There's nothing like a little iRules goodness to spice up your month, and boy did I ever get in some iRules goodness last week. I got the chance to cruise (see: fly. coach. middle seat. I feel your jealousy) over to Singapore to sit down with a few dozen killer users and work on showing off the beauty that is iRules and all of the associated hawesomeness that goes with. These folks ranged from newbies to …. even bigger newbies. Most hadn't ever written a script, let alone an iRule and *gasp* much to my chagrin only a handful were even DevCentral aware. You can bet that got patched right up, quick like, and by the end we were back on speaking terms. Jokes aside, it's inspiring to watch someone go from "I've never written *any* script, let alone an iRule" to "Here's this iRule I just wrote to do content replacement in-line as well as cookie management and SSL enforcement" in less than two days. It's enough to warm my geeky little heart, I tell ya. After winging my way Westward and then some, I find myself digging back into DevCentral to see what everyone's been up to. As it turns out, and consequently of absolutely zero shock value, there has been plenty churning through the site in my absence. As such I happily bring to you this week's selections from DevCentral in the traditionally delicious Top 5 format:
Clarifying IP::tos command usage
All of the IP ToS experts raise your hands. All right, both of you step to the left, and you can likely breeze through this one. For the rest of you, this will be possibly enlightening, as it was to me. First of all, this whole ToS thing is what allows you to identify specific traffic as, well, specific, and treat it differently. If you want to route all of your priority traffic a particular way, you have to identify it first. This is a great way to do exactly that. The IP::toe command is the way in which, with iRules, you can ensure this routing happens as desired. The sticking point, however, may be understanding exactly what value you want to set when using this command. Fortunately Jason steps in with this fine document to make that very simple. He even went through and updated the Wiki for all future users that may delve into how to use the IP::tos command. If you're curious about traffic shaping and priority, this one's a good read, as are the related links.
Exposure to “Lucky Thirteen” SSL Vulnerability
Generally speaking, when there is a security topic at hand and David Holmes starts talking, I shut up and listen. When he starts talking about something that could potentially affect F5 products, I sit up and take note even more. As such, this particular blog post is very much worth your time. There's a decent chance you will have heard of the "Lucky Thirteen" vuln by now, and are curious what that means for your F5 devices. As is often the case David is the man on the spot with the information needed in a timely fashion. It looks like the risk is wonderfully low, which is great news, but not the whole story. If you want to learn more about why that is, how the attack works, and what you can do to keep yourself as safe as possible this is definitely a link you'll want to click. Thank me for it later, or rather, thank David for it.
Bare Metal Blog. Quality is Systemic, or it is Not.
Reliability is a thing. It's a rather big thing, frankly, in many cases, and one such case is talking about an ADC doing ADC-ish duties. Things like inspection, routing, security, acceleration, in-line-modification of data, etc. all while acting as what is likely the all-seeing eye that governs that ebb and flow of your data center. You know, no big deal. In such a case reliability is paramount, as you might imagine. Reliability is often derived from a combination of quality, testing, thoroughness and attention to detail. Fortunately we've got those things in spades. My visit to F5's hardware R&D facility, wherein I got to watch CAD artists modeling 3-D representations of custom boards, sit down with our ASIC designers for a chat, check out the fire, drop, cold, and more tests we run and generally see just how seriously we take our hardware has left me a firm believer in that. It turns out that Don shares a similar opinion, for his own reasons entirely. This post was a good read, and I was glad to see someone else taking note of the lengths to which we go to ensure just this kind of quality and reliability. Take a look for yourself for some more detail on what goes into this process 'round these parts.
In the Cloud Differentiation Means Services
While Lori's post talks about cloud services and offerings in particular, differentiation in general is important when trying to stand out amongst multiple similar options. Differentiation happens in different ways depending on the arena or platform, and while I'm no cloud zealot, I heartily agree here with Lori's prognosis (which, apparently, is her agreeing with another blogger, and round and round we go on these here internets), where she states that the best (only?) way to truly stand out as a cloud offering is with the available services for users. Whether you're talking about easier integration with other services, SSO with mainstream providers or otherwise, anything you can do to make your users' lives more simple is a win, especially in the cloud where the chances of people patching together multiple SaaS systems is high. Want them to use your SaaS as well, or perhaps even your IaaS? Well, then make their lives easier by providing the requisite services, and you can stand head and shoulders above the other options. Simple, no? Well, there's more to it than that, obviously, so go read Lori's blog to get a start on what the other factors are.
DevCentral Post of the Week
Oh my beloved post of the week, how you've been neglected. Years ago in war-torn…wait no, that's the wrong story. This is a killer little bit that has been around on DevCentral since approximately the beginning of time, or thereabouts, and has been a favorite of mine over the years. The premise? Simple: Grab a cool forum post and a video camera, and chat about the particular post, why it's cool, and possibly a solution or two regarding the question being asked, and you're off to the races. Joe has taken over the helm of the esteemed PotW, and is doing a mighty fine job of keeping this one alive and well these days. Check it out and perhaps even make it a regular tab to open when you see the notification from our youtube stream. You know, since you're subscribed and all, right? Right?? Good. In the meantime, here's Joe's latest PotW offering that's worth the scant few minutes it takes to indulge. I almost always learn something, and I'm guessing you will too.
That'll wrap up (I typed warp, first, and suddenly had visions of warp drives. Oh if only…) another Top5 from over here in the F5 geekery. I'll be back in another couple weeks with a fresh installment.