F5 interview questions and answers
??AM ??IXIT ?
15?? ?????????????????? ||?????????????? || ??????????||?????????? ?????? || ???? || ???????????????????? ||??&?? || ??????|| ?????????? ???????????????? ||????????#?????????????????? || ?????????????? ????????????
F5 load balancer interview questions for network security interview -
uestion1- What is F5 LTM ?
Ans-
F5? BIG-IP? Local Traffic Manager? (LTM) helps you deliver applications to your users in a reliable, secure, and optimized way. You get the extensibility and flexibility of application services with the programmability you need to manage your physical, virtual, and cloud infrastructure.
Question 2- What is Virtual server in F5 ?
Ans-
The F5 Virtual Server is a traffic management object on your F5 BIG-IP device. It is the representation of multiple servers to the user as a single server. The F5 Virtual Server is a virtual IP that serves user requests. It transmits the requests to the pool that you configure.
Question 3- What is Node and Pool Member in F5 ?
Ans-
The difference between a node and a pool member is that a node is designated by the device’s IP address only (10.10. 10.10), while designation of a pool member includes an IP address and a service (such as 192.168. 1.1:80). A primary feature of nodes is their association with health monitors.
Question 4- What are Self IP addresses and floating self IP addresses?
Ans-
A static self IP address is an IP address that the BIG-IP system does not share with another BIG-IP system. Any self IP address that you assign to the default traffic group traffic-group-local-only is a static self IP address.
A floating self IP address is an IP address that two BIG-IP systems share. Any self IP address that you assign to the default traffic group traffic-group-1 is a floating self IP address.
For each self IP address that you create for a VLAN, the BIG-IP system automatically assigns a media access control (MAC) address.
As an alternative, you can globally configure the BIG-IP system to assign the same MAC address to all VLANs. This feature is useful if your network includes a type of switch that does not keep a separate Layer 2 forwarding table for each VLAN on that switch
Question 6- What is Port Lockdown in F5 ?
Question 7 — What is difference between LTM and GTM ?
Ans-
GTM is the acronym in the form of Global Traffic Manager, which does name to IP address. GTM is an intelligent name resolver that can intelligently convert the name to IP address. The goal is to distribute the flow of traffic across two locations. After the GTM gives you an IP that you can route your traffic to, you’re finished using it until you request it to resolve a different name.
领英推荐
LTM is the abbreviation for Local Traffic Manager, used to allocate local traffic to the pool that includes members. LTM does not perform any DNS type of work
Question 8- What is OneConnect profile in F5 ?
Ans-
OneConnect ” is a trademark feature of F5 LTM (Local Traffic Manager) which leverages HTTP 1.1 keepalive. OneConnect Feature enhances Web Application performance and reduces the load on Server by reducing the number of concurrent TCP connections made with the clients
One Connect Provided multiple features -
1- OneConnect Feature of F5 LTM reduces server side connections by re-using previously established connections from connection reuse pool for next client request.
2- Once connect feature of f5 LTM increases server network connection efficiency by keeping server-side connections open and resuing them for new client connections
3- F5 LTM uses HTTP 1.1 keep alive feature to implement once connect
4- F5 maintain two connection first between user to F5 and second one F5 to backend server pool.
5- if new client initiates a connection within a certain timeout interval , the F5 will re-use the server side connection that was retained for the connection.
Note- when used OneConnect must use HTTP profile and don’t use OneConnect profile with non-http traffic. also don’t use OneConnect profile for encrypted traffic
Question 9 — What is persistence in F5 ?
Ans-
When an application maintains the session, a persistent session between the client and server must be correctly maintained to ensure the server can continue to process client requests. A typical example is web based shopping carts, this normally requires the user to maintain persistence to a single server during the lifetime of the session.
There are multiple method available of Persistence
Source Address Persistence –
Source Address Persistence supports the TCP and UDP protocols and directs traffic to the same server based upon the clients source IP address
Cookie Persistence –
Cookie persistence only supports the HTTP protocol. This is because the F5 BigIP is unable to inspect cookies from within an encrypted session. It is also worth noting that if a) the clients system clock is incorrect or b) cookies are disabled then the cookies may not be sent from the client to BigIP.
SSL Persistence –
SSL Persistence uses the SSL Session ID for persistence. Though this has the benefit of providing persistence to SSL sessions that aren’t terminated on the F5, as some browsers frequently negotiate the Session ID (due to security reasons) this can lead to short persistence periods. Due to this it is recommended that source IP persistence is defined as backup persistence method.
for more such content go into our website- https://techclick.in