Appendix B: Additional Declarations¶
This section contains a number of additional example declarations you can use. The numbering of these examples continues from the Examples section. Use the links on the left to go directly to a specific example.
If you want to see an example that uses all of available AS3 properties, see the all properties declaration.
Note
Some of the examples may be in multiple categories.
HTTP Services¶
- HTTP Services
- 1: HTTP with custom persistence
- 2: HTTP with no compression, BIG-IP TCP profile, iRule for pool
- 3: HTTP with additional virtual service for corporate clients
- 4: HTTP and HTTPS virtual services in one declaration
- 5: Two applications sharing a pool
- 6: One tenant with three applications
- 6a: Single application with multiple services
- 7: Virtual server listening on multiple ports on the same address
- 8: Using a Local Traffic Policy to forward HTTP Requests
TLS Encryption¶
- TLS Encryption
- 1: Referencing an existing SSL certificate and key in the Common partition
- 2: Using multiple SSL/TLS certificates in a single profile
- 3: Using matchToSNI with a TLS_Server profile
- 4: Using PKCS 12 in a declaration
- 5: Enabling and disabling Server SSL from Endpoint policies
- 6: HTTP and HTTPS virtual services in one declaration
- 7: Using a client and server TLS profile in the same declaration
- 8: Using Client Certificate Constrained Delegation (C3D) features in a declaration
- 9: Securing client and server side LDAP traffic
- 10: Using OCSP Certificate Validation in a declaration
- 11: Using the staplerOCSP parameter in a certificate
Non-HTTP Services¶
- Non-HTTP Services
- 1: UDP virtual service
- 2: TCP load-balanced to ICAP with custom monitor
- 3: Using BIG-IP DNS features in a declaration
- 4: Using a FIX profile and data groups in a declaration
- 5: Using tcpOptions in a TCP Profile
- 6: Using GSLB features in a declaration
- 7: Service Discovery for virtual servers in GSLB Servers
- 8: Creating a DNS cache in a declaration
Network Security¶
Application Security¶
- Application Security
- 1: Virtual service referencing an existing security policy
- 2: Virtual service referencing an external security policy
- 3: Endpoint policy with default rule to disable WAF
- 4: Endpoint policy with SSL SNI Match conditions and HTTP action
- 5: Using a Security log profile with Application Security
- 6: Using Persist Actions in an Endpoint Policy
- 7: Changing the enforcement mode of a WAF policy retrieved from a URL
DOS Protection¶
Policy Enforcement¶
Health Monitors¶
Profiles¶
- Profiles
- 1: Using an Analytics profile in a declaration
- 2: Using an Analytics profile with a Capture filter
- 3: Using a Multiplex (OneConnect) profile in a declaration
- 4: Using existing FTP and SIP profiles in a declaration
- 5: Using a Traffic Log profile in a declaration
- 6: Using a WebSocket profile in a declaration
- 7: Using a Rewrite profile in a declaration
- 8: Using a DoS profile in a declaration
- 9: Using a DoS profile for Mobile Defense
- 10: Using a HTTP Acceleration profile in a declaration
- 11: Using a Security log profile with Application Security
- 12: Using a Stream profile in a declaration
- 13: Creating an FTP profile in a declaration
- 14: Referencing existing iRules LX Profiles
- 15: Using the HTTP/2 profile in a declaration
Service Discovery¶
- Service Discovery
- 1: Using Service Discovery to automatically populate a pool
- 2: Using remote Service Discovery to automatically populate a pool with BIG-IP VE anywhere
- 3: Using remote Service Discovery and sending the declaration to a remote BIG-IP
- 4: Using an FQDN pool to identify pool members
- 5: Event-Driven Service Discovery
- 6: Service Discovery using HashiCorp Consul
- 7: Service Discovery using HashiCorp Consul and CA Certificates
- 8: Service Discovery using HashiCorp Consul without certificate validation
- 9: Service Discovery for virtual servers in GSLB Servers
Miscellaneous Declarations¶
- Miscellaneous declarations
- 1: Using PATCH to add a new Application to a Tenant
- 2: Using the Service_Generic class
- 3: Using Metadata in a declaration
- 4: Virtual service allowing only specific VLANs
- 5: Advertising a route for a Service Address
- 6: Using Clone Pools in a declaration
- 7: Sending multiple declarations in a single request (container)
- 8: Sending multiple declarations in a single request (BIG-IQ)
- 9: Using Splunk as a log destination
- 10: Using shareNodes to reuse nodes across tenants
- 11: Using the include property to reference one section of a declaration in another section