TRAINING COURSE

Configuring BIG-IP LTM: Local Traffic Manager

This course gives network professionals a functional understanding of BIG-IP Local Traffic Manager, introducing students to both commonly used and advanced BIG-IP LTM features and functionality. Incorporating lecture, extensive hands-on labs, and classroom discussion, the course helps students build the well-rounded skill set needed to manage BIG-IP LTM systems as part of a flexible and high performance application delivery network.

Course Objectives

  • Back up the BIG-IP system configuration for safekeeping
  • Configure virtual servers, pools, monitors, profiles, and persistence objects
  • Test and verify application delivery through the BIG-IP system using local traffic statistics
  • Configure priority group activation on a load balancing pool to allow servers to be activated only as needed to process traffic
  • Compare and contrast member-based and node-based dynamic load balancing methods
  • Configure connection limits to place a threshold on traffic volume to particular pool members and nodes
  • Differentiate between cookie, SSL, SIP, universal, and destination address affinity persistence, and describe use cases for each
  • Describe the three Match Across Services persistence options and use cases for each
  • Configure health monitors to appropriately monitor application delivery through a BIG-IP system
  • Configure different types of virtual services to support different types of traffic processing through a BIG-IP system
  • Configure different types of SNATs to support routing of traffic through a BIG-IP system
  • Configure VLAN tagging and trunking
  • Restrict administrative and application traffic through the BIG-IP system using packet filters, port lockdown, and virtual server settings
  • Configure SNMP alerts and traps in support of remote monitoring of the BIG-IP system
  • Use iRules and local traffic policies appropriately to customize application delivery through the BIG-IP system
  • Configure the BIG-IP to detect and mitigate some common attacks at the network and application layers using LTM features such as SYN check, eviction policies, iRules and Local Traffic Policies

Course Topics

  • BIG-IP initial setup (licensing, provisioning, and network configuration)
  • A review of BIG-IP local traffic configuration objects
  • Using dynamic load balancing methods
  • Modifying traffic behavior with persistence (including SSL, SIP, universal, and destination address affinity persistence)
  • Monitoring application health with Layer 3, Layer 4, and Layer 7 monitors (including transparent, scripted, and external monitors)
  • Processing traffic with virtual servers (including network, forwarding, and reject virtual servers)
  • Processing traffic with SNATs (including SNAT pools and SNATs as listeners)
  • Modifying traffic behavior with profiles (including TCP profiles, advanced HTTP profile options, caching, compression, and OneConnect profiles)
  • Advanced BIG-IP LTM configuration options (including VLAN tagging and trunking, SNMP features, packet filters, and route domains)
  • Customizing application delivery with iRules and local traffic policies
  • Securing application delivery using BIG-IP LTM

Audience

This course is intended for system and network administrators responsible for installation, setup, configuration, and administration of the BIG-IP LTM system.

Prerequisites

Students are required to complete one of the following F5 prerequisites before attending this course:

The following free web-based courses, although optional, will be very helpful for any student with limited BIG-IP administration and configuration experience.

The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course:

  • OSI model encapsulation
  • Routing and switching
  • Ethernet and ARP
  • TCP/IP concepts
  • IP addressing and subnetting
  • NAT and private IP addressing
  • Default gateway
  • Network firewalls
  • LAN vs. WAN

The following course-specific knowledge and experience is suggested before attending this course:

  • Web application delivery
  • HTTP, HTTPS, FTP and SSH protocols
  • TLS/SSL

Major Course Changes since v14

Updates for the v15.1 release include the addition of HTTP/2 in the Profiles chapter. The iApps chapter was removed due to deprecation in the GUI. iRules move to a dedicated chapter and additional content and 1 lab added for a better introduction to the topic. This places Local Traffic Policies into a dedicated chapter following iRules. All remaining content was reviewed and updated for relevance to the BIG-IP v15.1 release.

Course Outlines

View Course Outline v15

v15 COURSE OUTLINE

Chapter 1: Setting Up the BIG-IP System

  • Introducing the BIG-IP System
  • Initially Setting Up the BIG-IP System
  • Archiving the BIG-IP Configuration
  • Leveraging F5 Support Resources and Tools

Chapter 2: Reviewing Local Traffic Configuration

  • Reviewing Nodes, Pools, and Virtual Servers
  • Reviewing Address Translation
  • Reviewing Routing Assumptions
  • Reviewing Application Health Monitoring
  • Reviewing Traffic Behavior Modification with Profiles
  • Reviewing the TMOS Shell (TMSH)
  • Reviewing Managing BIG-IP Configuration Data

Chapter 3: Load Balancing Traffic with LTM

  • Exploring Load Balancing Options
  • Using Priority Group Activation and Fallback Host
  • Comparing Member and Node Load Balancing

Chapter 4: Modifying Traffic Behavior with Persistence

  • Reviewing Persistence
  • Introducing Cookie Persistence
  • Specifying Default and Fallback Persistence
  • Introducing SSL Persistence
  • Introducing SIP Persistence
  • Introducing Universal Persistence
  • Introducing Destination Address Affinity Persistence
  • Using Match Across Options for Persistence

Chapter 5: Monitoring Application Health

  • Differentiating Monitor Types
  • Customizing the HTTP Monitor
  • Monitoring an Alias Address and Port
  • Monitoring a Path vs. Monitoring a Device
  • Managing Multiple Monitors
  • Using Application Check Monitors 
  • Using Manual Resume and Advanced Monitor Timer Settings

Chapter 6: Processing Traffic with Virtual Servers

  • Understanding the Need for Other Virtual Server Types
  • Forwarding Traffic with a Virtual Server
  • Understanding Virtual Server Order of Precedence
  • Path Load Balancing

Chapter 7: Processing Traffic with SNATs

  • Overview of SNATs
  • Using SNAT Pools
  • SNATs as Listeners
  • SNAT Specificity
  • VIP Bounceback
  • Additional SNAT Options
  • Network Packet Processing Review

Chapter 8: Modifying Traffic Behavior with Profiles

  • Profiles Overview
  • TCP Express Optimization
  • TCP Profiles Overview
  • HTTP Profile Options
  • HTTP/2 Profile Options
  • OneConnect
  • Offloading HTTP Compression to BIG-IP
  • Web Acceleration Profile and HTTP Caching
  • Stream Profiles
  • F5 Acceleration Technologies

Chapter 9: Selected Topics

  • VLAN, VLAN Tagging, and Trunking 
  • Restricting Network Access
  • SNMP Features
  • Segmenting Network Traffic with Route Domains

Chapter 10: Customizing Application Delivery with iRules

  • Getting Started with iRules
  • Understanding When iRules are Triggered
  • Deploying iRules
  • Constructing an iRule
  • Testing and Debugging iRules
  • Exploring iRules Documentation

Chapter 11: Customizing Application Delivery with Local Traffic Policies

  • Getting Started with Local Traffic Policies
  • Configuring and Managing Policy Rules

Chapter 12: Securing Application Delivery with LTM

  • Understanding Today’s Threat Landscape
  • Integrating LTM Into Your Security Strategy
  • Defending Your Environment Against SYN Flood Attacks
  • Defending Your Environment Against Other Volumetric Attacks
  • Addressing Application Vulnerabilities with iRules and Local Traffic Policies
  • Detecting and Mitigating Other Common HTTP Threats

Chapter 13: Final Lab Project

  • About the Final Lab Project
View Course Outline v14

v14 COURSE OUTLINE

Chapter 1: Setting Up the BIG-IP System

  • Introducing the BIG-IP System
  • Initially Setting Up the BIG-IP System
  • Archiving the BIG-IP Configuration
  • Leveraging F5 Support Resources and Tools

Chapter 2: Reviewing Local Traffic Configuration

  • Reviewing Nodes, Pools, and Virtual Servers
  • Reviewing Address Translation
  • Reviewing Routing Assumptions
  • Reviewing Application Health Monitoring
  • Reviewing Traffic Behavior Modification with Profiles
  • Reviewing the TMOS Shell (TMSH)
  • Reviewing Managing BIG-IP Configuration Data

Chapter 3: Load Balancing Traffic with LTM

  • Exploring Load Balancing Options
  • Using Priority Group Activation and Fallback Host
  • Comparing Member and Node Load Balancing

Chapter 4: Modifying Traffic Behavior with Persistence

  • Reviewing Persistence
  • Introducing Cookie Persistence
  • Introducing SSL Persistence
  • Introducing SIP Persistence
  • Introducing Universal Persistence
  • Introducing Destination Address Affinity Persistence
  • Using Match Across Options for Persistence

Chapter 5: Monitoring Application Health

  • Differentiating Monitor Types
  • Customizing the HTTP Monitor
  • Monitoring an Alias Address and Port
  • Monitoring a Path vs. Monitoring a Device
  • Managing Multiple Monitors
  • Using Application Check Monitors
  • Using Manual Resume and Advanced Monitor Timer Settings

Chapter 6: Processing Traffic with Virtual Servers

  • Understanding the Need for Other Virtual Server Types
  • Forwarding Traffic with a Virtual Server
  • Understanding Virtual Server Order of Precedence
  • Path Load Balancing

Chapter 7: Processing Traffic with SNATs

  • Overview of SNATs
  • Using SNAT Pools
  • SNATs as Listeners
  • SNAT Specificity
  • VIP Bounceback
  • Additional SNAT Options
  • Network Packet Processing Review

Chapter 8: Modifying Traffic Behavior with Profiles

  • Profiles Overview
  • TCP Express Optimization
  • TCP Profiles Overview
  • HTTP Profile Options
  • OneConnect
  • Offloading HTTP Compression to BIG-IP
  • HTTP Caching
  • Stream Profiles
  • F5 Acceleration Technologies

Chapter 9: Selected Topics

  • VLAN, VLAN Tagging, and Trunking
  • Restricting Network Access
  • SNMP Features
  • Segmenting Network Traffic with Route Domains

Chapter 10: Deploying Application Services with iApps

  • Simplifying Application Deployment with iApps
  • Using iApps Templates
  • Deploying an Application Service
  • Leveraging the iApps Ecosystem on DevCentral

Chapter 11: Customizing Application Delivery with iRules and Local Traffic Policies

  • Getting Started with iRules
  • Triggering an iRule
  • Introducing iRule Constructs
  • Leveraging the DevCentral Ecosystem
  • Deploying and Testing iRules
  • Getting Started with Local Traffic Policies
  • What Can You Do with a Local Traffic Policy?
  • How Does a Local Traffic Policy Work?
  • Understanding Local Traffic Policy Workflow
  • Introducing the Elements of a Local Traffic Policy
  • Specifying the Matching Strategy
  • What Are Rules?
  • Understanding Requires and Controls
  • Configuring and Managing Policy Rules
  • Configuring a New Rule
  • Including Tcl in Certain Rule Settings

Chapter 12: Securing Application Delivery with LTM

  • Understanding Today’s Threat Landscape         
  • Integrating LTM Into Your Security Strategy
  • Defending Your Environment Against SYN Flood Attacks        
  • Defending Your Environment Against Other Volumetric Attacks
  • Addressing Application Vulnerabilities with iRules and Local Traffic Policies

Chapter 13: Final Lab Project

  • About the Final Lab Project
  • Possible Solution to Lab 13.1

SKU: F5-TRG-BIG-LTM-CFG-3

Price: $2,995 (USD)

Course Length: 3 days

Designed for:
    Network Administrator
    Architect