F5 BIG-IP LTM – F5 Networks Configuring BIG-IP® LTM: Local Traffic Manager

Prerequisites:

Administering BIG-IP, OSI model, TCP/IP addressing and routing, WAN, LAN environments, and server redundancy concepts; or having achieved TMOS Administration Certification.

Target Audience:

This course is intended for system and network administrators responsible for installation, setup, configuration, and administration of the BIG-IP LTM system.

Course Objectives:

• Back up the BIG-IP system configuration for safekeeping
• Configure virtual servers, pools, monitors, profiles, and persistence objects
• Test and verify application delivery through the BIG-IP system using local traffic statistics
• Configure priority group activation on a load balancing pool to allow servers to be activated only as needed to process traffic
• Compare and contrast member-based and node-based dynamic load balancing methods
• Configure connection limits to place a threshold on traffic volume to particular pool members and nodes
• Differentiate between cookie, SSL, SIP, universal, and destination address affinity persistence, and describe use cases for each
• Describe the three Match Across Services persistence options and use cases for each
• Configure health monitors to appropriately monitor application delivery through a BIG-IP system
• Configure different types of virtual services to support different types of traffic processing through a BIG-IP system
• Configure different types of SNATs to support routing of traffic through a BIG-IP system
• Configure VLAN tagging and trunking
• Restrict administrative and application traffic through the BIG-IP system using packet filters, port lockdown, and virtual server settings
• Configure SNMP alerts and traps in support of remote monitoring of the BIG-IP system
• Use an F5-supplied iApp template to deploy and manage a website application service
• Use iRules and local traffic policies appropriately to customize application delivery through the BIG-IP system
• Configure the BIG-IP to detect and mitigate some common attacks at the network and application layers using LTM features such as SYN check, eviction policies, iRules and Local Traffic Policies

Course Outline:

Lesson 1: Setting Up the BIG-IP System

• Introducing the BIG-IP System 
• Initially Setting Up the BIG-IP System 
• Archiving the BIG-IP Configuration 
• Leveraging F5 Support Resources and Tools

Lesson 2: Reviewing Local Traffic Configuration

• Reviewing Nodes, Pools, and Virtual Servers 
• Reviewing Address Translation 
• Reviewing Routing Assumptions 
• Reviewing Application Health Monitoring 
• Reviewing Traffic Behavior Modification with Profiles 
• Reviewing the TMOS Shell (TMSH) 
• Reviewing Managing BIG-IP Configuration Data

Lesson 3: Load Balancing Traffic with LTM

• Exploring Load Balancing Options 
• Using Priority Group Activation and Fallback Host 
• Comparing Member and Node Load Balancing

Lesson 4: Modifying Traffic Behavior with Persistence

• Reviewing Persistence 
• Introducing Cookie Persistence 
• Introducing SSL Persistence 
• Introducing SIP Persistence 
• Introducing Universal Persistence 
• Introducing Destination Address Affinity Persistence 
• Using Match Across Options for Persistence

Lesson 5: Monitoring Application Health

• Differentiating Monitor Types 
• Customizing the HTTP Monitor 
• Monitoring an Alias Address and Port 
• Monitoring a Path vs. Monitoring a Device 
• Managing Multiple Monitors 
• Using Application Check Monitors 
• Using Manual Resume and Advanced Monitor Timer Settings

Lesson 6: Processing Traffic with Virtual Servers

• Understanding the Need for Other Virtual Server Types 
• Forwarding Traffic with a Virtual Server 
• Understanding Virtual Server Order of Precedence 
• Path Load Balancing

Lesson 7: Processing Traffic with SNATs

• Overview of SNATs 
• Using SNAT Pools 
• SNATs as Listeners 
• SNAT Specificity 
• VIP Bounceback 
• Additional SNAT Options 
• Network Packet Processing Review

Lesson 8: Modifying Traffic Behavior with Profiles

• Profiles Overview 
• TCP Express Optimization 
• TCP Profiles Overview 
• HTTP Profile Options 
• OneConnect 
• Offloading HTTP Compression to BIG-IP 
• HTTP Caching 
• Stream Profiles 
• F5 Acceleration Technologies

Lesson 9: Selected Topics

• VLAN, VLAN Tagging, and Trunking 
• Restricting Network Access 
• SNMP Features 
• Segmenting Network Traffic with Route Domains

Lesson 10: Deploying Application Services with iApps

• Simplifying Application Deployment with iApps 
• Using iApps Templates 
• Deploying an Application Service 
• Leveraging the iApps Ecosystem on DevCentral

Lesson 11: Customizing Application Delivery with iRules and Local Traffic Policies

• Getting Started with iRules 
• Triggering an iRule 
• Introducing iRule Constructs 
• Leveraging the DevCentral Ecosystem 
• Deploying and Testing iRules 
• Getting Started with Local Traffic Policies 
• What Can You Do with a Local Traffic Policy? 
• How Does a Local Traffic Policy Work? 
• Understanding Local Traffic Policy Workflow 
• Introducing the Elements of a Local Traffic Policy 
• Specifying the Matching Strategy 
• What Are Rules? 
• Understanding Requires and Controls 
• Configuring and Managing Policy Rules 
• Configuring a New Rule 
• Including Tcl in Certain Rule Settings

Lesson 12: Securing Application Delivery with LTM

• Understanding Today’s Threat Landscape 
• Integrating LTM Into Your Security Strategy 
• Defending Your Environment Against SYN Flood Attacks 
• Defending Your Environment Against Other Volumetric Attacks 
• Addressing Application Vulnerabilities with iRules and Local Traffic Policies

Lesson 13: Final Lab Project

• About the Final Lab Project 
• Possible Solution to Lab 14.0