301b : BIG-IP Local Traffic Manager (LTM) Specialist Maintain & Troubleshoot : Part 08
-
A OneConnect profile is applied to a virtual server. The LTM Specialist would like the client source IP addresses within the 10.10.10.0/25 range to reuse an existing server side connection.
Which OneConnect profile source mask should the LTM Specialist use?
- 0.0.0.0
- 255.255.255.0
- 255.255.255.128
- 255.255.255.224
- 255.255.255.255
-
Users are experiencing low throughput when downloading large files over a high-speed WAN connection. Extensive packet loss was found to be an issue but CANNOT be eliminated.
Which two TCP profile settings should be modified to compensate for the packet loss in the network? (Choose two.)
- slow start
- proxy options
- proxy buffer low
- proxy buffer high
- Nagle’s algorithm
-
Windows PC clients are connecting to a virtual server over a high-speed, low-latency network with no packet loss.
Which built-in client-side TCP profile provides the highest throughput for HTTP downloads?
- tcp
- tcp-legacy
- tcp-lan-optimized
- tcp-wan-optimized
-
Internet clients connecting to a virtual server to download a file are experiencing about 150 ms of latency and no packet loss.
Which built-in client-side TCP profile provides the highest throughput?
- tcp
- tcp-legacy
- tcp-lan-optimized
- tcp-wan-optimized
-
Which two items can be logged by the Application Visibility Reporting analytics profile? (Choose two.)
- User Agent
- HTTP version
- HTTP Response Codes
- Per Virtual Server CPU Utilization
-
What is a benefit provided by F5 Enterprise Manager?
- Enterprise Manager allows administrators to analyze traffic flow and create custom application IPS signatures.
- Enterprise Manager allows administrators to establish baseline application usage and generate an alert if an administratively set threshold for the application is exceeded.
- Enterprise Manager allows administrators to identify application vulnerabilities. Virtual patches are then automatically generated and applied to remediate the detected application vulnerability.
- Enterprise Manager allows administrators to monitor all application traffic. Configuration optimization suggestions based on the observed traffic patterns are then generated for the administrator to review and apply.
-
Which two alerting capabilities can be enabled from within an application visibility reporting (AVR) analytics profile? (Choose two.)
- sFlow
- SNMP
- LCD panel alert
- high speed logging (HSL)
-
An LTM Specialist is customizing local traffic logging.
Which traffic management OS alert level provides the most detail?
- Alert
- Notice
- Critical
- Emergency
- Informational
-
An LTM Specialist has set up a custom SNMP alert.
Which command line tool should the LTM Specialist use to test the alert?
- logger
- logtest
- testlog
- snmptest
-
Which file should be modified to create custom SNMP alerts?
- /config/alert.conf
- /etc/alertd/alert.conf
- /config/user_alert.conf
- /etc/alertd/user_alert.conf
-
An LTM Specialist must perform a hot fix installation from the command line.
What is the correct procedure to ensure that the installation is successful?
- import the hot fix to the /var/shared/images directory
check the integrity of the file with an md5 checksum
tmsh apply sys software hotfix volume <volume_name> <hotfix_name>.iso - import the hot fix to the /var/shared/images directory
check the integrity of the file with an md5 checksum
tmsh install sys software hotfix <hotfix_name>.iso volume <volume_name> - import the hot fix to the /shared/images directory
check the integrity of the file with an md5 checksum
tmsh apply sys software hotfix volume <volume_name> <hotfix_name>.iso - import the hot fix to the /shared/images directory
check the integrity of the file with an md5 checksum
tmsh install sys software hotfix <hotfix_name>.iso volume <volume_name>
- import the hot fix to the /var/shared/images directory
-
An LTM Specialist has installed a hotfix that updated the SCCP firmware package.
Which command will ensure that the host subsystem and SCCP reboot?
- reboot
- full_box_reboot
- shutdown -r now
- The reboot should be initiated via the HTTPS administration GUI.
-
The LTM Specialist is in the process of creating a USB boot drive for the purpose of restoring the BIG-IP software to an LTM device. A separate LTM device has been selected for the purpose of creating the USB boot drive. The BIG-IP software ISO has already been uploaded and mounted on the separate LTM device.
Which command should the LTM Specialist use to trigger the LTM device to install the BIG-IP software to the USB boot drive?
- tmsh
- install
- mkdisk
- bigip_software_create
-
A device on the network is configured with the same IP address as the management address of the active LTM device, causing the management GUI to be inaccessible.
Which two methods should the LTM Specialist use to access the LTM device in order to change the management IP address? (Choose two.)
- Connect via ssh to the AOM IP address.
- Connect via ssh to the management address.
- Connect to the LTM device via serial connection.
- Connect a monitor and keyboard to the LTM device.
- Connect via ssh to the standby unit and connect via ssh across the serial link between the devices.
-
An LTM Specialist uploaded new releases .iso and .md5 files titled “BIGIP-FILENAME” via the GUI.
Which commands are run via the command line from the root directory to verify the integrity of the new .iso file?
- cd /var/shared/images
md5sum –check BIGIP-FILENAME.iso - cd /shared/images
md5sum –check BIGIP-FILENAME.iso - cd /var/shared/images
md5sum –check BIGIP-FILENAME.iso.md5 - cd /shared/images
md5sum –check BIGIP-FILENAME.iso.md5
- cd /var/shared/images
-
What is the recommended procedure for upgrading a major TMOS release on a BIG-IP platform?
- 1. Renew the device license.
2.Take a configuration backup.
3.Reboot the device to the non-active volume.
4.Upload the device code.
5.Install device code to the current volume. - 1. Take a configuration backup.
2.Upload the device code.
3.Install device code to the non-active volume.
4.Reboot the device to the non-active volume.
5.Renew the device license. - 1. Renew the device license.
2.Take a configuration backup.
3.Upload the device code.
4.Install device code to the non-active volume.
5.Reboot the device to the non-active volume. - 1. Take a configuration backup.
2.Reboot the device to the non-active volume.
3.Renew the device license.
4.Upload the device code.
5. Install device code to the current volume.
- 1. Renew the device license.
-
Which procedure should an LTM Specialist follow to move a configuration from a 1500 to a 1600 hardware platform during an upgrade?
- tmsh save sys config file filename.scf
copy the file from the /var/local/scf directory from one device to the other
tmsh load sys config file filename.scf - tmsh save sys backup file filename.scf
copy the file from the /var/local/scf directory from one device to the other
tmsh load sys backup file filename.scf - tmsh save sys backup file filename.scf
copy the file from the /var/local/ucs directory from one device to the other
tmsh load sys backup file filename.scf - tmsh save sys config file filename.scf
copy the file from the /var/local/ucs directory from one device to the other
tmsh load sys config file filename.scf
- tmsh save sys config file filename.scf
-
An LTM Specialist is investigating reports from users that SSH connections are being terminated unexpectedly. SSH connections are load balanced through a virtual server. The users experiencing this problem are running SQL queries that take upwards of 15 minutes to return with no screen output. The virtual server is standard with a pool associated and no other customizations.
What is causing the SSH connections to terminate?
- UDP IP ToS
- TCP idle timeout
- The virtual server has no persistence.
- The pool has Reselect Retries set to 0.
-
An LTM Specialist is troubleshooting an HTTP monitor. The pool member is accessible directly through a browser, but the HTTP monitor is marking the pool member as down.
GET / HTTP/1.1
HTTP/1.1 400 Bad Request
DatE. Tue, 23 Oct 2012 21:39:07 GTM
Server: Apache/2.2.22 (FreeBSD) PHP/5.4.4
mod_ssl/2.2.22 OpenSSL/0.9.8q DAV/2
Content-LengtH. 226
Connection: close
Content-TypE. text/html; charset=iso-8859-1Which issue is the pool member having?
- The pool member has too many concurrent connections.
- The pool member is rejecting the request because it is invalid.
- The pool member lacks the object requested by the monitor.
- The pool member is NOT accepting requests from the LTM device IP address.
-
The LTM device is configured to provide load balancing to a set of web servers that implement access control lists (ACL) based on the source IP address of the client. The ACL is at the network level and the web server is configured to send a TCP reset back to the client if it is NOT permitted to connect.
The virtual server is configured with the default OneConnect profile.
The ACL is defined on the web server as:
Permit: 192.168.136.0/24
Deny: 192.168.116.0/24The packet capture is taken of two individual client flows to a virtual server with IP address 192.168.136.100.
Client A – Src IP 192.168.136.1 – Virtual Server 192.168.136.100:
Clientside:
09:35:11.073623 IP 192.168.136.1.55684 > 192.168.136.100.80: S 869998901:869998901(0) win 8192 <mss 1460,nop,wscale 2,nop,nop,sackOK>
09:35:11.073931 IP 192.168.136.100.80 > 192.168.136.1.55684: S 2273668949:2273668949(0) ack 869998902 win 4380 <mss 1460,nop,wscale 0,sackOK,eol>
09:35:11.074928 IP 192.168.136.1.55684 > 192.168.136.100.80: . ack 1 win 16425
09:35:11.080936 IP 192.168.136.1.55684 > 192.168.136.100.80: P 1:299(298) ack 1 win 16425
09:35:11.081029 IP 192.168.136.100.80 > 192.168.136.1.55684: . ack 299 win 4678Serverside:
09:35:11.081022 IP 192.168.136.1.55684 > 192.168.116.128.80: S 685865802:685865802(0) win 4380 <mss 1460,nop,wscale 0,sackOK,eol>
09:35:11.081928 IP 192.168.116.128.80 > 192.168.136.1.55684: S 4193259095:4193259095(0) ack 685865803 win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 6>
09:35:11.081943 IP 192.168.136.1.55684 > 192.168.116.128.80: . ack 1 win 4380
09:35:11.081955 IP 192.168.136.1.55684 > 192.168.116.128.80: P 1:299(298) ack 1 win 4380
09:35:11.083765 IP 192.168.116.128.80 > 192.168.136.1.55684: . ack 299 win 108Client B – Src IP 192.168.116.1 – Virtual Server 192.168.136.100:
Clientside:
09:36:11.244040 IP 192.168.116.1.55769 > 192.168.136.100.80: S 3320618938:3320618938(0) win 8192 <mss 1460,nop,wscale 2,nop,nop,sackOK>
09:36:11.244152 IP 192.168.136.100.80 > 192.168.116.1.55769: S 3878120666:3878120666(0) ack 3320618939 win 4380 <mss 1460,nop,wscale 0,sackOK,eol>
09:36:11.244839 IP 192.168.116.1.55769 > 192.168.136.100.80: . ack 1 win 16425
09:36:11.245830 IP 192.168.116.1.55769 > 192.168.136.100.80: P 1:299(298) ack 1 win 16425
09:36:11.245922 IP 192.168.136.100.80 > 192.168.116.1.55769: . ack 299 win 4678Serverside:
09:36:11.245940 IP 192.168.136.1.55684 > 192.168.116.128.80: P 599:897(298) ack 4525 win 8904
09:36:11.247847 IP 192.168.116.128.80 > 192.168.136.1.55684: P 4525:5001(476) ack 897 win 142Why was the second client flow permitted by the web server?
- A global SNAT is defined.
- SNAT automap was enabled on the virtual server.
- The idle TCP session from the first client was re-used.
- A source address persistence profile is assigned to the virtual server.
Subscribe
0 Comments
Newest