Manual Chapter : Introduction to Local Traffic Profiles

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0

BIG-IP Analytics

  • 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0

BIG-IP LTM

  • 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0

BIG-IP PEM

  • 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0

BIG-IP AFM

  • 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0

BIG-IP DNS

  • 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0

BIG-IP ASM

  • 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0
Manual Chapter

Introduction to Local Traffic Profiles

Introduction to profiles

Profiles are a configuration tool that you can use to affect the behavior of certain types of network traffic. More specifically, a
profile
is an object that contains settings with values, for controlling the behavior of a particular type of network traffic, such as HTTP requests and responses.
  • You can use the default profiles, which means that you do not need to actively configure any profile settings. The BIG-IP system uses them to automatically direct the corresponding traffic types according to the values specified in the those profiles.
  • You can create a custom profile, using the default profile as the parent profileA
    custom profile
    is a profile derived from a default profile and contains values that you specify.
  • You can create a custom profile to use as a parent profile for other custom profiles.
After configuring a profile, you associate the profile with a virtual server. The virtual server then processes traffic according to the values specified in the profile. Using profiles enhances your control over managing network traffic, and makes traffic-management tasks easier and more efficient.
You can associate multiple profiles with a single virtual server. For example, you can associate a TCP profile, an SSL profile, and an HTTP profile with the same virtual server.

Profile types

The BIG-IP system provides several types of profiles. While some profile types correspond to specific application services, such as HTTP, SSL, and FTP, other profiles pertain to traffic behaviors applicable to Layer 4 protocols such as TCP and UDP, and authentication protocols such as LDAP, and RADIUS. Also included are profiles specifically for different types of session persistence.

Default profiles

The BIG-IP system includes one or more default profiles for each profile type. A
default profile
is a system-supplied profile that contains default values for its settings. An example of a default profile is the
http
profile. You can use a default profile in several ways:
  • You can use a default profile as is. You simply configure your virtual server to reference the default profile.
  • You can modify the default profile settings (not recommended). When you modify a default profile, you lose the original default profile settings. Thus, any custom profiles you create in the future that are based on that default profile inherit the modified settings.
  • You can create a custom profile, based on the default profile (recommended). This allows you to preserve the default profile, and instead configure personalized settings in the custom profile. Custom profiles inherit some of the setting values of a parent profile that you specify. After creating a custom profile, you can configure your virtual server to reference the custom profile instead of the default profile.
You can modify a default profile, but you cannot create or delete a default profile.
The BIG-IP system provides a default profile that you can use as is for each type of traffic. A
default profile
includes default values for any of the properties and settings related to managing that type of traffic. To implement a default profile, you simply assign the profile to a virtual server. You are not required to configure the setting values.
You can use the TMOS Shell (
tmsh
) to display LTM profiles, including default profiles. For example, these
tmsh
command sequences show how to display TCP profiles:
(tmos)#
list ltm profile tcp
Displays all TCP profiles on the system, both default and custom.
(tmos.ltm.profile.tcp)#
list
When you have already specified the LTM profile module and the TCP profile component, displays all TCP profiles on the system, both default and custom.
You an use the TMOS Shell (
tmsh
) to display persistence profiles, including default persistence profiles. For example, these
tmsh
command sequences show how to display coookie persistence profiles:
(tmos)#
list ltm persistence cookie
Displays all cookie persistence profiles on the system, both default and custom.
(tmos.ltm.persistence.cookie)#
list
When you have already specified the persistence profile module and the persistence profile component, displays all cookie persistence profiles on the system, both default and custom.

Custom and parent profiles

A
custom profile
is a profile that is derived from a parent profile that you specify. A
parent profile
is a profile from which your custom profile inherits its settings and their default values.
When creating a custom profile, you have the option of changing one or more setting values that the profile inherited from the parent profile. In this way, you can pick and choose which setting values you would like to change and which ones you would like to retain. An advantage to creating a custom profile is that by doing so, you preserve the setting values of the parent profile.
If you do not specify a parent profile when you create a custom profile, the BIG-IP system automatically assigns a related default profile as the parent profile. For example, if you create a custom HTTP type of profile, the default parent profile is the default profile
http
.
If you do not want to use a default profile as is or change its settings, you can create a custom profile. Creating a custom profile and associating it with a virtual server allows you to implement your own specific set of traffic-management policies.
When you create a custom profile, the profile is a child profile and automatically inherits the setting values of a parent profile that you specify. However, you can change any of the values in the child profile to better suit your needs.
If you do not specify a parent profile, the BIG-IP system uses the default profile that matches the type of profile you are creating.
When you create a custom profile, the BIG-IP system places the profile into your current administrative partition.
Within the BIG-IP Configuration utility, each profile creation screen contains a check box to the right of each profile setting. When you check a box for a setting and then specify a value for that setting, the profile then retains that value, even if you change the corresponding value in the parent profile later. Thus, checking the box for a setting ensures that the parent profile never overwrites that value through inheritance.
Once you have created a custom profile, you can adjust the settings of your custom profile later if necessary. If you have already associated the profile with a virtual server, you do not need to perform that task again.

The default profile as the parent profile

A typical profile that you can specify as a parent profile when you create a custom profile is a default profile. For example, if you create a custom TCP-type profile called
my_tcp_profile
, you can use the default profile
tcp
as the parent profile. In this case, Local Traffic Manager automatically creates the profile
my_tcp_profile
so that it contains the same settings and default values as the default profile
tcp
. The new custom profile thus inherits its settings and values from its parent profile. You can then retain or change the inherited setting values in the custom profile to suit your needs.

The custom profile as the parent profile

When creating a custom profile, you can specify another custom profile, rather than the default profile, as the parent profile. The only restriction is that the custom profile that you specify as the parent must be of the same profile type as the profile you are deriving from the parent. Once you have created the new custom profile, its settings and default values are automatically inherited from the custom profile that you specified as the parent.
For example, if you create a profile called
my_tcp_profile2
, you can specify the custom profile
my_tcp_profile
as its parent. The result is that the default setting values of profile
my_tcp_profile2
are those of its parent profile
my_tcp_profile
.
If you subsequently modify the settings of the parent profile (
my_tcp_profile
), the BIG-IP system automatically propagates those changes to the new custom profile.
For example, if you create the custom profile
my_tcp_profile
and use it as a parent profile to create the custom profile
my_tcp_profile2
, any changes you make later to the parent profile
my_tcp_profile
are automatically propagated to profile
my_tcp_profile2
. Conversely, if you modify any of the settings in the new custom profile (in our example,
my_tcp_profile2
), the new custom profile does not inherit values from the parent profile for those particular settings that you modified.

Profiles and virtual servers

Once you have created a profile for a specific type of traffic, you implement the profile by associating that profile with one or more virtual servers.
You associate a profile with a virtual server by configuring the virtual server to reference the profile. Whenever the virtual server receives that type of traffic, the BIG-IP system applies the profile settings to that traffic, thereby controlling its behavior. Thus, profiles not only define capabilities per network traffic type, but also ensure that those capabilities are available for a virtual server.
Because certain kinds of traffic use multiple protocols and services, users often create multiple profiles and associate them with a single virtual server.
For example, a client application might use the TCP, SSL, and HTTP protocols and services to send a request. This type of traffic would therefore require three profiles, based on the three profile types TCP, Client SSL, and HTTP.
Each virtual server lists the names of the profiles currently associated with that virtual server. You can add or remove profiles from the profile list, using the BIG-IP Configuration utility. Note that the BIG-IP system has specific requirements regarding the combinations of profile types allowed for a given virtual server.
In directing traffic, if a virtual server requires a specific type of profile that does not appear in its profile list, the BIG-IP system uses the relevant default profile, automatically adding the profile to the profile list. For example, if a client application sends traffic over TCP, SSL, and HTTP, and you have assigned SSL and HTTP profiles only, LTM automatically adds the default profile tcp to its profile list.
At a minimum, a virtual server must reference a profile, and that profile must be associated with a UDP, FastL4, Fast HTTP, or TCP profile type. Thus, if you have not associated a profile with the virtual server, the BIG-IP system adds a
udp
,
fastl4
,
fasthttp
, or
tcp
default profile to the profile list.
The default profile that the BIG-IP system chooses depends on the configuration of the virtual server’s protocol setting. For example, if the protocol setting is set to UDP, Local Traffic Manager adds the
udp
profile to its profile list.

Creating a local traffic profile

You perform this task to create a specific type of profile that you can then assign to a virtual server. You create a profile when the values configured in the default profile do not suit your needs.
  1. On the Main tab, click
    Local Traffic
    Profiles
    .
  2. On the menu bar, expand or click a profile category and choose the type of profile you want to create.
  3. Click
    Create
    .
  4. In the
    Name
    field, type a unique name for the profile.
  5. From the
    Parent Profile
    list, retain the default value or select another existing profile of the same type.
  6. Select the
    Custom
    check box.
  7. Configure all other profile settings as needed.
  8. Click
    Finished
    .
After you perform this task, the new profile appears in the list of profiles on the system.