Search This Blog



F5 Load Balancing

What is a Load Balancer

Beyond making routing decisions a load balancer inspects application traffic rather than just routing information to make forwarding decisions.
Will look at the connection loads of all nodes behind and make an educated choice as to where to forward the packet


Intercept and redirect incoming traffic
ex. redirect to

Provides SSL certification-based authentication and termination
Has an SSL module installed to encrypt and re-encrypt traffic.
This allows some migration of load from the web servers performing the encryption to the F5 load balancer.

Inspect application data and make routing decisions based off of iRules.
Example: You can make it so that all iPad users are redirected to a specific site.

Has packet filters which are similar to access control lists

What is load balancing

When you have multiple network servers as resources responding to client requests made to a virtual IP.

VIP - Primary IP Address for the site
 POOL - Pool is a VIPs resource and has a load balancing algorithm applied

Health checks are applied to pool members to ensure the pool members are in a safe state to redirect traffic to them.

Local Traffic Objects

Network Map - Shows how the VIPs are tied to pools and resources
Virtual Servers - Where all your configuration for your VIPs are stored 
 Profiles - If you want to configure persistence or SSL termination
 iRules - To configure manipulation of application data or payload requests traveling through the LTM
 Pools - The resources for VIPs to group members together
 Nodes - Are the IP addresses of the servers you are going to use
Monitors - Health Checks of Big IP LTM used to determine if a host is in a healthy state
Traffic Class - Allow you to classify traffic based off multitude of criteria 
Address Translation - Allows you to connect to devices not in the same IP space using SNAT

Connection Table

Used to store and manage all of its connections

Two different types of connections: Client Side and Server Side
Client side is external to the Big IP (also referred to the front side or internet facing side or connection initiating side)
Server side is internal

Every connection uses resources and inactive connection purging happens to save system resources


Allows manipulation of server side and client traffic all the way up to the application layer
Parses through the client server headers and looking at payload data to make decisions

A main use of iRules is to perform a redirect whether its a plain URL redirect redirecting one site to another or performing an HTTP to HTTPS redirect.

Event Declaration - Defines the state the connection is currently in
Tcl Code - is executed when the event is matched

SSL Termination

Not only does it relieve some performance of the web servers it also gives the load balancer the ability to see the actual traffic and make routing decisions
SSL Cert and Key are required to terminate SSL connections - added to the load balancer in the form of a profile
Occasionally if policy does not allow server side data to be decrypted the F5 has the ability to re-encrypt data after decryption and inspection


Basic Group Policy Configuration

Group Policy is typically applied to Organizational Units.
Organizational Units have a book icon under "Active Directory Users and Computers"

It is a good idea to separate your Organizational Units into:
  • Computer Policy
  • User Policy
You place user accounts under the Users OU and Computers in the Computer OU

Creating OU's is done by creating and managing users.

You would go to "active directory users and computers" then right click on the domain and click "create ou"

To manage group policy you go:
Start > Administrative Tools > Group Policy Management
You then drill down the forest to the specific domain you're looking for.

Once you find the OU you're looking for you just right click it and press "Create a GPO in this domain, and Link it here"

You then just give it a name and you'll find it under the OU

To configure the group policy you just created:
  1. Expand the OU you created the Policy for
  2. Find the policy you created, right click it, press "Edit"

Computer Configuration - Is applied to the machine when the computer starts up
User Configuration - Is applied when the user logs in
Policies - Are strictly enforced and the users cannot change the preferences specified
Preferences - Are not strictly enforced and the user can change what is specified

All you do then is expand the policies until you find a policy you would like to modify. Once you find it you will have to enable the policy.



Setting IP Address with Network Manager

It seems like most network configuration is now being supported and focused on through network manager.

With that being said it is useful to know how to setup connections using the network manager cli "nmcli"

Delete a Conneciton

First find the connection you want to delete
nmcli con show

[root@beta-spc ~]# nmcli con show
eno2 b92a64bd-d6d4-4df4-bb76-bb3d79906ca6 802-3-ethernet --
eno4 de8b37ac-dfbd-4bae-8b16-10ec27f3f8f2 802-3-ethernet --
eno3 d25d0375-742f-4ad0-9510-7f86c3d5c619 802-3-ethernet --
net-eno1 b2eab8d8-c13b-4822-a202-9892c8676a3b 802-3-ethernet eno1

Then lets delete "net-eno1" so we can add new info for it

nmcli con del b2eab8d8-c13b-4822-a202-9892c8676a3b

Add a new connection

nmcli con add ifname eno1 type ethernet ip4 gw4



Collaborative Playlists

This tutorial describes how to create a playlist that can be shared and collaborated on among youtube users.

  1. Login to
  2. Search a video you would like to add to your playlist
  3. Click the video you would like to add to the playlist
  4. Click the "Add to" button below the video
  5. Click "Create new playlist" button that comes up
  6. Type a name for the playlist you would like to create and then select "Create"
  7. In the top left of the screen locate the drop-down menu and click it
  8. Find the playlist you just created and click it
  9. Go to "Playlist Settings"
  10. Click on the "Collaborate" tab
  11. Flip the switch that says "Collaborators can add videos to this playlist"
  12. Click the "Get link" button
  13. Copy the link and save it somewhere as you will need it to share with all members who you would like to be able to add videos to your playlist
  14. Select the "Save" button
When users open the link you have shared with them it will display the playlist.

They will be able to add videos using the "Add videos" button located on the top right of the playlist

Resources and other playlist sharing options:


Add and Replce Lines Using Sed

Insert a line after the matched string

sed '/$match/ a "$new_line"' $filename

Insert a line before the matched string

sed '/$match/ i "$new_line"' $filename

Replace Matching Line

sed '/$match/ c "$replacement_line"' $filename



Apache Log Analysis

The below will install and configure GoAccess
GoAccess is an httpd-access log parser that will give you page hit statistics and other useful analytic tools.


GoAccess OS: RHEL 7.0
Server OS: FreeBSD 5.4 STABLE
Server Application: Apache/1.3.34 (Unix)


Install GoAccess

yum -y install goaccess

Ensure you have access to httpd-access.log

Either live files under: /var/log/httpd-access.log
Copy the files from a live server: scp /var/log/httpd-access.log $servername:/path/

Configure GoAccess

Open up /etc/goaccess.conf and change the three parameters: time-format, date-format, and log-format to match what I have here
grep -E "log-format|time-format|date-format" /etc/goaccess.conf | grep -v "^#"
time-format %H:%M:%S
date-format %d/%b/%Y
log-format %h %l %u %^[%d:%t %^] "%r" %s %b "%R" "%u"

The original httpd.conf combined LogFormat that I have looks like

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

The important part in this config is to note that we do some ignoring of fields that apache adds.
We ignore the brackets before and after the timestamp:


We can see that we also:
Remove escapes \"%r\"
Change \"%{Referer}i\" to "%R"
Change \"%{User-Agent}i\" to "%u"

Analyzing Some Logs

Either ensure you are in /var/log/ or copy the files to a directory on your server.

GoAccess supports piping of log files to analyze so we can just run it like this:
bzcat httpd-access.log.* | goaccess
Alternatively, generate an html report just by redirecting output to an html file like this:
bzcat httpd-access.log.* | goaccess > report.html


Finding Friend Safari

For when I can't find all of the pokemon "in game". There is a reddit community specifically for this that is super active.

Differences Between /dev and /sys Directories

I've always been a bit unclear about the differences between the purposes of the directories /dev and /sys.

But this post explains it the most clearly I've ever seen:

The general idea being that:
  • /dev are hardware devices attached to the system where udev is the tool that performs detection and addition of these devices.
  • /sys represents that path of how these physical hardware devices are attached to the system. Such as how a device is mapped PCI device path. It is basically a representation of how things are "plugged in"

/proc and /sys have kind of merged functions according to this post -

libudev and Sysfs Tutorial -


Kickstart Firewall Configuration

There are a couple ways to configure the firewall during a CentOS or Redhat kickstart installation.

Method 1 - Use the firewall command in Kickstart syntax

The firewall command is a supported kickstart command and is basically a wrapper for firewall-offline-cmd as it uses the same parameters

The following example opens up both port 80 and 443 to allow http and https traffic

firewall --enabled --port 80:tcp,443:tcp

Method 2 - Use the firewall-offline-cmd in the %post section

You can perform firewall config using the firewall-offline-cmd in the %post section of the kickstart file. However, you must be aware the syntax is different from the typical firewall-cmd that you may be used to using with firewalld

I do not have an example right now but as far as I am aware the syntax is very similar to the firewall command in method 1


Clean Console Log Output

To remove colour codes and redraw characters from console to make console logs more readable.

#!/usr/bin/env perl
while (<>) {
s/ \e[ #%()*+\-.\/]. |
(?:\e\[|\x9b) [ -?]* [@-~] | # CSI ... Cmd
(?:\e\]|\x9d) .*? (?:\e\\|[\a\x9c]) | # OSC ... (ST|BEL)
(?:\e[P^_]|[\x90\x9e\x9f]) .*? (?:\e\\|\x9c) | # (DCS|PM|APC) ... ST
\e.|[\x80-\x9f] //xg;


less /path/to/console.log | cleanLog | less