Management Routes

If you intend on SYSLOG and SNMP Traps leaving your management interfaces, you will need to create management routes to push traffic out of the management interfaces.
Please consult with WorldTech IT to discuss whether this option is best suited for your environment.
Additionally, follow these instructions carefully, as incorrect management-route configurations can impact the functionality of your device.
Reference:
myF5
SSH to the management of each BIG-IP and enter the TMSH shell
Enter the following: 
create /sys management-route <AGENT_IP>/32 gateway <GATEWAY_ADDRESS>
save /sys config
  • <AGENT_IP> must be replaced with the IP address of the Cloud.Red agent that will be interfacing with your device
  • <GATEWAY_ADDRESS> must be replaced with the IP address of the gateway appropriate to leave the management interface and route the traffic to the agent.
    • This is normally the same IP address as the default management route
Note: this configuration does not sync among BIG-IPs, and must be repeated on each BIG-IP in a cluster.
This must be completed before performing any of the following steps


Syslog Configuration

In the GUI, visit System ›› Logs : Configuration : Remote Logging
Add the IP of the Cloud.Red agent your BIGI-P will interface with, for port 514.
Click the update button when done.


SNMP Trap Configuration

In the GUI, visit System ›› SNMP : Traps : Destination
Add a new destination, version set to v2c, community to public, destination to the IP address of the agent that will be interfacing with, port to 162, and network to “Other”.
Note: if setting a management route for SNMP Traps to leave your management interfaces (as noted in the section above), use network “Management”.
Click the finished button when done.

SNMP Polling Configuration

In the GUI, visit System ›› SNMP : Agent : Configuration
Add the agents IP address to SNMP access. In the GUI, visit System ›› SNMP : Agent : Access (v1, v2c)
Gather an existing community string that agent can use or create a new one.
If creating a new community string:
  • Add a new record, for the Community set the desired string. Source can optionally be set to the IP address of the Cloud.Red agent that will be interfacing with this BIG-IP (this is not required).
  • Leave Access set to read only.
  • Click the finished button when done.


Add the WorldTech IT Monitoring Heartbeat Logic

  • SSH to the management of BIGIP and enter the BASH shell
    Reference:
    myF5
Execute the following:
tmsh.yaml
tmsh create sys icall script WTIT-MONITORING-HEARTBEAT-icall-script definition { catch { exec /bin/logger -p local0.notice "01070728:5: Node WTIT-MONITORING-HEARTBEAT monitor status up." } }
tmsh create sys icall handler periodic WTIT-MONITORING-HEARTBEAT-icall-handler { interval 60 script WTIT-MONITORING-HEARTBEAT-icall-script }
tmsh save /sys config
If there are any difficulties or questions, please contact WorldTech IT to schedule a working session.