301b - LTM Specialist: Maintain & Troubleshoot

Go back to F5

Example Questions

A stand-alone LTM device is to be paired with a second LTM device to create an active/standby pair. The current stand-alone LTM device is in production and has several VLANs with floating IP addresses configured. The appropriate device service clustering (DSC) configurations are in place on both LTM devices. Which two non-specific DSC settings should the LTM Specialist configure on the second LTM device to ensure no errors are reported when attempting to synchronize for the first time? (Choose two.) An LTM Specialist has just captured trace /var/tmp/trace.cap for site www.example.com while listening on virtual address 10.0.0.1:443 configured on partition ApplicationA. The data payload being captured is SSL encrypted. Which command should the LTM Specialist execute to decrypt the data payload? An LTM Specialist is troubleshooting an issue with a new virtual server. When connecting through the virtual server, clients receive the message "Unable to connect" in the browser, although connections directly to the pool member show the application is functioning correctly. The LTM device configuration is: ltm virtual /Common/vs_https { destination /Common/10.10.1.110:443 ip-protocol udp mask 255.255.255.255 pool /Common/pool_https profiles { /Common/udp { } } translate-address enabled translate-port enabled vlans-disabled } ltm pool /Common/pool_https { members { /Common/172.16.20.1:443 { address 172.16.20.1 } } } What issue is the LTM Specialist experiencing? An LTM Specialist is working with an LTM device configured with 10 virtual servers on the same domain with a different key/cert pair per virtual. For examplE. www.example.com; ftp.example.com; ssh.example.com; ftps.example.com. What should the LTM Specialist do to reduce the number of objects on the LTM device? A web developer has created a custom HTTP call to a backend application. The HTTP headers being sent by the HTTP call are: GET / HTTP/1.1 User-Agent: MyCustomApp (v1.0) Accept: text/html Cache-Control: no-cache Connection: keep-alive CookiE. somecookie=1 The backend server is responding with the following: HTTP/1.1 400 Bad Request DatE. Wed, 20 Jul 2012 17:22:41 GMT Connection: close Why is the HTTP web server responding with a HTTP 400 Bad Request? A new web application is hosted at www.example.net, but some clients are still pointing to the legacy web application at www.example.com. Which iRule will allow clients referencing www.example.com to access the new application? An LTM device has been configured to log the reasons for generating TCP RST packets. The following log entry occurs: "01230140:3: RST sent from 192.168.1.100:80 to 192.168.1.124:39272, [0x112d82a:1721] {peer} TCP RST from remote system." Which condition will trigger this log entry? The end users of a web application need to verify that their browsers received the complete message-body from the web server. Which HTTP header will accomplish this? A web application is meant to log the URI of the resource that responded to the client's initial Request-URI. Which HTTP header will supply this information? An LTM Specialist needs to rewrite text within an HTML response from a web server. A client is sending the following HTTP request: GET / HTTP/1.1 Host: www.example.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:16.0) Gecko/20100101 Firefox/16.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-LanguagE. en-US,en;q=0.5 Accept-EncodinG. gzip, deflate Cache-Control: no-cache Connection: keep-alive CookiE. somecookie=1 HTTP/1.1 200 OK Server: Apache/2.2.15 (Unix) Last-ModifieD. Wed, 12 Aug 2009 00:00:30 GMT Accept-Ranges: bytes Content-LengtH. 1063 X-Cnection: close Content-TypE. text/html; charset=UTF-8 Vary: Accept-Encoding Content-EncodinG. gzip Connection: Keep-Alive Although a stream profile has been added to the virtual server, the content within the HTTP response is NOT being matched and therefore NOT modified. Which header field is contributing to the issue? An LTM Specialist is receiving reports from customers about multiple applications failing to work properly. The LTM Specialist looks at the services running and notices that the bigd process has NOT started. How are monitored LTM device objects marked when the bigd process is stopped? An LTM Specialist is troubleshooting virtual server 10.0.0.1:443 residing on VLAN vlan301. The web application is accessed via www.example.com. The LTM Specialist wants to save a packet capture with complete decrypted payload for external analysis. Which command should the LTM Specialist execute on the LTM device command line interface? An IT administrator wants to log which server is being load balanced to by a user with IP address 10.10.10.25. Which iRule should the LTM Specialist use to fulfill the request? An LTM device is monitoring three pool members. One pool member is being marked down. What should the LTM Specialist enable to prevent the server from being flooded with connections once its monitor determines it is up? Windows PC clients are connecting to a virtual server over a high-speed, low-latency network with no packet loss. Which built-in client-side TCP profile provides the highest throughput for HTTP downloads? An LTM Specialist is setting up a monitor for an HTTP 1.1 server. The response to a GET / is: HTTP/1.1 302 Moved Temporarily Location: http://www.example.com/new/location.html Which send string settings should the LTM Specialist use to force a proper response? An F5 LTM Specialist needs to perform an LTM device configuration backup prior to RMA swap. Which command should be executed on the command line interface to create a backup? Given LTM device ltm log: Sep 26 20:51:08 local/lb-d-1 notice promptstatusd[3695]: 01460006:5: semaphore mcpd.running(1) held Sep 26 20:51:08 local/lb-d-1 notice promptstatusd[3695]: 01460006:5: Sep 26 20:51:08 local/lb-d-1 warning promptstatusd[3695]: 01460005:4: mcpd.running(1) held, wait for mcpd Sep 26 20:51:08 local/lb-d-1 info sod[3925]: 010c0009:6: Lost connection to mcpd - reestablishing. Sep 26 20:51:08 local/lb-d-1 err bcm56xxd[3847]: 012c0004:3: Lost connection with MCP: 16908291 ... Exiting bsx_connect.cpp(174) Sep 26 20:51:08 local/lb-d-1 info bcm56xxd[3847]: 012c0012:6: MCP Exit Status Sep 26 20:51:08 local/lb-d-1 info bcm56xxd[3847]: 012c0012:6: Info: LACP stats (time now:1348717868) : no traffic Sep 26 20:51:08 local/lb-d-1 info bcm56xxd[3847]: 012c0014:6: Exiting... Sep 26 20:51:08 local/lb-d-1 err lind[3842]: 013c0004:3: IO error on recv from mcpd - connection lost Sep 26 20:51:08 local/lb-d-1 notice bigd[3837]: 01060110:5: Lost connection to mcpd with error 16908291, will reinit connection. Sep 26 20:51:08 local/lb-d-1 err statsd[3857]: 011b0004:3: Initial subscription for system configuration failed with error '' Sep 26 20:51:08 local/lb-d-1 err statsd[3857]: 011b0001:3: Connection to mcpd failed with error '011b0004:3: Initial subscription for system configuration failed with error ''' Sep 26 20:51:08 local/lb-d-1 err csyncd[3851]: 013b0004:3: IO error on recv from mcpd - connection lost .............skipping more logs..... Sep 26 20:51:30 local/lb-d-1 notice sod[3925]: 01140030:5: HA proc_running bcm56xxd is now responding. Sep 26 20:51:34 local/lb-d-1 notice sod[3925]: 01140030:5: HA proc_running mcpd is now responding. Sep 26 20:51:34 local/lb-d-1 notice sod[3925]: 010c0018:5: Standby Which daemon failed? Given a tcpdump on an LTM device from both sides of a connection on the External and Internal VLANs, how should an LTM Specialist determine if SNAT is enabled for a particular pool? An LTM device is load balancing SIP traffic. An LTM Specialist notices that sometimes the SIP request is being load balanced to the same server as the initial connection. Which setting in the UDP profile will make the LTM device more evenly distribute the SIP traffic? Which iRule will reject any connection originating from a 10.0.0.0/8 network? An LTM Specialist is troubleshooting a problem on an eCommerce website. The user browses the online store using port 80, adding items to the shopping cart. The user then clicks the "Checkout" button on the site, which redirects the user to port 443 for the checkout process. Suddenly, the user's shopping cart is shown as empty. The shopping cart data is stored in memory on the server, and the default source address persistence profile is used on both virtual servers. How should the LTM Specialist resolve this issue? What does the following iRule do? when CLIENT_ACCEPTED { if { [matchclass [IP::client_addr] equals WebClient1-Whitelist1] }{ #log local0. "Valid client IP: [IP::client_addr] - forwarding traffic" #Pool WebClient1 } else { log local0. "Invalid client IP: [IP::client_addr] - discarding" discard } } The LTM Specialist is writing a custom HTTP monitor for a web application and has viewed the content by accessing the site directly via their browser. The monitor continually fails. The monitor configuration is: ltm monitor http /Common/exampleComMonitor { defaults-from /Common/http destination *:* interval 5 recv "Recent Searches" send "GET /app/feed/current\?uid=20145 HTTP/1.1\\r\\nHost: www.example.com\\r\\nAccept-EncodinG. gzip, deflate\\r\\nConnection: close\\r\\n\\r\\n" time-until-up 0 timeout 16 } A trace shows the following request and response: Request: GET /app/feed/current?uid=20145 HTTP/1.1 Host www.example.com Accept-Encoding gzip, deflate Connection: close Response: HTTP/1.1 302 Moved Temporarily Date Wed, 17 Oct 2012 18:45:52 GMT Server Apache Location https://example.com/login.jsp Content-Encoding gzip Content-Type text/html;charset=UTF-8 Set-CookiE. JSESSIONID=261EFFBDA8EC3036FBCC22D991AC6835; Path=/app/feed/current?uid=20145 What is the problem? A device group is made up of four members: LTM-A, LTM-B, LTM-C, and LTM-D. An LTM Specialist makes a configuration change on LTM-B. Later, a different LTM Specialist notices a "changes pending" message on all devices. When logged into LTM-D, the LTM Specialist attempts to config-sync to the device group. The sync operation fails. Why is the LTM Specialist on LTM-D unable to synchronize the configuration to the group? What is the correct command to reset an LTM device to its default settings? An LTM Specialist is tasked with ensuring that the syslogs for the LTM device are sent to a remote syslog server. The following is an extract from the config file detailing the node and monitor that the LTM device is using for the remote syslog server: monitor Syslog_15002 { defaults from udp dest *:15002 } node 91.223.45.231 { monitor Syslog_15002 screen RemoteSYSLOG } There seem to be problems communicating with the remote syslog server. However, the pool monitor shows that the remote server is up. The network department has confirmed that there are no firewall rules or networking issues preventing the LTM device from communicating with the syslog server. The department responsible for the remote syslog server indicates that there may be problems with the syslog server. The LTM Specialist checks the BIG-IP LTM logs for errors relating to the remote syslog server. None are found. The LTM Specialist does a tcpdump: tcpdump -nn port 15002, with the following results: 21:28:36.395543 IP 192.168.100.100.44772 > 91.223.45.231.15002: UDP, length 19 21:28:36.429073 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 169 21:28:36.430714 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 181 21:28:36.840524 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 169 21:28:36.846547 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 181 21:28:39.886343 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 144 NotE. 192.168.100.100 is the self IP of the LTM device. Why are there no errors for the remote syslog server in the log files? Given the iRule: when HTTP_REQUEST { if {([HTTP::username] ne "") and ([HTTP::password] ne "") } { log local0. "client ip [IP::remote_addr] credentials provided [HTTP::username] [HTTP::password]"} else { pool old_application_pool } } The associated virtual server has a default pool named new_application_pool. Which functionality does the iRule provide? An LTM Specialist wants to allow access to the Always On Management (AOM) from the network. Which two methods should the LTM Specialist use to configure the AOM interface? (Choose two.) The output of a tmsh command is: ------------------------------------------------------------ Net::Interface Name Status Bits Bits Errs Errs Drops Drops Colli In Out In Out In Out sions ------------------------------------------------------------ 1.1 down 0 0 0 0 0 0 0 1.2 up 191.4K 0 0 0 374 0 0 1.3 down 0 0 0 0 0 0 0 1.4 up 22.5K 0 0 0 44 0 0 2.1 miss 0 0 0 0 0 0 0 2.2 miss 0 0 0 0 0 0 0 mgmt up 43.2G 160.0G 0 0 0 0 0 Which command was executed on the LTM device to show the output? These log entries can have different root causes: Jun 28 05:01:21 LTM_A notice mcpd[27545]: 0107143a:5: CMI reconnect timer: enabled Jun 28 05:01:21 LTM_A notice mcpd[27545]: 01071431:5: Attempting to connect to CMI peer 1.1.1.2 port 6699 Jun 28 05:01:21 LTM_A notice mcpd[27545]: 01071432:5: CMI peer connection established to 1.1.1.2 port 6699 Jun 28 05:01:26 LTM_A notice mcpd[27545]: 0107143a:5: CMI reconnect timer: disabled, all peers are connected Which two commands should be used to obtain additional information on these entries? (Choose two.) An LTM Specialist troubleshooting an issue looks at the following /var/log/ltm entries: Oct 2 04:52:42 slot1/tmm7 crit tmm7[21734]: 01010201:2: Inet port exhaustion on 10.143.109.5 to 10.143.147.150:53 (proto 17) Oct 2 05:37:16 slot1/tmm7 crit tmm7[21734]: 01010201:2: Inet port exhaustion on 10.143.109.5 to 10.143.147.150:53 (proto 17) Oct 2 05:57:32 slot1/tmm2 crit tmm2[21729]: 01010201:2: Inet port exhaustion on 10.143.109.5 to 10.143.147.150:53 (proto 17) Oct 2 06:30:03 slot1/tmm7 crit tmm7[21734]: 01010201:2: Inet port exhaustion on 10.143.109.5 to 10.143.147.150:53 (proto 17) Oct 2 06:37:44 slot1/tmm2 crit tmm2[21729]: 01010201:2: Inet port exhaustion on 10.143.109.5 to 10.143.147.150:53 (proto 17) Oct 2 06:47:05 slot1/tmm5 crit tmm5[21732]: 01010201:2: Inet port exhaustion on 10.143.109.5 to 10.143.147.150:53 (proto 17) Which configuration item should the LTM Specialist review to fix the issue? A client (10.10.1.30) connecting to an HTTPS virtual server (10.10.1.100) with a clientssl profile is getting an SSL error. Which options will trace this issue? A high-availability (HA) pair configuration uses only the hardwire serial cable connection to determine device state. A power outage occurs to the PDU powering the active unit. The standby unit takes over the active role as expected. How is the peer unit able to determine the active unit is unavailable? A virtual server for a set of web services is constructed on an LTM device. The LTM Specialist has created an iRule and applied this iRule to the virtual server: when HTTP_REQUEST { switch [HTTP::uri] { "/WS1/ws.jsp" { log local0. "[HTTP::uri]-Redirected to JSP Pool" pool JSP } default { log local0. "[HTTP::uri]-Redirected to Non-JSP Pool" pool NonJSP } } } However, the iRule is NOT behaving as expected. Below is a snapshot of the log: /WS1/ws.jsp-Redirected to JSP Pool /WS1/ws.jsp-Redirected to JSP Pool /WS1/ws.jsp-Redirected to JSP Pool /WS1/WS.jsp-Redirected to Non-JSP Pool /ws1/WS.jsp-Redirected to Non-JSP Pool /WS1/ws.jsp-Redirected to JSP Pool /ws1/ws.jsp-Redirected to Non-JSP Pool What is the problem? An LTM HTTP pool has an associated monitor that sends a string equal to 'GET /test.html'. Which two configurations could an LTM Specialist implement to allow server administrators to disable their pool member servers without logging into the LTM device? (Choose two.) What is a benefit provided by F5 Enterprise Manager? A user is having issues with connectivity to an HTTPS virtual server. The virtual server is on the LTM device's external vlan, and the pools associated with the virtual server are on the internal vlan. An LTM Specialist does a tcpdump on the external interface and notices that the host header is incomplete. In which location should the LTM Specialist put a traffic analyzer to gather the most pertinent data? An LTM Specialist has set up a custom SNMP alert. Which command line tool should the LTM Specialist use to test the alert? An application owner claims an LTM device is delaying delivery of an HTTP application. The LTM device has two VLANs, an internal and an external. The application servers reside on the internal VLAN. The virtual server and clients reside on the external VLAN. With appropriate filters applied, which solution is most efficient for obtaining packet captures in order to investigate the claim of delayed delivery? An LTM Specialist is troubleshooting an issue with a new virtual server. When connecting through the virtual server, clients receive the message "The connection was reset" in the browser, although connections directly to the pool member show the application is functioning correctly. ltm pool srv1_https_pool { members { 192.168.2.1:https{ address 192.168.2.1 } } } ltm virtual https_example_vs { destination 192.168.1.155:https ip-protocol tcp mask 255.255.255.255 pool srv1_https_pool profiles { http { } tcp { } } snat automap vlans-disabled } How should the LTM Specialist resolve this issue? Which two subsystems could the LTM Specialist utilize to access an LTM device with lost management interface connectivity? (Choose two.) An LTM Specialist is investigating reports from users that SSH connections are being terminated unexpectedly. SSH connections are load balanced through a virtual server. The users experiencing this problem are running SQL queries that take upwards of 15 minutes to return with no screen output. The virtual server is standard with a pool associated and no other customizations. What is causing the SSH connections to terminate? An LTM Specialist configured a virtual server to load balance a custom application. The application works when it is tested from within the firewall but it fails when tested externally. The pool member address is 192.168.200.10:80. A capture from an external client shows: GET /index.jsp HTTP/1.1 Host: 207.206.201.100 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Connection: keep-alive HTTP/1.1 302 Found DatE. Wed, 17 Oct 2012 23:09:55 GMT Server: Apache/2.2.15 (CentOS) Location: http://192.168.200.10/user/home.jsp Content-LengtH. 304 Connection: close What is the solution to this issue? Which command should the LTM Specialist use to determine the current system time? An LTM Specialist is troubleshooting a problem on an eCommerce website. The user browses the online store using port 80, adding items to the shopping cart. The user then clicks the "Checkout" button on the site, which redirects the user to port 443 for the checkout process. Suddenly, the user's shopping cart is shown as empty. The shopping cart data is stored in memory on the server, and the default source address persistence profile is used on both virtual servers. What is the issue? An LTM device is monitoring pool members on port 80. The LTM device is using an HTTP monitor with a send string of GET / and a blank receive string. What would cause the pool members to be marked down? What is the effect of an iRule error such as referencing an undefined variable? An LTM Specialist has been asked to configure a virtual server to distribute connections between a pool of two application servers with addresses 172.16.20.1 and 172.16.20.2. The application servers are listening on TCP ports 80 and 443. The application administrators have asked that clients be directed to the same node for both HTTP and HTTPS requests within the same session. Virtual servers vs_http and vs_https have been created, listening on 1.2.3.100:80 and 1.2.3.100:443, respectively. Which configuration option will result in the desired behavior? Which file should be modified to create custom SNMP alerts?