netmask of 255.255.255.0, a gateway of 192.0.2.1, using VLAN 100, and a running state of deployed.
appliance-1(config)# tenants tenant bigip-vm config type BIG-IP image BIGIP-bigip15.1.6.123.ALL-F5OS.qcow2.zip.bundle nodes 1 port 22 mgmt-ip 192.0.2.71 netmask 255.255.255.0 gateway 192.0.2.254 vlans 100 running-state deployed
COMMAND vlans vlan
DESCRIPTION Creates a VLAN object that can be referenced by other configuration commands. This command is intended to be expanded for future use and is currently not necessary for proper configuration of the system.
ARGUMENTS
EXAMPLE
Configure VLAN 100, with the name 100 and a vlan-id of 100:
appliance-1(config)# vlans vlan 100 config name 100 vlan-id 100
Configure a VLAN range of 100-101:
appliance-1(config)# vlans vlan range 100-101
COMMAND autowizard
DESCRIPTION Specify whether to query automatically for mandatory elements.
ARGUMENTS
true to query automatically for mandatory elements. Specify false to disable it.COMMAND clear
DESCRIPTION Remove all configuration changes.
ARGUMENTS
COMMAND complete-on-space
DESCRIPTION Specify whether to have the CLI complete a command name automatically when you type an unambiguous string and then press the space bar, or have the CLI list all possible completions when you type an ambiguous string and then press the space bar.
ARGUMENTS
true to enable the ability to have the CLI complete a command name automatically when you press the space bar. Specify false to disable it.COMMAND config
DESCRIPTION
Enter configuration mode. In configuration mode, you are editing a copy of the running configuration, called the candidate configuration, not the actual running configuration. Your changes take effect only when you issue a commit command.
ARGUMENTS
COMMAND describe
DESCRIPTION Display internal information about how a command is implemented.
ARGUMENTS
COMMAND devtools
DESCRIPTION Enable/disable development tools.
ARGUMENTS
true to enable development tools or false to disable it.COMMAND display-level
DESCRIPTION Set the depth of the configuration shown for show commands.
ARGUMENTS
<depth> can be a value from 1 to 64.COMMAND exit
DESCRIPTION Exit the CLI session.
ARGUMENTS This command has no arguments.
COMMAND file
DESCRIPTION Perform file operations.
ARGUMENTS
For detailed information about these arguments, see the file page under config-mode-commands.
COMMAND help
DESCRIPTION Display help information about a specified command.
ARGUMENTS
COMMAND history
DESCRIPTION Configure the command history cache size.
ARGUMENTS
<size> can be a value from 0 through 1000.COMMAND id
DESCRIPTION Display information about the current user, including user, gid, group, and gids.
ARGUMENTS This command has no arguments.
COMMAND idle-timeout
DESCRIPTION Set how long the CLI is inactive before a user is logged out of the system. If a user is connected using an SSH connection, the SSH connection is closed after this time expires.
ARGUMENTS
1800 seconds (30 minutes).COMMAND ignore-leading-space
DESCRIPTION Specify whether to consider or ignore leading whitespace at the beginning of a command.
ARGUMENTS
false to ignore leading whitespace or true to consider it.COMMAND job
DESCRIPTION Perform job operations.
ARGUMENTS
COMMAND leaf-prompting
DESCRIPTION Specify whether to enable or disable automatic querying for leaf values.
ARGUMENTS
false to disable leaf prompting and specify true to enable it.COMMAND logout
DESCRIPTION Log out a specific session or user from all sessions.
ARGUMENTS
<session-id>.<user-name>.COMMAND no
DESCRIPTION Delete or unset a configuration command.
ARGUMENTS
COMMAND paginate
DESCRIPTION Specify whether to control the pagination of CLI command output.
ARGUMENTS
false to display command output continuously, regardless of the CLI screen height. Specify true to display all command output one screen at a time. To display the next screen of output, press the space bar. This is the default setting.COMMAND prompt1
DESCRIPTION Set the operational mode prompt.
ARGUMENTS
COMMAND prompt2
DESCRIPTION Set the configuration mode prompt.
ARGUMENTS
COMMAND pwd
DESCRIPTION Display the current path in the configuration hierarchy.
ARGUMENTS This command has no arguments.
COMMAND quit
DESCRIPTION Exit the CLI session.
ARGUMENTS This command has no arguments.
COMMAND screen-length
DESCRIPTION Configure the length of the terminal window.
ARGUMENTS
<number-of-rows> can be from 0 through 256. When you set the screen length to 0 (zero), the CLI does not paginate command output.COMMAND screen-width
DESCRIPTION Configure the width of the terminal window.
ARGUMENTS
<number-of-rows> can be from 200 through 256.COMMAND script
DESCRIPTION Perform script actions.
ARGUMENTS
COMMAND send
DESCRIPTION Send a message to the terminal of a specified user or all users.
ARGUMENTS
all to send a message to all users. Specify username <username> to send a message only to a specified user.COMMAND show
DESCRIPTION Show information about the system.
ARGUMENTS
COMMAND show-defaults
DESCRIPTION Specify whether to display the default configuration.
ARGUMENTS
true to display the default values. Specify false to hide the default values.COMMAND source
DESCRIPTION Run commands from <file> as if they had been entered by the user.
ARGUMENTS
COMMAND system
DESCRIPTION Perform system operations. Available options are:
system aaa.system database.system diagnostics.COMMAND terminal
DESCRIPTION Set the terminal type.
ARGUMENTS
COMMAND timestamp
DESCRIPTION Configure whether to display the timestamp.
ARGUMENTS
enable to show the timestamp. Specify disable to hide the timestamp.COMMAND who
DESCRIPTION Display information on currently-logged on users. The command output displays the session ID, user name, context, from (IP address), protocol, date, and mode (operational or configuration).
ARGUMENTS This command has no arguments.
COMMAND write
DESCRIPTION
Display the running configuration of the system on the terminal. This command is equivalent to the show running-config command.
ARGUMENTS
COMMAND annotation
DESCRIPTION Display only statements whose annotation matches a provided configuration statement or pattern.
Note: Only available when the system has been configured with attributes enabled.
ARGUMENTS
COMMAND append
DESCRIPTION Append command output text to a file.
ARGUMENTS
COMMAND begin
DESCRIPTION Display the command output starting at the first match of a specified string.
ARGUMENTS
COMMAND best-effort
DESCRIPTION Display command output or continue loading a file, even if a failure has occurred that might interfere with this process.
ARGUMENTS This command has no arguments.
COMMAND context-match
DESCRIPTION Display the upper hierarchy in which a pattern appears in the configuration.
ARGUMENTS
COMMAND count
DESCRIPTION Count the number of lines in the command output.
ARGUMENTS This command has no arguments.
COMMAND csv
DESCRIPTION Display table output in CSV format.
ARGUMENTS This command has no arguments.
COMMAND de-select
DESCRIPTION Do not show a specified field in the command output.
ARGUMENTS
COMMAND debug
DESCRIPTION Display debug information.
ARGUMENTS This command has no arguments.
COMMAND details
DESCRIPTION Display the default values for commands in the running configuration.
ARGUMENTS This command has no arguments.
COMMAND display
DESCRIPTION Display options.
ARGUMENTS This command has no arguments.
COMMAND exclude
DESCRIPTION Exclude lines from the command output that match a string defined by a specified regular expression.
ARGUMENTS
COMMAND extended
DESCRIPTION Display referring entries or elements.
ARGUMENTS This command has no arguments.
COMMAND force
DESCRIPTION Log out any users who are locking the configuration.
ARGUMENTS This command has no arguments.
COMMAND hide
DESCRIPTION Hide display options.
ARGUMENTS This command has no arguments.
COMMAND icount
DESCRIPTION Count the number of matching instances.
ARGUMENTS This command has no arguments.
COMMAND include
DESCRIPTION Include only lines in the command output that contain the string defined by a specified regular expression.
ARGUMENTS
COMMAND linnum
DESCRIPTION Display a line number at the beginning of each line in the displayed output.
ARGUMENTS This command has no arguments.
COMMAND match-all
DESCRIPTION Display the command output that matches all command output filters.
ARGUMENTS This command has no arguments.
COMMAND match-any
DESCRIPTION Display the command output that matches any one of the the command output filters. This is the default behavior when matching command output.
ARGUMENTS This command has no arguments.
COMMAND more
DESCRIPTION Paginate the command output. This is the default behavior.
ARGUMENTS This command has no arguments.
COMMAND nomore
DESCRIPTION Do not paginate command output.
ARGUMENTS This command has no arguments.
COMMAND notab
DESCRIPTION Display tabular command output in a list instead of in a table. If the tabular command output is wider than the screen width, the output automatically displays in a list.
ARGUMENTS This command has no arguments.
COMMAND repeat
DESCRIPTION
Repeat the output of a show command periodically.
ARGUMENTS
COMMAND save
DESCRIPTION Save the command output text to a file.
ARGUMENTS
COMMAND select
DESCRIPTION Display selected fields in the command output.
ARGUMENTS
COMMAND sort-by
DESCRIPTION Display command output with values sorted in a specified field.
ARGUMENTS
COMMAND suppress-validate-warning-prompt
DESCRIPTION Suppress the validation warning prompt.
ARGUMENTS This command has no arguments.
COMMAND tab
DESCRIPTION Display tabular command output in table, even if the table is wider than the screen width. If the command output is wider than the screen width, wrap the output onto two or more lines.
ARGUMENTS This command has no arguments.
COMMAND tags
DESCRIPTION Display only statements with tags that match a pattern.
ARGUMENTS
COMMAND trace
DESCRIPTION Display trace information.
ARGUMENTS This command has no arguments.
COMMAND until
DESCRIPTION Display the command output, ending with the line that matches a specified string.
ARGUMENTS
COMMAND show SNMP-FRAMEWORK-MIB
DESCRIPTION Display information about the SNMP engine Management Information Base (MIB).
EXAMPLES
Display information about the SNMP engine:
appliance-1# show SNMP-FRAMEWORK-MIB
SNMP-FRAMEWORK-MIB snmpEngine snmpEngineID 80:00:61:81:05:01
SNMP-FRAMEWORK-MIB snmpEngine snmpEngineBoots 7
SNMP-FRAMEWORK-MIB snmpEngine snmpEngineTime 127740
SNMP-FRAMEWORK-MIB snmpEngine snmpEngineMaxMessageSize 50000
COMMAND show SNMP-MPD-MIB
DESCRIPTION Display information about the SNMP Message Processing and Dispatching (MPD) MIB.
EXAMPLES
Display SNMP MPD information:
appliance-1# show SNMP-MPD-MIB
SNMP-MPD-MIB snmpMPDStats snmpUnknownSecurityModels 0
SNMP-MPD-MIB snmpMPDStats snmpInvalidMsgs 0
SNMP-MPD-MIB snmpMPDStats snmpUnknownPDUHandlers 0
COMMAND show SNMP-TARGET-MIB
DESCRIPTION Display information about the SNMP TARGET MIB.
EXAMPLES
Display the SNMP TARGET MIB information:
appliance-1# show SNMP-TARGET-MIB
SNMP-TARGET-MIB snmpTargetObjects snmpUnavailableContexts 0
SNMP-TARGET-MIB snmpTargetObjects snmpUnknownContexts 0
COMMAND show SNMP-USER-BASED-MIB
DESCRIPTION Display information about objects that belong to SNMP files based on user-based security.
EXAMPLES
Display the SNMP TARGET user-based information:
appliance-1# show SNMP-USER-BASED-SM-MIB
SNMP-USER-BASED-SM-MIB usmStats usmStatsUnsupportedSecLevels 0
SNMP-USER-BASED-SM-MIB usmStats usmStatsNotInTimeWindows 0
SNMP-USER-BASED-SM-MIB usmStats usmStatsUnknownUserNames 0
SNMP-USER-BASED-SM-MIB usmStats usmStatsUnknownEngineIDs 0
SNMP-USER-BASED-SM-MIB usmStats usmStatsWrongDigests 0
SNMP-USER-BASED-SM-MIB usmStats usmStatsDecryptionErrors 0
COMMAND show SNMPv2-MIB
DESCRIPTION Display information about the SNMP version 2 MIB.
EXAMPLES
Display the SNMP version 2 MIB information:
appliance-1# show SNMPv2-MIB
SNMPv2-MIB system sysDescr "Linux 3.10.0-1160.25.1.F5.4.el7_8.x86_64 : Appliance services version 1.1.0-5810"
SNMPv2-MIB system sysObjectID 1.3.6.1.2.1.1
SNMPv2-MIB system sysUpTime 28545699
SNMPv2-MIB system sysServices 72
SNMPv2-MIB system sysORLastChange 9
SNMPv2-MIB snmp snmpInPkts 0
SNMPv2-MIB snmp snmpInBadVersions 0
SNMPv2-MIB snmp snmpInBadCommunityNames 0
SNMPv2-MIB snmp snmpInBadCommunityUses 0
SNMPv2-MIB snmp snmpInASNParseErrs 0
SNMPv2-MIB snmp snmpSilentDrops 0
SNMPv2-MIB snmp snmpProxyDrops 0
SNMPv2-MIB snmpSet snmpSetSerialNo 836391230
SYS
SYS ORUP
ORINDEX SYS ORID SYS ORDESCR TIME
-----------------------------------------------------------------------------------------------------------------
1 1.3.6.1.4.1.12276.1 F5 Networks enterprise Platform MIB 9
2 1.3.6.1.2.1.31 The MIB module to describe generic objects for network interface sub-layers 9
COMMAND show cli
DESCRIPTION Display the default CLI session settings.
ARGUMENTS
This command has no arguments.
EXAMPLES
Display the current default CLI session settings:
appliance-1# show cli
autowizard true
complete-on-space false
devtools false
display-level 99999999
history 100
idle-timeout 0
ignore-leading-space false
leaf-prompting true
output-file terminal
paginate true
prompt1 \h\M#
prompt2 \h(\m)#
screen-length 70
screen-width 125
service prompt config true
show-defaults false
terminal xterm-256color
timestamp disable
COMMAND show cluster
DESCRIPTION Display the current state of the OpenShift cluster and the last 25 OpenShift events that have occurred during installation and during normal operation.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display the current cluster state:
appliance-1# show cluster
cluster state
cluster disk-usage-threshold state warning-limit 85
cluster disk-usage-threshold state error-limit 90
cluster disk-usage-threshold state critical-limit 97
cluster disk-usage-threshold state growth-rate-limit 10
cluster disk-usage-threshold state interval 60
cluster nodes node node-1
state enabled true
state node-running-state running
state node-info creation-time 2022-01-25T23:59:06Z
state node-info cpu 12
state node-info pods 110
state node-info memory 14680280Ki
state ready-info ready true
state ready-info last-transition-time 2022-02-24T18:19:32Z
state ready-info message "kubelet is posting ready status"
state out-of-disk-info last-transition-time ""
state out-of-disk-info message ""
state disk-pressure-info disk-pressure false
state disk-pressure-info last-transition-time 2022-01-25T23:59:06Z
state disk-pressure-info message "kubelet has no disk pressure"
state disk-usage used-percent 37
state disk-usage growth-rate 0
state disk-usage status in-range
DISK DATA DISK DATA
NAME VALUE
-------------------------
available 61588611072
capacity 101817933824
used 35033628672
STAGE NAME STATUS TIMESTAMP VERSION
--------------------------------------------------------------
K3SClusterInstall done 2022/01/25-23:59:37 1.21.1.1.8.3
K3SClusterUpgrade done 2022/02/24-18:15:25 1.21.1.1.8.4
cluster cluster-status summary-status "K3S cluster is initialized and ready for use."
INDEX STATUS
---------------------------------------------------------------------------------------------
0 2022-03-28 15:51:01.270528 - applianceMainEventLoop::Orchestration manager startup.
1 2022-03-28 15:51:01.274924 - Can now ping appliance-1.chassis.local (100.65.60.1).
2 2022-03-28 15:51:01.943806 - Successfully ssh'd to appliance 127.0.0.1.
3 2022-03-28 15:51:32.614402 - Appliance 1 is ready in k3s cluster.
4 2022-03-28 15:51:32.614469 - K3S cluster is ready.
5 2022-03-28 15:52:10.927012 - K3s IMAGE update is succeeded.
6 2022-04-02 20:17:29.409150 - K3S cluster is NOT ready.
7 2022-04-02 20:17:44.199082 - K3S cluster is ready.
8 2022-04-04 11:19:35.495921 - Failed to ssh to 127.0.0.1.
9 2022-04-04 11:20:06.155860 - Successfully ssh'd to appliance 127.0.0.1.
COMMAND show cluster cluster-status
DESCRIPTION Display the current state of a specific OpenShift event that has occurred during installation and during normal operation.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display cluster status:
appliance-1# show cluster cluster-status
cluster cluster-status summary-status "K3S cluster is initialized and ready for use."
INDEX STATUS
---------------------------------------------------------------------------------------------
0 2022-03-28 15:51:01.270528 - applianceMainEventLoop::Orchestration manager startup.
1 2022-03-28 15:51:01.274924 - Can now ping appliance-1.chassis.local (100.65.60.1).
2 2022-03-28 15:51:01.943806 - Successfully ssh'd to appliance 127.0.0.1.
3 2022-03-28 15:51:32.614402 - Appliance 1 is ready in k3s cluster.
4 2022-03-28 15:51:32.614469 - K3S cluster is ready.
5 2022-03-28 15:52:10.927012 - K3s IMAGE update is succeeded.
6 2022-04-02 20:17:29.409150 - K3S cluster is NOT ready.
7 2022-04-02 20:17:44.199082 - K3S cluster is ready.
8 2022-04-04 11:19:35.495921 - Failed to ssh to 127.0.0.1.
9 2022-04-04 11:20:06.155860 - Successfully ssh'd to appliance 127.0.0.1.
COMMAND show cluster disk-usage-threshold
DESCRIPTION Display the current configuration of disk usage threshold.
ARGUMENTS
EXAMPLE
Display the current configuration for all disk usage threshold options:
appliance-1# show cluster disk-usage-threshold
cluster disk-usage-threshold state warning-limit 85
cluster disk-usage-threshold state error-limit 90
cluster disk-usage-threshold state critical-limit 97
cluster disk-usage-threshold state growth-rate-limit 10
cluster disk-usage-threshold state interval 60
COMMAND show cluster events
DESCRIPTION Display information about cluster events, including namespace, type, reason, object and message.
ARGUMENTS
COMMAND show cluster install-status
DESCRIPTION Display the status of the OpenShift cluster installation, including the state of the various stages of the OpenShift installation.
ARGUMENTS
This command has no arguments.
COMMAND
show cluster nodes node
DESCRIPTION Display the state of a specific node in the system.
ARGUMENTS
EXAMPLE
Display the state of the node node-1:
appliance-1# show cluster nodes node node-1
cluster nodes node node-1
state enabled true
state node-running-state running
state node-info creation-time 2022-01-25T23:59:06Z
state node-info cpu 12
state node-info pods 110
state node-info memory 14680280Ki
state ready-info ready true
state ready-info last-transition-time 2022-02-24T18:19:32Z
state ready-info message "kubelet is posting ready status"
state out-of-disk-info last-transition-time ""
state out-of-disk-info message ""
state disk-pressure-info disk-pressure false
state disk-pressure-info last-transition-time 2022-01-25T23:59:06Z
state disk-pressure-info message "kubelet has no disk pressure"
state disk-usage used-percent 37
state disk-usage growth-rate 0
state disk-usage status in-range
DISK DATA DISK DATA
NAME VALUE
-------------------------
available 61418614784
capacity 101817933824
used 35203624960
TENANT
NAME QAT DEVICE NAME BDF
------------------------------------
big-ip qat_dev_vf000pf00 f4:00.1
qat_dev_vf001pf00 f4:00.2
qat_dev_vf002pf00 f4:00.3
qat_dev_vf003pf00 f4:00.4
qat_dev_vf004pf00 f4:00.5
qat_dev_vf005pf00 f4:00.6
COMMAND show cluster state
DESCRIPTION Display the current state of the cluster.
ARGUMENTS
This command has no arguments.
COMMAND show components
DESCRIPTION Display information about hardware inventory and firmware components.
ARGUMENTS
The availability of options for this command depends on which hardware component you are configuring.
running, and it changes to complete when the update completes.show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLES
Display details about psu-1:
appliance-1# show components component psu-1
components component psu-1
state serial-no 19CS30011421
state part-no PWR-0334-05
state empty false
psu-stats psu-current-in 0.24
psu-stats psu-current-out 4.4
psu-stats psu-voltage-in 205.7
psu-stats psu-voltage-out 12.0
psu-stats psu-temperature-1 39.0
psu-stats psu-temperature-2 35.0
psu-stats psu-temperature-3 42.0
psu-stats psu-fan-1-speed 6100
Display all information about the platform:
appliance-1# show components component platform
components component platform
state description r4800
state serial-no f5-abcd-efgh
state part-no "200-0417-01 REV A"
state empty false
state tpm-integrity-status Valid
state memory available 6555197440
state memory free 2038071296
state memory used-percent 90
state memory platform-total 15032606720
state memory platform-used 8178208768
state temperature current 26.0
state temperature average 26.8
state temperature minimum 26.0
state temperature maximum 27.0
fantray fan-stats fan-1-speed 9900
fantray fan-stats fan-2-speed 9800
fantray fan-stats fan-3-speed 9800
fantray fan-stats fan-4-speed 9700
UPDATE
NAME NAME VALUE CONFIGURABLE STATUS
---------------------------------------------------------------------------------------
QAT0 - Snow Ridge Crypto/Compression false -
fw-version-bios - 0.95.081.1 false none
fw-version-bmc - 0.93.34 false none
fw-version-bmc-slot1 - 34.0.93 false none
fw-version-bmc-slot2 - 34.0.93 false none
fw-version-cpld - 0x0A false none
fw-version-drive-m.2.slot1 - 95420100 false none
fw-version-drive-nvme0 - 95420100 false none
fw-version-sirr - 1.1.39 false none
storage state disks disk nvme0n1
state model Micron_7300_MTFDHBA480TDF
state vendor Micron
...
COMMAND show configuration commit changes
DESCRIPTION Display changes that were made to the running configuration by previous configuration commits, including changes committed for a specified commit ID.
ARGUMENTS
EXAMPLES
Display information about the last commit:
appliance-1# show configuration commit changes
!
! Created by: admin
! Date: 2022-04-06 21:40:06
! Client: system
!
system aaa authentication users user big-ip
config username big-ip
!
system aaa authentication users user big-ip
config expiry-date 1
config role tenant-console
!
Display information about commit ID 11:
appliance-1# show configuration commit changes 11
!
! Created by: admin
! Date: 2022-03-24 15:51:35
! Client: cli
!
system ntp servers server ntp.pool.org
config address ntp.pool.org
!
system ntp servers server ntp.pool.org
!
COMMAND show configuration commit list
DESCRIPTION Display information about the configuration commits stored in the commit database.
ARGUMENTS
EXAMPLE
Display information about the five most recent configuration commits:
appliance-1# show configuration commit list 5
2022-04-06 22:55:48
SNo. ID User Client Time Stamp Label Comment
~~~~ ~~ ~~~~ ~~~~~~ ~~~~~~~~~~ ~~~~~ ~~~~~~~
0 10101 admin system 2022-04-06 21:40:06
1 10100 admin rest 2022-04-06 21:40:06
2 10099 admin system 2022-04-04 18:14:53
3 10098 admin system 2022-04-04 18:10:49
4 10097 system system 2022-04-04 18:10:05
COMMAND show configuration rollback changes
DESCRIPTION Display changes that would be made by the rollback configuration command or to display the list of commit IDs.
ARGUMENTS
EXAMPLE
Display changes that would be made by rolling back to the most recent configuration commit:
appliance-1# show configuration rollback changes
no system aaa authentication users user big-ip
COMMAND show file
DESCRIPTION Display current configuration for known hosts and status of file transfers.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.known_hosts file.EXAMPLE
Display the status of recent file transfers:
appliance-1# file transfer-status
result
S.No.|Operation |Protocol|Local File Path |Remote Host |Remote File Path |Status |Time
1 |Import file|HTTPS |images/tenant/BIGIP-15.1.6-0.0.3.ALL-F5OS.qcow2.zip.bundle |sea.company.com|v15.1.6/daily/build3.0/VM/BIGIP-15.1.6-0.0.3.ALL-F5OS.qcow2.zip.bundle|In Progress (12.0%)|Wed Apr 6 23:00:37 2022
COMMAND show history
DESCRIPTION Display a history of commands run on the system.
ARGUMENTS
EXAMPLE
Display the last three commands that were run on the system:
appliance-1# show history 3
23:03:57 -- idle-timeout 0
23:04:00 -- show file transfer-operations
23:04:12 -- show system mgmt-ip
COMMAND show images
DESCRIPTION Display all tenant images imported to the system. Also shows which image is currently in use and its status.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display all tenant images on the system:
appliance-1# show images
IN
NAME USE STATUS
----------------------------------------------------------------
BIGIP-15.1.5-0.0.10.ALL-F5OS.qcow2.zip.bundle true verified
BIGIP-15.1.6-0.0.3.ALL-F5OS.qcow2.zip.bundle false verified
COMMAND show interfaces
DESCRIPTION Display information about front-panel network interfaces. This includes options for link aggregation.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLES
Display only the first level of interface information:
appliance-1# show interfaces displaylevel 1
interfaces interface 1.0
interfaces interface 2.0
interfaces interface 3.0
interfaces interface 4.0
interfaces interface 5.0
interfaces interface 6.0
interfaces interface 7.0
interfaces interface 8.0
interfaces interface mgmt
Display information only about interface 2.0:
appliance-1# show interfaces interface 2.0
interfaces interface 2.0
state name 2.0
state type ethernetCsmacd
state mtu 9600
state enabled true
state ifindex 24
state oper-status DOWN
state counters in-octets 0
state counters in-unicast-pkts 0
state counters in-broadcast-pkts 0
state counters in-multicast-pkts 0
state counters in-discards 0
state counters in-errors 0
state counters in-fcs-errors 0
state counters out-octets 0
state counters out-unicast-pkts 0
state counters out-broadcast-pkts 0
state counters out-multicast-pkts 0
state counters out-discards 0
state counters out-errors 0
state forward-error-correction auto
state lacp_state LACP_DEFAULTED
ethernet state port-speed SPEED_100GB
ethernet state hw-mac-address 00:94:a1:69:34:12
ethernet state counters in-mac-control-frames 0
ethernet state counters in-mac-pause-frames 0
ethernet state counters in-oversize-frames 0
ethernet state counters in-jabber-frames 0
ethernet state counters in-fragment-frames 0
ethernet state counters in-8021q-frames 0
ethernet state counters in-crc-errors 0
ethernet state counters out-mac-control-frames 0
ethernet state counters out-mac-pause-frames 0
ethernet state counters out-8021q-frames 0
ethernet state flow-control rx on
Display information about a LAG interface named test-lag:
appliance-1# show interfaces interface test-lag
interfaces interface test-lag
state name test-lag
state type ieee8023adLag
state mtu 9600
state oper-status DOWN
state forward-error-correction auto
ethernet state flow-control rx on
aggregation state lag-type STATIC
aggregation state lag-speed 0
aggregation state distribution-hash src-dst-ipport
aggregation state mac-address 00:94:a1:69:34:26
aggregation state lagid 1
MEMBER MEMBER
NAME STATUS
----------------
1.0 DOWN
COMMAND
show lacp
DESCRIPTION
Display the current LACP configuration and state information for global and all LACP interfaces.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display information about configured LACP interfaces:
appliance-1# show lacp
lacp state system-id-mac 00:12:a1:69:34:23
lacp interfaces interface lacp-test
state name lacp-test
state interval SLOW
state lacp-mode ACTIVE
COMMAND
show lacp interfaces
DESCRIPTION
Show current LACP state for all LACP interfaces.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.system-priority and the stack MAC address.COMMAND
show lacp interfaces interface
DESCRIPTION
Show current LACP config and state information for an LACP interface.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display information about the testLAG interface:
appliance-1# show lacp interfaces interface testLAG
lacp interfaces interface testLAG
state name testLAG
state interval FAST
state lacp-mode ACTIVE
state system-id-mac 0:12:a1:8e:4c:8
COMMAND
show lacp state
DESCRIPTION
Display global LACP state information.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.system-priority and the stack MAC address.EXAMPLE
Display the global state of LACP:
appliance-1# show lacp state
lacp state system-id-mac 00:12:a1:66:e0:08
COMMAND show lldp
DESCRIPTION Display the information about Link Layer Discovery Protocol (LLDP) on the system.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLES
Display all LLDP information:
appliance-1# show lldp
lldp state enabled
lldp state chassis-id f5-abcd-efgh
lldp state chassis-id-type LOCAL
lldp interfaces interface 1.0
state name 1.0
state enabled
state counters frame-in 0
state counters frame-out 4202
Show whether LLDP is enabled or disabled:
appliance-1# show lldp state enabled
lldp state enabled
COMMAND show parser
DESCRIPTION Display information about available commands and their syntax.
ARGUMENTS
EXAMPLE
Display information about all commands:
appliance-1# show parser dump
autowizard [false/true]
clear history
complete-on-space [false/true]
config [no-confirm]
config
config exclusive [no-confirm]
config exclusive
config terminal [no-confirm]
config terminal
describe autowizard
describe clear history
describe complete-on-space
describe config
describe describe
describe devtools
describe display-level
describe exit
describe file
describe file
describe file
describe file
describe file show
describe file tail
describe file
describe help
describe history
describe id
describe idle-timeout
describe ignore-leading-space
describe job stop
describe leaf-prompting
describe logout session
describe logout user
describe no history
describe paginate
describe prompt1
describe prompt2
describe pwd
describe quit
describe reset
describe reset
describe screen-length
describe screen-width
describe script reload
...
COMMAND show port-profile
DESCRIPTION Display information about port profiles.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display the currently-configured port profile:
appliance-1# show port-profile state
port-profile state mode 8x10G
COMMAND show portgroups
DESCRIPTION Display information about portgroups.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLES
Display all information about portgroup 5:
appliance-1# show portgroups portgroup 5
portgroups portgroup 5
state vendor-name "F5 INC."
state vendor-oui 009065
state vendor-partnum "OPT-0017 "
state vendor-revision A0
state vendor-serialnum "AWH16HF "
state media 10GBASE-LR
state optic-state QUALIFIED
state ddm rx-pwr low-threshold alarm -20.0
state ddm rx-pwr low-threshold warn -18.01
state ddm rx-pwr instant val-lane1 -2.21
state ddm rx-pwr high-threshold alarm 2.5
state ddm rx-pwr high-threshold warn 2.0
state ddm tx-pwr low-threshold alarm -8.0
state ddm tx-pwr low-threshold warn -7.0
state ddm tx-pwr instant val-lane1 -1.39
state ddm tx-pwr high-threshold alarm 2.0
state ddm tx-pwr high-threshold warn 1.0
state ddm temp low-threshold alarm -13.0
state ddm temp low-threshold warn -8.0
state ddm temp instant val 23.1132
state ddm temp high-threshold alarm 78.0
state ddm temp high-threshold warn 73.0
state ddm bias low-threshold alarm 0.015
state ddm bias low-threshold warn 0.02
state ddm bias instant val-lane1 0.036342
state ddm bias high-threshold alarm 0.085
state ddm bias high-threshold warn 0.08
state ddm vcc low-threshold alarm 2.9
state ddm vcc low-threshold warn 3.0
state ddm vcc instant val 3.35
state ddm vcc high-threshold alarm 3.7
state ddm vcc high-threshold warn 3.6
Display only the optic-state of portgroup 5:
appliance-1# show portgroups portgroup 5 state optic-state
state optic-state QUALIFIED
COMMAND show restconf-state
DESCRIPTION Display capabilities supported by the RESTCONF server.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display all supported capabilities:
appliance-1# show restconf-state
restconf-state capabilities capability urn:ietf:params:restconf:capability:defaults:1.0?basic-mode=report-all
restconf-state capabilities capability urn:ietf:params:restconf:capability:depth:1.0
restconf-state capabilities capability urn:ietf:params:restconf:capability:fields:1.0
restconf-state capabilities capability urn:ietf:params:restconf:capability:with-defaults:1.0
restconf-state capabilities capability urn:ietf:params:restconf:capability:filter:1.0
restconf-state capabilities capability urn:ietf:params:restconf:capability:replay:1.0
restconf-state capabilities capability urn:ietf:params:restconf:capability:yang-patch:1.0
restconf-state capabilities capability http://tail-f.com/ns/restconf/collection/1.0
restconf-state capabilities capability http://tail-f.com/ns/restconf/query-api/1.0
restconf-state capabilities capability http://tail-f.com/ns/restconf/unhide/1.0
COMMAND show running-config
DESCRIPTION Display the current configuration for the system. By default, the whole configuration is displayed. You can limit what is shown by supplying a pathfilter. The pathfilter may be either a path pointing to a specific instance, or if an instance id is omitted, the part following the omitted instance is treated as a filter.
ARGUMENTS
For information about these arguments, see these sections on the show-SNMP-FRAMEWORK-MIB page.
EXAMPLE
Display the current running configuration for file operations:
appliance-1# show running-config file
file config concurrent-operations-limit 5
Display information about interface 8.0:
appliance-1# show running-config interfaces interface 8.0
interfaces interface 8.0
config type ethernetCsmacd
config enabled
!
COMMAND show service-pods
DESCRIPTION
A system service is deployed in a Pod.
IMPORTANT: The detailed information displayed by this command is intended for use by F5 support engineers, rather than by end users.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLES
Display information about the pod image version:
appliance-1# show service-pods service-pod pod-image-version
POD
IMAGE
SERVICE NAME VERSION
---------------------------------
compute 2.4.16
coredns 1.8.3
kube-flannel 0.13.0
kube-multus 3.6.3
kube-sriov-cni 1.0.2
kube-sriovdp 1.0.0
lb-port-443 v0.2.0
local-path-provisioner v0.0.19
metrics-server v0.3.6
pause 3.1
traefik-ingress-lb 2.4.8
virt-api 2.4.16
virt-controller 2.4.16
virt-handler 2.4.16
virt-operator 2.4.16
COMMAND show system aaa
DESCRIPTION Display system user authentication information, including information about roles, users, primary key, server groups, and TLS.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display the default system accounts:
appliance-1# show system aaa authentication
LAST TALLY EXPIRY
USERNAME CHANGE COUNT DATE ROLE
-----------------------------------------------------
admin 0 0 -1 admin
root 2022-04-05 0 -1 root
vm1 0 0 1 tenant-console
ROLENAME GID USERS
-----------------------------
admin 9000 -
operator 9001 -
root 0 -
tenant-console 9100 -
Display information for the primary key:
appliance-1# show system aaa primary-key
Show the TLS certificate:
appliance-1# show system aaa primary-key
Show the current CRLs in the system:
appliance-1# show system aaa tls crls crl
COMMAND show system alarms
DESCRIPTION Display information about system alarms.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display active alarm conditions:
appliance-1# show system alarms
system alarms alarm 66307 lcd
state severity ERROR
state text "Module communication error detected"
state time-created "2022-04-08 15:15:15.601624499 UTC"
COMMAND show system appliance-mode
DESCRIPTION Check the current state of appliance mode. It can be either enabled or disabled.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display the current state of appliance mode:
appliance-1# show system diagnostics ihealth
system diagnostics ihealth state username ""
system diagnostics ihealth state server https://ihealth-api.f5.com/qkview-analyzer/api/qkviews?visible_in_gui=True
system diagnostics ihealth state authserver https://api.f5.com/auth/pub/sso/login/ihealth-api
COMMAND show system clock
DESCRIPTION Display the current time configured for the system.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLES
Display the currently-configured time zone name:
appliance-1# show system clock
system clock state timezone-name Etc/UTC
system clock state appliance date-time "2022-04-08 23:28:05 Etc/UTC"
Display the current time for the system:
appliance-1# show system clock state appliance
system clock state appliance date-time "2022-04-08 23:29:00 Etc/UTC"
COMMAND show system diagnostics
DESCRIPTION Display iHealth information.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display the iHealth configuration for the system:
appliance-1# show system diagnostics ihealth
system diagnostics ihealth state username ""
system diagnostics ihealth state server https://ihealth-api.f5.com/qkview-analyzer/api/qkviews?visible_in_gui=True
system diagnostics ihealth state authserver https://api.f5.com/auth/pub/sso/login/ihealth-api
COMMAND show system dns
DESCRIPTION Display information about DNS servers configured for the system to use.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display all configured DNS servers:
appliance-1# show system dns servers
ADDRESS ADDRESS PORT
-----------------------------
192.168.10.1 - 53
192.168.11.1 - 53
COMMAND show system events
DESCRIPTION Display information about system events.
EXAMPLE
Display system events:
appliance-1# show system events
system events event
log "66305 psu-1 psu-fault EVENT NA \"Presence detected\" \"2022-04-05 15:11:22.031819100 UTC\""
system events event
log "66304 appliance module-present EVENT NA \"Fan tray present\" \"2022-04-05 15:11:22.032649847 UTC\""
system events event
log "65543 appliance aom-fault EVENT NA \"MFG Lockout On\" \"2022-04-05 15:11:22.034033579 UTC\""
system events event
log "65543 appliance aom-fault ASSERT ERROR \"Fault detected in the AOM\" \"2022-04-08 10:00:02.962848108 UTC\""
system events event
log "65543 appliance aom-fault EVENT NA \"Bmc Health Self test failed: Device-specific 'internal' failure.\" \"2022-04-08 10:00:02.962896530 UTC\""
system events event
log "65543 appliance aom-fault CLEAR ERROR \"Fault detected in the AOM\" \"2022-04-08 11:00:02.959761260 UTC\""
system events event
log "65543 appliance aom-fault EVENT NA \"Bmc Health Self test passed\" \"2022-04-08 11:00:02.959789898 UTC\""
COMMAND show system health
DESCRIPTION Display health information about system components.
ARGUMENTS
The availability of options for this command depends on the hardware component for which you want to view health information.
EXAMPLES
Display high-level hardware health state for the fan tray:
appliance-1# show system health components component fantray hardware state
KEY NAME HEALTH SEVERITY
--------------------------------------------------------
appliance/hardware/fantray Fan Tray ok info
Display health information about system memory:
appliance-1# show system health components component fantray hardware appliance/hardware/fantray
hardware appliance/hardware/fantray
state name "Fan Tray"
state health ok
state severity info
NAME DESCRIPTION HEALTH SEVERITY VALUE UPDATED AT
-------------------------------------------------------------------------------------------------
module:present Module present status ok info true 2022-04-05T15:11:19Z
p5a:sensor:speed:fan:fan1 Fan1 (RPM) ok info 9900 2022-04-08T23:00:04Z
p5a:sensor:speed:fan:fan2 Fan2 (RPM) ok info 9800 2022-04-08T23:00:04Z
p5a:sensor:speed:fan:fan3 Fan3 (RPM) ok info 9800 2022-04-08T23:00:04Z
p5a:sensor:speed:fan:fan4 Fan4 (RPM) ok info 9900 2022-04-08T23:00:04Z
Display the status of the QKView service on the system:
appliance-1# show system health components component appliance services appliance/services/qkviewd
services appliance/services/qkviewd
state name qkviewd
state health ok
state severity info
NAME DESCRIPTION HEALTH SEVERITY VALUE UPDATED AT
----------------------------------------------------------------------------------------------------------------------------
container:event:attach Container attach event ok info 0 2022-04-05T15:11:21Z
container:event:die Container die event ok info 0 2022-04-05T15:11:21Z
container:event:exec-create Container exec create event ok info 0 2022-04-05T15:11:21Z
container:event:exec-detach Container exec detach event ok info 0 2022-04-05T15:11:21Z
container:event:exec-die Container exec die event ok info 0 2022-04-05T15:11:21Z
container:event:exec-start Container exec start event ok info 0 2022-04-05T15:11:21Z
container:event:kill Container kill event ok info 0 2022-04-05T15:11:21Z
container:event:restart Container restart event ok info 0 2022-04-05T15:11:21Z
container:event:restart-last-hour Container restart count in the last hour ok info 0 2022-04-05T15:11:21Z
container:event:start Container start event ok info 0 2022-04-05T15:11:21Z
container:event:stop Container stop event ok info 0 2022-04-05T15:11:21Z
container:running Container running ok info true 2022-04-08T23:36:20Z
COMMAND show system image
DESCRIPTION Display information about the installed Base OS image on the system.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLES
Display the currently-installed Base OS image on the system:
appliance-1# show system image install
system image state install install-os-version 1.1.0-5810
system image state install install-service-version 1.1.0-5810
system image state install install-status none
Display information about all imported Base OS images:
appliance-1# show system image
IN
VERSION OS STATUS DATE USE
--------------------------------------
1.1.0-5810 ready 2022-04-04 true
VERSION IN
SERVICE STATUS DATE USE
--------------------------------------
1.1.0-5810 ready 2022-04-04 true
VERSION IN
ISO STATUS DATE USE
---------------------------------------
1.1.0-5810 ready 2022-04-04 false
COMMAND show system licensing
DESCRIPTION Display information about system license.
EXAMPLE
Display information about the license activated on the system (Note that actual license key values are not shown below):
appliance-1# show system licensing
system licensing license
Licensed version 1.1.0
Registration Key XXXXX-XXXXX-XXXXX-XXXXX-XXXXXXX
Licensed date 2022/03/14
License start 2022/02/10
License end 2022/05/05
Service check date 2022/04/05
Platform ID C131
Appliance SN f5-abcd-efgh
Active Modules
Local Traffic Manager, r4800 (318092989)
BIG-IP, DNS and GTM Upgrade (1K TO MAX)
Routing Bundle
Advanced Protocols
Advanced Web Application Firewall, r4XXX
Advanced Firewall Manager, r4XXX
BIG-IP, DNS (1K)
Rate Shaping
Anti-Virus Checks
Base Endpoint Security Checks
Firewall Checks
Machine Certificate Checks
Network Access
Protected Workspace
Secure Virtual Keyboard
APM, Web Application
App Tunnel
Remote Desktop
DNS Rate Fallback, Unlimited
DNS Rate Limit, Unlimited QPS
GTM Rate Fallback, (UNLIMITED)
GTM Rate, Unlimited
Carrier Grade NAT (AFM ONLY)
APM, Limited
Protocol Security Manager
Max SSL, r4800
Max Compression, r4800
DNSSEC
COMMAND show system locator
DESCRIPTION Display whether the system locator function is enabled. This function illuminates the F5 logo ball so that you can more easily locate a chassis in a data center.
EXAMPLE
Display whether the system locator is enabled:
appliance-1# show system locator
system locator state disabled
COMMAND show system logging
DESCRIPTION Display information about remote logging.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.COMMAND show system mgmt-ip
DESCRIPTION Display information about configured management IP addresses.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display information about all configured management IP addresses:
appliance-1# show system mgmt-ip
system mgmt-ip state ipv4 system address 192.0.2.102
system mgmt-ip state ipv4 prefix-length 24
system mgmt-ip state ipv4 gateway 192.0.2.254
system mgmt-ip state ipv6 system address ::
system mgmt-ip state ipv6 prefix-length 0
system mgmt-ip state ipv6 gateway ::
Display only the gateway for a configured IPv4 management IP address:
appliance-1# show system mgmt-ip state ipv4 gateway
system mgmt-ip state ipv4 gateway 192.0.2.254
COMMAND show system network
DESCRIPTION Display information about the configured and active internal network addresses.
ARGUMENTS
This command has no arguments.
EXAMPLE
Display information about the currently-configured internal network:
appliance-1# show system network
system network state configured-network-range-type RFC6598
system network state configured-network-range 100.64.0.0/12
system network state active-network-range-type RFC6598
system network state active-network-range 100.64.0.0/12
COMMAND show system ntp
DESCRIPTION Display the current state of the Network Time Protocol (NTP) service.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display the current state of NTP on the system:
appliance-1# show system ntp
system ntp state disabled
COMMAND show system ntp ntp-keys
DESCRIPTION Display a list of configured NTP authentication keys.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.COMMAND show system ntp servers
DESCRIPTION Displays a list of configured NTP servers.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display configured NTP servers:
appliance-1# show system ntp servers
system ntp servers server ntp.pool.org
state address ntp.pool.org
state port 123
state version 4
state association-type SERVER
state iburst false
state prefer false
COMMAND show system state
DESCRIPTION Display information about the system, such as domain name, login banner, and hostname.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLES
Display the current date and time:
appliance-1# show system state current-datetime
system state current-datetime "2022-04-08 23:51:09 Etc/UTC"
Display the hostname for the system:
appliance-1# show system state hostname
system state hostname appliance-1
Display the login banner for the system:
appliance-1# show system state login-banner
system state login-banner UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED
Display the message of the day (MOTD) banner for the system:
appliance-1# show system state motd-banner
system state motd-banner ATTENTION! This system is scheduled for maintenance in two days.
COMMAND show tenants
DESCRIPTION Display the state of all configured tenants in the system.
ARGUMENTS This command has no arguments.
EXAMPLE
Display the state of configured tenants on the current system:
appliance-1# show tenants
tenants tenant big-ip
state name big-ip
state unit-key-hash Cl2Hpf4K3RZXmhTEQPQ3orKjj4GsNrlCaLsOAdQ3I9c2SG6uWpan08OkIWKNOyEVnrYBvxA5TQQRaOSm/H+ftQ==
state type BIG-IP
state image BIGIP-15.1.6-0.0.3.ALL-F5OS.qcow2.zip.bundle
state mgmt-ip 192.0.2.61
state prefix-length 24
state gateway 192.0.2.254
state vlans [ 3962 ]
state cryptos enabled
state vcpu-cores-per-node 2
state memory 7680
state storage size 76
state running-state deployed
state mac-data base-mac 00:12:a1:34:56:b1
state mac-data mac-pool-size 1
state appliance-mode disabled
state status Starting
state primary-slot 1
state image-version "BIG-IP 15.1.6 0.0.3"
NDI MAC
----------------------------
default 14:a9:d0:01:62:0e
POD INSTANCE
NODE NAME ID PHASE CREATION TIME READY TIME STATUS MGMT MAC
------------------------------------------------------------------------------------------------------------------------
1 big-ip 1 Running 2022-04-05T16:10:12Z 2022-04-05T16:10:14Z Started tenant instance 00:12:a1:34:56:b1
COMMAND
show tenants tenant
DESCRIPTION Displays the state of a specific configured tenants in the system.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display the state of a tenant named bigip:
appliance-1# show tenants tenant bigip
tenants tenant big-ip
state name big-ip
state unit-key-hash Cl2Hpf4K3RZXmhTEQPQ3orKjj4GsNrlCaLsOAdQ3I9c2SG6uWpan08OkIWKNOyEVnrYBvxA5TQQRaOSm/H+ftQ==
state type BIG-IP
state image BIGIP-15.1.6-0.0.3.ALL-F5OS.qcow2.zip.bundle
state mgmt-ip 192.0.2.61
state prefix-length 24
state gateway 192.0.2.254
state vlans [ 3962 ]
state cryptos enabled
state vcpu-cores-per-node 2
state memory 7680
state storage size 76
state running-state deployed
state mac-data base-mac 00:12:a1:34:56:b1
state mac-data mac-pool-size 1
state appliance-mode disabled
state status Starting
state primary-slot 1
state image-version "BIG-IP 15.1.6 0.0.3"
NDI MAC
----------------------------
default 14:a9:d0:01:62:0e
POD INSTANCE
NODE NAME ID PHASE CREATION TIME READY TIME STATUS MGMT MAC
------------------------------------------------------------------------------------------------------------------------
1 big-ip 1 Running 2022-04-05T16:10:12Z 2022-04-05T16:10:14Z Started tenant instance 00:12:a1:34:56:b1
COMMAND show vlans
DESCRIPTION Displays configured VLAN objects.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 to 64.EXAMPLE
Display all configured VLANs:
appliance-1# show vlans
VLAN
ID INTERFACE
-----------------
3962 1.0