-- Exhibit –
-- Exhibit --
Refer to the exhibits.
Users are able to access the application when connecting to the virtual server but are unsuccessful when connecting directly to the application servers. The LTM Specialist wants to allow direct access to the application servers.
Why are users unable to connect directly to the application servers?
-- Exhibit –
-- Exhibit --
Refer to the exhibit.
A user is unable to access a secure application via a virtual server.
What is the cause of the issue?
-- Exhibit –
-- Exhibit --
Refer to the exhibit.
An LTM Specialist is troubleshooting an issue with SSL and is receiving the error shown when connecting to the virtual server. When connecting directly to the pool member, clients do NOT receive this message, and the application functions correctly. The LTM Specialist exports the appropriate certificate and key from the pool member and imports them into the LTM device. The LTM Specialist then creates the Client SSL profile and associates it with the virtual server.
What is the issue?
A failover event is recorded in the log messages:
Jan 01 00:00:50 BIG-IP notice sod[5855]: 01140029:5: HA proc_running tmm fails action is go offline and down links.
Jan 01 00:00:50 BIG-IP notice sod[5855]: 010c0050:5: Sod requests links down.
Jan 01 00:00:50 BIG-IP notice sod[5855]: 010c0054:5: Offline for traffic group /Common/traffic-group-1.
Jan 01 00:00:50 BIG-IP notice sod[5855]: 010c003e:5: Offline
Jan 01 00:00:50 BIG-IP notice logger: /usr/bin/tmipsecd --tmmcount 4 ==> /usr/bin/bigstart stop racoon
Jan 01 00:00:50 BIG-IP info lacpd[5502]: 01160016:6: Failover event detected. (Switchboard failsafe disabled while offline)
Jan 01 00:00:51 BIG-IP err bcm56xxd[5296]: 012c0010:3: Failover event detected. Marking external interfaces down. bsx.c(3633)
Jan 01 00:00:51 BIG-IP info bcm56xxd[5296]: 012c0015:6: Link: 1.1 is DOWN
Jan 01 00:00:56 BIG-IP notice mcpd[5318]: 0107143c:5: Connection to CMI peer 10.0.0.3 has been removed
Jan 01 00:00:56 BIG-IP notice mcpd[5318]: 0107143a:5: CMI reconnect timer: enabled
Jan 01 00:00:56 BIG-IP notice mcpd[5318]: 01071431:5: Attempting to connect to CMI peer 10.0.0.3 port 6699
What is the cause of the failover?
An LTM Specialist is tasked with ensuring that the syslogs for the LTM device are sent to a remote syslog server.
The following is an extract from the config file detailing the node and monitor that the LTM device is using for the
remote syslog server:
monitor
Syslog_15002 {
defaults from udp
dest *:15002
}
node 91.223.45.231 {
monitor Syslog_15002
screen RemoteSYSLOG
}
There seem to be problems communicating with the remote syslog server. However, the pool monitor shows that the remote server is up.
The network department has confirmed that there are no firewall rules or networking issues preventing the LTM device from
communicating with the syslog server. The department responsible for the remote syslog server indicates that there may
be problems with the syslog server. The LTM Specialist checks the BIG-IP LTM logs for errors relating to the remote syslog
server. None are found. The LTM Specialist does a tcpdump:
tcpdump -nn port 15002, with the following results:
21:28:36.395543 IP 192.168.100.100.44772 > 91.223.45.231.15002: UDP, length 19
21:28:36.429073 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 169
21:28:36.430714 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 181
21:28:36.840524 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 169
21:28:36.846547 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 181
21:28:39.886343 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 144
NotE. 192.168.100.100 is the self IP of the LTM device.
Why are there no errors for the remote syslog server in the log files?
A virtual server for a set of web services is constructed on an LTM device. The LTM Specialist has created an iRule and applied this iRule to the virtual server:
when HTTP_REQUEST {
switch [HTTP::uri] {
"/ws1/ws.jsp" {
log local0. "[HTTP::uri]-Redirected to JSP Pool"
pool JSP
}
default { log local0. "[HTTP::uri]-Redirected to Non-JSP Pool"
pool NonJSP
}
}
}
However, the iRule is NOT behaving as expected. Below is a snapshot of the log:
/WS1/ws.jsp-Redirected to JSP Pool
/WS1/ws.jsp-Redirected to JSP Pool
/WS1/ws.jsp-Redirected to JSP Pool
/WS1/WS.jsp-Redirected to Non-JSP Pool
/ws1/WS.jsp-Redirected to Non-JSP Pool
/WS1/ws.jsp-Redirected to JSP Pool
/ws1/ws.jsp-Redirected to Non-JSP Pool
What should the LTM Specialist do to resolve this?
An LTM Specialist is receiving reports from customers about multiple applications failing to work properly. The LTM Specialist looks at the services running and notices that the bigd process has NOT started.
How are monitored LTM device objects marked when the bigd process is stopped?
An LTM Specialist is troubleshooting a problem on an eCommerce website. The user browses the online store using port 80, adding items to the shopping cart. The user then clicks the "Checkout" button on the site, which redirects the user to port 443 for the checkout process. Suddenly, the user's shopping cart is shown as empty. The shopping cart data is stored in memory on the server, and the default source address persistence profile is used on both virtual servers.
How should the LTM Specialist resolve this issue?
An HTTP 1.1 application utilizes chunking.
Which header should be used to notify the client's browser that there are additional HTTP headers at the end of the message?
-- Exhibit –
-- Exhibit --
Refer to the exhibit.
A pair of LTM devices are deployed in a high-availability (HA) pair as the diagram shows. After inserting a new rule on the firewalls, the LTM devices become Standby. The rule drops all outbound sessions to the Internet. Only inbound connections are allowed from the Internet. There are no other changes to the environment.
What triggered the LTM device failover?
