Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral


Entries for 'Deb Allen'

articlesecurityadnnewstechtip August 05, 2008 by Deb Allen
Many customers use LTM to handle SSL encrypted traffic, and traffic that requires SSL certificate authentication and encryption often also requires persistence to a specific server for the life of an application session.  LTM is capable of meeting most security requirements for traffic encryption with the 3 most common high-level SSL configurations: SSL Offloading, SSL Re-encryption, and SSL Pass-through.  The available persistence options vary depending on which SSL configuration is i...
In researching my tech tip last week (Replacing the WebSphere Apache Plugin with iRules), I ran across another interesting tidbit about monitoring WebSphere with LTM that apparently is not documented in the Deployment Guide (Deploying the BIG-IP LTM system and IBM WebSphere Servers. The Deployment Guide was written for WebSphere ver. 6.0, and demonstrates creating an HTTP monitor with a simple GET request over HTTP 1.0.  We've had recent reports from the field that at least for version 6.1, yo...
Problem Definition "We’re having a bit of difficulty configuring the LTM to handle all the redirects that this WebSphere application does.  We’ve tried streaming profiles and iRules, but every method seems to break one component while fixing another.  The main trick seems to be trying to deal with the default WebSphere ports of 9081 and 9444 for HTTP and HTTPS, respectively.  We ideally want to hide these odd-number ports from the end-user.  Normally this is a fairly simple ...
articleirulesdevus July 28, 2008 by Deb Allen
Current versions of LTM have implemented Clustered Multi Processing, or CMP, to allow systems with multiple cores to share the processing of connections from a single virtual server.  Not all connection information is shared across cores, so enabling some features on a virtual server which require state or data synchronization between the cores will cause connections to be ineligible for CMP.  In iRules, global variables are intended to be dynamically updated, for which reason they are appropr...
articlenewstechtip July 22, 2008 by Deb Allen
All BIG-IP systems are pre-configured with a set of trap definitions that are helpful for managing the hardware and software components of the device.  In most cases the default traps are sufficient for monitoring and managing the system.  Some deployments, however, require custom SNMP traps on other logged events.  In this article, I will show you the process of building a custom SNMP trap for BIG-IP.  BIG-IP uses a standard syslog-ng / alertd framework for generating alert...
articleirulessslsecuritydevus July 02, 2008 by Deb Allen
Yet another section of the iRules wiki  has been fully updated with events and examples for all commands. The SSL commands for iRules provide the means to manage many aspects of SSL connections traversing LTM.  The available SSL iRules commands include: SSL::authenticate - Overrides the current setting for authentication frequency or for the maximum depth of certificate chain traversal. SSL::cert - Returns X509 SSL certificate data. SSL::cipher - Returns SSL cipher information. S...
articlenewstechtip July 01, 2008 by Deb Allen
Load balancing is only a part of the work LTM is asked to perform in most networks.  In addition to handling inbound load balanced requests, LTM is often the default path to the rest of the network or to the outside world, and must support the organization's existing routing scheme for outbound requests initiated by systems on the server VLANs.  For most customers, a highly available / redundant gateway configuration provides robust and flexible routing services for outbound requests, ...
From "Giving Telecoms a Competitive Edge with Web 2.0 Services": "Casero uses BIG-IP LTM in all of our Web 2.0 solutions largely because of F5’s iRules scripting language, which gives us a great deal of flexibility to customize our customers’ application traffic management. Once we made the decision to use iRules, it took less than an hour to do the actual design and scripting. ... What we find is that it is essential for us to have the rich scripting at layer 7 we get from iRules. ...
articleirulesdevus June 25, 2008 by Deb Allen
We have recently updated the iRules wiki to flesh out all of the events and examples for the iRules commands that have been implemented to manipulate X.509 certificates. The available X509 iRules commands may be found here: iRules Reference: X509 and include: X509::cert_fields - Returns a list of fields to be added to HTTP headers for ModSSL behavior.  X509::extensions - Returns the X509 extensions set on an X509 certificate. X509::hash - Returns the MD5 hash (fingerprint) of an X50...
articlebig-ipnewstechtip June 24, 2008 by Deb Allen
In addition to the built-in Tcl relational operators, iRules includes a number of custom relational operators that were intended to be both intuitive and backward compatible with BIG-IP 4.x iRules. For most simple relational comparisons, the custom iRules operators are more efficient, but there are many cases for which a case construct such as the Tcl "switch" command is a better choice for testing multiple conditions. In this article, I will demonstrate using the Tcl "switch" command to emulat...
Page 1 of 8First   Previous   [1]  2  3  4  5  6  7  8  Next   Last