F5CAB2 Online Practice Questions

Explanation:
Comprehensive and Detailed Explanation (BIG-IP Administration C Data Plane Concepts):
For BIG-IP to send or receive traffic on a VLAN, that VLAN must be bound to a physical interface or a trunk. Creating a VLAN object and a Self IP alone is not sufficient to establish data-plane connectivity.
From the exhibit:
The VLAN (vlan_1033) exists and has a tag defined.
A Self IP is configured and associated with the VLAN.
However, traffic cannot reach servers on that VLAN.
This indicates a Layer 2 connectivity issue, not a Layer 3 or HA issue.
Why assigning a physical interface fixes the problem:
BIG-IP VLANs do not carry traffic unless they are explicitly attached to:
A physical interface (e.g., 1.1), or
A trunk
Without an interface assignment, the VLAN is effectively isolated and cannot transmit or receive frames, making servers unreachable regardless of correct IP addressing.
Why the other options are incorrect:
A. Set Port Lockdown to Allow All
Port Lockdown controls which services can be accessed on the Self IP (management-plane access), not whether BIG-IP can reach servers on that VLAN.
B. Change Auto Last Hop to enabled
Auto Last Hop affects return traffic routing for asymmetric paths. It does not fix missing Layer 2 connectivity.
D. Create a Floating Self IP address
Floating Self IPs are used for HA failover. They do not resolve reachability issues on a single device when the VLAN itself is not connected to an interface.
Conclusion:
The servers are unreachable because the VLAN has no physical interface assigned. To restore connectivity, the BIG-IP Administrator must assign a physical interface (or trunk) to the VLAN, enabling Layer 2 traffic flow.

Explanation:
Comprehensive and Detailed Explanation (BIG-IP Administration C Data Plane Concepts):
This scenario combines session continuity, multiple protocols (HTTP and FTP), and HA failover behavior, which directly implicates persistence handling across devices and services.
Key Requirements Breakdown
Same pool member for entire session
Session must survive failover
Session must span multiple services (HTTP and FTP)
Why Persistence Mirroring + Match Across Services Is Required
Persistence Mirroring
Ensures persistence records are synchronized from the active BIG-IP to the standby BIG-IP.
Without mirroring:
After failover, the standby device has no persistence table
Clients are load-balanced again
Sessions break, forcing users to restart
Persistence mirroring is essential for session continuity during failover
Match Across Services
Allows a single persistence record to be shared across multiple virtual servers / protocols
Required when:
HTTP and FTP must use the same pool member
Multiple services are part of a single application session
Together, these settings ensure:
Persistence survives device failover
Persistence is honored across HTTP and FTP
Why the Other Options Are Incorrect
A. Cookie persistence and session timeout
Cookie persistence only applies to HTTP and does not address FTP or failover synchronization.
B. Stateful failover and Network Failover detection
Stateful failover applies to connection state, not persistence records, and does not link HTTP and FTP sessions.
D. SYN-cookie insertion threshold and connection low-water mark
These are DoS / SYN flood protection settings, unrelated to persistence or HA behavior.

Explanation:
Comprehensive and Detailed Explanation From BIG-IP Administration Data Plane Concepts documents:
This question focuses on connection behavior when pool members transition from down to up, which is a classic data plane consideration in BIG-IP environments.
What problem is being solved?
When a pool member:
Recovers from a failure
Is enabled after maintenance
Transitions from inactive to active
…it can suddenly receive a large burst of new connections, especially when using load-balancing methods such as Least Connections. This sudden surge can overload the server.
Why Slow Ramp Time is the correct solution:
Slow Ramp Time is a pool-level setting that:
Gradually increases the number of connections sent to a newly available pool member
Prevents sudden spikes in traffic
Allows the server to warm up (application cache, JVM, DB connections, etc.)
From BIG-IP Administration Data Plane Concepts:
Slow Ramp Time controls the rate at which BIG-IP increases load to a pool member that has just become available
During the ramp period, BIG-IP artificially increases the member’s connection count, making it appear “busier” and therefore less attractive for new connections
This directly satisfies the requirement to avoid overloading pool members when they become active.
Why the Other Options Are Incorrect:
B. Different Ratio for each member
Ratios control relative distribution under normal operation
They do not prevent a sudden surge when a member becomes active
C. Action On Service Down to Reselect
Controls persistence behavior when a member goes down
Has no impact on connection ramp-up when a member comes back online
D. Same Priority Group to each member
Affects failover logic between priority groups
Does not control connection rate or ramp-up behavior
Key Data Plane Concept Reinforced:
To protect backend servers during recovery events, BIG-IP provides Slow Ramp Time, ensuring graceful reintroduction of traffic and preventing connection storms that can occur during high-load scenarios.

Explanation:
Comprehensive and Detailed Explanation From BIG-IP Administration Data Plane Concepts documents:
In BIG-IP architecture, link aggregation and redundancy at Layer 2 are implemented using Trunks, not virtual servers or pools.
According to BIG-IP Administration Data Plane Concepts: Interfaces are the physical network ports on the BIG-IP device A Trunk is a logical grouping of multiple interfaces
Trunks can be configured to use LACP (Link Aggregation Control Protocol) to:
Provide link redundancy
Increase aggregate bandwidth
Allow automatic detection of link failures
VLANs are then assigned to the trunk, not directly to individual interfaces, once aggregation is in place
Correct Design for the Scenario:
To connect BIG-IP to two upstream switches with LACP: One physical interface from BIG-IP connects to Switch A Another physical interface from BIG-IP connects to Switch B Both interfaces are placed into the same trunk LACP is enabled on the trunk and on the switches
This configuration allows:
Traffic to continue flowing if one interface or switch fails
Proper LACP negotiation between BIG-IP and the upstream switches
Clean separation of responsibilities (Layer 2 handled by trunking, Layer 4C7 by virtual servers)
Why Option D Is Correct:
A Trunk containing an interface connected to each switch is exactly how BIG-IP implements LACP-based interface binding
The trunk handles link state, load distribution, and failover at the data plane
Why the Other Options Are Incorrect:
A & B C Virtual servers operate at Layers 4C7 and have nothing to do with physical link aggregation or LACP
C C VLAN IDs and MAC addresses are not configured inside a trunk definition; trunks aggregate interfaces, and VLANs are applied to trunks
Key Data Plane Concept Reinforced:
On BIG-IP systems, LACP is always configured on a Trunk, which aggregates physical interfaces to provide Layer 2 resiliency and bandwidth aggregation. Virtual servers and pools are not involved in physical interface binding.