Академический Документы
Профессиональный Документы
Культура Документы
®
BIG-IP LTM V10 Essentials
/ / 20
BIG-IP® LTM Essentials Web-Based Training Lab Guide – © 2010 F5 Networks, Inc.
P-2 Preface
This Lab Guide was written for BIG-IP® LTM version 10.1.0. The lecture portions of the LTM Essentials web-based training
were written for the previous version, 10.0.1. Because F5 feels it is important to perform the hands-on labs on a current
version, the Lab Guide will be updated more frequently than the lecture portions. Most of the concepts discussed in the
lecture portion and lab steps in the lab guide apply to previous versions of BIG-IP LTM.
Contacting F5 Networks
Web www.f5.com
Email sales@f5.com & info@f5.com
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Preface P-3
Legal Notices
Copyright
Copyright 2010, F5 Networks, Inc. All rights reserved.
F5 Networks, Inc. (F5) believes the information it furnishes to be accurate and reliable. However, F5 assumes no
responsibility for the use of this information, nor any infringement of patents or other rights of third parties which may result
from its use. No license is granted by implication or otherwise under any patent, copyright, or other intellectual property
right of F5 except as specifically described by applicable user licenses. F5 reserves the right to change specifications at any
time without notice.
Trademarks
F5, F5 Networks, the F5 logo, BIG-IP, 3-DNS, Acopia, Acopia Networks, Application Accelerator, Ask F5, Application
Security Manager, ASM, ARX, Data Guard, Enterprise Manager, EM, FirePass, FreedomFabric, Global Traffic Manager,
GTM, iControl, Intelligent Browser Referencing, Internet Control Architecture, IP Application Switch, iRules, Link
Controller, LC, Local Traffic Manager, LTM, Message Security Module, MSM, NetCelera, OneConnect, Packet Velocity,
Secure Access Manager, SAM, SSL Accelerator, SYN Check, Traffic Management Operating System, TMOS,
TrafficShield, Transparent Data Reduction, uRoam, VIPRION, WANJet, WebAccelerator, and ZoneRunner are trademarks
or service marks of F5 Networks, Inc., in the U.S. and other countries, and may not be used without F5's express written
consent.
Patents
This product protected by U.S. Patent[s] 6,374,300; 6,473,802; 6,970,933; 7,051,126; 7,102,996; 7,146,354; 7,197,661;
7,206,282; 7,287,084. Other patents pending.
RF Interference Warning
This is a Class A product. In a domestic environment this product may cause radio interference, in which case the user may
be required to take adequate measures.
FCC Compliance
This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of FCC
rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is
operated in a commercial environment. This unit generates, uses, and can radiate radio frequency energy and, if not installed
and used in accordance with the instruction manual, may cause harmful interference to radio communications. Operation of
this equipment in a residential area is likely to cause harmful interference, in which case the user, at his own expense, will
be required to take whatever measures may be required to correct the interference.
Any modifications to this device, unless expressly approved by the manufacturer, can void the user's authority to operate
this equipment under part 15 of the FCC rules.
Standards Compliance
This product conforms to the IEC, European Union, ANSI/UL and Canadian CSA standards applicable to Information
Technology products at the time of manufacture.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Table of Contents
BIG-IP® LTM Essentials Web-Based Training Lab Guide – © 2010 F5 Networks, Inc.
Toc-2 Table of Contents
NOTE: Currently the F5 Training Lab environment does not support Redundant Pair. In the future
when Redundant Pair is supported the lab steps will be similar to Appendix D.
Labs 10 and 11, Redundant Pair and High Availability ............................................. 10-55
No Labs for these Modules yet, see Appendix D ................................................................. 10-55
Appendix D – Labs 10 and 11, Redundant Pair and High Availability ..................... D-1
Lab –Redundant Pair Setup ........................................................................................ D-1
Lab – Synchronization ............................................................................................... D-3
Lab – Network Failover ............................................................................................. D-5
Lab – Failover Triggers .............................................................................................. D-7
Lab – Connection Mirroring ...................................................................................... D-8
Lab – Persistence Mirroring ....................................................................................... D-9
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Introduction
Welcome to the BIG-IP LTM Essentials Web-Based Training Course Student Lab Guide. The purpose of the
BIG-IP LTM Essentials course is to introduce the basic information you need to set up and operate the BIG-IP
Local Traffic Manager (LTM) from F5 Networks. The purpose of this Lab Guide is to provide all the
information and exercises you need to work directly with a BIG-IP LTM system and solidify the concepts you
have learned in the associated Web-based training modules.
The hands-on lab exercises included in this course are critically important to your learning. These exercises are
especially helpful if you can do them as soon as possible after completing the associated training module.
Therefore, we recommend the following approach when taking this course:
• Before beginning a module, register for lab time.
• Work through the training module as close to the start of your lab time as possible.
• After completing the training module, move into the lab exercises. Be sure to complete the entire
exercise, including the review questions at the end.
There are eleven modules in this course, each one taking approximately thirty minutes to complete. To
complete the entire course, including modules and labs, will take you about fourteen hours.
In addition to the lab exercises, this guide contains other useful information.
• Appendix A provides some background information on F5 Networks and its products.
• Appendix B explains the various customer support resources that are available. We highly
recommend that you review this listing. You may find some of these resources to be very valuable
while working your way through this course.
• Appendix C contains an informative list of other training courses available from F5 Global
Training Services. After completing this introductory course, you may want to enroll in one or
more of these classes to gain a deeper understanding of BIG-IP LTM.
BIG-IP® LTM Essentials Web-Based Training Lab Guide – © 2010 F5 Networks, Inc.
Introduction
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module
Lab Instructions
1 Lab – Initial Setup Lab-1
1-1
NOTE: In the future you will not be prompted for credentials. Your user ID and email
will be passed from F5 University to the F5 Lab environment using SSO or single sign-
on. For now, you should enter the same info that you used for F5 University.
5. Your lab environment will take a couple minutes to initialize. Notice the message at top of
screen that says “Your environment is X% ready”.
6. The first time you connect you will need to install the Cloudshare plug-in and may need to
enable pop-ups for it to install. This is a first-time only install.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
1-2
Lab-2 Module 1 Lab
Lab
– Initial
Instructions
Setup
1. Each lab starts assuming an un-configured BIG-IP and then instructs you to restore a UCS
backup file that was captured at the end of the previous lab.
2. If during your lab time you wish to revert back to this un-configured state you may do so by
selecting Actions and then Revert Now.
3. Rather than restoring UCS files at the beginning of each new lab you may also work straight
through all the labs. From an instructional angle, F5 recommends doing the Module WBT,
then the lab for that Module. Then the next Module WBT and its corresponding lab.
4. Also, you can only enter the F5 Training Lab environment from
the links within F5 University (ie. the graphic to the right).
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module
Lab Instructions
1 Lab – Initial Setup Lab-3
1-3
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
1-4
Lab-4 Module 1 Lab
Lab
– Initial
Instructions
Setup
NOTE: The F5 Training Lab environment does not currently support redundant pair, but
will in the future. Appendix D has potential lab steps for when redundant pair is
supported by the F5 Training Lab.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 1 Lab – Initial Setup 1-5
LAB CONFIGURATION
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
1-6 Module 1 Lab – Initial Setup
Lab Requirements:
Reachable IP address on the management port
Valid License for the BIG-IP LTM Systems
Administration system with an IP address on the BIG-IP LTM’s network
PC Configuration
Your PC is configured with two IP Addresses in order to reach both the Management and client
networks once they are configured on your BIG-IP.
PC Mgmt IP Address 192.168.1.30/24
PC Client IP Address 10.10.1.30/16.
Licensing Steps
1. You should first see the Setup Utility’s Welcome screen. Click Next.
2. Normally, you would need to license your BIG-IP System. For these labs, the systems should
already be licensed. Review the features that are licensed and then click Next.
Provisioning Steps
1. The second screen should be Provisioning. Verify that BIG-IP LTM is set to something other
than None and click Next.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 1 Lab – Initial Setup 1-7
Setup Utility
1. Within the General Properties section, specify the following:
IP Address: 192.168.1.245
Network Mask: 255.255.255.0
Management Route: Leave blank
Host Name: bigip1.f5trn.com
Host IP Address: Use Management Port IP Address
High Availability: Redundant Pair
Unit ID: 1
Time Zone: America/Los Angeles
2. Within the User Administration section, specify the following:
Root Account Password: default
Root Account Confirm: default
Admin Account Password: admin
Admin Account Confirm: admin
SSH Access: Enabled
SSH IP Allow: * All Addresses
3. Click Next.
NOTE: When you type in the admin password field you will be required to log back into
the system whether the password has been changed or not.
Once this first step of administrative access has been configured, you can configure self-IP addresses
and VLANs. We will choose the Basic Network Configuration option, which will step through
creating two VLANs, internal and external, and their IP addresses, and interfaces. Each self IP will
be assigned Port Lockdown settings. Port lockdown limits administrative access to the self IP
addresses. Because we have configured the system as a redundant pair, Allow Default should be
selected for Port Lockdown on self IP’s of the internal VLAN to ensure the systems will be able to
communicate.
Because we have configured as a redundant pair, the administrator will also be prompted for a partner
address and a floating IP address for each VLAN. Generally, the partner address should be an
address on the internal VLAN to minimize security concerns. Floating addresses are shared between
the systems and used by the system that is currently active. These concepts are discussed in the
Redundant Pair module.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
1-8 Module 1 Lab – Initial Setup
4. Select the Basic Network Configuration option by clicking Next, then specify the
following:
5. Click the Next button to configure the External VLAN, then specify the following:
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 1 Lab – Initial Setup 1-9
Lab Requirements:
External IP address of the BIG-IP LTM system
User ID and password of the BIG-IP LTM system’s Web Configuration Utility
User ID and password of the BIG-IP LTM system’s Command Line Interface
PC Configuration
Your PC is configured with two IP Addresses in order to reach both the Management and client
networks once they are configured on your BIG-IP.
Mgmt IP Address 192.168.1.30/24
Client IP Address 10.10.1.30/16.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
1-10 Module 1 Lab – Initial Setup
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 1 Lab – Initial Setup 1-11
Lab Requirements:
External IP address of the BIG-IP LTM system
Saving a configuration
1. From the Navigation pane, click the System section.
2. Select Archives, then click Create.
3. Within the General Properties section, specify the following:
File Name Module1_End
Encryption Disabled
Private Keys Include
Version BIG-IP Version (read only)
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
1-12 Module 1 Lab – Initial Setup
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 2 Lab – Processing Traffic 2-13
Lab Requirements:
IP and port addresses available for use on BIG-IP LTM that can be reached by the client
systems
Actual servers with appropriate routes to return traffic through each BIG-IP LTM system
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
2-14 Module 2 Lab – Processing Traffic
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 2 Lab – Processing Traffic 2-15
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
2-16 Module 2 Lab – Processing Traffic
NOTE: Since the member’s IP addresses are the same, you could select Node List and
choose the member’s IP addresses from the drop-down list.
10. When complete, make sure to click Finished for the virtual server.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 2 Lab – Processing Traffic 2-17
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
2-18 Module 2 Lab – Processing Traffic
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 3 Lab – Load Balancing 3-19
Objectives:
Choose differing load balancing methods and view the resulting behavior
Choose differing member priority and ratio values and view the resulting behavior
Estimated time for completion: 10 minutes
Lab Requirements:
Access to a BIG-IP LTM with at least a pool with two or more working members
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
3-20 Module 3 Lab – Load Balancing
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 3 Lab – Load Balancing 3-21
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
3-22 Module 3 Lab – Load Balancing
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 4 Lab – Monitors 4-23
Lab Requirements:
Access to a BIG-IP LTM with at least one pool with two working members
Some knowledge of the traffic sent by the members
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
4-24 Module 4 Lab – Monitors
NOTE: Each time the Node List tab is pressed, the screen will refresh.
6. What are the nodes’ statuses? Was the change immediate?
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 4 Lab – Monitors 4-25
Conclusion
At this point, each node is being tested differently. Node 172.16.20.1 has a specific assignment,
my_icmp. Node 172.16.20.2 has no monitor assigned. Node 172.16.20.3 is using the Node Default
monitor, which is currently icmp. This is not a recommended configuration; rather it is used to
demonstrate the three ways monitors can be associated with nodes.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
4-26 Module 4 Lab – Monitors
NOTE: Each time the Members tab is pressed, the screen will refresh.
5. What are the members’ statuses? Was the change immediate?
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 4 Lab – Monitors 4-27
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
4-28 Module 4 Lab – Monitors
Conclusion
At this point, each member is being tested differently. Member 172.16.20.1:80 is set to inherit from
pool where the pool has http assigned. Member 172.16.20.2:80 has a specific assignment, my_http.
Member 172.16.20.3:80 has no assigned monitor. This configuration is not recommended; rather it is
used to demonstrate the three ways monitors can be associated with members.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 4 Lab – Monitors 4-29
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
4-30 Module 4 Lab – Monitors
NOTE: [1-3] is a simple regular expression that matches any single character in the
range from 1 to 3.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 5 Lab – Profiles 5-31
There is no Lab for Module 5 Profiles. There are labs using Profiles in both Modules 6,
Persistence, and 7 Labs, SSL Termination.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
5-32 Module 5 Lab – Profiles
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 6 Lab – Persistence 6-33
Lab Requirements:
Two or more working members in https_pool
A virtual server at https://10.10.1.100 associated with https_pool
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
6-34 Module 6 Lab – Persistence
NOTE: This is not required for persistence. Instead, it ensures that reuse of a single
server is due to persistence and not a load balancing choice.
2. Next, access and reset the statistics for the https_pool.
3. Open a new browser session and connect to https://10.10.1.100.
4. Refresh the screen 5-10 times by clicking Refresh or pressing the F5 key.
5. View the pool statistics. What are the results?
Name Pr_Src_Persist
Persistence Type Source Address Affinity
Parent Profile source_addr
4. In the Configuration Section, leave all fields at the default settings except for the following:
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 6 Lab – Persistence 6-35
8. Leave the * in the search field (show all records) and click Search or Refresh.
9. If no persistent sessions currently appear, refresh your screen connecting to
https://10.10.1.100 and then refresh the Persistence Records Statistics again.
10. Why might the persistent connection not appear the first time?
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
6-36 Module 6 Lab – Persistence
Lab Requirements:
Two or more working members in http_pool
A virtual server at http://10.10.1.100 associated with http_pool
Name PR_Cookie_Persist
Persistence Type Cookie
Parent Profile Cookie
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 6 Lab – Persistence 6-37
1. In the Configuration Section, leave all settings at default except for the following:
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
6-38 Module 6 Lab – Persistence
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 6 Lab – Persistence 6-39
Lab Requirements:
vs_https with resources https_pool and Pr_Src_Persist profile
NOTE: You may want to extend the persistence timeout value in the Persist_Source
profile before beginning this lab.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
6-40 Module 6 Lab – Persistence
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 7 Lab – SSL Termination 7-41
Lab Requirements:
An existing pool of members at port 80 (http_pool)
Access to a web browser
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
7-42 Module 7 Lab – SSL Termination
Generate a certificate
1. From the Navigation pane, expand the Local Traffic section.
2. Either select SSL Certificates and click Create or hover your mouse over SSL Certificates
and then click the sign on the flyout menu.
3. In the General Properties section, enter the name TestCertificate.
4. In the Certificate Properties section, enter the following:
Issuer Self
Common Name www.test.com
Division Training
Organization F5 Networks
Locality Seattle
State or Province Washington
County US
E-Mail Address Leave blank
Lifetime 365
5. In the Key Properties, choose the 1024 for the size.
6. Click Finished.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 7 Lab – SSL Termination 7-43
Name vs_ssl
Destination 10.10.1.102
Service Port 443 (or HTTPS)
State Enabled
4. In the Configuration section, accept all defaults except the SSL Profile (Client) option, and
choose the Pr_Client_SSL profile you’ve just created.
5. In the Resources section, select http_pool as the Default Pool.
6. Click Finished.
NOTE: The browser session is encrypted on the client side, but not on the server side.
3. Note the Pool Member address:port in the body of the web page (172.16.20.Y:80).
Unless otherwise configured, the traffic is encrypted from client to the BIG-IP LTM System, but
unencrypted between the BIG-IP system and the pool members.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
7-44 Module 7 Lab – SSL Termination
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 8 Lab – NATs and SNATs 8-45
Lab Requirements:
One or more servers on the internal side of the BIG-IP system
An available IP address to use for the NAT
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
8-46 Module 8 Lab – NATs and SNATs
Configure a NAT
1. From the Navigation pane, expand the Local Traffic section.
2. Either select SNATs, the NAT List tab, and Create, or use the flyout menus to expand
SNATs Æ NATs Æ and click the sign.
3. In the General Properties section, enter the following:
ARP Enabled
VLAN Traffic All VLANs
5. Click Finished.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 8 Lab – NATs and SNATs 8-47
SNAT Labs
Lab Requirements:
Access to a BIG-IP LTM System
An available IP address to use for the SNAT
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
8-48 Module 8 Lab – NATs and SNATs
2. Either select SNATs and Create, or use the flyout menus to expand SNATs and click the
sign.
3. In the General Properties section, the Name SNAT_NW_10X.
4. In the Configuration section, enter the following:
5. Click Finished.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 9 Lab – iRules 9-49
Lab Requirements:
External IP address of the Virtual Server
IP Address(es) of internal node (s)
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
9-50 Module 9 Lab – iRules
iRules Lab #1
Create and use an iRule that processes requests based on the file extension.
Create a Pool
1. From the Navigation pane, expand the Local Traffic section.
2. Either select Pools and then click Create, or use the flyout menus to expand Pools and click
the sign.
3. In the Configuration section, enter the following:
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 9 Lab – iRules 9-51
Name rule_txt_end
when HTTP_REQUEST {
if {[HTTP::uri] ends_with "txt"} {
pool pool1
Definition }
}
Name vs_rule_txt
Destination 10.10.1.101
Service Port 80 (or HTTP)
State Enabled
4. In the Configuration section, leave all fields at their default except the following:
5. In the Resources section, leave all fields at their default except the following:
iRules rule_txt_end
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
9-52 Module 9 Lab – iRules
when HTTP_REQUEST {
if {[HTTP::uri] ends_with "txt"} {
pool pool1
}
else { pool pool2 }
}
3. Open a new browser, test client connections and explain your results.
a. http://10.10.1.101/file.txt
b. http://10.10.1.101/text.txt
c. http://10.10.1.101
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 9 Lab – iRules 9-53
iRules Lab#2
Lab 2 Overview
Create and use an iRule that processes requests based on the TCP port.
Name rule_tcp_port
Definition when CLIENT_ACCEPTED {
if {[TCP::local_port] equals 80} {
pool pool1
}
elseif { [TCP::local_port] equals 443 } {
pool pool2
}
}
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
9-54 Module 9 Lab – iRules
Name vs_tcpport
Destination 10.10.1.103
Service Port * All Ports
State Enabled
iRules rule_tcp_port
Default Pool pool3
NOTE: You can verify that your SSH session went to Pool3 using Statistics.
2. View statistics and configuration information through:
a. Overview Section / Statistics / Choose from Statistics Type drop-down list.
b. Local Traffic Section / Virtual Servers / Statistics
c. Local Traffic Section / Pools / Statistics
3. To which node is traffic being directed for each client request above and why?
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 10 and 11 Lab – Redundant Pair and High Availability 10-55
NOTE: Currently the F5 Training Lab environment does not support Redundant Pair. In
the future when Redundant Pair is supported the lab steps will be similar to Appendix D.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
10-56 Module 10 and 11 Lab – Redundant Pair and High Availability
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Lab Project LP-57
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2009 F5 Networks, Inc.
LP-58 Lab Project
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2009 F5 Networks, Inc.
Lab Project LP-59
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2009 F5 Networks, Inc.
LP-60 Lab Project
Verification
Activity Questions Working?
Open a Browser and connect to Are you load balancing?
http://10.10.1.100 Why or why not?
Refresh the screen 5-10 times
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2009 F5 Networks, Inc.
Lab Project LP-61
Review Questions
1. Which admin users’ passwords are changed by the BIG-IP setup utility, and what access do
they have?
4. How are monitors created, and what can they be assigned to?
5. If a particular node is in a node disabled condition, will any types of client requests still be
directed to that pool member?
6. What is the difference between the client SSL and server SSL Profiles?
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2009 F5 Networks, Inc.
LP-62 Lab Project
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2009 F5 Networks, Inc.
Lab Project LP-63
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2009 F5 Networks, Inc.
LP-64 Lab Project
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2009 F5 Networks, Inc.
Appendix A
F5 Products include:
BIG-IP Local Traffic Manager (LTM)
BIG-IP Global Traffic Manager (GTM)
BIG-IP Link Controller (LC)
BIG-IP Application Security Manager (ASM)
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Appendix A
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Appendix A
Application Firewall
BIG-IP® ASM provides comprehensive security for IP-based applications and services, protecting
them against known and unknown external threats at the network and application layers. ASM is an
Application Firewall, a new class of device which protects applications from hackers and other
malicious attacks.
ASM offers several modules for filtering out malicious requests, scrubbing data sent to users, and
cloaking application infrastructure. The core functionality is a powerful application firewall that
checks every user request against a known set of user interactions with the Web application, rejecting
any request not known to be legal.
Unlike network firewall products that focus on protecting against network level attacks or pure
Intrusion Prevention Systems that focus on preventing ever increasing quantities of known attacks.
ASM offers organizations a complete Web application protection system capable of blocking a broad
range of network, and Web application attacks.
Application Optimization
Mobile workers access enterprise applications from coffee shops, airports and offices. These workers
expect their web applications—e-mail, ERP, sales force automation—to perform well in all locations.
If any part of the application delivery system falters, end-to-end performance degrades and
productivity suffers.
WebAccelerator™ is an advanced application delivery solution that provides superior web
application performance for mobile workers. WebAccelerator speeds up web applications such as
Hyperion™, Peoplesoft™, Plumtree™, SAP™, Siebel™ and others, often increasing performance by
200% to 500%.
Application Delivery
BIG-IP® WOM is an appliance-based solution that delivers LAN-like application performance over
the WAN. WOM accelerates applications including: file transfer, e-mail, client-server applications,
data replication, and others, resulting in predictable, fast performance for all WAN users.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Appendix A
FirePass®
iControl® SDK
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Appendix B B-1
F5 Customer Support
Network Support Center
F5® Technical Support is designed to remotely assist you with specific break-fix issues regarding
ongoing maintenance of your F5 products. All F5 products come with a one year manufacturer's
hardware warranty and 90 days of software media warranty. Technical support is limited to F5
products with active support contracts. Subscribers who require additional levels of support from our
support team may opt to upgrade to Premium Support, which includes 24 x 7 support.
Ask F5
Ask F5 is an online knowledgebase accessible 24x7 through our technical support website. Ask F5
gives you real-time access to in-depth product and technical support information, by providing a
simple, English language query-based search. Ask F5 provides unlimited access at no additional
charge for all F5 customers covered under an F5 annual service agreement.
DevCentral
DevCentral is a community of experienced F5 users who regularly post answers based on real-life
knowledge. To assist DevCentral members, F5 provides technical documentation, tips, access to free
sample downloads, and a confidential discussion forum for receiving answers to technical questions.
DevCentral is free of charge to our customers for building iRules and iControl applications, and the
forum is monitored by F5 engineers and experts who offer assistance on technical questions including
design, architecture, troubleshooting, and general assistance with building iRules and iControl
applications.
Information required for opening a BIG-IP LTM or BIG-IP GTM support case
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
B-2 Appendix B
F5 Networks Technical Support can help resolve problems more quickly when you provide a full
description of the problem and the details of your configuration. To help you gather all the required
information, use the following guidelines to prepare for opening a case.
General Information
Provide the following information when you open a case with F5 Networks Technical Support:
A full description of the problem, including the following:
• The symptoms of the problem.
• The approximate time the problem first occurred.
• The number of times the problem has recurred.
• Any error output provided by the system.
• Steps to reproduce the problem.
• Any changes you made to the system before the problem first occurred.
• Any steps you have attempted to solve the problem.
A description of the impact the problem is having on your site, using the following definitions:
• Site Down - Your network or application is down or critical business functions
have stopped due to the problem.
• Site at Risk - Your network or application is severely and negatively impacted
by the problem.
• Performance Severely Degraded - The performance of your network or
application has been severely reduced due to the problem.
• Performance Impaired - Your network or application is suffering from reduced
performance, but otherwise continues to work as expected.
• General Assistance Required - The subject of the case does not currently
impact your network or application.
The hours that you are available to work on the problem and any alternative contacts that can work on
the problem if you are not available.
Remote access information, if possible.
Remote access to your network environment is important, because it is the most effective method for
collecting information and troubleshooting technical issues. If you cannot provide remote access, F5
Networks Technical Support will work directly with you to resolve the issue over the phone;
however, this method can often be more time consuming and may require file transfers, replication,
and additional testing.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Appendix B B-3
tech.out file
A tech.out file contains the configuration files that F5 Networks Technical Support most frequently
needs when troubleshooting a problem. A tech.out file is produced by the qkview utility and the terms
tech.out and qkview may be used interchangeably.
For more information about qkview, refer to SOL1858: Overview of the qkview utility.
Log files
The tech.out file contains the log files for the last day. If the problem has existed for more than a day,
provide all the log files on the system, by performing the following steps:
1. Log in to the command line.
2. Change directories to the /var/log directory, by typing the following command:
cd /var/log
3. Place all of the log files in a tar archive, by typing the following command:
tar -czpf /var/tmp/logfiles.tar.gz *
4. This command will create a tar archive named logfiles.tar.gz in the /var/tmp directory.
Packet traces
If the problem involves the network, perform a packet trace while the problem is occurring and
provide the packet trace when you open the case.
For more information about performing packet traces with tcpdump, refer to SOL2246: Performing a
packet trace and providing the results to F5 Networks Support.
UCS archive
If you cannot give F5 Support remote access to your system, you must provide a UCS archive of the
current configuration. For more information, refer to SOL2250: Overview of UCS archives.
Core files
Core files contain the contents of the system memory at the time a crash occurred. If the system has
been configured to save core files, they will be located in the /var/savecore directory. Provide any
existing core files when you open the case.
If the system is crashing and has not yet been configured to save core files, configure it so that a core
file will be saved the next time the crash occurs.
For more information, refer to the following Solutions:
For switch appliances: SOL2226: Saving core files on BIG-IP or 3-DNS Controllers that have limited
disk space
For server appliances and blade controllers: SOL266: Configuring the BIG-IP or 3-DNS Controller to
save a core dump
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
B-4 Appendix B
tcpdump
tcpdump is one of the main troubleshooting tools used by the F5 Networks Support group to
determine what is happening on a BIG-IP LTM System.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Appendix B B-5
F5 Professional Services
F5 Professional Services executes on the company's paradigm of innovation by delivering a full-range
of consulting services, including planning, design, deployments, upgrades, migrations, optimization
and application verification to ensure a highly available, scalable and secure infrastructure.
Installation Services
An F5 professional Consultant will work to ensure your F5 product is installed and running as
efficiently as possible. Network topology, load balancing design review, application tuning and
product orientation are included in this service. Network performance tuning and comprehensive
product training are not included.
Optimization Services
F5 Consultants can help you leverage the true power of advanced product features such as
compression, caching, and traffic shaping. Network performance tuning and application tuning are
also offered to optimize your F5 deployment.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
B-6 Appendix B
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Appendix B B-7
Pre-Installation Information
Objective:
Now having a better understanding of the BIG-IP LTM Software and how it works, this section
conveys additional information to consider during a BIG-IP LTM System installation. You will learn
the types of hardware and networking questions that need to be answered before an installation takes
place.
Servers
1. What type of hardware are your servers?
2. What OS are your servers?
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
B-8 Appendix B
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Appendix B B-9
Pre-Installation Checklist
Follow the steps below to ensure proper installation of your BIG-IP LTM System.
1. Provide 3 real internet addresses for a redundant BIG-IP LTM System configuration.
2. Provide a real internet address for each virtual IP address (VIP) or NAT.
3. Provide 3 internal IP addresses (e.g. 10.x.x.x, RFC 1918 etc.) [redundant BIG-IP LTM System
configuration].
4. Provide one internal IP address per node on the internal network.
5. Provide appropriate connectivity to physical segments.
6. Provide the IP addresses of the DNS servers (optional depending on implementation).
7. Provide access to the existing production content server(s), or an alternate content server.
8. Provide a monitor, keyboard and the appropriate power outlet for the monitor.
9. Provide one 110/220 power outlet for each BIG-IP LTM System unit.
10. Provide monitor A/B switch (optional).
11. Identify and provide access to any management workstations
(For example workstation running CA Unicenter or other monitoring tool).
12. Identify and provide access to a monitoring workstation (non-dedicated) for the SSH client software
(optional).
13. Designate an individual as the primary contact and “BIG-IP LTM System administrator” (tier 2 or 3).
14. Verify that each BIG-IP LTM external IP address can be accessed through incoming tcp port 22
(optional - to verify remote administration capability).
15. Verify that each BIG-IP LTM System can use outgoing tcp port 22 from tcp port 1023-1019 (optional).
16. Verify your ability to change DNS A records (for conversion from DNS round robin).
17. Create a DNS entry for each BIG-IP LTM administrative IP address (optional).
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
B-10 Appendix B
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Appendix B B-11
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
B-12 Appendix B
To activate the license for the system, you must have a base registration key. The base registration
key is a 27-character string that lets the license server know which F5 products you are entitled to
license. The base registration key is preinstalled on your system. If the system is not yet licensed, the
Configuration utility prompts you to enter the base registration key. You enter keys for additional
modules using settings in the Add-On Registration Key List area of the License screen.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Appendix B B-13
Assuming the system is currently booted to the image on slot HD1.1, the following command, run
from the /shared/images directory, would install a clean image of version 10 on slot 1.2, change the
default boot location to the new image, and reboot the system after installation.
image2disk --instslot=HD1.2 --nosaveconfig --setdefault --
reboot BIGIP-10.0.0.5401.0.iso
Assuming the system is currently booted to the image on slot HD1.1, the following command, run
from the /shared/images directory, would install a hotfix on the image in slot HD1.2, but leave the
current slot active.
image2disk --instslot=HD1.2 --hotfix Hotfix-BIGIP-10.0.0-
5460.HF1.iso
After any upgrade, you can confirm the installed versions by issuing the switchboot command.
Switchboot displays the version that is installed on each slot, shows which is the current default boot
slot, and allows you to change the default boot slot. The output shown below is of a system with
version 9.4.5 on slot 1.1 and version 10 with hotfix 1 on slot 1.2. Slot 1.1 is currently set as the
default boot slot.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
B-14 Appendix B
The screen above shows the version of the current installations, the default boot image, and the
available images to install. The Import button would allow you to copy additional images from your
PC to the BIG-IP system.
The Hotfix List tab shows the list of Hotfixes on the system.
The Boot Locations tab shows the current default boot image but also allows you to change it.
The Volume Management tab shows the list of partitions or volumes (version 10 only). Once the
system is converted to volumes, additional volumes can be created.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Appendix B B-15
Download
1. Access the ISO and MD5 files per the instructor’s directions. Copy the files to the
/shared/images directory.
Install
1. Install the iso with the command:
image2disk --instslot=HD1.x --nosaveconfig <filename>
Verify Installation
1. After the system reboots, verify the version and note the hotfix.
b version
or tmsh> show /sys version and show /sys license
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
B-16 Appendix B
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Appendix C
This two-day course builds on the foundation of the BIG-IP LTM Essentials course to give
networking professionals an in-depth understanding of the BIG-IP LTM system. It also covers less
commonly used but more powerful ways of using the many features of the BIG-IP LTM system.
In addition, significant time is spent using the command line tools to configure the BIG-IP LTM
system. This hands-on course includes lectures, labs and discussions. Students will learn about
command line functions, advanced configurations, and advanced troubleshooting.
ARCHITECTING BIG-IP INTO AN APPLICATION DELIVERY NETWORK
This two-day course gives networking professionals an understanding of how to architect and
design BIG-IP devices into an application delivery network. The course builds on the foundation
of the BIG-IP Local Traffic Manager (LTM) Essentials and Advanced Topics courses,
demonstrating the next steps for implementing BIG-IP in a way that effectively delivers your
client applications. The labs for the course involve design exercises and group discussions. Based
on the knowledge gained in other BIG-IP LTM courses, you will work with other students to build
network designs that incorporate BIG-IP LTM to accomplish customer goals. The course will
cover many network design options, as well as best practices for given customer scenarios. The
course will also explore other design options available using BIG-IP Global Traffic Manager,
BIG-IP Link Controller, BIG-IP Application Security Manager, BIG-IP Message Security
Module, and BIG-IP WebAccelerator.
TROUBLESHOOTING BIG-IP LTM
Prerequisite: Participants should have passed the BIG-IP LTM Essentials certification test or successfully
completed the BIG-IP LTM Essentials course.
This two-day course gives networking professionals hands-on knowledge of how to troubleshoot a
BIG-IP LTM system using a number of troubleshooting techniques and troubleshooting and
system tools. This course includes lectures, labs, and discussions.
CONFIGURING BIG-IP WITH IRULES
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Appendix C
monitor and manage common tasks involved with processing traffic on the BIG-IP. Course Labs
consist of writing, applying and evaluating the effect of iRules on LTM traffic. This hands-on
course includes lectures, labs, and discussions.
BIG-IP GLOBAL TRAFFIC MANAGER
The BIG-IP Global Traffic Manager course is designed for networking professionals to renew
their understanding of DNS network systems and wide-area networks, master pre-installation
information gathering, and apply this information to the process of installing a GTM System.
Utilizing both simulated installation activities and hands-on exercises, participants gain real-time
experience setting up and configuring both primary and secondary GTM Systems, WAN systems,
integrating multiple GTM Systems, and migrating DNS systems to a GTM. Participants will also
gain knowledge of the essential GTM management interfaces that assist network managers. In
addition, this course covers configuring, monitoring and testing GTM Systems and networks, as
well as dynamic and static load balancing, and GTM report screens.
BIG-IP WEBACCELERATOR
The WebAccelerator Module course is designed for customers running the WebAccelerator
Module on TMOS™ and is designed to help network professionals improve web site customer
experience. The course focuses on typical HTTP processes and how the WebAccelerator Module
can take advantage of those processes to decrease response time while ensuring data accuracy and
integrity.
Using lectures and hands-on exercises, participants gain real-time experience setting up and
configuring the necessary portions of the Local Traffic Manager (LTM) system as well as typical
WebAccelerator Module settings. From the LTM framework, these settings include pools, profiles
and virtual servers. In addition discussion and labs will focus on the WebAccelerator Module
framework, include editing standard policies to affect how the traffic is manipulated as it is
processed by the system. Participants will see how the changes improve the user experience
through tools such as HttpWatch.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Appendix C
FIREPASS V6.X
This three-day course provides security and network professionals with a functional understanding
of the FirePass® Controller. The course includes installation, configuration, management and
troubleshooting on a FirePass system. Lectures, demonstrations, hands-on labs and discussions
will be incorporated.
For more details about course offerings, pricing, schedules, and registration, see the following web
site: http://www.f5.com/training-support/global-training/
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Appendix C
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 10DLab
Appendix - Module
– Redundant
10 Lab Pair
– Redundant Pair 10-1
D-1
NOTE: Currently the F5 Training Lab environment does not support Redundant Pair. In
the future when Redundant Pair is supported the lab steps will be similar to the following:
Setup utility
Configuring a pair of BIG-IP systems is very similar to configuring a single BIG-IP system. When
you choose “Redundant Pair” for the High Availability option in the setup utility, there are a few
additional parameters than must be set. You must set each system’s Unit ID, specify a partner
address, and set floating (shared) IP addresses for each VLAN.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
10-2
D-2 Appendix D - Module 10 Lab – Redundant Pair
11. The configuration for BIG-IP #1 should be as if you had just finished all Module9 Labs.
Please verify this is the case. Your configuration should be licensed and include five Pools,
two iRules, five Virtual Servers, and Monitors assigned to some but not all Pool Members.
No Pool Members should be marked Offline (red) or Disabled (black). Finally, the vs_https
Virtual Server should have a Source Address Persistence Profile assigned.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Module 10DLab
Appendix - Module
– Redundant
10 Lab Pair
– Redundant Pair 10-3
D-3
Step System Y
Management Port IP address 192.168.1.xx
Management Port Netmask 255.255.255.0
Hostname bigip2.f5trn.com
High Availability Redundant Pair
Unit ID 2
root password default
admin password admin
SSH Access * All Addresses
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
10-4
D-4 Appendix D - Module 10 Lab – Redundant Pair
Synchronization Lab
Synchronization should always be from the system’s whose configuration is desired. In our case, we
wish to Synchronize the BIG-IP #1 configuration to BIG-IP #2 since it has no configuration.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2010 F5 Networks, Inc.
Appendix D - Module 11 Lab – High Availability D-5
NOTE: Currently the F5 Training Lab environment does not support Redundant Pair. In
the future when Redundant Pair is supported the lab steps will be similar to the following:
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2009 F5 Networks, Inc.
D-6 Appendix D - Module 11 Lab – High Availability
6. Enter a Root Account password of default twice and an Admin Account password of
admin twice and then click Next.
7. You will be prompted to login again because of changing the Admin password.
8. After logging in, click the Finished button under Advanced Network Configuration.
9. From the Navigation pane, expand the System section, then select Archives.
10. Click the Module11_Lab_BIGIP2.ucs archive and then click the Restore button. An Ok
button appears to acknowledge the restore has started. It will take a minute, but watch this
screen and you should see messages that your restore completed successfully. You might
receive one error message but that is ok and is due to the F5 Training Lab environment only.
11. Your configuration should be as if you had just finished all Module10 Labs. Please verify
this is the case. BIG-IP #2 should be licensed and include six Pools, two iRules, six Virtual
Servers, and Monitors assigned to some but not all Pool Members. No Pool Members should
be marked Offline (red) or Disabled (black). It should have a hostname of bigip2.f5trn.com
and Self IPs (Network / Self IPs) of 10.10.1.XX, 10.10.1.33, 172.16.1.XX and 172.16.1.33.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2009 F5 Networks, Inc.
Appendix D - Module 11 Lab – High Availability D-7
NOTE: Currently the F5 Training Lab environment does not support Redundant Pair. In
the future when Redundant Pair is supported the lab steps will be similar to the following:
Objectives:
During this lab, you will configure network failover.
Note: The F5 Training Lab environment does not support the failover cable.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2009 F5 Networks, Inc.
D-8 Appendix D - Module 11 Lab – High Availability
4. When both systems have been set, note that the systems change to active-standby mode.
BIG-IP #2 should be the one to fallback to standby state because it is unit 2.
5. Remove the Ethernet cable used for the VLAN of the self IP addresses used for network
failover addresses. In the course labs, this should be for port 1.2.
6. Alternate method for remote classes: disable the 1.2 interface.
a. Configuration Utility: Networks / Interfaces / Check the box next to interface 1.2 and
click Disable.
b. Command Line: b interface 1.2 disable.
7. How quickly did the standby system assume the active role also?
8. Note that both systems are in active mode; both are trying to service all virtual servers, NATs
and SNATs.
9. Replace the Ethernet cable and note that Unit 2 reverts to standby mode. How quickly did it
revert to standby?
10. Alternate method for remote classes: enable the 1.2 interface.
a. Configuration Utility: Networks / Interfaces / Check the box next to interface 1.2 and
click Enable.
b. Command Line: b interface 1.2 enable.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2009 F5 Networks, Inc.
Appendix D - Module 11 Lab – High Availability D-9
NOTE: Currently the F5 Training Lab environment does not support Redundant Pair. In
the future when Redundant Pair is supported the lab steps will be similar to the following:
Objective:
During this lab, you will learn how to configure automatic the VLAN Failsafe trigger.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2009 F5 Networks, Inc.
D-10 Appendix D - Module 11 Lab – High Availability
NOTE: Currently the F5 Training Lab environment does not support Redundant Pair. In
the future when Redundant Pair is supported the lab steps will be similar to the following:
Objective:
During this lesson, you will learn how to configure connection mirroring.
Lab Requirements:
Establish an SSH Connection to the virtual server. You must have a virtual server configured for port
22 and a pool of SSH servers assigned to that virtual server.
Perform Failover
1. Force the Active system to standby (System / High Availability / Force to Standby).
2. Notice that the SSH connection has been lost.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2009 F5 Networks, Inc.
Appendix D - Module 11 Lab – High Availability D-11
5. Test your connection by typing ls <enter> or similar command. Note the connection is
maintained.
NOTE: Currently the F5 Training Lab environment does not support Redundant Pair. In
the future when Redundant Pair is supported the lab steps will be similar to the following:
Objective:
During this lesson, you will learn how to activate persistence mirroring for a pool where simple
persistence in enabled.
Lab Requirements:
You must have a virtual server and pool appropriate for persistence other than cookie persistence.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2009 F5 Networks, Inc.
D-12 Appendix D - Module 11 Lab – High Availability
Perform Failover
1. Force the Active system to standby. (System / High Availability / Redundancy / Force to
Standby).
2. Refresh the session to https://10.10.1.100. While there is some chance the same node may
be chosen, the https session does not persist to the same server. If it does seem to persist to
the same node, failover again and test. You may need to refresh by pressing Ctrl-F5 to ensure
the browser does not simply display its cache.
BIG-IP® LTM Essentials Web based Training Lab Guide – © 2009 F5 Networks, Inc.