F5 v11.x Device Trust Group

A week ago, I was upgrading HA F5 pair from 11.5.1 to 11.5.3 and noticed the existence of default “device_trust_group” in sync-only mode in GUI. I did not create it but it just showed up and there wasn’t a way to delete it. Apparently, this always existed in the background but was exposed via GUI in the later 11.x versions. Based on my experience, it wasn’t exposed via GUI in 11.5.1 but was exposed via GUI from 11.5.6

Device_Trust_Group

Reference: DevCentral

F5 CLI Display Length

While running cli commands on F5, you may run into display length issues:

(tmos.ltm)# show pool members | grep "10.10.10.10:"
Display all 158 items? (y/n) y

If you are executing the script on the F5 to obtain data, the "Display all xxx items? (y/n)" could be a problem. We can alter the display threshold using the following command:

(/Common)(tmos)# modify cli preference pager disabled display-threshold ?

Specifies the maximum number of objects that tmsh will display without requiring a user response to the question, "Display all <number> items? (y/n)". You can specify from 0 (zero) through 4,294,967,265 objects. 0 (zero) specifies that tmsh will display any number of objects without the warning.

(/Common)(tmos)#  modify cli preference pager disabled display-threshold 0