Scribd
Upload
66 views2 pages

F5 Network - 301a - Question

This document provides an overview of various F5 load balancing concepts and configurations: 1. It discusses the order of precedence for virtual servers and how source address affects precedence. 2. It covers persistence profiles including cookie, source, and fallback persistence profiles. 3. It addresses persistence across virtual servers, virtual addresses, and pools. 4. It compares one-arm and two-arm load balancing modes, including SNAT differences with automap and SNAT pools. 5. It discusses when to add additional SNAT IPs or interface IPs to address port exhaustion.

Uploaded by

onereeacc
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
66 views2 pages

F5 Network - 301a - Question

This document provides an overview of various F5 load balancing concepts and configurations: 1. It discusses the order of precedence for virtual servers and how source address affects precedence. 2. It covers persistence profiles including cookie, source, and fallback persistence profiles. 3. It addresses persistence across virtual servers, virtual addresses, and pools. 4. It compares one-arm and two-arm load balancing modes, including SNAT differences with automap and SNAT pools. 5. It discusses when to add additional SNAT IPs or interface IPs to address port exhaustion.

Uploaded by

onereeacc
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 2

1.

) Virtual server order of precedence


IP, Network, Wildcard VS, specific port, wildcard port.
and How source address affect the precendece.

2.) Persistence Profile : cookie, source,


what is the purpose of "fallback persistence profile"
what happen if F5 can't find the cookie information ?

3.) Persistence across VS, Virtual Address and pool.

4.) One arm mode vs two arms mode flow


SNAT difference : Automap vs SNAT pool
(floating IP over non-floating IP)

5.) understand when to add additional SNAT IP (SNAT pool) / Interface IP(automap)
(Port exhaustion logs) -> 64,512

6.) Flow case -> learn the flow of one arms mode, two ars mode,
with and without SNAT. port translation address disable

7.) Flow case -> Direct server return , and what need to be configured on F5 and
server (same VS and server's loopback IP)

8.) passive FTP vs Active FTP. and when to use FTP profile

9.) Client SSL and Server SSL Profile configuration.


1. Cert & Key -> import & create cert
2. Profile -> assign cert & key & parameter
3. VS -> assign profile

when to use insecure-compatible-server-ssl (related to self signed certificate)

10.) HTTPS traffic flow and tcpdump


11.) SSL3.0/TLS1.0/TLS 1.2
12.) Preventing heartbleed (by using SSL offload or iRules (if SSL is not
offloaded))
13.) Intermediate Certificate (use case, browser got error prompt )

14.) Oneconnect behavior (connection pooling)


and how the "mask" work https://support.f5.com/csp/article/K85357500

15.) HTTP profile (Redirect Rewrite and XFF configuration)

16.) TCP Optimization

17.) Rewrite profile and Stream profile to rewrite absolute HTTP Path to HTTPS
scheme.

18.) Analytics Profile ( Metrics vs Entity)

19.) TMSH command structure (basically same as GUI )


ltm -> profile -> name
net -> self -> name
net -> route -> name
tmsh show, modify, create, delete, list

20.) Accessing tmsh command from bash and combine bash functionallity
#watch -n 10 tmsh show sys software
to watch how the software upgrade progressing.

21.) iRules -> basic event (HTTP REQUEST, HTTP RESPONSE)


and basic command

22.) VS type : forwarding, standard, L4, reject, stateless flow

23.) VS type: performance HTTP differences (read HTTP header only)

24.) know when to use irules, icontrol and icall

25.) Monitoring -> TCP, HTTP differences


and know how to craft custom HTTP monitor

26.) Monitor -> 3n + 1 rules (interval and detection)

27.) SSL forward vs reverse proxy and SSL Proxy

28.) Packet Filters, self ip and VS precendece

29.) LB Method and expected behavior , you need to understand how TMM instances
works

30.) /var/log/ltm inspection and tmm instances specific log.

31.) IQuery port (4353) and Iqdump command

32.) failover comm port -> 1026

33.) Route domains and admin partition. understand "default route domain" and how
to configure non-default route domain VS, pool, route and etc. (add % behind the
IP )

34.) Device groups, Sync-only, sync-failover, traffic groups concept


what happen if one device fails . where the traffic will be moving to .
!!! Got So many (4-5) questions !!!

35.) device scores (weight) and link weight -> as well as VLAN failsafe and Link
failsafe (deduct weight when ltm monitor fail)

36.) Auto last hop features . Override route behavior .

37.) MAC masquarade for faster convergence during failover.

38.) Virtual address tarffic group assignment, ARP and ICMP, and route advertisment
(RHI). go to Local Traffic -> Virtual address

39.) Compression and "keep accept-encoding" relation

40.) PGA (priority group activation) algorithm.


you need to know how it really works . there were 3 - 4 questions realted to PGA.
PGA will activate the highest weight first. and will start to activate the second
highest wight if the condition met (less than or equeals to defined value)

You might also like