Manual Chapter :
Introduction to Local Traffic Profiles
Applies To:
Show VersionsBIG-IP APM
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0
BIG-IP Analytics
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0
BIG-IP LTM
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0
BIG-IP PEM
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0
BIG-IP AFM
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0
BIG-IP DNS
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0
BIG-IP ASM
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0
Introduction to Local Traffic Profiles
Introduction to profiles
Profiles are a configuration tool that you can use to affect the behavior of certain types of
network traffic. More specifically, a
profile
is an object that contains settings
with values, for controlling the behavior of a particular type of network traffic, such as HTTP
requests and responses.- You can use the default profiles, which means that you do not need to actively configure any profile settings. The BIG-IP system uses them to automatically direct the corresponding traffic types according to the values specified in the those profiles.
- You can create a custom profile, using the default profile as the parent profileAcustom profileis a profile derived from a default profile and contains values that you specify.
- You can create a custom profile to use as a parent profile for other custom profiles.
After configuring a profile, you associate the profile with a virtual server. The virtual server then processes traffic according to the values specified in the profile. Using profiles enhances your control over managing network traffic, and makes traffic-management tasks easier and more efficient.
You can associate multiple profiles with a single virtual server. For example, you can associate a TCP profile, an SSL profile, and an HTTP profile with the same virtual server.
Profile types
The BIG-IP system provides several types of profiles. While some profile
types correspond to specific application services, such as HTTP, SSL, and FTP, other profiles
pertain to traffic behaviors applicable to Layer 4 protocols such as TCP and UDP, and
authentication protocols such as LDAP, and RADIUS. Also included are profiles specifically for
different types of session persistence.
Default profiles
The BIG-IP system includes one or more default profiles for each profile
type. A
default profile
is a system-supplied profile that contains default values
for its settings. An example of a default profile is the http
profile. You
can use a default profile in several ways:- You can use a default profile as is. You simply configure your virtual server to reference the default profile.
- You can modify the default profile settings (not recommended). When you modify a default profile, you lose the original default profile settings. Thus, any custom profiles you create in the future that are based on that default profile inherit the modified settings.
- You can create a custom profile, based on the default profile (recommended). This allows you to preserve the default profile, and instead configure personalized settings in the custom profile. Custom profiles inherit some of the setting values of a parent profile that you specify. After creating a custom profile, you can configure your virtual server to reference the custom profile instead of the default profile.
You can modify a default profile, but you cannot create or delete a default profile.
The BIG-IP system provides a default profile that you can use as is for each type of
traffic. A
default profile
includes default values for any of the properties and
settings related to managing that type of traffic. To implement a default profile, you simply
assign the profile to a virtual server. You are not required to configure the setting values.You can use the TMOS Shell (
tmsh
) to display LTM profiles, including default
profiles. For example, these tmsh
command sequences show how to display TCP
profiles:- (tmos)#list ltm profile tcp
- Displays all TCP profiles on the system, both default and custom.
- (tmos.ltm.profile.tcp)#list
- When you have already specified the LTM profile module and the TCP profile component, displays all TCP profiles on the system, both default and custom.
You an use the TMOS Shell (
tmsh
) to display persistence profiles, including
default persistence profiles. For example, these tmsh
command sequences show
how to display coookie persistence profiles:- (tmos)#list ltm persistence cookie
- Displays all cookie persistence profiles on the system, both default and custom.
- (tmos.ltm.persistence.cookie)#list
- When you have already specified the persistence profile module and the persistence profile component, displays all cookie persistence profiles on the system, both default and custom.
Custom and parent profiles
A
custom profile
is a profile that is derived from a parent profile that you specify. A parent profile
is a profile from which your custom profile inherits its settings and their default values.When creating a custom profile, you have the option of changing one or more setting values that the profile inherited from the parent profile. In this way, you can pick and choose which setting values you would like to change and which ones you would like to retain. An advantage to creating a custom profile is that by doing so, you preserve the setting values of the parent profile.
If you do not specify a parent profile when you create a custom profile, the BIG-IP system automatically assigns a related default profile as the
parent profile. For example, if you create a custom HTTP type of profile, the default parent
profile is the default profile
http
.If you do not want to use a default profile as is or change its settings, you can create a custom profile. Creating a custom profile and associating it with a virtual server allows you to implement your own specific set of traffic-management policies.
When you create a custom profile, the profile is a child profile and automatically inherits the setting values of a parent profile that you specify. However, you can change any of the values in the child profile to better suit your needs.
If you do not specify a parent profile, the BIG-IP system uses the default profile that matches the type of profile you are creating.
When you create a custom profile, the BIG-IP system
places the profile into your current administrative partition.
Within the BIG-IP Configuration utility, each profile creation screen contains a check box to the right of each profile setting. When you check a box for a setting and then specify a value for that setting, the profile then retains that value, even if you change the corresponding value in the parent profile later. Thus, checking the box for a setting ensures that the parent profile never overwrites that value through inheritance.
Once you have created a custom profile, you can adjust the settings of your custom profile later if necessary. If you have already associated the profile with a virtual server, you do not need to perform that task again.
The default profile as the parent profile
A typical profile that you can specify as a parent profile when you create a custom profile is
a default profile. For example, if you create a custom TCP-type profile called
my_tcp_profile
, you can use the default profile
tcp
as the parent profile. In this case, Local Traffic
Manager automatically creates the profile my_tcp_profile
so that it
contains the same settings and default values as the default profile tcp
.
The new custom profile thus inherits its settings and values from its parent profile. You can
then retain or change the inherited setting values in the custom profile to suit your needs.The custom profile as the parent profile
When creating a custom profile, you can specify another custom profile, rather than the default profile, as the parent profile. The only restriction is that the custom profile that you specify as the parent must be of the same profile type as the profile you are deriving from the parent. Once you have created the new custom profile, its settings and default values are automatically inherited from the custom profile that you specified as the parent.
For example, if you create a profile called
my_tcp_profile2
, you can specify the custom profile my_tcp_profile
as its parent. The result is that the default setting values of profile my_tcp_profile2
are those of its parent profile my_tcp_profile
.If you subsequently modify the settings of the parent profile
(
my_tcp_profile
), the BIG-IP system
automatically propagates those changes to the new custom profile. For example, if you create the custom profile
my_tcp_profile
and use it
as a parent profile to create the custom profile my_tcp_profile2
, any
changes you make later to the parent profile my_tcp_profile
are
automatically propagated to profile my_tcp_profile2
. Conversely, if you
modify any of the settings in the new custom profile (in our example, my_tcp_profile2
), the new custom profile does not inherit values from the
parent profile for those particular settings that you modified.Profiles and virtual servers
Once you have created a profile for a specific type of traffic, you implement the profile by associating that profile with one or more virtual servers.
You associate a profile with a virtual server by configuring the virtual server to reference
the profile. Whenever the virtual server receives that type of traffic, the BIG-IP system applies the profile settings to that traffic, thereby controlling its
behavior. Thus, profiles not only define capabilities per network traffic type, but also ensure
that those capabilities are available for a virtual server.
Because certain kinds of traffic use multiple protocols and services, users often create multiple profiles and associate them with a single virtual server.
For example, a client application might use the TCP, SSL, and HTTP protocols and services to send a request. This type of traffic would therefore require three profiles, based on the three profile types TCP, Client SSL, and HTTP.
Each virtual server lists the names of the profiles currently associated with that virtual
server. You can add or remove profiles from the profile list, using the BIG-IP Configuration utility.
Note that the BIG-IP system has specific requirements regarding
the combinations of profile types allowed for a given virtual server.
In directing traffic, if a virtual server requires a specific type of profile that does not
appear in its profile list, the BIG-IP system uses the relevant default profile,
automatically adding the profile to the profile list. For example, if a client application sends
traffic over TCP, SSL, and HTTP, and you have assigned SSL and HTTP profiles only, LTM
automatically adds the default profile tcp to its profile list.
At a minimum, a virtual server must reference a profile, and that profile must be associated
with a UDP, FastL4, Fast HTTP, or TCP profile type. Thus, if you have not associated a profile
with the virtual server, the BIG-IP system adds a
udp
,
fastl4
, fasthttp
, or tcp
default profile to the profile list.The default profile that the BIG-IP system chooses depends on the configuration of the
virtual server’s protocol setting. For example, if the protocol setting is set to UDP, Local
Traffic Manager adds the
udp
profile to its profile list. Creating a local traffic profile
You perform this task to create a specific type of profile that you can then assign
to a virtual server. You create a profile when the values configured in the default
profile do not suit your needs.
- On the Main tab, click.
- On the menu bar, expand or click a profile category and choose the type of profile you want to create.
- ClickCreate.
- In theNamefield, type a unique name for the profile.
- From theParent Profilelist, retain the default value or select another existing profile of the same type.
- Select theCustomcheck box.
- Configure all other profile settings as needed.
- ClickFinished.
After you perform this task, the new profile appears in the list of profiles on the
system.