Skip to content

Afroz Ahmad

My Official Blog


Archive for May, 2014


This question was popped  in front of me , when i finally decided to pursue my next certification in the Design field. Some people say that CCIE is somehow act as a prerequisite before doing CCDE. However, in my point of view it really depends on which background you are coming and what you are trying to achieve in your future endeavors. Although cisco have no prerequisite for CCDE, you can do CCDE even if you don’t have CCNA, however it is recommended that you have at least 7 years of experience in network design , implementation and operation.

In my perspective CCIE is all about implementation and troubleshooting, however on the other hand CCDE is the mind and soul behind big designs. CCDE is a control plane driven test, and in cisco world they call it as a Layer 3, where business and technology meet together.


CCDE Layer3


As a whole, CCDE breaks the problem into two pieces :-
1. Domains
Large common problem areas in designing a network.
2. Drivers
What problem are you trying to solve?
What tools do you have to solve the problem?

Domain deals with question related to Availability , Serviceability , Scalability, Security and Flexibility.

There are three main drivers. Firstly, Business drivers are supposed to be at layer 9 and answers questions related to scale, continuity , expense and advantage. Secondly , Application drivers are at layer 7 and deals with bandwidth, delay, jitter and continuity requirements. Lastly, Link drivers works at layer 1 and provide bandwidth, delay , expense and detection like features.

Cisco call it layer 3 aka control plane , where all above drivers meet and build networks that will support business and applications requirements on top of available links and hardware.


Recently i faced some challenges in creating “automatic backup script” for F5 LTM, the main reason for this was because i am not a regular scripting guy, and F5 TAC doesn’t support these kind of things. I was initially shocked when i heard from F5 TAC that they cannot do such scripting, and the only forum where i can get any help is F5 devcentral community. Although i have posted my query there and few people tried to help me ,however at last it was not fruitful at all. So, I thought of sharing my experience here, so that people can get benefited and not face any unnecessary hassle.

This Backup is used to recover the device from complete crash down situation.

These are the three kind of files you can get,with date appended after your device hostname , if you have successful running script.


Important points to consider when you make your own backup script :-

1.Do not use windows notepad to edit this script. You will end up messing lot of things. This script is a Shell script so i would suggest to use VI editor to edit anything in the script.

2.After editing , use WinSCP to upload or download anything to and from the F5 LTM device.

3.Transfer your script by WinSCP under “/etc/cron.daily” if you want daily backup, else select other folder available within the “/etc” folder starting from word “cron”.

4.Now login to F5 LTM CLI , and type in “cd /etc/cron.daily” to get into that folder. You can see all available files with “ll” command in that folder.

5.Issue “sh -x” command to check for any errors, if any error found carefully read the output. If you want to change anything in script , simply type “vi” you will get into VI editor mode. You can find VI editor commands online by googling around. You can insert anything by “i” and quit by “:wq” command.

6.If script runs well, then you can see all three files inside your FTP server. Now make it run daily by “chmod 777” command.


Below is the script, you only need to edit FTP ip address , username and password according to your environment:-

# Automatic Backup Script for F5 LTM V10″”
#Author “Afroz Ahmad”
b config save /var/tmp/BIG-IP_backup.ucs
export a=`date +”%y%m%d”`
export aa=”$HOSTNAME.$a.ucs”
export b=”/var/tmp/$aa”
mv /var/tmp/BIG-IP_backup.ucs $b

tar -cf /var/tmp/certs.tar /config/ssl
export ff=”$HOSTNAME.$a.certs.tar”
export f=”/var/tmp/$ff”
mv /var/tmp/certs.tar $f

export c=”$HOSTNAME.$a.crontab”
export cc=”/var/tmp/$c”
cp /etc/crontab $cc

export MName=
export MDir=/F5/
export Log=/var/tmp/log.bigip

export UserName=admin
export UserPassword=password

export Machine1f2=$aa
export Machine1f3=$c
export Machine1f4=$ff

ftp -nvd ${MName} <<-END 1>&2 > ${Log}
user ${UserName} ${UserPassword}
put ${b} ${MDir}${Machine1f2}
put ${cc} ${MDir}${Machine1f3}
put ${f} ${MDir}${Machine1f4}

rm -f ${b}
rm -f ${cc}
rm -f ${f}

exit $RTN_CODE