Skip to content

Commit 7d6cde9

Browse files
MattDierickMattDierick
committed
part2
1 parent c898815 commit 7d6cde9

5 files changed

Lines changed: 41 additions & 7 deletions

File tree

docs/class4/module4/.DS_Store

0 Bytes
Binary file not shown.

docs/class4/module4/lab1/lab1.rst

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -35,9 +35,12 @@ You will see the environment details
3535

3636
.. note::
3737
💡 Your environment is now accessible via the following links:
38-
Name URL User Password Description
39-
---- --- ---- -------- -----------
40-
Dashboard https://localhost:8000 N/A N/A API Discovery Dashboard
38+
39+
========= ====================== ============= ============ =======================
40+
Name URL User Password Description
41+
========= ====================== ============= ============ =======================
42+
Dashboard https://localhost:8000 N/A N/A API Discovery Dashboard
43+
========= ====================== ============= ============ =======================
4144

4245
🌐 Usable IP addresses on this host: 10.1.1.9, 10.1.20.9, 172.17.0.1, 172.18.0.1
4346

@@ -54,3 +57,4 @@ Connect to LAD Console
5457
:align: left
5558
:scale: 50%
5659

60+
Next step is to configure the BIG-IP to send traffic datas to LAD server

docs/class4/module4/lab2/lab2.rst

Lines changed: 34 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,42 @@
11
Configure BIG-IP for Local API Discovery
22
========================================
33

4-
There are multiple options to do Rate Limiting in F5XC. In this lab, we are focusing on API Protection Rate Limiting.
4+
Now, we must configure the BIG-IP to collect the datas, format the datas, and send the datas to the LAD server.
55

6-
The goal is to rate limit an endpoint at risk because we discovered an attack or it is a shadow API and we are not sure if we should allow or block it.
6+
There is a how-to into the LAD Console for TMUI, iControl REST and TMSH.
7+
8+
Click on ``Integration`` > ``Integration Guide``
9+
10+
.. image:: ../pictures/integration1.png
11+
:align: left
12+
:scale: 50%
13+
14+
You can see how it works and how it is interconnected.
15+
16+
In a nutshell, an irule attached to the API Application Virtual Server is collecting the requests and responses, formating the datas and send those datas to a pool where the LAD is a member.
17+
18+
19+
Configure the BIG-IP via the TMUI
20+
---------------------------------
21+
22+
Configure the Pool
23+
^^^^^^^^^^^^^^^^^^
24+
25+
* Go to Local Traffic -> Pools and Create a new External pool for LAD Collector (logging-node-tls).
26+
* Pool member port must be ``6514``
27+
28+
.. image:: ../pictures/pool_list.png
29+
:align: left
30+
:scale: 50%
31+
32+
Configure the Internal VS
33+
^^^^^^^^^^^^^^^^^^^^^^^^^
34+
35+
* Configure a VS (type Internal) named ``syslog-tls-virtual``
36+
* With service port ``6514``
37+
* Server SSL Profile : ``serverssl``
38+
* Pool : logging-node-tls (created in the previous step)
739

8-
Enable Rate Limiting from the Security Dashboard
9-
------------------------------------------------
1040

1141

1242
Test your Rate Limiting config

docs/class4/module4/pictures/integration1.png

669 KB
Loading

docs/class4/module4/pictures/pool_list.png

395 KB
Loading

0 commit comments

Comments
 (0)