Valid F5CAB5 Practice Test Dumps with 100% Passing Guarantee [Jun-2026]
F5CAB5 PDF Dumps Are Helpful To produce Your Dreams Correct QA's
NEW QUESTION # 30
A BIG-IP Administrator needs to collect HTTP status code and HTTP method for traffic flowing through a virtual server.
Which default profile provides this information? (Choose one answer)
- A. Request Adapt
- B. Analytics
- C. HTTP
- D. Statistics
Answer: B
Explanation:
To collect application-layer details such as HTTP status codes (200, 404, 500, etc.) and HTTP methods (GET, POST, PUT, DELETE), the BIG-IP system must use a profile designed for traffic visibility and reporting rather than basic traffic handling. The Analytics profile (Option C) is the correct choice because it is specifically designed to collect, store, and present detailed statistics about HTTP and TCP traffic passing through a virtual server.
When an Analytics profile is attached to a virtual server, BIG-IP can record metrics such as HTTP response codes, request methods, URI paths, latency, throughput, and client-side/server-side performance data. These statistics are then accessible through the BIG-IP GUI under Statistics → Analytics, allowing administrators to validate application behavior and troubleshoot performance or functional issues.
The HTTP profile (Option B) enables HTTP protocol awareness and features like header insertion and compression, but it does not provide historical or statistical reporting of HTTP methods and response codes. Request Adapt (Option A) is used for ICAP-based content adaptation, not visibility. Statistics (Option D) is not a standalone profile and does not provide HTTP-level insight.
Therefore, the Analytics profile is the only default profile that fulfills this requirement.
NEW QUESTION # 31
A BIG-IP Administrator needs to view the CPU utilization of a particular Virtual Server. Which section of the Configuration Utility should the administrator use for this purpose?
- A. Statistics > Module Statistics > Local Traffic > Virtual Servers
- B. Statistics > Analytics > Process CPU Utilization
- C. Statistics > Module Statistics > Traffic Summary
- D. Statistics > Module Statistics > Local Traffic > Virtual Addresses
Answer: A
Explanation:
When a BIG-IP system experiences high overall CPU usage, troubleshooting requires identifying which specific application or service is the primary consumer of resources. While the system-wide performance graphs provide a global view, the granular data necessary to isolate a "top talker" is found in the "Local Traffic" statistics. Navigating to Statistics > Module Statistics > Local Traffic > Virtual Servers allows the administrator to see specific metrics for each configured virtual server, including the number of packets processed, current connections, and critical CPU cycles consumed. This is essential for troubleshooting performance issues where an inefficient iRule, high SSL handshake volume, or complex L7 profiles (like Compression or ASM) might be overtaxing the Traffic Management Microkernel (TMM) for one specific application. By reviewing these basic stats, an administrator can determine if a performance bottle-neck is a system-wide h1ardware issue or if it is isolated to a single virtual server, enabling targeted remediation such as optimizing iRule logic or moving the high-load virtual server to a dedicated device.
NEW QUESTION # 32
A BIG-IP Administrator uses backend servers to host multiple services per server. There are multiple virtual servers and pools defined, referencing the same backend servers. Which load balancing algorithm is most appropriate to have an equal number of connections on each backend server?17
- A. Least Connections (member)
- B. Least Connections (node)
- C. Predictive (member)
- D. Predictive (node)
Answer: B
Explanation:
Comprehensive and Detailed Explanation From BIG-IP Administration Support and Troubleshooting documents: When load balancing is not working as 23expected and connections appear skewed across physical hardware, the administrator must distinguish between "member"24 and "node" level balancing. A
"member" refers to a specific IP and Port combination (e.g., 10.1.1.1:80), whereas a "node" refers to the underlying IP address (10.1.1.1) regardless of the port25. If a single server hosts multiple services (Web, FTP, API) across different pools, using "Least Connections (member)" would only balance connections within each individual pool26. This could lead to a scenario where one server is overwhelmed because it is winning the
"least connections" count in three different pools simultaneously. By selecting "Least Connections (node)," the BIG-IP tracks the total number of concurrent connections to the physical IP address across all pools it belongs to27. This ensures that the administrator can maintain an equal distribution of work across the hardware, preventing performance degradation on backend servers that host multiple application services.
NEW QUESTION # 33
A Virtual Server uses an iRule to send traffic to pool members depending on the URI. The BIG-IP Administrator needs to modify the pool member in the iRule. Which event declaration does the BIG-IP Administrator need to change to accomplish this?
- A. SERVER_CONNECTED
- B. HTTP_RESPONSE
- C. HTTP_REQUEST
- D. CLIENT_ACCEPTED
Answer: C
NEW QUESTION # 34
When using the "Manual Resume" feature in BIG-IP, what state will a pool member remain in after a health monitor failure, even if health checks begin to pass again?
- A. Offline (Disabled)
- B. Available (Disabled)
- C. Available (Enabled)
- D. Offline (Enabled)
Answer: A
Explanation:
Comprehensive and Detailed Explanation From BIG-IP Administration Support and Troubleshooting documents: The "Manual Resume" feature is a safety mechanism used when a pool is not working as expected due to flapping services or unstable backend applications. Normally, when a health monitor fails, the pool member is marked "Offline" (Red), and when the monitor passes, it automatically returns to "Available" (Green)47. However, if "Manual Resume" is enabled, the BIG-IP will not automatically put the member back into rotation after a failure48. Even if the health check begins to pass again, the member remains in an
"Offline (Disabled)" state49. This requires an administrator to manually intervene and re-enable the member.
This is a common point of confusion when troubleshooting; a member may show passing health checks but still not receive traffic because it is waiting for a manual administrative "resume" command. This feature is intended to prevent "unhealthy" servers from receiving traffic until an engineer has confirmed the root cause of the initial failure was resolved.
NEW QUESTION # 35
A custom HTTP monitor is failing to a pool member 10.10.3.75:8080 that serves up www.example.com. A ping works to the pool member address. The SEND string is: GET / HTTP/1.1 \r\nHost: www.example.
com\r\nConnection: Close\r\n\r\n. Which CLI tool syntax will show whether the web server returns the correct HTTP response?
- A. tracepath http://www.example.com:80
- B. tracepath 10.10.3.75 8080 GET /index
- C. curl http://10.10.3.75:8080/www.example.com/index.html
- D. curl --header 'Host: www.example.com' 'http://10.10.3.75:8080/'
Answer: D
Explanation:
To manually verify a health monitor's "Send String" from the BIG-IP command line, the curl utility is the preferred tool because it allows for custom header insertion.
* Matching the Monitor String: The monitor string requires an HTTP/1.1 request which must include a
"Host" header. Option A correctly uses the --header (or -H) flag to pass Host: www.example.com to the specific IP and port of the pool member.
* Troubleshooting Logic: If curl --header 'Host: www.example.com' 'http://10.10.3.75:8080/' returns a
"200 OK" but the BIG-IP monitor still shows "Down," the administrator should check if the Receive String in the monitor configuration matches the output provided by curl.
* Invalid Syntax: Option D is incorrect because it tries to append the hostname to the URI path, which the web server will likely reject with a "404 Not Found". tracepath (Options B and C) is a path discovery tool similar to traceroute and cannot validate HTTP response content.
NEW QUESTION # 36
A BIG-IP Administrator configured a virtual server with a pool of 3 members and selected the Round Robin load balancing method to evenly distribute traffic across the pool members. During initial testing, the virtual server failed to respond to http requests.
Plaintext
ltm virtual http.vs {
destination 10.10.1.100:http
ip-protocol tcp
mask 255.255.255.255
pool http.pool
profiles {
tcp{}
}
serverssl-use-sni disabled
source 0.0.0.0/0
translate-address enabled
translate-port enabled
}
ltm pool http_pool {
members {
10.10.1.101:http {
address 10.10.1.101
session monitor-enabled
state checking
}
10.10.1.102:http {
address 10.10.1.102
session monitor-enabled
state checking
}
}
monitor tcp
}
What configuration change on the BIG-IP will resolve this issue?
- A. Add SNAT Auto Map
- B. Add http monitor
- C. Add http profile
Answer: A
Explanation:
The issue described is a classic case of asymmetric routing in a "one-arm" or same-subnet topology.
* Symptom Analysis: The Virtual Server (10.10.1.100) and the pool members (10.10.1.101 and
10.10.1.102) are on the same subnet.
* The Problem: When a client sends a request to the VIP, the BIG-IP translates the destination IP but keeps the client's original source IP. The server receives the packet and sees a source IP from a different subnet. Instead of sending the response back to the BIG-IP, the server sends it directly to its default gateway. The client receives a response from the server's IP, which it doesn't recognize, causing the connection to fail.
* The Solution: Enabling SNAT Auto Map ensures the BIG-IP changes the source IP of the packet to its own self-IP. This forces the pool member to send the response back to the BIG-IP, which then translates it correctly and sends it to the client.
* Incorrect Options: Adding an HTTP profile (Option B) or an HTTP monitor (Option C) would enhance the configuration but would not fix the underlying Layer 3 routing issue causing the traffic drop.
NEW QUESTION # 37
A BIG-IP Administrator needs to determine why only one pool member is showing connections from the virtual server, resulting in uneven load balancing.
What two reasons would cause uneven load balancing? (Choose two answers)
- A. The pool has a persistence profile configured.
- B. The virtual server is marked down.
- C. Monitors have marked down multiple pool members.
- D. All pool members are marked down.
Answer: A,C
Explanation:
Uneven load balancing on a BIG-IP system typically occurs when traffic is not distributed evenly across all available pool members. One common reason is thatmonitors have marked down multiple pool members (Option B). When health monitors fail for specific pool members, BIG-IP automatically removes those members from load-balancing decisions. As a result, traffic is sent only to the remaining healthy member, creating the appearance that load balancing is not functioning correctly. This behavior is expected and aligns with BIG-IP's design to ensure traffic is sent only to healthy resources.
Another frequent cause isthe presence of a persistence profile on the pool or virtual server (Option C).
Persistence (such as source address or cookie persistence) forces subsequent client connections to be sent to the same pool member for session continuity. While persistence is critical for certain applications, it can override the load-balancing algorithm and cause most or all traffic to be directed to a single pool member, especially during low traffic volumes or testing scenarios.
The other options are incorrect because avirtual server marked down (Option A)would not pass traffic at all, andall pool members marked down (Option D)would result in no connections rather than uneven distribution.
This analysis follows standard BIG-IP troubleshooting methodology using pool status, monitor results, and persistence configuration review.
NEW QUESTION # 38
Users report that traffic is negatively affected every time a BIG-IP device fails over. The traffic becomes stabilized after a few minutes. What should the BIG-IP Administrator do to reduce the impact of future failovers?
- A. Configure MAC Masquerade
- B. Configure a global SNAT Listener
- C. Set up Failover Method to HA Order
- D. Enable Failover Multicast Configuration
Answer: A
Explanation:
When a virtual server's traffic flow is disrupted only during failover events and takes several minutes to stabilize, the issue is typically related to the ARP cache on upstream network devices47. By default, each BIG-IP in an HA pair uses its own unique hardware MAC address for traffic4848. When a failover occurs, the new active device takes over the floating IP addresses, but the upstream switch may still have the MAC address of the old device cached4949. Traffic fails until the switch's ARP entry is updated. "MAC Masquerade" is a troubleshooting feature that assigns a shared, virtual MAC address to the floating traffic group. Regardless of which BIG-IP is currently active, it will use this masqueraded MAC address for all traffic related to that group52. Because the MAC address seen by the network never changes during a failover, the upstream devices do not need to relearn ARP entries, resulting in an instantaneous transition and eliminating the performance drop reported by users
NEW QUESTION # 39
A gateway_icmp health monitor is configured on a pool. The BIG-IP Administrator is investigating why the pool is reported as down while the server is online. Other pools with servers in the same subnet are correctly monitored.
What can cause this behavior? (Choose one answer)
- A. The admin user is logged on the server.
- B. The HTTP service is not started on the server.
- C. The host-based firewall is active on the server.
- D. The latest patches have not been installed on the server.
Answer: C
Explanation:
A gateway_icmp monitor checks basic network reachability by sending ICMP echo requests (pings) to the pool member or its gateway. If the pool is marked DOWN while the server is confirmed to be online, the most likely cause is that ICMP traffic is being blocked.
A host-based firewall active on the server (Option C) can block ICMP echo requests or replies, preventing BIG-IP from receiving a successful response to the health check. This results in the monitor failing and the pool member being marked down, even though the server and application are otherwise functioning normally. This explanation is consistent with the scenario where other servers in the same subnet work correctly, indicating that routing and BIG-IP configuration are not the issue.
The other options are unrelated to ICMP monitoring. Logged-in users (Option A), missing patches (Option B), and stopped HTTP services (Option D) do not affect a gateway_icmp monitor. BIG-IP troubleshooting best practices recommend verifying ICMP reachability and firewall policies when diagnosing ICMP-based monitor failures.
NEW QUESTION # 40
Which menu should you use on the BIG-IP Configuration Utility to generate a QKView support file? (Choose one answer)
- A. System > Archive
- B. System > Support
- C. System > Configuration
- D. System > Logs
Answer: B
Explanation:
A QKView is the primary diagnostic file used by F5 Support to analyze BIG-IP system health, configuration, performance, and logs. It collects a wide range of data, including running configuration, license details, module provisioning, hardware status, logs, statistics, and diagnostic command output. Generating a QKView is a standard first step when troubleshooting issues or opening a support case with F5.
In the BIG-IP Configuration Utility (GUI), the correct location to generate a QKView is System > Support (Option C). This menu is specifically designed for support and troubleshooting activities. From this section, administrators can create QKView files, upload them directly to F5 iHealth, or download them locally for later analysis or submission to F5 Support.
The other options are incorrect:
System > Configuration (Option A) is used for system-wide settings such as device name, NTP, and DNS.
System > Archive (Option B) is used to create UCS backups, not diagnostic QKViews.
System > Logs (Option D) is used to view and manage log files, not to generate support bundles.
This workflow is clearly documented in BIG-IP Administration and Support guides and is considered a best practice for efficient troubleshooting and support engagement.
NEW QUESTION # 41
A BIG-IP Administrator plans to upgrade a BIG-IP device to the latest TMOS version.
Which two tools could the administrator leverage to verify known issues for the target versions? (Choose two answers)
- A. F5 Downloads
- B. F5 University
- C. F5 End User Diagnostics (EUD)
- D. F5 iHealth
- E. F5 Bug Tracker
Answer: D,E
Explanation:
Before upgrading a BIG-IP system to a newer TMOS version, it is critical to review known issues to avoid introducing instability or regressions. F5 Bug Tracker (Option B) is a primary resource for this purpose. It allows administrators to search for documented software defects by TMOS version, module, symptom, or bug ID. Using Bug Tracker, an administrator can identify unresolved issues, fixed bugs, and behavioral changes that may affect their specific deployment, such as traffic handling, high availability, or module-specific functionality. This directly supports proactive troubleshooting and informed upgrade planning.
F5 iHealth (Option D) is another essential tool used during upgrade preparation. iHealth analyzes uploaded UCS or QKView files and correlates the device configuration and software version with F5's known issues database. It provides actionable reports highlighting critical defects, upgrade risks, interoperability concerns, and recommended target versions. iHealth is especially valuable because it contextualizes known issues based on the actual configuration running on the device.
The other options are not appropriate for verifying known software issues. F5 End User Diagnostics (Option A) is a client-side troubleshooting tool, F5 University (Option C) is a training platform, and F5 Downloads (Option E) is primarily used to obtain software images and release notes, not to analyze known defects in depth.
NEW QUESTION # 42
A BIG-IP Administrator suspects that one of the BIG-IP device power supplies is experiencing power outages. Which log file should the BIG-IP Administrator check to verify the suspicion?
- A. /var/log/kern.log
- B. /var/log/audit
- C. /var/log/daemon.log
- D. /var/log/ltm
Answer: D
Explanation:
On a BIG-IP system, hardware-related alerts, including those for power supply units (PSUs), fans, and chassis components, are primarily logged in the Local Traffic Manager (LTM) log file.
* Log Location: The file path is /var/log/ltm.
* PSU Alert Messages: When a power supply fails, experiences an outage, or is unplugged, the chmand (Chassis Manager) or system_check processes log specific error codes to this file. For example, you may see messages like 010d0006:0: Chassis power supply <X> has experienced an issue or VINPUT=bad.
* Troubleshooting: Administrators can use the command grep -i "power supply" /var/log/ltm to quickly filter for PSU-related events.
* Other Logs: * /var/log/kern.log typically contains low-level kernel and driver messages.
* /var/log/audit tracks administrative changes and commands executed by users.
* /var/log/daemon.log contains messages from various system background services but is not the primary location for hardware sensor alerts.
NEW QUESTION # 43
Pool /Common/testpool member /Common/10.120.0.5:8090 monitor status down. [ /Common/http: up, /Common/http2: down; last error: ] [ was up for lhr:0min:43sec ] Why is this pool member being marked down?
- A. The pool member is currently only serving HTTP traffic.
- B. The pool member is currently only serving HTTP2 traffic.
- C. The pool member is currently only serving TCP traffic.
- D. The pool member is currently only serving UDP traffic.
Answer: A
Explanation:
This log entry indicates that multiple monitors are assigned to the pool member, and the member is failing one of them.
Understanding Monitor Logic: By default, if multiple monitors are assigned to a pool or pool member without a "Minimum To Up" (Availability Requirement) setting, the system requires all monitors to pass for the member to be marked "Up".
Analyzing the Log: The log clearly states: [ /Common/http: up, /Common/http2: down; ... ]. This means the standard HTTP monitor is successful, indicating the member is serving HTTP traffic, but the http2 monitor has failed.
Conclusion: Since the http monitor is "up" but the member as a whole is "down," we can conclude the member is successfully responding to standard HTTP requests but not HTTP2 requests. Therefore, the member is currently only serving standard HTTP traffic.
NEW QUESTION # 44
Refer to the exhibit. A BIG-IP Administrator creates a new Virtual Server to load balance SSH traffic. Users are unable to log on to the servers. What should the BIG-IP Administrator do to resolve the issue? (Exhibit shows a Standard Virtual Server with an HTTP profile applied).
- A. Set Source Address to 10.1.1.210
- B. Set Destination Addresses/Mask to 0.0.0.0/011
- C. Set HTTP Profile to None9
- D. Set Protocol to UDP8
Answer: C
Explanation:
Comprehensive and Detailed Explanation From BIG-IP Administration Supp13ort and Troubleshooting documents: When troubleshooting a Virtual Server that is not working as expected, it is critical to ensure that the applied profiles match the type of traffic being processed. SSH (Secure Shell) is a non-HTTP protocol that operates over TCP. The exhibit indicates that an HTTP profile is applied to the Virtual Server14. An HTTP profile instructs the BIG-IP system to parse traffic as HTTP; however, since SSH traffic does not follow HTTP specifications, the BIG-IP's parser will fail to understand the data stream, typically resulting in dropped packets or reset connections15. To fix this, the administrator must set the HTTP profile to "None"16. This allows the Virtual Server to act as a "Standard" or "FastL4" listener that passes the encrypted SSH data transparently to the backend pool members without attempting application-layer inspection. This highlights a common troubleshooting step: verifying that L7 profiles are not inadvertently applied to L4 traffic, which disrupts the expected traffic flow between the client and the server.
NEW QUESTION # 45
In the BIG-IP Configuration Utility, a user requests a single screen view to determine the status of all Virtual Servers and associated pool members, as well as any iRules in use. Where should the BIG-IP Administrator instruct the user to find this view?32
- A. Local Traffic > Monitors
- B. Local Traffic > Network Map
- C. Local Traffic > Virtual Servers
- D. Statistics
Answer: B
Explanation:
Comprehensive and Detailed Explanation From BIG-IP A41dministration Support and Troubleshooting documents:To confirm functionality across a complex environment, the "Network Map" is the most efficient troubleshooting tool in the Configuration Utility43. It provides a hierarchical, visual representation of the traffic management objects44. A single glance allows the administrator to see the status of a Virtual Server (Green/Red/Yellow), the status of its associated pool, the health of individual pool members, and which iRules are currently attached45. This view is superior to the standard "Virtual Server List" for troubleshooting because it maps the dependencies between objects46. For example, if a Virtual Server is "Red," the Network Map will show if that status is inherited from a failed pool or a specific monitor failing on a pool member.
Reviewing these basic stats in the Network Map helps the administrator quickly isolate whether a failure is at the service level (Virtual Server), the logic level (iRule), or the hardware level (Pool Member).
NEW QUESTION # 46
Refer to the exhibit.
An LTM device has a virtual server mapped to www.f5.com . Users report that when they connect to www.f5.com they are unable to receive content. What is the likely cause of the issue? (Choose one answer)
- A. The pool associated with the virtual server is failing its health check.
- B. The virtual address does not have route advertising enabled.
- C. The virtual address does not have ARP enabled.
- D. The pool associated with the virtual server does not have priority group activation enabled.
Answer: C
Explanation:
Based on the configuration screens provided in the exhibit, the primary reason for the connectivity failure is the disabled ARP setting on the Virtual Address.
Virtual Address ARP Setting: In a standard BIG-IP deployment, the Address Resolution Protocol (ARP) must be enabled for the Virtual Address (192.168.238.111 in this case). When enabled, the BIG-IP system responds to ARP requests from the local network gateway or adjacent devices for that specific IP address.
Exhibit Analysis: Looking at the "Virtual Address List >> 192.168.238.111" properties section, the ARP checkbox is unselected (unchecked). Because ARP is disabled, the upstream router or client cannot resolve the MAC address for 192.168.238.111, and the traffic never reaches the BIG-IP LTM.
Availability Indicators: Note the yellow circle (status indicator) on both the Virtual Server and the Pool Members. In F5 BIG-IP, a yellow status typically indicates that the object is "Available" (Enabled) but its monitors are not currently identifying it as "Up" (which would be a green circle), or it is in a "Monitor Unknown" state. However, even if a pool is available, the traffic must first reach the Virtual Server, which is prevented here by the lack of ARP.
Incorrect Options Analysis:
Priority Group Activation (A): The exhibit shows this is "Disabled". While this affects how load balancing picks members between groups, it does not prevent all content from being received; the system would simply use all members in the pool.
Route Advertising (C): While "Route Advertisement" is also unchecked, this is generally only required if the BIG-IP needs to dynamically propagate the Virtual Address route via protocols like BGP or OSPF. For local segment connectivity, ARP is the fundamental requirement.
NEW QUESTION # 47
A BIG-IP Administrator notices that one of the servers that runs an application is NOT receiving any traffic. The BIG-IP Administrator examines the configuration status of the application and observes the displayed monitor configuration and affected pool member status.
What is the possible cause of this issue? (Choose one answer)
- A. The BIG-IP device is NOT able to reach the pool.
- B. The node health monitor is NOT responding.
- C. The application is NOT responding with the expected Receive String.
- D. HTTP 1.1 is NOT appropriate for monitoring purposes.
Answer: B
Explanation:
The key clue in the exhibit is the pool member's availability showing "Offline (Enabled) - Parent down". In BIG-IP terminology, a pool member inherits the status of its parent node. If the node is marked down (for example, by a node-level monitor or a default "node is down" condition), then all pool members using that node IP will also be marked down and will not receive any traffic, even if the application service on the member port might be healthy.
While the HTTPS monitor configuration (send/receive strings) is displayed, the status specifically indicates a node (parent) failure, not a service-level failure. If the problem were the application not matching the receive string, you would typically see the member down due to the member's monitor failing (and the status would reflect monitor failure details), rather than "parent down." Option D is too broad; BIG-IP can generally reach the subnet (other servers work), and this symptom points to a specific node condition. Option C is incorrect because HTTP/1.1 is commonly used for monitoring and is valid when properly formatted (especially with a Host header). Therefore, the most likely cause is that the node health monitor is not responding, causing the node-and consequently the member-to be marked down.
NEW QUESTION # 48
Which file should the BIG-IP Administrator check to determine when a Virtual Server changed its status from RED to GREEN?
- A. /var/log/audit
- B. /var/log/monitors
- C. /var/log/ltm
- D. /var/log/lastlog
Answer: C
Explanation:
Status changes for local traffic objects (Virtual Servers, Pools, Nodes) are recorded in the Local Traffic Manager (LTM) log.
* Health State Logging: When a health monitor marks a resource as available (Green) or unavailable (Red), the system generates a log message in /var/log/ltm.
* Log Entry Example: A transition from Red to Green will appear as a message similar to: 01010027:3:
Pool /Common/my_pool member /Common/10.0.0.1:80 monitor status up.
* Evaluation of Other Options:
* /var/log/audit (Option A) logs who changed a configuration, not automated state changes from health monitors.
* /var/log/lastlog (Option C) is a standard Linux file that tracks the last login time of users.
* /var/log/monitors (Option D) is not a standard log file on the BIG-IP system.
NEW QUESTION # 49
A BIG-IP Administrator is receiving intermittent reports from users that SSL connections to the BIG-IP device are failing. Upon checking the log files, the administrator notices: SSL transaction (TPS) rate limit reached. Reviewing stats shows a max of 1200 client-side SSL TPS and 800 server-side SSL TPS. What is the minimum SSL license limit capacity required to handle this peak?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: B
Explanation:
Troubleshooting SSL connection resets often involves verifying license limits against actual resource utilization. F5 devices use a "Transactions Per Second" (TPS) license to control the amount of SSL processing the device can handle. The log entry SSL transaction (TPS) rate limit reached is a clear indicator that the traffic volume has exceeded the licensed capacity. When determining the necessary license level, it is important to know that F5 primarily licenses and limits the "Client-side" SSL TPS-which represents the encrypted connections between the users and the virtual servers. In this specific scenario, the peak demand reached 1200 client-side transactions per second. Although there were also 800 server-side transactions (re-encryption from the BIG-IP to the pool), these typically do not count against the primary TPS license limit in the same manner. Therefore, to ensure that the virtual server works as expected during peak load, the administrator must upgrade the license to at least 1200 TPS. This troubleshooting process links system log errors to license-enforced resource constraints.
NEW QUESTION # 50
......
F5 F5CAB5 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
Cover F5CAB5 Exam Questions Make Sure You 100% Pass: https://freetorrent.itpass4sure.com/F5CAB5-practice-exam.html
