BIGIP_LTM_iRule

Click to edit Master title style,Click to edit Master text styles,Second level,Third level,Fourth level,Fifth level,*,BIG-IP V9.0iRule,F5 Product training,20/4/06,Basic Review,3/25/04,Virtual Server to Pool Members,Internet,172.16.20.4:8080,172.16.20.1:80,172.16.20.2:4002,172.16.20.3:80,Virtual Server,216.34.94.17:80,Pool Members,Maps to,Pro,Some cant be combined in VS,Some dependent on others,Think in terms of OSI Model,TCP,HTTP,Cookie,UDP,FTP,L3 Network,L2 Data Link,L1 Physical,Traffic Flow Big Picture,Virtual Server,NAT,SNAT,Client side,Node side,Address Translation,Address not Translated,Forwarding VS,Transparent VS,What is Layer 7 Switching,Application Data oriented,Eg.HTTP URL,HTTP Header.,Delay binding required,Extra memory buffer session,Extra processing power(ASIC/CPU),What is iRule,An iRule is a script that you write if you want to make use of some of the extended capabilities of the BIG-IP that are unavailable via the CLI or GUI.,based on the Tool Command Language(Tcl)programming standard,Additional F5 extension,Architecture,TM/OS,How consolidation is achieved?,React to a Single Communication,One Direction,Packet,Based,React to a Real Time,Two-Way Conversation,Translate Between Parties,Flow,Based,Legacy Approach,TMOS Architecture,SSL,Compression,Client,Side,Server,Side,TCP Express,Server,TCP Express,Caching,Microkernel,TMOS Traffic Plugins,High-performance Networking Microkernel,Powerful Application Protocol Support,iControl External monitoring and control,iRules Network Programming Language,High Performance HW,iRules,Client,iControl API,TCP Proxy,OneConnect,XML,Rate Shaping,TrafficShield,Web Accel,3,rd,Party,Application,Delivery,Network,iRule basic element,Event declaration,Operators,iRules command,Basic iRule Format,Event declarations,Operators,iRule commands,Event declarations,Event declarations=when event type,An example:,when CLIENT_ACCEPTED,if IP:addr IP:remote_addr equals 10.1.1.80,pool my_pool1,Event types,Global events,HTTP events,SSL events,Authentication events,Referrence to LTM_config_guide.pdf page 302,303,table 13.2,Event types:Global Events,CLIENT_ACCEPTED,CLIENT_DATA,LB_SELECTED(before send to server),LB_FAILED(no node available for this vs),SERVER_CONNECTED,SERVER_DATA,RULE_INIT,CLIENT_CLOSED,SERVER_CLOSED,No matter what L7 iRules,Global Event can take effective.,CLIENT_ACCPTED,CLIENT_DATA,LB_SELECTED,LB_FAILED,SERVER_ACCPTED,SERVER_DATA,CLIENT_CLOSED,SERVER_CLOSED,RULE_INIT,START,L7 Event types:HTTP Events,HTTP_REQUEST,HTTP_REQUEST_DATA,HTTP_RESPONSE,HTTP_RESPONSE_DATA,HTTP_RESPONSE_CONTINUE,HTTP_REQUEST,HTTP_REQUEST_DATA,HTTP_RESPOND,HTTP_RESPOND_DATA,START,HTTP_RESPOND_CONTINUE,TMOS Architecture,Server,iRules,Client,Client,Side,Server,Side,TCP Proxy,Client Side Event,Client_accept,Client_data,Cache_request,DNS_request,HTTP_REQUEST,HTTP_REQUEST_DATA,RTSP_REQUEST,.,.,.,.,Server Side Event,Server_connect,Server_data,Cache_response,DNS_response,HTTP_RESPONSE,HTTP_RESPONSE_DATA,RTSP_RESPONSE,.,.,.,.,Operator,Compare two operands,TCL standard,Eg.=10,COMPRESS:disable,Example 3:Layer 4 decision,when CLIENT_ACCEPTED,if TCP:client_port 1000,pool slow_pool,else pool fast_pool,when RULE_INIT,array set:active_clients ,when CLIENT_ACCEPTED,set client_ip IP:remote_addr,if info exists:active_clients($client_ip),if$:active_clients($client_ip)5,reject return,else,incr:active_clients($client_ip),else,set:active_clients($client_ip)1,when CLIENT_CLOSED,if info exists:active_clients($client_ip),incr:active_clients($client_ip)-1,if$:active_clients($client_ip)=0,unset:active_clients($client_ip),Configuring iRules,Create Rule,Configuring iRules,Create Pools first,Create Rule next,Then point VS to Rule,DevCentral,Officially supported by marketing,Community is mostly made up of volunteers especially those from F5 Product Development.,What about Support?,What can DevCentral do better?,Having trouble searching?,Check this out:,Rules Wiki,Lab setup,Connect WiFi,SSID:MaskedRider,WEP:ab12cd34ef,Channel:6,IP address,192.168.0.1-253/24,BIGIP v9,192.168.0.254,Admin logon:admin/f5training,Training web server 192.168.20.1-3,student no.(192.168.0.X),ip address,virtual server,snat IP(192.168.20.x),1,11,12,11,2,12,13,12,3,13,14,13,4,14,15,14,5,15,16,15,6,16,17,16,7,17,18,17,8,18,19,18,9,19,20,19,10,20,21,20,11,21,22,21,12,22,23,22,Lab 1:Basic Setup,Internet,192.168.0.x/24,192.168.20.1:80,192.168.20.2:80,192.168.20.3:80,Purpose:setup basic load balance configuration,Step 1:create a pool including 3 training server,Step 2:create a virtual Server with your name as description and bind your own pool as resource,Step 3:test the virtual server and check the statistic,Lab 2:logging iRule,Internet,192.168.0.x/24,192.168.20.1:80,192.168.20.2:80,192.168.20.3:80,Purpose:log custom information by iRules,Step 1:create a iRule to log client source IP address and source port,Step 2:add your iRule into Virtual server,Step 3:access the virtual server and check the BIGIP log by command:tail f/var/log/ltm|grep,when CLIENT_ACCEPTED,log