Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
87 Cards in this Set
- Front
- Back
What is the Big-IP LTM platform?
|
A network appliance that manages and balances traffic for networking equipment.
|
|
What are 3 tools that are used to perform the initial setup?
|
-Configuration Utility
-Licensing -Setup Utility |
|
What can the configuration utility do?
|
Allows the admin to change the initial IP address and set the gateway for the management inteface.
|
|
What can the licensing tool do?
|
Enable features purchased for your Big-IP LTM system.
|
|
What can the setup utility do?
|
Set general admin access and network settings for the Big-IP LTM system.
|
|
What is the system's default address?
|
192.168.1.245/24 on the administrative interface with NO default route.
|
|
How can you change the system's default address?
|
Through the configuration utility or on the LCD panel.
|
|
How do you run the configuration utility?
|
Type "config" in the CLI.
|
|
What two items are needed to gain a license certificate?
|
-Registration key
-Dossier |
|
Where is the registration key located on new hardware?
|
/config/RegKey.license
|
|
What is the string size for registration keys?
|
-Version 4.5 or 4.6 = 25 character string
-Version 9 = 27 character string |
|
Where is the dossier obtained?
|
From the software, it is an encrypted list of key characteristics used to id the platform.
|
|
What are the steps to obtain a license?
|
1. Access the Big-IP LTM system.
2. Enter the registration key. 3. Access the dossier. 4. Send the registration key and dossier to the license server. 5. Install the bigip.license file. 6. Reboot the system. |
|
What happens to the registration key when upgrading the Big-IP LTM software?
|
The key is lost. Users should save the registration key off to a safe location for use later. Registration keys can also be obtained from F5 support.
|
|
What can be configured by the setup utility?
|
-Self IP addresses and netmasks for VLANs
-IP address of the default route -Root password for CLI -Admin UN & PW for Config Utility -IP address (or range) for SSH |
|
Can setup utility be accessed before licensing?
|
No
|
|
What does the web configuration utility use to provide security?
|
SSL & Access control lists
|
|
Where do you access the SNMP MIB for Big-IP LTM?
|
Web Configuration Utility
|
|
What are the default settings for the serial console?
|
19,200 bps N-8-1
|
|
What has access to the serial console CLI and SSH by default?
|
Root, any other desired user must be configured in the setup utility.
|
|
What is the file extension for Big-IP LTM configurations?
|
.ucs
|
|
Which Big-IP LTM models can utilize redundant power supplies?
|
8800/8400/6800/6400
|
|
Which model has available PCI slots for HTTP compression cards?
|
6400
|
|
What does SCCP stand for?
|
Switch Card Control Processor
|
|
What key combination from the console is used to access the SCCP?
|
Escape followed by Shift + 9
ESC ( |
|
If a pool is directly or indirectly associated with a virtual server, what happens to the pool?
|
It is not used for load-balancing.
|
|
What is a pool member?
|
An IP address and service port that is hosted by a physical server.
|
|
Node equals ?
Pool member equals ? |
IP address
Node + Port |
|
What is the primary mechanism Big-IP LTM uses to manage and track traffic?
|
Virtual Servers
|
|
What is a virtual server?
|
A combination of a virtual IP and virtual service port.
|
|
How are virtual services represented?
|
By a single "IP address : service" combination.
|
|
Virtual Servers are usually mapped to...
|
...multiple actual servers via one or more pools.
|
|
What are the default functions on Big-IP LTM systems for virtual servers?
|
-Check availability of all actual servers associated with the virtual server
-Load balance traffic across a group of actual servers -Translate virtual server IP address to the actual servers' IP address -Translate virtual server TCP/UDP port to the actual servers' port |
|
Which tool allows a user to view some detailed system statistics?
|
Configuration Utility
|
|
Name at least 3 statistics that the configuration utility can show a user.
|
-NAT Stats
-SNAT stats -IP filter stats -Rate filter stats -Pool members grouped by individual members or member IP or port -Virtual servers grouped by individual virtual server or virtual IP or virtual port -Main system stats (time since last reboot, number of packets or connections handled by the system, number of dropped) |
|
Which tool allows users to view log files?
|
Configuration Utility
|
|
Name the 4 types of logs for the Big-IP LTM system.
|
-System
-Packet Filter -Local Filter -Audit |
|
What provides a visual hierarchy of the names and status of virtual servers, pools, pool members, nodes, and iRules?
|
Object Map
|
|
What type of load balancing distributes traffic across members based on admin defined patterns?
|
Static Load Balancing
|
|
What are the 2 types of static load balancing?
|
Round Robin & Ratio
|
|
Which static load balancing mode distributes connection evenly across all available nodes, passing a new connection to the next node in line?
|
Round Robin
|
|
Which static load balancing mode distributes new connections across nodes in proportion to a user-defined ratio?
|
Ratio
|
|
What type of load balancing distribute traffic across members based on current server load?
|
Dynamic Load Balancing
|
|
How many dynamic load balancing modes are there?
|
5 (Least connections, Fastest, Observed, Predictive, Dynamic Ratio)
|
|
How is the next member determined in Fastest mode dynamic load balancing?
|
Node that currently has the fewest outstanding layer 7 requests.
|
|
How is the next member determined in Observed mode?
|
Node with the highest performance rating based on combination of fewest connections and best response time. (best at that time)
|
|
How is the next member determined in Predictive mode?
|
Node with the highest performance rating based on combination of fewest connections and best response time OVER TIME. (Avg. of response times)
|
|
Least connections load balancing mode is most useful for what type of connections?
|
Long-lived connections like FTP or Telnet.
|
|
How often is the load balancing decision computed?
|
Once per second
|
|
What is the difference between a node and a member?
|
Pool Member = IP + Service (Port)
Node = IP (All services or ports) |
|
What 3 main points do health monitors perform?
|
Test specific devices (1) for an expected response (2) within a defied time interval (3)
|
|
Will the LTM system continue to monitor a system even when it is marked as down?
|
Yes
|
|
What is the "goal" of content checking?
|
To have some portion of the server's response match the receive rule.
|
|
What is a reverse setting monitor?
|
A monitor that is defined to mark a server as down when a receive rule is matched.
|
|
Where are sample interactive checks located on the system?
|
/usr/bin/monitors
|
|
What are the 3 monitors specifically designed to determine a server's service level for use with dynamic load balancing?
|
WMI - Windows Management Instrumentation
Real_Server (Real Server traffic loads) SNMP_dca (SNMP Data Collection Agent) |
|
Is there a default assignment to monitors in version 9.x?
|
No
|
|
What are the 3 options for assigning a monitor to pool members?
|
-Inherit from Pool
-Member Specific -None |
|
What are the 3 options for assigning a monitor to nodes?
|
-Node Default
-Node Specific -None |
|
What is the 4 level hierarchy for Big-IP LTM objects?
|
-Virtual Server
-Pools -Pool Members -Nodes |
|
What are the 5 types of default profiles?
|
-Protocols (connection oriented)
-Services (data type oriented) -Persistence (session oriented) -SSL (encryption oriented) -Authentication (security oriented) |
|
Protocols support which parameters?
|
-Timeouts
-Connection Management |
|
What does a profile tell a virtual server?
|
How to process packets it receives based upon the profile's configured parameters.
|
|
Can TCP and UDP profiles co-exist on one virtual server?
|
No, just like FTP & SSL profiles could not co-exist.
|
|
When using Source Address Persistence, does the timeout reset for each new connection by default?
|
Yes.
|
|
When using Source Address persistence, a netmask of 255.255.0.0 would 200.10.2.5 and 200.10.2.10 as the same session or different sessions?
|
Same, 200.10.3.5 would be a new session.
|
|
What are the four types of cookie persistence?
|
-Insert
-Rewrite -Passive -Hash |
|
What is the name of the cookie that is created in Insert mode?
|
BIGIPServer, inserted in the HTTP response from the server that contains the information about the chosen server.
|
|
What does rewrite mode do to cookies?
|
Takes the BIGIPCookie sent from the server and rewrites it BIGIPServer.
|
|
What is an advantage of rewrite mode cookie persistence?
|
Reduces the workload on the Big-IP LTM.
|
|
When using Passive Mode cookie persistence, how do you add the cooked to every web page header?
|
By adding an entry to the httpd.conf file.
|
|
What is a drawback to passive mode cookie persistence?
|
Each server needs to be configured to generate a specific cookie.
|
|
What is hash mode cookie persistence used for?
|
It is used to send groups of client to specific members.
|
|
What is the difference between client-side and server-side SSL?
|
Client side sends unencrypted information to the servers while server side re-encrypts the traffic to the servers.
|
|
What 3 ways can SNATs be configured?
|
One-to-one, many-to-one, all-to-one
|
|
Can SNATs share IP addresses with Virtual Servers?
|
Yes
|
|
What does UIE stand for?
|
Universal Inspection Engine
|
|
What are 4 failover triggers?
|
Process failure, VLAN functionality, number of pool members available, the switch board
|
|
What 5 daemons are monitored?
|
bigd - Health Monitors
mcpd - Messaging & Config tmm - Traffic Management sod - Failover bcm56xxd - Switch Hardware Monitoring |
|
What happens with VLAN failsafe when half the timeout has elapsed and no traffic has been detected?
|
The Big-IP attempts to ping a known device across the VLAN to generate traffic.
|
|
Where do you configure the pool minimum up failover trigger?
|
It can only be configured via CLI
|
|
What is the default setting when failure of BIGD daemon is detected?
|
Restart service
|
|
What is the default setting for switchboard failsafe?
|
Fail-over
|
|
Is VLAN failsafe enabled or disabled by default?
|
Disabled for ALL VLANs
|
|
Is Gateway failsafe disabled by default?
|
Yes
|
|
How does hardware failover work?
|
Uses a direct serial connection between the 2 devices and just detects voltage across the connection.
|
|
How does network failover work by default with hardware failover?
|
It works in addition to hardware failover since hardware failover cannot be disabled. It must have both in a failed state for hardware failover and then it will failover when the network failover timeout is reached.
|