F5 DUMP‎ > ‎

F5 LTM 101

Exam Notes

posted 1 Oct 2016, 01:43 by Donald Ross   [ updated 4 Oct 2016, 11:20 ]

read up on....

Positive / Negative security

FTP passive / Active

HTTP headers 

Certificates / PKI

IPv4 Subnetting / IP v6 basics

H/A  Active / Passive Active/Active 

APM / GTM / ASM / AFM / LTM - learn use cases

Virtual / Physical - Why ?

3 way handshake

Persistence

SSL / TLS

...add content...

HTTP notes

posted 17 Sep 2016, 09:15 by Donald Ross   [ updated 17 Sep 2016, 09:53 ]

Common HTTP status codes:

200 OK The request succeeded, and the resulting resource (e.g. file or script output) is
        returned in the message body.
301 Moved Permanently
302 Moved Temporarily
303 See Other (HTTP 1.1 only)
        The resource has moved to another URL (given by the Location: response
        header), and should be automatically retrieved by the client. This is often used
        by a CGI script to redirect the browser to an existing file.
403 Forbidden The request was a valid request, but the server is refusing to respond to it.
404 Not Found The requested resource doesn’t exist.
500 Internal Server Error An unexpected server error. The most common cause is a server-side script
        that has bad syntax, fails, or otherwise can’t run correctly.
503 Service Unavailable The server is currently unavailable (because it is overloaded or down for
        maintenance). Generally, this is a temporary state.

HTTP requests

A HEAD request is just like a GET request, except it asks the server to return the response headers only, and
not the actual resource (i.e. no message body).
A POST request is used to send data to the server to be processed in some way, like by a CGI script.
A GET request means retrieve whatever information (in the form of an entity) is identified by the Request-URI. 

A CONNECT request for use with a proxy that can dynamically switch to being a tunnel

Extra information 

MTU / TCP Maximum Segment Size (MSS)

posted 16 Sep 2016, 23:33 by Donald Ross   [ updated 16 Sep 2016, 23:48 ]

MTU
The MTU is the maximum size of a single data unit (e.g., a frame) of digital communications. MTU sizes are
inherent properties of physical network interfaces, normally measured in bytes. The MTU for Ethernet, for
instance, is 1500 bytes. Some types of networks (like Token Ring) have larger MTUs, and some types have
smaller MTUs, but the values are fixed for each physical technology.
Higher-level network protocols like TCP/IP can be configured with a maximum packet size, a parameter
independent of the physical layer MTU over which TCP/IP runs. Unfortunately, many network devices use the
terms interchangeably. On both home broadband routers and Xbox Live enabled game consoles, for example,
the parameter called MTU is in fact the maximum TCP packet size and not the physical MTU.
    In Microsoft Windows, the maximum packet size for protocols like TCP can be set in the Registry. If this value
is set too low, streams of network traffic will be broken up into a relatively large number of small packets that
adversely affects performance. Xbox Live, for example, requires the value of MTU (packet size) by at least
1365 bytes. If the maximum TCP packet size is set too high, it will exceed the network’s physical MTU and
also degrade performance by requiring that each packet be subdivided into smaller ones (a process known as
fragmentation). Microsoft Windows computers default to a maximum packet size of 1500 bytes for broadband
connections and 576 bytes for dialup connections. Performance problems may also occur if the TCP “MTU” setting
on the home broadband router differs from the setting on individual devices connected to it.

MSS
During session connection establishment, two peers, or hosts, engage in negotiations to determine the IP
segment size of packets that they will exchange during their communication. The segment size is based on
the MSS option (maximum segment size) value set in the TCP SYN (synchronize) packets that the peers
exchange during session negotiation. The MSS field value to be used is largely determined by the maximum
transmission unit (MTU) of the interfaces that the peers are directly connected to.
About TCP and MSS
The TCP protocol is designed to limit the size of segments of data to a maximum of number of bytes. The
purpose for this is to constrain the need to fragment segments of data for transmission at the IP level. The
TCP MSS specifies the maximum number of bytes that a TCP packet’s data field, or segment, can contain.
It refers to the maximum amount of TCP data in a single IP datagram that the local system can accept and
reassemble.
A TCP packet includes data for headers as well as data contained in the segment. If the MSS value is set too
low, the result is inefficient use of bandwidth; more packets are required to transmit the data. An MSS value
that is set too high could result in an IP datagram that is too large to send and that must be fragmented.
Typically a host bases its MSS value on its outgoing interface’s maximum transmission unit (MTU) size. The
MTU is the maximum frame size along the path between peers. A packet is fragmented when it exceeds the
MTU size. Because of variation of the MTU size of the interfaces of hosts in the path taken by TCP packets
between two peers, some packets that are within the negotiated MSS size of the two peers might be
fragmented but instead are dropped and an ICMP error message is sent to the source host of the packet.
To diminish the likelihood of fragmentation and to protect against packet loss, you can decrease the TCP MSS.

Addition information on MMS and VPNs

The OSI Model

posted 15 Sep 2016, 00:34 by Donald Ross   [ updated 15 Sep 2016, 03:48 ]


7 - Application - Message format, Human-Machine Interface
7.  Application Layer - DHCP, DNS, FTP, HTTP, IMAP4, NNTP, POP3, SMTP, SNMP, SSH, TELNET and NTP
This layer supports application and end-user processes. Communication partners are identified, quality of
service is identified, user authentication and privacy are considered, and any constraints on data syntax
are identified. Everything at this layer is application-specific. This layer provides application services for file
transfers, e-mail, and other network software services., HTTP, IMAP4, NNTP, POP3, SMTP, SNMP, SSH, TELNET and NTP

6 - Presentation - Coding into 1s&0s, encryption, compression
6.  Presentation layer – SSL, WEP, WPA, Kerberos,

5 - Session - Authentication, permissions, session restoration
5.  Session layer - Logical Ports 21, 22, 23, 80 etc.

4 - Transport - end to end error control
4.  Transport - TCP, SPX and UDP

3 - Network - Network addressing; Routing/Switching
3.  Network - IPv4, IPV6, IPX, OSPF, ICMP, IGMP and ARP

2 - Data Link - Error detection, flow control on physical layer
2.  Data Link - 802.11 (WLAN), Wi-Fi, WiMAX, ATM, Ethernet, Token Ring, Frame Relay, PPTP, L2TP and ISDN

1 - Physical - Bit stream: physical medium, method of representing bits
1.  Physical - Hubs, Repeaters, Cables, Optical Fiber, SONET/SDN,Coaxial Cable, Twisted Pair Cable and
Connectors
 

1-4 of 4