FrontpageSearch trainingsF5 Administering BIG-IP V16.1 and Configuring BIG-IP LTM v16.1: Local Traffic Manager Bundle

F5 Administering BIG-IP V16.1 and Configuring BIG-IP LTM v16.1: Local Traffic Manager Bundle

Administering BIG-IP v16.1

This 2-day course gives network administrators, network operators, and network engineers a functional understanding of the BIG-IP system as it is commonly deployed in an application delivery network.

The course introduces students to the BIG-IP system, its configuration objects, how it processes traffic, and how typical administrative and operational activities are performed.

The course includes lecture, hands-on labs, interactive demonstrations, and discussions.

Topics covered:

  • Getting started with the BIG-IP system
  • Traffic processing with BIG-IP Local Traffic Manager (LTM)
  • Using TMSH (TMOS Shell) command line interface
  • Using NATs and SNATs
  • Monitoring application health and managing object status
  • Modifying traffic behavior with profiles, including SSL offload and re-encryption
  • Modifying traffic behavior with persistence, including source address affinity and cookie persistence
  • Troubleshooting the BIG-IP system, including logging (local, high-speed, and legacy remote logging), and using TCPDUMP
  • User roles and administrative partitions
  • vCMP concepts
  • Configuring high availability (including active/standby and connection and persistence mirroring)

Configuring BIG-IP LTM v16.1: Local Traffic Manager

This 3-day course gives network professionals a functional understanding of BIG-IP Local Traffic Manager, introducing students to both commonly used and advanced BIG-IP LTM features and functionality.

Incorporating lecture, extensive hands-on labs, and classroom discussion, the course helps students build the well-rounded skill set needed to manage BIG-IP LTM systems as part of a flexible and high performance application delivery network.

Topics covered:

  • BIG-IP initial setup (licensing, provisioning, and network configuration)
  • A review of BIG-IP local traffic configuration objects
  • Using dynamic load balancing methods
  • Modifying traffic behavior with persistence (including SSL, SIP, universal, and destination address affinity persistence)
  • Monitoring application health with Layer 3, Layer 4, and Layer 7 monitors (including transparent, scripted, and external monitors)
  • Processing traffic with virtual servers (including network, forwarding, and reject virtual servers)
  • Processing traffic with SNATs (including SNAT pools and SNATs as listeners)
  • Modifying traffic behavior with profiles (including TCP profiles, advanced HTTP profile options, caching, compression, and OneConnect profiles)
  • Advanced BIG-IP LTM configuration options (including VLAN tagging and trunking, SNMP features, packet filters, and route domains)
  • Customizing application delivery with iRules and local traffic policies
  • Securing application delivery using BIG-IP LTM


Training formats

Remote


Duration

40 hours


Price

4220 €

This course is intended for system and network administrators, operators, and engineers responsible for managing the normal day-to-day operation and administration of a BIG-IP application delivery network, and installation, setup, configuration, and administration of the BIG-IP LTM system.

At the end of this course, the student will be able to:

Administering BIG-IP v16.1

  • Describe the role of the BIG-IP system as a full proxy device in an application delivery network
  • Set up, start/restart/stop, license, and provision the BIG-IP system out-of-the-box
  • Create a basic network configuration on the BIG-IP system including VLANs and self IPs
  • Use the Configuration utility and TMSH to manage BIG-IP resources such as virtual servers, pools, pool members, nodes, profiles, and monitors
  • Create, restore from, and manage BIG-IP archives
  • View resource status, availability, and statistical information and use this information to determine how the BIG-IP system is currently processing traffic
  • Use profiles to manipulate the way the BIG-IP system processes traffic through a virtual server
  • Perform basic troubleshooting and problem determination activities including using the iHealth diagnostic tool
  • Support, and view traffic flow using TCPDUMP
  • Understand and manage user roles and partitions
  • Configure and manage a sync-failover device group with more than two members
  • Configure stateful failover using connection mirroring and persistence mirroring

Configuring BIG-IP LTM v16.1: Local Traffic Manager

  • Back up the BIG-IP system configuration for safekeeping
  • Configure virtual servers, pools, monitors, profiles, and persistence objects
  • Test and verify application delivery through the BIG-IP system using local traffic statistics
  • Configure priority group activation on a load balancing pool to allow servers to be activated only as needed to process traffic
  • Compare and contrast member-based and node-based dynamic load balancing methods
  • Configure connection limits to place a threshold on traffic volume to particular pool members and nodes
  • Differentiate between cookie, SSL, SIP, universal, and destination address affinity persistence, and describe use cases for each
  • Describe the three Match Across Services persistence options and use cases for each
  • Configure health monitors to appropriately monitor application delivery through a BIG-IP system
  • Configure different types of virtual services to support different types of traffic processing through a BIG-IP system
  • Configure different types of SNATs to support routing of traffic through a BIG-IP system
  • Configure VLAN tagging and trunking
  • Restrict administrative and application traffic through the BIG-IP system using packet filters, port lockdown, and virtual server settings
  • Configure SNMP alerts and traps in support of remote monitoring of the BIG-IP system
  • Use iRules and local traffic policies appropriately to customize application delivery through the BIG-IP system
  • Configure the BIG-IP to detect and mitigate some common attacks at the network and application layers using LTM features such as SYN check, eviction policies, iRules and Local Traffic Policies
  • The following free web-based training courses, although optional, will be very helpful for any student with limited BIG-IP administration and configuration experience. These courses are available at LearnF5 (https://www.f5.com/services/training):

    • ;Getting Started with BIG-IP
    • ;Getting Started with BIG-IP Local Traffic Manager (LTM) web-based training

    The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course:

    • ;OSI model encapsulation
    • ;Routing and switching
    • ;Ethernet and ARP
    • ;TCP/IP concepts
    • ;IP addressing and subnetting
    • ;NAT and private IP addressing
    • ;Default gateway
    • ;Network firewalls
    • ;LAN vs. WAN

    Administering BIG-IP v16.1

    Chapter 1: Setting Up the BIG-IP System

    • Introducing the BIG-IP System
    • Initially Setting Up the BIG-IP System
    • Configuring the Management Interface
    • Activating the Software License
    • Provisioning Modules and Resources
    • Importing a Device Certificate
    • Specifying BIG-IP Platform Properties
    • Configuring the Network
    • Configuring Network Time Protocol (NTP) Servers
    • Configuring Domain Name System (DNS) Settings
    • Configuring High Availability Options
    • Archiving the BIG-IP Configuration
    • Leveraging F5 Support Resources and Tools

    Chapter 2: Traffic Processing Building Blocks

    • Identifying BIG-IP Traffic Processing Objects
    • Configuring Virtual Servers and Pools
    • Load Balancing Traffic
    • Viewing Module Statistics and Logs
    • Using the Traffic Management Shell (TMSH)
    • Understanding the TMSH Hierarchical Structure
    • Navigating the TMSH Hierarchy
    • Managing BIG-IP Configuration State and Files
    • BIG-IP System Configuration State
    • Loading and Saving the System Configuration
    • Shutting Down and Restarting the BIG-IP System
    • Saving and Replicating Configuration Data (UCS and SCF)

    Chapter 3: Using NATs and SNATs

    • Address Translation on the BIG-IP System
    • Mapping IP Addresses with NATs
    • Solving Routing Issues with SNATs
    • Configuring SNAT Auto Map on a Virtual Server
    • Monitoring for and Mitigating Port Exhaustion

    Chapter 4: Monitoring Application Health

    • Introducing Monitors
    • Types of Monitors
    • Monitor Interval and Timeout Settings
    • Configuring Monitors
    • Assigning Monitors to Resources
    • Managing Pool, Pool Member, and Node Status
    • Using the Network Map

    Chapter 5: Modifying Traffic Behavior with Profiles

    • Introducing Profiles
    • Understanding Profile Types and Dependencies
    • Configuring and Assigning Profiles
    • Introducing SSL Offload and SSL Re-Encryption

    Chapter 6: Modifying Traffic Behavior with Persistence

    • Understanding the Need for Persistence
    • Introducing Source Address Affinity Persistence
    • Managing Object State

    Chapter 7: Administering the BIG-IP System

    • Configuring Logging
    • Legacy Remote Logging
    • Introducing High Speed Logging (HSL)
    • High-Speed Logging Filters
    • HSL Configuration Objects
    • Configuring High Speed Logging
    • Using TCPDUMP on the BIG-IP System
    • Leveraging the BIG-IP iHealth System
    • Viewing BIG-IP System Statistics
    • Defining User Roles and Administrative Partitions
    • Leveraging vCMP

    Chapter 8: Configuring High Availability

    • Introducing Device Service Clustering (DSC)
    • Preparing to Deploy a DSC Configuration
    • Configuring DSC Communication Settings
    • Establishing Device Trust
    • Establishing a Sync-Failover Device Group
    • Synchronizing Configuration Data
    • Exploring Traffic Group Behavior
    • Understanding Failover Managers and Triggers
    • Achieving Stateful Failover with Mirroring

    Configuring BIG-IP LTM v16.1: Local Traffic Manager

    Chapter 1: Setting Up the BIG-IP System

    • Introducing the BIG-IP System
    • Initially Setting Up the BIG-IP System
    • Archiving the BIG-IP Configuration
    • Leveraging F5 Support Resources and Tools

    Chapter 2: Reviewing Local Traffic Configuration

    • Reviewing Nodes, Pools, and Virtual Servers
    • Reviewing Address Translation
    • Reviewing Routing Assumptions
    • Reviewing Application Health Monitoring
    • Reviewing Traffic Behavior Modification with Profiles
    • Reviewing the TMOS Shell (TMSH)
    • Reviewing Managing BIG-IP Configuration Data

    Chapter 3: Load Balancing Traffic with LTM

    • Exploring Load Balancing Options
    • Using Priority Group Activation and Fallback Host
    • Comparing Member and Node Load Balancing

    Chapter 4: Modifying Traffic Behavior with Persistence

    • Reviewing Persistence
    • Introducing Cookie Persistence
    • Specifying Default and Fallback Persistence
    • Introducing SSL Persistence
    • Introducing SIP Persistence
    • Introducing Universal Persistence
    • Introducing Destination Address Affinity Persistence
    • Using Match Across Options for Persistence

    Chapter 5: Monitoring Application Health

    • Differentiating Monitor Types
    • Customizing the HTTP Monitor
    • Monitoring an Alias Address and Port
    • Monitoring a Path vs. Monitoring a Device
    • Managing Multiple Monitors
    • Using Application Check Monitors
    • Using Manual Resume and Advanced Monitor Timer Settings

    Chapter 6: Processing Traffic with Virtual Servers

    • Understanding the Need for Other Virtual Server Types
    • Forwarding Traffic with a Virtual Server
    • Understanding Virtual Server Order of Precedence
    • Path Load Balancing

    Chapter 7: Processing Traffic with SNATs

    • Overview of SNATs
    • Using SNAT Pools
    • SNATs as Listeners
    • SNAT Specificity
    • VIP Bounceback
    • Additional SNAT Options
    • Network Packet Processing Review

    Chapter 8: Modifying Traffic Behavior with Profiles

    • Profiles Overview
    • TCP Express Optimization
    • TCP Profiles Overview
    • HTTP Profile Options
    • HTTP/2 Profile Options
    • OneConnect
    • Offloading HTTP Compression to BIG-IP
    • Web Acceleration Profile and HTTP Caching
    • Stream Profiles
    • F5 Acceleration Technologies

    Chapter 9: Selected Topics

    • VLAN, VLAN Tagging, and Trunking
    • Restricting Network Access
    • SNMP Features
    • Segmenting Network Traffic with Route Domains

    Chapter 10: Customizing Application Delivery with iRules

    • Getting Started with iRules
    • Understanding When iRules are Triggered
    • Deploying iRules
    • Constructing an iRule
    • Testing and Debugging iRules
    • Exploring iRules Documentation

    Chapter 11: Customizing Application Delivery with Local Traffic Policies

    • Getting Started with Local Traffic Policies
    • Configuring and Managing Policy Rules

    Chapter 12: Securing Application Delivery with LTM

    • Understanding Today's Threat Landscape
    • Integrating LTM Into Your Security Strategy
    • Defending Your Environment Against SYN Flood Attacks
    • Defending Your Environment Against Other Volumetric Attacks
    • Addressing Application Vulnerabilities with iRules and Local Traffic Policies
    • Detecting and Mitigating Other Common HTTP Threats

    Chapter 13: Final Lab Project

    • About the Final Lab Project

    Chapter 14: Additional Training and Certification

    • Getting Started Series Web-Based Training
    • F5 Instructor Led Training Curriculum
    • F5 Professional Certification Program
    In cooperation with: Arrow