Driver Support Document

F5 BIG-IP appliances & BigIP Enterprise Manager Virtual Editions, OS Version 2.x-4.x, 10.x-12.x

Show Tested Devices Grid

SYSOID Mapping
SYSOID MODEL OS VERSION
 1.3.6.1.4.1.3375.2.1.3.4.4 BIG-IP 1500 10.2.0, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.6 BIG-IP 3400 10.2.0, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.10 BIG-IP 6400 10.2.1, 11.x, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.11 BIG-IP 6800 10.2.1, 11.x, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.13 BIG-IP 8800 11.0.0, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.20 BIG-IP 1600 10.2.3, 11.x, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.21 BIG-IP 3600 10.2.0, 11.x, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.22 BIG-IP 6900 10.2.1, 11.x, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.23 BIG-IP 8900 10.2.4, 11.x, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.24 BIG-IP 3900 10.2.3, 11.x, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.25 BIG-IP 8950 11.0.0, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.26 EM 4000 2.3.0
 1.3.6.1.4.1.3375.2.1.3.4.27 BIG-IP 11050 11.3HFS, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.43 BIG-IP Virtual Edition 11.0.0, 12.0.0
 1.3.6.1.4.1.3375.2.1.3.4.44 BIG-IP 11000 11.2.0, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.46 BIG-IP VIP B2100 11.1.0, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.47 BIG-IP VIP B4300 11.2.1, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.48 BIG-IP VIP C2400 11.3.0, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.51 BIG-IP 11000F 11.3.0, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.53 BIG-IP 6900F 11.2.1, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.55 BIG-IP 6900S 11.0.0, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.56 BIG-IP 8900F 11.2.1, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.59 BIG-IP 4000 11.x, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.60 BIG-IP 10000 11.3.0, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.61 BIG-IP 2000 11.3.0, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.62 BIG-IP 5200 11.4.1, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.63 BIG-IP 7000 11.4.1, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.70 BIG-IP VPR-B2250 11.4.1, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.71 BIG-IP 5050 11.6.0, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.72 BIG-IP 5250 11.6.0, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.78 BIG-IP 7250v 11.6.0, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.80 BIG-IP 10250v 11.6.0, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.81 BIG-IP 2200 11.4.1, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.82 BIG-IP 4200 11.4.1, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.83 BIG-IP 5200 11.4.1, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.84 BIG-IP 7200 11.4.1, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.85 BIG-IP 7200F 11.5.4, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.87 BIG-IP 10200 11.4.1, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.88 BIG-IP 10200F 11.4.1, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.89 BIG-IP 10200S 11.4.1, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.91 BIG-IP 5250F 11.5.4, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.94 BIG-IP A112 vCMP Virtual Guest 11.5.4, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.95 BIG-IP VPR-C2200 11.5.4
 1.3.6.1.4.1.3375.2.1.3.4.97 BIG-IP 7255 11.4.1, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.99 BIG-IP 10255 11.5.4
 1.3.6.1.4.1.3375.2.1.3.4.102 BIG-IP VPR-B4450N 13.0.0
 1.3.6.1.4.1.3375.2.1.3.4.104 BIG-IQ Virtual Edition 5.0.0
 1.3.6.1.4.1.3375.2.1.3.4.105 BIG-IP i2800 12.1.2
 1.3.6.1.4.1.3375.2.1.3.4.108 BIG-IP i5600 12.1.2
 1.3.6.1.4.1.3375.2.1.3.4.109 BIG-IP i5800 12.1.2
 1.3.6.1.4.1.3375.2.1.3.4.110 BIG-IP i7600 12.1.2
 1.3.6.1.4.1.3375.2.1.3.4.111 BIG-IP i7800 12.1.2
 1.3.6.1.4.1.3375.2.1.3.4.112 BIG-IP i10600 12.1.2
 1.3.6.1.4.1.3375.2.1.3.4.113 BIG-IP i10800 12.1.2
 1.3.6.1.4.1.3375.2.1.3.4.1000 BIG-IP VPR-C2200 11.1.0, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.1000 BIG-IP VPR-C2400 11.1.0, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.1000 Enterprise Manager Virtual Edition 2.3.0, 3.1.0, 12.x
 1.3.6.1.4.1.3375.2.1.3.4.1000 Big-IQ Virtual Edition 4.5.0
 1.3.6.1.4.1.3375.2.1.3.4.1000 A113 11.6.0, 12.x

Driver Features Support Grid

Driver FeaturesAccess Methods
(X signifies feature support)CLISNMPTFTPCLI+TFTPSNMP+TFTPFTPCLI+FTPSNMP+FTPCLI+SFTPSCPCLI+SCPSNMP+SCPHTTP/HTTPS
X Driver Discovery release notes X X                      
X General Access release notes
(CLI protocols: ssh2, console)
Supports SecurID
X     X     X     X X    
Configuration
X Retrieve Running Configuration release notes X     X     X     X X    
  Retrieve Startup Configuration                            
X Retrieve Binary Configuration         X     X     X X    
X Device information parsing  
X Enhanced Layer2 Basic IP information parsing  
X Configuration Deployment to Running release notes             X     X X    
  Configuration Deployment to Startup                            
X Binary Configuration Deployment               X     X X    
Diagnostics
X Routing Table   X                        
  OSPF Neighbors                            
X Interfaces   X                        
X Modules and Inventory   X                        
  Flash Storage Space                            
X File System   X                        
X Uptime   X X                      
X ICMP Test   X                        
X Topology Parsing   X                        
X Duplex Parsing   X                        
X Enhanced VLAN Parsing  
Features
X Software Center         X           X      
  Software Image Synchronization                            
X Password Management  
(Can modify: full username, full password, read-only community strings, read/write community strings)
X                        
X Syslog Configuration and Change Detection   Syslog patterns X                        
X Custom Scripts and Diagnostics  
Bulk deploy available
X                        
X ACL Parsing  
X ACL Provisioning   X                        
X VLAN Provisioning   X                        
X Configlet Parsing  
X QoS Parsing  
  VRF Parsing  
  Context Management                            

General Access

Release Notes

Maximum prompt length

TMSH supports a device prompt that contain a number of status items, causing the length to exceed the terminal width and introduce the use of non-printing characters. If the prompt exceeds 80 characters, it can cause tasks to fail. The username can be removed from the prompt using the command "set preference prompt user none."

return to top

Device information parsing

Release Notes

Remove FQDN from hostname

Some F5 devices report their hostname in FQDN format which may not be desirable. If the device access variable "remove_fqdn" is set to "true", the hostname minus the FQDN will be reported. The device's configuration will be unchanged.

return to top

Retrieve Running Configuration

Release Notes

Sectioned running configuration

Some F5 devices may have trouble executing a 'show running all-properties' operation under heavy load. To accomodate this, the driver can select to run 'show running all-properties', with a list of areas to be collected specified as a comma-separated list. To activate this behavior, set the device access variable "areas" to a CSL, e.g. "sys,net,auth". Note that a configuration captured like this is likely an incomplete representation of the device, and therefore can not be deployed back to the device.

Use of 'all-properties' argument in running config

F5 devices use an argument 'all-properties' to retrieve the running configuration with even default settings included. This is known to include some items that are status items and not configuration related. The all-properties option is enabled by default; to remove this information in the configuration, set the Device Access variable "skipallproperties" to "true". This will also impact the sectioned running configuration mode.

Use of BASH environment

F5 devices support a bash environment that can be used to collect information, but access to it can be disaled via various authentication methods. To instruct the driver to not try bash commands, set the device access variable "disable_bash" to "true".

Inclusion of BASH configuration files

F5 devices report their configuration in several ways, using 'save sys config file', 'show running-config', and also the storing of several disk files after the command 'save sys config' is executed. To skip the collection of these several files during snapshot [from /config], set the device access variable "skip_bash_configs" to "true".

Addition of extra BASH configuration files

F5 devices may include files that are only available in the BASH context that correspond to configuration information, such a the SSL keys that are under /config/ssl. To include any extra files in the configuration snapshot, set the Device Access variable "extrafiles" to contain a comma-delimited list of filenames. Note that wildcards are not supported for this variable setting.

Handling of duplicate address for VIP ports

F5 drivers support the parsing of Virtual IP addresses attached to virtual interfaces inside the device. These addresses are unique in a ip:port format, but the same IP may be reported under multiple interfaces with a different TCP port number. However, since duplicate addresses are not allowed in the BasicIP diagnostic, these duplicates can go unreported. To work around this but still report the addresses, set the device access variable "disable_vip" to "true". This will skip the IP parsing of the virtual interfaces, but will still report the data in the "description" field of the interface, in the format "[ip] / [subnet] : [port] - [interface description]" with the last element being the actual interface description string.

Recursive configuration collection

F5 GTM devices have an alternate command to collect their configuration. Set the device access variable "recursive" to "true", and the driver will use the command "show running-config all-properties recursive" to collect the configuration, after issuing "cd /" to relocate to the root context.

Limit size of the UCS binary configuration

F5 devices can have very large binary configuration (UCS) files. To limit the size of the file that is stored, set the variable "ucs_size_limit" to the maximum number of kilobytes that should be collected. If the size on the device is larger than the limit, then the binary snapshot will throw a warning and not collect the binary configuration file.

Support encrypted UCS files

F5 devices can encrypt their UCS files. To enable the use of this option, set the device access variable "encrypt_ucs" to "true". The UCS file will be encrypted with the password used to access the device.

Skip the 'save sys config file' command

F5 devices report their configuration in several ways; one of them is the 'save sys config file' that produces a text file. To skip collection of this data, set the variable "skip_configfile" to "true".

return to top

Configuration Deployment to Running

Release Notes

Only the Running Configuration can be deployed

The driver only supports deployment of the running configuration section. The sections marked with filenames can not be deployed back to the device. Any changes to those sections will not take effect after the deployment task.

return to top

General Access

Release Notes (inherited)

Extra support for drivers that use HTTP

This note applies only for drivers that use HTTP requests for driver functions. HTTP proxy operations are supported by setting the device access variable "http_proxy" to "ip:port", replacing with the IP and port values of the proxy server. SNI-requiring devices (e.g CloudGenix & Cisco Meraki) can be supported by using the device access variable "alternate_host" to contain the DNS name of the host. The host name will be used rather than the normal management IP address for all HTTP requests, effectively supporting SNI.

return to top

Driver Discovery

Release Notes

More prompt causes an unexpected disconnection

Discovery tasks for Javascript drivers handle More prompts by using timeouts, which can cause problems with the third-party SSH client code, which interprets the timeout as a disconnection. There are two options to work around the problem. Setting the RCX option [<option name="Driver/Discovery/UsePollRead">true</option>] in site_options.rcx will effect the workaround for all affected devices. Alternatively, it could be applied to a single device by setting the device access variable "PollRead" to "true".

Wakeup Ctrl-U character can cause discovery to fail

Discovery tasks for Javascript drivers use wakeup characters are sent during device connection, to ensure that the device is responding. Normally, these characters do not echo to the console, but some devices may echo them. In this case, this causes the prompt detection phase to fail, which in turn can cause More prompts to not be handled properly, and discovery may fail. If these characters are echoed from the device [check the session log to see this], then set the device access variable "skip_ctrl_u" to skip the sending of the wakeup characters. Note that setting this option on a previously working device could cause discovery tasks to fail, but it only affects CLI discovery. SNMP discovery is unaffected.

return to top

Syslog Triggering

return to top