F5 = BIG-IP

====> BIG-IP Hardware <====

TMM
HMS
AOM

====> BIG-IP Software (TMOS) <====

TMM (Traffic Management Microkernel) : Software in the form of an operating

system, system and feature modules (such as LTM),
other modules (such
as iRules) and multiple network ‘stacks’ and proxies;
FastL4, FastHTTP,
Fast Application Proxy, TCPExpress, IPv4, IPv6 and SCTP

HMS (Host Management Subsystem) : responsible for system management and

administration functions & runs a modified version of CentOS Linux
provides various
interfaces and tools used to manage the system such as the GUI Configuration
Utility,
tmsh CLI, DNS client,
SNMP & NTP

LTM (Local Traffic Manager) : feature modules(APM, ASM and GTM)

focussed on a particular type of service (load balancing, authentication, ...)

AOM (Always On Management) : system management [network interface and

serial console]

MOS (Maintenance Operating System) : disk management, file system mounting

and maintenance

EUD (End User Diagnostics) : performs BIG-IP hardware tests

====> F5 Solutions & technologies <====

From v11.4 the number of supported modules :

* 12Gb or more: any combination of modules
* 8Gb: up to three modules (or two if one is AAM)
* <8Gb, >4Gb: up to three modules (or standalone if AAM is used)
* 4Gb or less: up to two modules (or standalone if AAM is used, must be
provisioned as Dedicated)

* APM (Access Policy Manager) : offers a unified, centralised access security

solution for applications and networks

* ASM (Application Security Manager) : provides advanced web application firewall

(WAF) functionality

* LTM (Local Traffic Manager) : load balancer with additional features designed to
improve network, server and application performance,
security, flexibility, control,
visibility and management
* GTM (Global Traffic Manager) : provides DNS based 'global' server load balancing
(GSLB) for IPv4 and IPv6 (inter-Data Centre)
rather than LTM’s intended intra-Data
Centre operation

* AAM (Application Acceleration Manager) : overcome WAN latency, maximizes server

capacity, and speeds application response times

* AFM (Advanced Firewall Manager) : combine the network firewall with anti-DDoS,
traffic management, application security,
user access management, and
DNS security

* EM (Enterprise Manager) : gives you tools to select, stage, and automate

common operational tasks, helping you reduce total cost
of ownership and operating expenses for
your F5 devices

* WAM (WebAccelerator) : designed to optimise and increase HTTPbased website

performance and responsiveness
Can only be used in conjunction with LTM

* WOM (WAN Optimization Manager) : (acting as a transparent proxy)Symmetrically

optimises network and application protocols and secures and
accelerates traffic between
two (or more) sites connected by a bandwidth constrained

* Edge Gateway (combination of the APM, WA and WOM modules) : providing secure
remote access (RAS) gateway features

*iRules : script that you write if you want use extended capabilities of the BIG-IP
that are unavailable via the CLI or GUI
Tcl scripts that can contain any number of Commands that can be used
to make load balancing decisions, modify packet content,
collect statistics and do just about anything else you can think of
between layers two through seven and beyond
[available with LTM and other TMOS system modules including GTM and
ASM]

*iApp : user-customizable framework for deploying applications. It consists of

three components:
Templates (tmsh and TCL) : where the application is described and the objects
are defined through presentation and implementation language,
Application Services : deployment process of Template which bundles the
entire configuration options for a particular application together,
Analytics : include performance metrics on a per-application and location
basis
[used across a number of modules including APM, LTM and WAM]

*iControl : Web services-enabled open API providing granular control over the
configuration and management of F5’s application delivery platform, BIG-IP
can be used to build custom management and monitoring
applications, to integrate with business process management
 can be integrated directly into applications to provide better
control over the delivery of the application

*iHealth : free online tool used to check the health, security and configuration
of a device and ensure it is running efficiently

*iQuery : [F5 Networks proprietary], TCP-based XML-like protocol that exchanges

configuration, statistical, probe and metric information between BIG-IP platforms

* Route domain : Object on BIG-IP system that isolates network traffic. Create
separate routing tables for each partition
(Cisco VRF equivalent)

* Full Application Proxy : There are in fact two connections :

- the client side connection is terminated on the proxy (the load balancer)
- and a new, separate connection is established to the server.
The proxy acts in the role of server to the client and client to the real
server.

*Packet Based Proxy/FastL4 (Half Proxy): there is only a single connection which
the load balancer modifies the TCP/IP parameters of,
without the client or server being aware. The half proxy does not act as either a
client or server from a TCP/IP perspective.

====> Load balancing <====

*Load Banlancer : performs three interrelated functions :

- monitoring hosts (servers, caches, routers or anything
else),
- acting as a proxy for those hosts and
- load balancing traffic across them.

*Load balancing methods :

>>>Static
>Round Robin : (default) circular fashion
>Ratio : circular fashion user define ratio based on
performance capabilities
unequally circular round robin fashion

>>>Dynamic
>Least Connections : (recommended) balances new connections to
whichever real server has the least number of
active connections
>Fastest : Least Connections for L7 requests
>Least Sessions : least persistence records (stored in
persitence table)
>Ratio Sessions : assign ratio to servers based on least
sessions
>Ratio Connections : assign ratio to servers based on least
connections
>Weighted Least Connections : distributes connections based on
lowest percentage of each server connection capacity
>Observerd : assign ratio based on current active L4 connections
>Predictive : assign ratio based on delta who compares active
connection count with previous acte connection count
>Dynamic Ratio : load balance traffic based on actual data

*Persistence : is used to direct additional connections from a client to the same

Virtual Server to the same real server as the existing (initial) connection
ensures that any state information stored only on that
server
used for HTTP/S and related applications, SIP and other
voice technologies, Remote Access and Diameter

*Source Address : allows all connections from a particular source IP subnet to be

persisted together to the same real server

*Persistent (OneConnect) : connections are connections that are kept open and
reused

==> Application Delivery Platforms <==

BIG-IP Hardware
BIG-IP Virtual Edition : supports LTM, APM, ASM, Edge Gateway, GTM, WAM & WOM.
VIPRION : chassis form factor which will accept up to eight modular blades, which
can be added or removed without disrupting applications

==> Monitors <==

*Default Timers
Intervalle : 5 seconds
Timeout : 16 seconds ==>(5s x 3) + 1

*Monitoring Methods : simple - active - passive (recommended)

====> HTTP Status code <====

!
1xx – Informational
2xx – Success
3xx – Redirection
4xx – Client Error
5xx – Server Error
!
200 – OK – The request was successful
302 – Found – Used to redirect to a different URL
400 – Bad Request – The client’s request wasn’t understood
401 – Unauthorised – Used to indicate authentication is required
404 – Not Found – The requested resource doesn’t exist on the server

====> DNS Resource Records <====

> SOA Record (Start of Authority) - used to indicate that this DNS server is the
authoritative source for information regarding the zone.

> NS Record (Name Server) - represents a DNS server in the zone and it does not
matter if the server is a primary DNS server or a secondary

A Record (Host record) – provides a name-to-address record that will convert a DNS
name to an IP-address.
In IPv6 (AAAA)

> PTR Record (Pointer) - provides an address-to-name mapping that supplies a DNS
name for a specific address (a Reverse Lookup)
in the in-addr.arpa domains

> MX Record (Mail Exchanger) - represents a host that can handle email traffic
related to the domain

> CNAME Record (Canonical Name) – provide alternative names for servers