Duration
3 Days
18 CPD hours
This course is intended for
This course is intended for system administrators, network administrators and
application developers responsible for the customization of traffic flow through
a BIG-IP system.
This course provides networking professionals a functional understanding of
iRules development. The course builds on the foundation of the Administering
BIG-IP or Configuring LTM course, demonstrating how to logically plan and write
iRules to help monitor and manage common tasks involved with processing traffic
on the BIG-IP system. Extensive course labs consist of writing, applying and
evaluating the effect of iRules on local traffic. This hands-on course includes
lectures, labs, and discussions.
MODULE 1: SETTING UP THE BIG-IP SYSTEM
* Introducing the BIG-IP System
* Initially Setting Up the BIG-IP System
* Archiving the BIG-IP System Configuration
* Leveraging F5 Support Resources and Tools
MODULE 2: GETTING STARTED WITH IRULES
* Customizing Application Delivery with iRules
* Triggering an iRule
* Leveraging the DevCentral Ecosystem
* Creating and Deploying iRules
MODULE 3: EXPLORING IRULE ELEMENTS
* Introducing iRule Constructs
* Understanding iRule Events and Event Context
* Working with iRule Commands
* Logging from an iRule Using SYSLOG-NG (LOG Command)
* Working with User-Defined Variables
* Working with Operators and Data Types
* Working with Conditional Control Structures (IF and SWITCH)
* Incorporating Best Practices in iRules
MODULE 4: DEVELOPING AND TROUBLESHOOTING IRULES
* Mastering Whitespace and Special Symbols
* Grouping Strings
* Developing and Troubleshooting Tips
* Using Fiddler to Test and Troubleshoot iRules
MODULE 5: OPTIMIZING IRULE EXECUTION
* Understanding the Need for Efficiency
* Measure iRule Runtime Efficiency Using Timing Statistics
* Modularizing iRules for Administrative Efficiency
* Using Procedures to Modularize Code
* Optimizing Logging
* Using High-Speed Logging Commands in an iRule
* Implementing Other Efficiencies
* Using Looping Control Structures (WHILE, FOR, FOREACH Commands)
MODULE 6: SECURING WEB APPLICATIONS WITH IRULES
* Integrating iRules into Web Application Defense
* Mitigating HTTP Version Attacks
* Mitigating Path Traversal Attacks
* Using iRules to Defends Against Cross-Site Request Forgery (CSRF)
* Mitigating HTTP Method Vulnerabilities
* Securing HTTP Cookies with iRules
* Adding HTTP Security Headers
* Removing Undesirable HTTP Headers
MODULE 7: WORKING WITH NUMBERS AND STRINGS
* Understanding Number Forms and Notation
* Working with Strings (STRING and SCAN Commands)
* Combining Strings (Adjacent Variables, CONCAT and APPEND Commands)
* Using iRule String Parsing Functions (FINDSTR, GETFIELD, and SUBSTR Commands)
MODULE 8: PROCESSING THE HTTP PAYLOAD
* Reviewing HTTP Headers and Commands
* Accessing and Manipulating HTTP Headers (HTTP::header Commands)
* Other HTTP commands (HTTP::host, HTTP::status, HTTP::is_keepalive,
HTTP::method, HTTP::version, HTTP::redirect, HTTP::respond, HTTP::uri)
* Parsing the HTTP URI (URI::path, URI::basename, URI::query)
* Parsing Cookies with HTTP::cookie
* Selectively Compressing HTTP Data (COMPRESS Command)
MODULE 9: WORKING WITH IFILES AND DATA GROUPS
* Working with iFiles
* Introducing Data Groups
* Working with Old Format Data Groups (MATCHCLASS, FINDCLASS)
* Working with New Format Data Groups (CLASS MATCH, CLASS SEARCH)
MODULE 10: USING IRULES WITH UNIVERSAL PERSISTENCE, STREAM, AND STATISTICS
PROFILES
* Implementing Universal Persistence (PERSIST UIE Command)
* Working with the Stream Profile (STREAM Command)
* Collecting Statistics Using a Statistics Profile (STATS Command)
* Collecting Statistics Using iStats (ISTATS Command)
MODULE 11: INCORPORATING ADVANCED VARIABLES
* Reviewing the Local Variable Namespace
* Working with Arrays (ARRAY Command)
* Using Static and Global Variables
* Using the Session Table (TABLE Command)
* Processing Session Table Subtables
* Counting ?Things? Using the Session Table