Git Product home page Git Product logo

f5-tetration's Introduction

F5 BIG-IP and Cisco Tetration Analytics

This repo provides information on how to configure BIG-IP devices in Cisco Tetration Solution. BIG-IP sends the flow information to the Tetration Sensors in IPFIX format this makes flows visible in Tetration Analytics software.

Repo Details

Repo has two directories irules and scripts. irules directory has F5 BIG-IP irules for IPFIX. The irules facilitate sending the flow information to the Tetration Sensors. The scripts directory has the irule JSON payload and install and clean scripts. More information on IPFIX and F5 please refer to IPFIX F5

Disclaimer :

  1. Integration is tested with v12.0 and above
  2. Script is tested with MAC OS terminal. To run use ./f5tetv1 from MAc OS terminal
  3. Added Script which runs on linux (Ubuntu 18.04.4 LTS) file name is f5tetlx
  4. Added windows support for the script, file name f5tet.exe
  5. The script will add IPFIX & iRules to in Common Partition only

How to use this Repo

Enter your BIG-IP Management IP: x.x.x.x
Enter your Username: admin
Enter your Password: xxxx
Attempting to Connect...

Please make your selection 1: IPFIX Configuration
                           2: Remove IPFIX Configuration
                           3: Remove IPFIX iRules from Virtual Server
                           4: Remove iRules from BIG-IP
                           5: Exit

Enter Your Choice : 1
Checking TCP iRules  exists on your local machine

TCP iRules  exists on your local machine

Checking UDP iRules exists on your local machine

UDP iRules exists on your local machine

Checking TCP iRules exists on BIG-IP ......

Uploading TCP iRules to BIG-IP .........

Checking UDP iRules exists on BIG-IP ......

Uploading UDP iRules to BIG-IP .........

Checking IPFIX Pool exists on BIG-IP ......

IPFIX Pool Does not Exists on BIG-IP Creating .....

Enter first IPFIX Sensor : 1.1.1.1
Enter Second IPFIX Sensor : 1.1.1.2
Enter Third IPFIX Sensor : 1.1.1.3
Created .... IPFIX Pool and Members added 


Creating IPFIX Log Destination ......
Creating Log Publisher  ......
Name: TetrationIPFIXPool
Sensors list : 1.1.1.1:4739 
Sensors list : 1.1.1.2:4739 
Sensors list : 1.1.1.3:4739 
Above Showing you IPFIX Pool on BIG-IP 

Do you want to use the above shown IPFIX Pool say Y/N? y
Appy iRules on all Virtual Server Y/N ? : n
Please select which Virtual Server need iRules 



Displaying all the Virtual Servers and iRules  ......
 
 
Please make your selection 1: IPFIX Configuration
                           2: Remove IPFIX Configuration
                           3: Remove IPFIX iRules from Virtual Server
                           4: Remove iRules from BIG-IP
                           5: Exit

Enter Your Choice : 2
Removing Publisher Configuration ........
Removing IPFIX log Configuration ........
Removing IPFIX Pool Configuration ........
Please make your selection 1: IPFIX Configuration
                           2: Remove IPFIX Configuration
                           3: Remove IPFIX iRules from Virtual Server
                           4: Remove iRules from BIG-IP
                           5: Exit

Enter Your Choice : 4
Removing iRules /Common/Tetration_TCP_L4_ipfix from BIG-IP ......

Removing iRules /Common/Tetration_UDP_L4_ipfix from BIG-IP ......

Please make your selection 1: IPFIX Configuration
                           2: Remove IPFIX Configuration
                           3: Remove IPFIX iRules from Virtual Server
                           4: Remove iRules from BIG-IP
                           5: Exit

Enter Your Choice : 5

f5-tetration's People

Contributors

f5vng avatar payalsin avatar scshitole avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar

Forkers

f5forks derwarre dlsteelejr

f5-tetration's Issues

New version of TCP irule requires both an HTTP profile and Access policy

Hi Sanjay,

The current version of the TCP irule with the HTTP_REQUEST event and the ACCESS::session command require both an HTTP profile and Access policy on the associated virtual servers. While the username is useful added data, the TCP rule as it stands now cannot be used on virtual servers that do not meet those requirements.

My recommendation is to restore the previous version of the TCP rule and add the current version as an option for use cases that meet the more specific requirement.

Regards,
Chris

f5tetv1 hangs

After downloading and running, the script hangs:

โžœ  Downloads ./f5tetv1 
Enter your BIG-IP Management IP: 10.2.2.2
Enter your Username: admin
Enter your Password: admin
Attempting to Connect...

Please make your selection 1: IPFIX Configuration
                           2: Remove IPFIX Configuration
                           3: Remove IPFIX iRules from Virtual Server
                           4: Remove iRules from BIG-IP
                           5: Exit

Enter Your Choice : 1
Checking TCP iRules  exists on your local machine

TCP iRules does not exists on local machine ..... getting from github

Downloading from github ........
Checking UDP iRules exists on your local machine

UDP iRules does not exists on local machine ..... getting from github

Downloading from github ........
Checking TCP iRules exists on BIG-IP ......

Uploading TCP iRules to BIG-IP .........

Checking UDP iRules exists on BIG-IP ......

Uploading UDP iRules to BIG-IP .........

Checking IPFIX Pool exists on BIG-IP ......

IPFIX Pool Does not Exists on BIG-IP Creating .....

Enter first IPFIX Sensor : 10.6.5.5
Enter Second IPFIX Sensor : 10.6.5.6
Enter Third IPFIX Sensor : 10.6.5.7
Created .... IPFIX Pool and Members added 


Creating IPFIX Log Destination ......
Creating Log Publisher  ......
Name: TetrationIPFIXPool
Sensors list : 10.6.5.5:4739 
Sensors list : 10.6.5.6:4739 
Sensors list : 10.6.5.7:4739

Then it just sits there with a blinking cursor.

macOS Mojava
Version 10.14.5

Assist with validating iRule for v11.5.3HF2

Please assist with validating iRule to run on v11.5.3 as the customer estate that it is required for is currently on v11.5.3HF2

Upgrading to any version of v12 will take at least a few months to be considered.

F5 v13 RAM leak with IPFix iRule

Looks like there is some problem with memory leak durin this iRules work.
We implemented it on our external LTM (there is many VSs tcp\udp\http)

After couple of days our LTM was out of memory because of iRule
We deattached iRules asap, so in the end we not sure what particular iRule was the root cause.
I suppose it can be an HTTP iRule since there is no static variables defined in RULE_INIT block

when RULE_INIT {
set static::http_rule1_dest ""
set static::http_rule1_tmplt ""
}

Also the main weak of this script(and other scripts too) is long term sessions.
On our external LTM we can have hundreds of sessions that can live about an 2 hours.
So script will wait for a CLIENT_CLOSED\SERVER_CLOSED events, only when session close it will send actual data.
All this time looks like it will need to store data in RAM untill session closed.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.