Duration
3 Days
Audience
Employees of federal, state and local governments; and businesses working with the government. This course is intended for system and network administrators responsible for installation, setup, configuration, and administration of the BIG-IP LTM system.
Course Overview
This course gives network professionals a functional understanding of BIG-IP Local Traffic Manager, introducing students to both commonly used and advanced BIG-IP LTM features and functionality. Incorporating lecture, extensive hands-on labs, and classroom discussion, the course helps students build the well-rounded skill set needed to manage BIG-IP LTM systems as part of a flexible and high performance application delivery network.
Is this the Right Course?
You must complete one of the following:
- Administering BIG-IP v12
- BIG-IP Local Traffic Manager (LTM) Essentials
- Achieve F5 Certified BIG-IP Administrator certification
You should understand:
- TCP/IP Addressing and Routing including the Address Resolution Protocol, Direct and Indirect Routing, and TCP Handshakes
- Command Line Configuration
- Common elements of and differences between WAN and LAN components
- Fundamental programming concepts
In addition, you should be proficient in:
- The Linux File System
- PICO editor or VI editor
- The TCPDUMP program
Learning Objectives
- BIG-IP initial setup (licensing, provisioning, and network configuration)
- A review of BIG-IP local traffic configuration objects
- Using dynamic load balancing methods
- Modifying traffic behavior with persistence (including SSL, SIP, universal, and destination address affinity persistence)
- Monitoring application health with Layer 3, Layer 4, and Layer 7 monitors (including transparent, scripted, and external monitors)
- Processing traffic with virtual servers (including network, forwarding, and reject virtual servers)
- Processing traffic with SNATs (including SNAT pools and SNATs as listeners)
- Configuring high availability (including active/standby and N+1 sync failover device groups, connection and persistence mirroring, and sync-only device groups)
- Modifying traffic behavior with profiles (including advanced HTTP profile options, caching, compression, and OneConnect profiles)
- Advanced BIG-IP LTM configuration options (including VLAN tagging and trunking, SNMP features, and packet filters)
- Deploying application services with iApps
- Customizing application delivery with iRules and local traffic policies
Outline
- Lesson 1 : Setting Up the BIG-IP System
- Introducing the BIG-IP System
- Initially Setting Up the BIG-IP System
- Archiving the BIG-IP Configuration
- Leveraging F5 Support Resources and Tools
Lesson 2 : Reviewing Local Traffic Configuration
- Reviewing Nodes, Pools, and Virtual Servers
- Reviewing Address Translation
- Reviewing Routing Assumptions
- Reviewing Application Health Monitoring
- Reviewing Traffic Behavior Modification with Profiles
- Reviewing the TMOS Shell (TMSH)
- Reviewing Managing BIG-IP Configuration Data
Lesson 3 : Load Balancing Traffic with LTM
- Exploring Load Balancing Options
- Using Priority Group Activation and Fallback Host
- Comparing Member and Node Load Balancing
Lesson 4 : Modifying Traffic Behavior with Persistence
- Reviewing Persistence
- Introducing Cookie Persistence
- Introducing SSL Persistence
- Introducing SIP Persistence
- Introducing Universal Persistence
- Introducing Destination Address Affinity Persistence
- Using Match Across Options for Persistence
Lesson 5 : Monitoring Application Health
- Differentiating Monitor Types
- Customizing the HTTP Monitor
- Monitoring an Alias Address and Port
- Monitoring a Path vs. Monitoring a Device
- Managing Multiple Monitors
- Using Application Check Monitors
- Using Manual Resume and Advanced Monitor Timer Settings
Lesson 6 : Processing Traffic with Virtual Servers
- Understanding the Need for Other Virtual Server Types
- Forwarding Traffic with a Virtual Server
- Understanding Virtual Server Order of Precedence
- Path Load Balancing
Lesson 7 : Processing Traffic with SNATs
- Overview of SNATs
- Using SNAT Pools
- SNATs as Listeners
- SNAT Specificity
- VIP Bounceback
- Additional SNAT Options
- Network Packet Processing Review
- Lesson 8 : Modifying Traffic Behavior with Profiles
- Profiles Overview
- TCP Express Optimization
- TCP Profiles Overview
- HTTP Profile Options
- OneConnect
- Offloading HTTP Compression to BIG-IP
- HTTP Caching
- Stream Profiles
- F5 Acceleration Technologies
Lesson 9 : Selected Topics
- VLAN, VLAN Tagging, and Trunking
- Restricting Network Access
- SNMP Features
- Segmenting Network Traffic with Route Domains
Lesson 10 : Deploying Application Services with iApps
- Simplifying Application Deployment with iApps
- Using iApps Templates
- Deploying an Application Service
- Leveraging the iApps Ecosystem on DevCentral
Lesson 11 : Customizing Application Delivery with iRules and Local Traffic Policies
- Getting Started with iRules
- Triggering an iRule
- Introducing iRule Constructs
- Leveraging the DevCentral Ecosystem
- Deploying and Testing iRules
- Getting Started with Local Traffic Policies
- What Can You Do with a Local Traffic Policy?
- How Does a Local Traffic Policy Work?
- Understanding Local Traffic Policy Workflow
- Introducing the Elements of a Local Traffic Policy
- Specifying the Matching Strategy
- What Are Rules?
- Understanding Requires and Controls
- Configuring and Managing Policy Rules
- Configuring a New Rule
- Including Tcl in Certain Rule Settings
Lesson 12 : Securing Application Delivery with LTM
- Understanding Today’s Threat Landscape
- Integrating LTM Into Your Security Strategy
- Defending Your Environment Against SYN Flood Attacks
- Defending Your Environment Against Other Volumetric Attacks
- Addressing Application Vulnerabilities with iRules and Local Traffic Policies
Lesson 13 : Final Lab Project
- About the Final Lab Project
- Possible Solution to Lab 14.0