K30503041: Creating a virtual server with ARP and/or ICMP disabled at creation
Non-Diagnostic
Original Publication Date: Apr 16, 2020
Update Date: Apr 16, 2020
Topic
You should consider using this procedure under the following condition:
You want to create a new virtual server with the Address Resolution Protocol (ARP) and/or the Internet Control Message Protocol (ICMP) disabled at creation.
Description
In some network environments, you may want to create virtual servers that have ARP and/or ICMP disabled. When creating a new virtual server (one that does not use an IP address of an existing virtual server), you can enable or disable the virtual server. However, you cannot set the IP address of the virtual server with ARP and/or ICMP to 'disabled' when creating the virtual server. You can only enable or disable ARP or ICMP by modifying the virtual address that is automatically created when you create the virtual server. In this scenario, you create the virtual address with ARP and ICMP enabled at the time of creation.
You can work around this scenario by creating the virtual address for the virtual server in advance with ARP and/or ICMP disabled. After creating the virtual address, you can then create the virtual server that references the same IP address of the virtual address as the destination IP address of the virtual server.
Prerequisites
You must meet the following prerequisite to use this procedure:
Administrative access to the BIG-IP Configuration utility or the TMOS Shell (tmsh).
Note: You cannot create a virtual address using the Configuration utility. To create the virtual address, you can use the iControl REST API. Access to the REST interface requires administrative access to the Configuration utility.
Procedures
Using REST to create a virtual address Using tmsh to create a virtual address
Using REST to create a virtual address The following REST command syntax demonstrates how to create a virtual address with ARP and ICMP disabled using the Linux cURL utility.
Impact of procedure: Performing the following procedure should not have a negative impact on your system. curl -sk -u admin:
In this command syntax, note the following:
For example: curl -sk -u admin:admin -H "Content-Type: application/json" -X POST https://192.168.1.62/mgmt/tm/ltm /virtual-address -d '{"name":"my-virtual-address","partition":"Common","address":"10.14.0.1","mask":" 255.255.255.255","arp":"disabled","icmpEcho":"disabled","floating":"enabled"}'
The following alternate example reuses the virtual address as the name: curl -sk -u admin:admin -H "Content-Type: application/json" -X POST https://192.168.1.62/mgmt/tm/ltm /virtual-address -d '{"name":"10.14.0.1","partition":"Common","address":"10.14.0.1","mask":" 255.255.255.255","arp":"disabled","icmpEcho":"disabled","floating":"enabled"}'
You can now use your normal method for creating a new virtual server using the virtual address created in the procedure as the virtual server destination address. For more information about REST syntax to create a virtual server, refer to: K13225405: Common iControl REST API command examples.
Using tmsh to create a virtual address
The following tmsh command syntax demonstrates how to create a virtual address with ARP and ICMP disabled.
Impact of procedure: Performing the following procedure should not have a negative impact on your system.
1. Log in to tmsh by typing the following command:
tmsh
2. To create a new virtual address, use the following command syntax: 2.
create /ltm virtual-address
In this command syntax, note the following:
For example:
create /ltm virtual-address my-virtual-address address 10.14.0.1 mask 255.255.255.255 arp disabled icmp-echo disabled
3. Save the configuration by typing the following command:
save /sys configuration partitions all
You can now use your normal method for creating a new virtual server using the virtual address created in the procedure as the virtual server destination address.
Supplemental Information
K13225405: Common iControl REST API command examples
Applies to:
Product: BIG-IP 15.X.X, 14.X.X, 13.X.X, 12.X.X