Applies To:

Show Versions Show Versions

Manual: BIG-IP® Local Traffic Manager version 9.3 Implementations
Manual

Original Publication Date: 04/26/2007


BIG-IP Local Traffic Manager version 9.3
Implementations

Table of Contents


Legal Notices

1. Introducing Implementations for BIG-IP Local Traffic Manager

Introducing the BIG-IP system

Introducing BIG-IP system implementations

Getting started

Using the Configuration utility

About this guide

Additional information

Stylistic conventions

Finding help and technical support resources

2. Configuring nPath Routing

Introducing nPath routing

Configuring nPath routing

Creating a custom Fast L4 profile

Creating a server pool for nPath routing

Creating a virtual server

Configuring the virtual server on the content server loopback interface

Setting the route for inbound traffic

Setting timers for nPath configurations

Guidelines for configuring timeouts for UDP traffic

Guidelines for configuring timeouts for TCP traffic

3. Basic Web Site and E-Commerce Configuration

Working with a basic web site and e-commerce configuration

Configuring a basic e-commerce site

Creating load balancing pools

Creating virtual servers

4. Installing a BIG-IP System without Changing the IP Network

Installing a BIG-IP system without changing IP networks

Configuring the BIG-IP system for the same IP network

Removing the self IP addresses from the individual VLANs

Creating a VLAN group

Creating a self IP address for the VLAN group

Creating a pool of web servers

Creating a virtual server

5. Web Hosting for Multiple Customers

Introducing multiple customer hosting

Hosting multiple customers using an external switch

Creating VLANs with tagged interfaces

Creating load balancing pools

Creating virtual servers

Directly hosting multiple customers

Creating VLANs with untagged interfaces

6. A Simple Intranet Configuration

Working with a simple intranet configuration

Creating the simple intranet configuration

Creating pools

Creating virtual servers

7. Load Balancing ISPs

Introducing ISP load balancing

Configuring ISP load balancing

Creating pools for an additional Internet connection

Creating virtual servers for an additional Internet connection

Configuring address translation for outbound traffic

8. Load Balancing HTTP Traffic with Source Address Affinity Persistence

Introducing basic HTTP load balancing

Configuring HTTP load balancing with source address affinity persistence

Creating a pool

Creating a virtual server

9. Load Balancing HTTP Traffic with Cookie Persistence

Introducing basic HTTP load balancing

Configuring HTTP load balancing with cookie persistence

Creating a custom persistence profile

Creating a pool

Creating a virtual server

10. Compressing HTTP Responses

Introducing HTTP data compression

Creating a custom HTTP profile

11. Creating a virtual server

Configuring HTTPS Load Balancing

Introducing HTTPS load balancing

Creating an SSL key and certificate

Creating a custom Client SSL profile

Creating a pool

Creating a virtual server

12. Configuring HTTPS Load Balancing with Data Compression

Introducing HTTPS load balancing with compression

Creating an SSL key and certificate

Creating a custom Client SSL profile

Creating a custom HTTP profile for compression

Creating a pool

Creating a virtual server

13. Using RAM Cache for HTTP Traffic

Introducing HTTP RAM Cache

Creating a custom HTTP profile

Creating a virtual server

14. Load Balancing Passive Mode FTP Traffic

Introducing FTP load balancing

Creating a custom FTP monitor

Creating a pool

Creating a virtual server

15. Load Balancing Passive Mode FTP Traffic with Rate Shaping

Introducing FTP load balancing with rate shaping

Creating a custom FTP monitor

Creating a pool

Creating a rate class

Creating a virtual server

16. Setting up a One-IP Network Topology

Introducing the one-IP network topology

Creating a pool for a one-IP network topology

Creating a virtual server

Defining a default route

Configuring a client SNAT

17. Using Link Aggregation with Tagged VLANs

Introducing link aggregation with tagged VLAN interfaces

Using the two-network aggregated tagged interface topology

Aggregating the links

Assigning a trunk to the VLANs

Creating a pool of web servers to load balance

Creating a virtual server to load balance the web servers

Using the one-network aggregated tagged interface topology

Removing the self IP addresses from the VLANs

Creating a VLAN group

Creating a self IP for the VLAN group

18. Setting Up Packet Filtering

Introducing packet filtering

Configuring packet filtering

Creating a SNAT

Creating a gateway pool

Creating a virtual server

Creating a packet filter rule

19.Implementing Health and Performance Monitors

Introducing health and performance monitors

Creating a custom monitor

Creating a pool

Assigning a monitor to a pool

Excluding a pool member from a monitor

Creating a virtual server

20. Load Balancing Traffic to IPv6 Nodes

Configuring the radvd service

Configuring IPv4-to-IPv6 load balancing

Creating a pool of IPv6 nodes

Creating a virtual server

21. Mitigating Denial of Service and Other Attacks

Basic denial of service security overview

Configuring adaptive connection reaping

Logging adaptive reaper activity

Simple DoS prevention configuration

Setting the TCP and UDP connection timers

Creating an IP rate class and applying it to a virtual server

Setting connection limits on the main virtual server

Setting the Memory Restart Percent

Filtering out attacks with iRules

Filtering out a Code Red attack

Filtering out a Nimda attack

Common Denial of Service attacks

SYN flood

ICMP flood (Smurf)

UDP flood

UDP fragment

Ping of Death

Land attack

Teardrop

Data attacks

WinNuke

Sub 7

Back Orifice

22. Configuring Remote Authentication for Management Traffic

Introducing remote authentication for BIG-IP system management traffic

Configuring LDAP- or Active Directory-based authentication

Configuring RADIUS-based authentication

23. Configuring Remote Authentication for Application Traffic

Introducing remote authentication for application traffic

Configuring authentication that uses a remote LDAP or Active Directory server

Creating an LDAP configuration object

Creating an LDAP authentication profile

Modifying a virtual server for LDAP authentication

Configuring authentication that uses a remote RADIUS server

Creating a RADIUS server object

Creating a RADIUS configuration object

Creating a RADIUS profile

Modifying a virtual server for RADIUS authentication

Configuring authentication that uses a remote TACACS+ server

Creating a TACACS+ configuration object

Creating a TACACS+ profile

Modifying a virtual server for TACACS+ authentication

Configuring SSL-based authorization using a remote LDAP server

Creating an SSL CLient Certificate LDAP configuration object

Creating an SSL Client Certificate LDAP authentication profile

Modifying a virtual server for SSL Client Certificate LDAP authorization

Configuring SSL certificate revocation using an OCSP responder

Creating an SSL OCSP responder object

Creating an SSL OCSP configuration object

Creating an SSL OCSP profile

Modifying a virtual server for SSL OCSP authentication

24. Configuring Multiple Authentication Servers

Introducing multiple authentication server configuration

Before you begin

Configuring BIG-IP system objects

Glossary