It's not the Network! Ok, maybe it's the network...

Jason Rahm

Subscribe to Jason Rahm: eMailAlertsEmail Alerts
Get Jason Rahm via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories by Jason Rahm

I’ve written several articles on the TCP profile (click here) and enjoy digging into TCP.  It’s a beast, and I am constantly re-learning the inner workings.  Still etched in my visual memory map, however, is the TCP header format, shown in Figure 1 below. Since 9.0 was released, TCP payload data (that which comes after the header) has been consumable in iRules via the TCP::payload and the port information has been available in the contextual commands TCP::local_port/TCP::remote_port and of course TCP::client_port/TCP::server_port.  Options, however, have been inaccessible.  However, beginning with version 10.2.0-HF2, it is now possible to retrieve data from the options fields. Preparing the BIG-IP Currently, it is necessary to set a bigpipe database key with the option (or options) of interest: bigpipe db Rules.Tcpoption.settings [option, first|last], [option, fi... (more)

One Time Passwords via an SMS Gateway with BIG-IP Access Policy Manager

One time passwords, or OTP, are used (as the name indicates) for a single session or transaction.  The plus side is a more secure deployment, the downside is two-fold—first, most solutions involve a token system, which is costly in management, dollars, and complexity, and second, people are lousy at remembering things, so a delivery system for that OTP is necessary.  The exercise in this tech tip is to employ BIG-IP APM to generate the OTP and pass it to the user via an SMS Gateway, eliminating the need for a token creating server/security appliance while reducing cost and comple... (more)

BIG-IP APM–Customized Logon Page

The default logon page for the Access Policy Manager module is pretty basic, particularly so if only the minimal username and password is configured.  However, APM is wildly flexible.  In this tech tip, I’ll cover customizing the logon page by adding a dropdown box of services to the standard username and password fields. Introduction Background Information The goal here is to provide access to multiple web applications behind APM through the use of an admin-defined dropdown menu and different LTM pools for each web application. We will be generating the list dynamically through t... (more)

So Yeah, Regex is Bad

Don’t get me wrong, regex is awesome, and entirely useful—sometimes it’s the only option, it’s just not the best tool of choice for wire speed applications.  Often the sys-admin and network type converts to BIG-IP will find the regexp tcl command and go that route because it’s familiar.  If that describes you, please let me introduce you to a couple more appropriate commands: scan string These two commands will cover a great percentage of regexp’s use cases, and will save significant resources on the system.  Don’t buy it?  Here’s an example: % set ip "" (more)

The ABCs of NSM - U is for Umbraco

Welcome back for another episode of the ABC's of NSM.  What's NSM you say?  We'll go with Network and System Management, but you could throw Security in there as well.  We'll work our way through the alphabet over  the next several weeks looking at  tools and concepts along the way for all the administrators out there.   By the way, you can thank Joe for the format & Don for the title  (I  couldn't for the life of me come up with one.) Today's letter U is for Umbraco, an open-source .NET based content management system.  There are no shortages of CMS platforms. However, thanks to ... (more)