sys global-settings
sys global-settings(1) BIG-IP TMSH Manual sys global-settings(1)
NAME
global-settings - Configures the global system settings for a BIG-IP(r)
system.
MODULE
sys
SYNTAX
Configure the global-settings component within the sys module using the
syntax in the following sections.
MODIFY
modify global-settings
options:
aws-access-key [string]
aws-secret-key [string]
aws-api-max-concurrency [integer]
file-blacklist-path-prefix [string]
file-blacklist-read-only-path-prefix [string]
file-whitelist-path-prefix [string]
console-inactivity-timeout [integer]
custom-addr [IP address]
description [string]
failsafe-action [go-offline | reboot | restart-all |
go-offline-restart-tm | failover-restart-tm]
file-local-path-prefix [local path prefix]
gui-audit [disabled | enabled]
gui-security-banner [disabled | enabled]
gui-security-banner-text [string]
gui-setup [disabled | enabled]
host-addr-mode [custom | management | state-mirror]
hostname [string]
hosts-allow-include [string]
lcd-display [disabled | enabled]
net-reboot [disabled | enabled]
password-prompt [string]
mgmt-dhcp [dhcpv4 | dhcpv6 | disabled | enabled]
quiet-boot [disabled | enabled]
remote-host [add | delete | replace-all-with] {
[name]... {
options:
addr [IP address]
hostname [string]
}
}
remote-host none
username-prompt [string]
edit global-settings
options:
all-properties
non-default-properties
DISPLAY
list global-settings
list global-settings [option]
show running-config global-settings
show running-config global-settings [option]
options:
all-properties
non-default-properties
one-line
DESCRIPTION
You can use the global-settings component to set up the BIG-IP system.
EXAMPLES
modify system remote-host add { bigip151 {addr 172.27.226.151 hostname
bigip151.saxon.net} }
Sets up a remote host named bigip151 with an IP address of
172.27.226.151 and a hostname of bigip151.saxon.net.
list global-settings all-properties
Displays all of the properties of the global system settings.
OPTIONS
aws-access-key
Amazon Web Services (AWS) supplied access key needed to make
secure requests to AWS. The default value is none.
aws-secret-key
Amazon Web Services (AWS) supplied secret key needed to make
secure requests to AWS. The default value is none.
aws-api-max-concurrency
Maximum concurrent connections allowed while making Amazon Web
Service (AWS) api calls. The default value is 1.
file-blacklist-path-prefix
Specifies the path prefixes that are disallowed for certain
commands. The blacklist takes precedence over the whitelist. It is
used by the tmsh save/load sys config file command to disallow
saving or loading configuration. Example: The path prefix
/shared/tmp/ is included both in the whitelist and blacklist.
Since, it is present in the blacklist, the configuration cannot be
saved or loaded from the /shared/tmp/ location. The paths are
specified in braces separated by spaces in quotes. ex:
"{/shared/3dns/} {/shared/bin/}".
file-blacklist-read-only-path-prefix
Specifies the read-only path prefixes that are disallowed for
certain commands. It is used by the tmsh save/load sys config file
command to disallow saving or loading configuration. It is a read-
only attribute with value "{/etc/shadow}".
file-whitelist-path-prefix
Specifies the path prefixes that are valid for certain commands.
It is used by the tmsh save/load sys config file command for
saving or loading configuration. The paths are specified in braces
separated by spaces in quotes. ex: "{/var/local/scf/} {/tmp/}
{/shared/} {/config/}".
console-inactivity-timeout
Specifies the number of seconds of inactivity before the system
logs off a user that is logged on. The default value is 0 (zero),
which means that no timeout is set. The valid range is 0 -
2147483647.
custom-addr
Specifies an IP address for the system. The default value is ::.
The host-addr-mode option must be set to custom in order for this
setting to take effect.
description
Specifies a user defined description. The default value is no
description.
failsafe-action
Specifies the action that the system takes when the switch board
fails. The default value is go-offline-restart-tm.
failover-restart-tm
Specifies that when the switch board fails the system
restarts the traffic management system and fails over to the
other unit in a redundant pair.
go-offline
Specifies that when the switch board fails the system goes
offline.
go-offline-restart-tm
Specifies that when the switch board fails the system goes
offline and restarts the traffic management system.
reboot
Specifies that after the active cluster fails over to its
peer, it reboots while the peer processes the traffic.
restart-all
Specifies that when the switch board fails the system
restarts all system services.
file-local-path-prefix
Specifies a list of folder prefixes that can be applied for file
objects. This is a space separated list of folder prefixes,
contained in curly braces. Example: "{file:///shared/}" or
"{file:///fileobjectfolder/} {/shared/}". By default the folders
are "/shared/" and "/tmp/", represented as "{/shared/} {/tmp/}".
gui-audit
Specifies whether or not system GUI log audit messages. If you
disable this option, system GUI will not log audit messages. The
default value is disabled.
gui-security-banner
Specifies whether the system presents on the login screen the text
you specify in the gui-security-banner-text option. If you disable
this option, the system presents an empty frame in the right
portion of the login screen. The default value is enabled.
gui-security-banner-text
Specifies the text to present on the login screen when the gui-
security-banner option is enabled. The default value is Welcome to
the BIG-IP Configuration Utility.
Note: To enter a carriage return in the text type Ctrl-V followed
by Ctrl-J. Additionally, you must escape special characters, such
as a question mark(?), with a back slash.
gui-setup
Enables or disables the Setup utility in the browser-based
Configuration utility. The default value is enabled.
Note: When you configure a system using tmsh, disable this option.
Disabling this option allows the system administrators to use the
browser-based Configuration utility without having to run the
Setup utility.
host-addr-mode
Specifies the type of host address you want to assign to the
system. The default value is management. The options are:
custom
Use this value to specify a custom IP address for the system
using the custom-addr option.
management
Indicates that the host address is the management port of the
system.
state-mirror
Use this value when the host address of the system is shared
by the other system in a redundant pair. In case of system
failure, the traffic to the other system is routed to this
system.
hostname
Specifies a local name for the system. The default value is
bigip1.
hosts-allow-include
Warning: Do not use this parameter without assistance from the F5
Technical Support team. The system does not validate the commands
issued when you use the hosts-allow-include option. If you use
this option incorrectly, you put the functionality of the system
at risk.
lcd-display
Enables or disables the LCD display on the front of the system.
The default value is enabled.
net-reboot
Enables or disables the network reboot feature. The default value
is disabled.
If you enable this feature and then reboot the system, the system
boots from an ISO image on the network, rather than from an
internal media drive. Use this option only when you want to
install software on the system, for example, for an upgrade or a
re-installation.
Note: An enabled value reverts to disabled after you reboot the
system a second time.
password-prompt
Specifies the text to present above the password field on the
system's login screen.
mgmt-dhcp
Specifies whether the system uses DHCPv4/DHCPv6 clients for
acquiring the management interface IP addresses. The option takes
4 possible values: dhcpv4, dhcpv6, disabled, enabled. dhcpv4 and
dhcpv6 options only enable DHCPv4 or DHCPv6 client respectively.
enabled and disabled options enable/disable both DHCPv4 and DHCPv6
clients.
If this option is enabled, manually specified IP addresses for the
management interface may be overwritten if the network also
contains a DHCP server (for the given IP protocol). If this option
is disabled, no DHCP server will be applied to the management
interface, however any previously acquired address will still be
used. The default value is enabled for VE and disabled for all
other platforms. When this option is enabled, manual changes like
create/delete on sys management-ip will not be allowed. For
dhcpv4/dhcpv6 values, this only applies to the management-ip
entries matching the IP protocol. For example, for dhcpv4 value,
user can't manually change IPv4 management-ip but user can change
IPv6 management-ip.
quiet-boot
Enables or disables the quiet boot feature. The default value is
enabled. When enabled, the system suppresses informational text on
the console during the boot cycle.
remote-host
Configures a remote host in the /etc/hosts file. The default value
is none. You must enter both an IP address and a fully qualified
domain name (FQDN) or alias for each host that you want to add to
the file.
username-prompt
Specifies the text to present above the user name field on the
system's login screen.
SEE ALSO
edit, list, modify, show, tmsh
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2009-2010, 2012-2013, 2016. All
rights reserved.
BIG-IP 2019-01-16 sys global-settings(1)