F5 301b Practice Test - Questions Answers, Page 6

An application is configured on an LTM device:

Virtual server: 10.0.0.1:80 (VLAN vlan301)

SNAT IP: 10.0.0.1

Pool members: 10.0.1.1:8080, 10.0.1.2:8080, 10.0.1.3:8080 (VLAN vlan302)

Which packet capture should the LTM Specialist perform on the LTM device command line interface to capture only server traffic specifically for this application?

An LTM Specialist sees these entries in /var/log/ltm:

Oct 25 03:34:31 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:33 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Assume 172.16.20.0/24 is attached to the VLAN 'internal.'

What should the LTM Specialist use to troubleshoot this issue?

A virtual server for a set of web services is constructed on an LTM device. The LTM Specialist has created an iRule and applied this iRule to the virtual server:

when HTTP_REQUEST {

switch [HTTP::uri] {

'/WS1/ws.jsp' {

log local0. '[HTTP::uri]-Redirected to JSP Pool'

pool JSP

}

default { log local0. '[HTTP::uri]-Redirected to Non-JSP Pool'

pool NonJSP

}

}

}

However, the iRule is NOT behaving as expected. Below is a snapshot of the log:

/WS1/ws.jsp-Redirected to JSP Pool

/WS1/ws.jsp-Redirected to JSP Pool

/WS1/ws.jsp-Redirected to JSP Pool

/WS1/WS.jsp-Redirected to Non-JSP Pool

/ws1/WS.jsp-Redirected to Non-JSP Pool

/WS1/ws.jsp-Redirected to JSP Pool

/ws1/ws.jsp-Redirected to Non-JSP Pool

What is the problem?

An LTM Specialist is tasked with ensuring that the syslogs for the LTM device are sent to a remote syslog server.

The following is an extract from the config file detailing the node and monitor that the LTM device is using for the remote syslog server:

monitor

Syslog_15002 {

defaults from udp

dest *:15002

}

node 91.223.45.231 {

monitor Syslog_15002

screen RemoteSYSLOG

}

There seem to be problems communicating with the remote syslog server. However, the pool monitor shows that the remote server is up.

The network department has confirmed that there are no firewall rules or networking issues preventing the LTM device from communicating with the syslog server. The department responsible for the remote syslog server indicates that there may be problems with the syslog server. The LTM Specialist checks the BIG-IP LTM logs for errors relating to the remote syslog server. None are found. The LTM Specialist does a tcpdump:

tcpdump -nn port 15002, with the following results:

21:28:36.395543 IP 192.168.100.100.44772 > 91.223.45.231.15002: UDP, length 19

21:28:36.429073 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 169

21:28:36.430714 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 181

21:28:36.840524 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 169

21:28:36.846547 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 181

21:28:39.886343 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 144

NotE. 192.168.100.100 is the self IP of the LTM device.

Why are there no errors for the remote syslog server in the log files?

Given a tcpdump on an LTM device from both sides of a connection on the External and Internal VLANs, how should an LTM Specialist determine if SNAT is enabled for a particular pool?

An LTM Specialist has a OneConnect profile and HTTP profile configured on a virtual server to load balance an HTTP application.

The following HTTP headers are seen in a network trace when a client connects to the virtual server:

Clientside:

GET / HTTP/1.1

Host: 192.168.136.100

User-Agent: Mozilla/5.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-EncodinG. gzip, deflate

Connection: keep-alive

Serverside:

HTTP/1.1 200 OK

DatE. 5 Jun 1989 17:06:55 GMT

Server: Apache/2.2.14 (Ubuntu)

Vary: Accept-Encoding

Content-EncodinG. gzip

Content-LengtH. 3729

X-Cnection: close

Content-TypE. text/html

The LTM Specialist notices the OneConnect feature is working incorrectly.

Why is OneConnect functioning incorrectly?

A virtual server for a set of web services is constructed on an LTM device. The LTM Specialist has created an iRule and applied this iRule to the virtual server:

when HTTP_REQUEST {

switch [HTTP::uri] {

'/ws1/ws.jsp' {

log local0. '[HTTP::uri]-Redirected to JSP Pool'

pool JSP

}

default { log local0. '[HTTP::uri]-Redirected to Non-JSP Pool'

pool NonJSP

}

}

}

However, the iRule is NOT behaving as expected. Below is a snapshot of the log:

/WS1/ws.jsp-Redirected to JSP Pool

/WS1/ws.jsp-Redirected to JSP Pool

/WS1/ws.jsp-Redirected to JSP Pool

/WS1/WS.jsp-Redirected to Non-JSP Pool

/ws1/WS.jsp-Redirected to Non-JSP Pool

/WS1/ws.jsp-Redirected to JSP Pool

/ws1/ws.jsp-Redirected to Non-JSP Pool

What should the LTM Specialist do to resolve this?

An LTM device has a virtual server configured as a Performance Layer 4 virtual listening on 0.0.0.0:0 to perform routing of packets to an upstream router. The client machine at IP address 192.168.0.4 is attempting to contact a host upstream of the LTM device on IP address 10.0.0.99.

The network flow is asymmetrical, and the following TCP capture displays:

# tcpdump -nnni 0.0 'host 192.168.0.4 and host 10.0.0.99'

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on 0.0, link-type EN10MB (Ethernet), capture size 96 bytes

05:07:55.499954 IP 192.168.0.4.35345 > 10.0.0.99.443: S 3205656213:3205656213(0) ack 3267995082 win 1480

05:07:55.499983 IP 10.0.0.99.443 > 192.168.0.4.35345: R 1:1(0) ack 1 win 0

05:07:56.499960 IP 192.168.0.4.35345 > 10.0.0.99.443: S 3205656213:3205656213(0) ack 3267995082 win 1480

05:07:56.499990 IP 10.0.0.99.443 > 192.168.0.4.35345: R 1:1(0) ack 1 win 0

4 packets captured

Which option within the fastL4 profile needs to be enabled by the LTM Specialist to prevent the LTM device from rejecting the flow?

An LTM Specialist has configured a virtual server for www.example.com, load balancing connections to a pool of application servers that provide a shopping cart application. Cookie persistence is enabled on the virtual server. Users are able to connect to the application, but the user's shopping cart fails to update. A traffic capture shows the following:

Request:

GET /cart/updatecart.php HTTP/1.1

Host: www.example.com

Connection: keep-alive

Cache-Control: max-age=0

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-EncodinG. gzip,deflate,sdch

Accept-LanguagE. en-US,en;q=0.8

Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

CookiE. BIGipServerwebstore_pool=353636524.20480.0000

Response:

HTTP/1.1 200 OK

DatE. Wed, 24 Oct 2012 18:00:13 GMT

Server: Apache/2.2.22 (Ubuntu)

X-Powered-By: PHP/5.3.10-1ubuntu3.1

Set-CookiE. cartID=647A5EA6657828C69DB8188981CB5; path=/; domain=wb01.example.com

Keep-AlivE. timeout=5, max=100

Connection: Keep-Alive

Content-TypE. text/html

No changes can be made to the application.

What should the LTM Specialist do to resolve the problem?