background image

Introducing the 520/540 Platform

F5 Networks, Inc., Platform Guide

1 - 5

Description

Power LED

Status LED

Activity LED

Alarm LED

Normal Startup:

Power is off

Black

Black

Black

Black

Starting Up - BIOS

Green

Black

Black

Yellow

Starting Up - Loader

Green

Black

Yellow

Yellow

Starting Up - Kernel

Green

Blink 

Yellow

Flicker Yellow* for 
storage device

Yellow

System ready - (standby mode)

Green

Yellow

Flicker Green** for 
Traffic

Black

System ready - (active mode)

Green

Green

Flicker Green for 
Traffic

Black

Error Conditions:

Overtemp or fan failure

Green

Yellow or 
Green

Flicker Green for 
Traffic

Blink Red

Out of memory or other serious condition

Green

Yellow or 
Green

Flicker Green for 
Traffic

Red

One or more virtual servers have all nodes 
down

Green

Yellow or 
Green

Flicker Green for 
Traffic

Blink Yellow

One or more health monitors failed

Green

Yellow or 
Green

Flicker Green for 
Traffic

Yellow

Self Test Failed in Phase 1

Green

Black

Black

Red

Self Test Failed in Phase 2

Green

Black

Black

Black

Self Test Failed in Phase 3

Green

Blink Yellow

Black

Red

*After startup, LED3 never flickers yellow, even though the storage device may be accessed.

**Flicker Green means traffic is being load balanced or routed.

Table 1.1  Behavior of the status LEDs

Содержание 520

Страница 1: ...Platform Guide 520 540 MAN 0067 00...

Страница 2: ......

Страница 3: ...product protected by U S Patent 6 374 300 Pending U S Patent 20020040400 Other patents pending Export Regulation Notice This product may include cryptographic software Under the Export Administration...

Страница 4: ...ii...

Страница 5: ...Table of Contents...

Страница 6: ......

Страница 7: ...ditional resources 1 18 2 Configuring the FIPS 140 Hardware Introducing FIPS 140 hardware security module support 2 1 Initializing the FIPS 140 hardware security module and creating the security world...

Страница 8: ...Table of Contents iv...

Страница 9: ...Reviewing the 520 540 platform Getting started Familiarizing yourself with the controller Environmental requirements Installing and connecting the hardware Interfaces Activating the license Using the...

Страница 10: ......

Страница 11: ...e 1 1 However there are internal differences The 540 is a dual processor platform with more memory than the 520 platform For details see Reviewing hardware specifications on page 3 1 Three PCI expansi...

Страница 12: ...tenance However you must also provide standard peripheral hardware such as a keyboard or serial terminal if you want to administer the controller directly Components provided with the controller When...

Страница 13: ...If you want to use the default controller configuration you must have an administrative workstation on the same IP network as the Controller You also need network hubs switches or concentrators to co...

Страница 14: ...controller On the front of the unit you can turn the unit off and on or you can reset the unit You can also view the indicator lights for hard disk access Note The interfaces on every controller are...

Страница 15: ...r fan failure Green Yellow or Green Flicker Green for Traffic Blink Red Out of memory or other serious condition Green Yellow or Green Flicker Green for Traffic Red One or more virtual servers have al...

Страница 16: ...ard 19 inch rack To ensure safe installation and operation of the unit Install the rack according to the manufacturer s instructions and check the rack for stability before placing equipment in it Bui...

Страница 17: ...le ground path maintained at all times The controller contains a lithium battery There is danger of an explosion if you replace the lithium battery incorrectly We recommend that you replace the batter...

Страница 18: ...ontroller until all peripheral hardware is connected to the unit To install the hardware in a rack 1 Lift the unit into place This requires more than one person 2 Secure the unit using the four rack m...

Страница 19: ...the console connect the serial cable to the terminal serial port number 6 in Figure 1 4 In this case you should not connect a keyboard to the controller If there is no keyboard connected to the contro...

Страница 20: ...ce Interfaces This platform can have as few as one network interface It is helpful to understand interface naming conventions before you perform configuration tasks such as displaying interface status...

Страница 21: ...e to that of the interface or to auto for auto detection If the media type is set to auto and the card does not support auto detection the default type for that interface is used for example 100BaseTX...

Страница 22: ...de to full or half duplex If the media type does not allow duplex mode to be set this is indicated by an onscreen message If media type is set to auto or if setting duplex mode is not supported for th...

Страница 23: ...ts the dossier to the F5 license server as well as installing the signed license certificate In order for you to use this method the unit must be installed on a network with Internet access Manual lic...

Страница 24: ...License utility based on the type of BIG IP unit you are licensing If the unit does not have a license from a previouse version click License Utility to open the License Administration screen If the u...

Страница 25: ...s was successful If the licensing process is not successful contact your vendor 6 You are asked to accept the End User License Agreement The system will not be fully functional until you accept this a...

Страница 26: ...ative workstation open the Configuration utility using one of the following addresses https 192 168 1 245 https 192 168 245 245 These are default addresses on the unit s local area network 2 Type the...

Страница 27: ...creen returns a signed license file 8 Retrieve the license file using one of the following methods Copy the entire contents of the signed license file Click Download license and save the license file...

Страница 28: ...cements a list of fixes and in some cases a list of known issues Online help You can find help online in three different locations The web server on the product has PDF versions of the guides included...

Страница 29: ...140 Hardware Introducing FIPS 140 hardware security module support Initializing the FIPS 140 hardware security module and creating the security world Using the key utilities to generate keys Additiona...

Страница 30: ......

Страница 31: ...ardware security module HSM and never leave except when in encrypted form With this HSM installed you can encrypt private keys on the 520 540 platform with a 3 DES key that resides only on the FIPS 14...

Страница 32: ...single or redundant system adding another HSM to an existing security world Note You will need a paper clip or ballpoint pen and at least two of the smart cards provided with the security module three...

Страница 33: ...ual is included on the Software and Documentation CD 5 Move the M O I switch to O Figure 2 1 and with the paperclip press the reset button Figure 2 2 6 Generate keys by running genconf and then genkey...

Страница 34: ...Cards will be required 1 Enable future key recovery using administrator cards This cannot be enabled retrospectively Answering no may require you to discard your keys when you upgrade the support soft...

Страница 35: ...tility and synchronize the configurations of the units in the redundant system This means that both 520 540 platforms in the redundant system must be synchronized in order to synchronize the SSL keys...

Страница 36: ...e back of the second unit in the redundant system locate the switch labelled M O I Figure 2 1 Then using a paper clip or your fingernail move the switch to the I position 2 With the end of the ballpoi...

Страница 37: ...ty world Note Connect a card reader to each of the security modules for this configuration To install both security modules and create the security world at the same time To bring two HSMs installed i...

Страница 38: ...w to orient the card before inserting it in the reader The utility also prompts you to to insert the same cards into the reader attached to the second HSM to bring it into the security world at the sa...

Страница 39: ...If you have done this correctly the LED blinks quickly for a moment and then blinks slowly again bigip2 sw init Key management data not yet set up at least on this computer Modules ready for re progra...

Страница 40: ...the the security world you can configure the SSL Accelerator For more information see Additional configuration options on page 2 14 If this is a primary unit in a redundant system complete the tasks...

Страница 41: ...authority CA to obtain a certificate gencert If you already have a key run this utility to generate a temporary certificate and request file for the SSL Accelerator WARNING After you import or generat...

Страница 42: ...r certificate authority CA and follow their instructions for submitting this request form In addition to creating a request form that you can submit to a certificate authority this utility also genera...

Страница 43: ...certificate applies After the utility starts it prompts you for various information After you run this utility a certificate request form is created in the following directory config bigconfig ssl cr...

Страница 44: ...r options you can configure For more information see the BIG IP Reference Guide Chapter 7 SSL Accelerator Proxies All configurations have health monitoring options Refer to the BIG IP Reference Guide...

Страница 45: ...3 Additional Hardware Specifications Reviewing hardware specifications 520 specifications 540 specifications...

Страница 46: ......

Страница 47: ...work monitoring utilities and additional contributed software SNMP gets and traps iControl API using CORBA SOAP XML Dynamic Content Support ASP active server pages VB visual basic script ActiveX JAVA...

Страница 48: ...notification Specification Description Dimensions 3 5 H x 19 W x 21 7 D per unit 2U industry standard rack mount chassis Weight 26 lbs per unit Processor Single PIII 1 GHz Network Interface 2x10 100 w...

Страница 49: ...re subject to change without notification Specification Description Dimensions 3 5 H x 19 W x 21 7 D per unit 2U industry standard rack mount chassis Weight 26 lbs per unit Processor Dual PIII 1 GHz N...

Страница 50: ...Chapter 3 3 4...

Страница 51: ...Glossary...

Страница 52: ......

Страница 53: ...nto IP addresses For example the domain name www sample com might translate to 101 102 103 104 dossier A dossier is an encrypted list of key platform characteristics used to identify the platform and...

Страница 54: ...etup utility is available from the command line or as a web based wizard from the product splash screen SSH SSH is a protocol for secure remote login and other secure network services over a non secur...

Страница 55: ...Inc Platform Guide Glossary 3 virtual server Virtual servers are a specific combination of virtual address and virtual port associated with a content site that is managed by BIG IP software or other...

Страница 56: ...Glossary Glossary 4...

Страница 57: ...Index...

Страница 58: ......

Страница 59: ...izing 2 2 installing two 2 7 M O I switch 2 3 private keys 2 1 reset button 2 4 FQDN 2 11 G gencert 2 11 genconf 2 11 genkey 2 11 Gigabit Ethernet 1 3 grounding hardware 1 7 H hardware and appearance...

Страница 60: ...nd fail over cable 1 2 registration key 1 13 release notes finding 1 18 remote administration 1 3 resources finding additional 1 18 S security world creating 2 2 defined 2 2 in a redundant system 2 5...

Страница 61: ......

Отзывы: