Arrow Electronics, Inc.

Developing iRules for BIG-IP v.15.1

CODE: F5N_BIG-IRULE-CFG

LENGTH: 3 days

PRICE: £2,495.00

Description

This 3 day course provides networking professionals a functional understanding of iRules development. The course builds on the foundation of the Administering BIG-IP or Configuring LTM course, demonstrating how to logically plan and write iRules to help monitor and manage common tasks involved with processing traffic on the BIG-IP system.

Extensive course labs consist of writing, applying and evaluating the effect of iRules on local traffic.

This hands-on course includes lectures, labs, and discussions.

Topics Covered

• Setting up the BIG-IP system
• Getting started with iRules
• Leveraging DevCentral resources for iRule development
• Exploring iRule elements, including events, functions, commands, variables, and operators
• Using control structures for conditional branching and looping
• Mastering whitespace, grouping, and special symbols
• Measuring iRule efficiency using timing statistics
• Logging from an iRule using syslog-ng and high-speed logging (HSL)
• Optimizing iRules execution, including implementing efficiency best practices
• Modularizing iRules for administrative efficiency, including using procedures
• Securing web applications with iRules, including preventing common HTTP attacks, securing HTTP headers and cookies, and implementing HTTP strict transport security (HSTS)
• Working with strings, including using Tcl parsing commands and iRules parsing functions
• Accessing and manipulating HTTP traffic, including applying selective HTTP compression
• Working with iFiles and data groups
• Using iRules with universal persistence and stream profiles
• Gathering statistics using STATS and ISTATS
• Incorporating advanced variables, including arrays, static variables, and the session table

Objectives

At the end of this course, the student will be able to:

• Describe the role of iRules in customizing application delivery on a BIG-IP system
• Describe best practices for using iRules
• Define event context, and differentiate between client-side and server-side contexts, request and response contexts, and local and remote contexts
• Trigger an iRule for both client-side and server-side request and response events
• Assign multiple iRules to a virtual server and control the order in which duplicate events trigger
• Describe and use a testing methodology for iRule development and troubleshooting
• Use local variables, static variables, lists, arrays, the session table, and data groups to store information needed for iRule execution
• Write iRules that are optimized for runtime and administrative efficiency
• Use control structures to conditionally branch or loop within an iRule
• Log from an iRule using Linux syslog-ng or TMOS high-speed logging (HSL)
• Incorporate coding best practices during iRule development
• Use analyzer tools to capture and view traffic flow on both client-side and server-side contexts
• Collect and use timing statistics to measure iRule runtime efficiency
• Write iRules to help mitigate and defend from some common HTTP attacks
• Differentiate between decimal, octal, hexadecimal, floating-point, and exponential notation
• Parse and manipulate strings using Tcl commands and iRule functions
• Write iRules to access and manipulate HTTP header information
• Write iRules to collect customized statistics
• Implement universal persistence via an iRule
• Modify payload content using an iRule with a stream profile

Audience

This course is intended for system administrators, network administrators and application developers responsible for the customization of traffic flow through a BIG-IP system using iRules.


Prerequisites

Students must complete one of the following F5 prerequisites before attending this course:

▪ Administering BIG-IP instructor-led course -or-
▪ Configuring BIG-IP LTM instructor-led course -or-
▪ F5 Certified BIG-IP Administrator

The following free web-based courses, although optional, will be very helpful for any student with limited BIG-IP administration and configuration experience.

These courses are available at LearnF5 (https://www.f5.com/services/training):

▪ Getting Started with BIG-IP
▪ Getting Started with BIG-IP Local Traffic Manager (LTM)

The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course:

▪ OSI model encapsulation
▪ Routing and switching
▪ Ethernet and ARP
▪ TCP/IP concepts
▪ IP addressing and subnetting
▪ NAT and private IP addressing
▪ Default gateway
▪ Network firewalls
▪ LAN vs. WAN

The following course-specific knowledge and experience is suggested before attending this course:

▪ HTTP protocol
▪ Any programming language

Programme

Chapter 1: Setting Up the BIG-IP System

▪ Introducing the BIG-IP System
▪ Initially Setting Up the BIG-IP System
▪ Archiving the BIG-IP System Configuration
▪ Leveraging F5 Support Resources and Tools

Chapter 2: Getting Started with iRules

▪ Customizing Application Delivery with iRules
▪ Triggering an iRule
▪ Leveraging the DevCentral Ecosystem
▪ Creating and Deploying iRules

Chapter 3: Exploring iRule Elements

▪ Introducing iRule Constructs
▪ Understanding iRule Events and Event Context
▪ Working with iRule Commands
▪ Logging from an iRule Using SYSLOG-NG (LOG Command)
▪ Working with User-Defined Variables
▪ Working with Operators and Data Types
▪ Working with Conditional Control Structures (IF and SWITCH)
▪ Incorporating Best Practices in iRules

Chapter 4: Developing and Troubleshooting iRules

▪ Mastering Whitespace and Special Symbols
▪ Grouping Strings
▪ Developing and Troubleshooting Tips
▪ Using Fiddler to Test and Troubleshoot iRules

Chapter 5: Optimizing iRule Execution

▪ Understanding the Need for Efficiency
▪ Measure iRule Runtime Efficiency Using Timing Statistics
▪ Modularizing iRules for Administrative Efficiency
▪ Using Procedures to Modularize Code
▪ Optimizing Logging
▪ Using High-Speed Logging Commands in an iRule
▪ Implementing Other Efficiencies
▪ Using Looping Control Structures (WHILE, FOR, FOREACH Commands) 

Chapter 6: Securing Web Applications with iRules

▪ Integrating iRules into Web Application Defense
▪ Mitigating HTTP Version Attacks
▪ Mitigating Path Traversal Attacks
▪ Using iRules to Defends Against Cross-Site Request Forgery (CSRF)
▪ Mitigating HTTP Method Vulnerabilities
▪ Securing HTTP Cookies with iRules
▪ Adding HTTP Security Headers
▪ Removing Undesirable HTTP Headers

Chapter 7: Working with Numbers and Strings

▪ Understanding Number Forms and Notation
▪ Working with Strings (STRING and SCAN Commands)
▪ Combining Strings (Adjacent Variables, CONCAT and APPEND Commands)
▪ Using iRule String Parsing Functions (FINDSTR, GETFIELD, and SUBSTR Commands)

Chapter 8: Processing the HTTP Payload

▪ Reviewing HTTP Headers and Commands
▪ Introducing iRule HTTP Header Commands
▪ Accessing and Manipulating HTTP Headers (HTTP::header Commands)
▪ Other HTTP commands (HTTP::host, HTTP::status, HTTP::is_keepalive, HTTP::method, HTTP::version, HTTP::redirect, HTTP::respond, HTTP::uri)
▪ Parsing the HTTP URI (URI::path, URI::basename, URI::query)
▪ Parsing Cookies with HTTP::cookie
▪ Selectively Compressing HTTP Data (COMPRESS Command)

Chapter 9: Working with iFiles and Data Groups

▪ Working with iFiles
▪ Working with Data Groups
▪ Working with Old Format Data Groups (MATCHCLASS, FINDCLASS)
▪ Working with New Format Data Groups (CLASS MATCH, CLASS SEARCH)

Chapter 10: Using iRules with Universal Persistence, Stream, and Statistics Profiles

▪ Implementing Universal Persistence (PERSIST UIE Command)
▪ Working with the Stream Profile (STREAM Command)
▪ Collecting Statistics Using a Statistics Profile (STATS Command)
▪ Collecting Statistics Using iStats (ISTATS Command)

Chapter 11: Incorporating Advanced Variables

▪ Reviewing the Local Variable Namespace
▪ Working with Arrays (ARRAY Command)
▪ Using Static and Global Variables
▪ Using the Session Table (TABLE Command)
▪ Processing Session Table Subtables
▪ Counting “Things” Using the Session Table

Follow on courses

Other courses available:

F5N_BIG-LTM-CFG-3, Configuring BIG-IP LTM: Local Traffic Manager v.15.1
F5N_BIG-DNS-I, Configuring BIG-IP DNS (formerly GTM) v.15.1
F5N_BIG-AWF-CFG, Configuring F5 Advanced WAF (previously licensed as ASM) v15.1
F5N_BIG-EGW-APM, Configuring BIG-IP APM: Access Policy Manager v.15.1
F5N_BIG-AFM, Configuring BIG-IP AFM: Advanced Firewall Manager v.15.1
F5N_BIG-TRBL-INT2, Troubleshooting BIG-IP v.15.1

Session Dates
Date
Location
Time Zone
Language
Type
Guaranteed
PRICE

13 Dec 2021

London - Dowgate Hill

GMT

English

Classroom

£ 2,495.00 £2,245.50

13 Dec 2021

Virtual Classroom

GMT

English

Instructor Led Online

£ 2,495.00 £2,245.50

13 Dec 2021

Arrow ECS Dublin

GMT

English

Classroom

£ 2,495.00 £2,245.50

14 Mar 2022

London - Dowgate Hill

GMT

English

Classroom

£2,495.00

14 Mar 2022

Virtual Classroom

GMT

English

Instructor Led Online

£2,495.00

23 May 2022

London - Dowgate Hill

BST

English

Classroom

£2,495.00

23 May 2022

Virtual Classroom

BST

English

Instructor Led Online

£2,495.00

01 Aug 2022

London - Dowgate Hill

BST

English

Classroom

£2,495.00

01 Aug 2022

Virtual Classroom

BST

English

Instructor Led Online

£2,495.00

10 Oct 2022

London - Dowgate Hill

BST

English

Classroom

£2,495.00

10 Oct 2022

Virtual Classroom

BST

English

Instructor Led Online

£2,495.00

19 Dec 2022

London - Dowgate Hill

GMT

English

Classroom

£2,495.00

19 Dec 2022

Virtual Classroom

GMT

English

Instructor Led Online

£2,495.00

We also offer sessions in other countries