F5 Networks is a company that provides solutions for application delivery networking (ADN). It provides hardware, software, and services that help organizations ensure their applications are fast, secure, and available to users, no matter where they are.
One important concept in the F5 BIGIP system (a product line from F5 Networks) is that of partitions. A partition on an F5 BIGIP system is a logical container for configuration objects. You can use partitions to group configuration objects for purposes of administration or delegation. Each BIGIP system includes a predefined partition named “Common.”
The “Common” partition is the default partition where all configuration objects (like virtual servers, pools, nodes, etc.) are stored if no other partition is specified. It is typically used when there is no need for administrative boundaries or for simplified configurations.
When it comes to what is shared and not shared across partitions, here are some details:
- Shared across partitions:
- Global settings: These settings affect the entire BIGIP system, not just a single partition. They include settings like system hostname, NTP servers, DNS settings, time zone, users, and user groups, etc.
- iRules: If an iRule (a powerful and flexible feature within the BIGIP system that you can use to manage your network traffic) is placed in the Common partition, it can be used by objects in any partition.
- Profiles: These include profiles for protocols like HTTP, FTP, DNS, etc., and if they’re in the Common partition, they can be used by any partition.
- SSL certificates and keys: When placed in the Common partition, they are available to all partitions.
- SNATs: If a Secure Network Address Translation (SNAT) is created in the Common partition, it can be used by virtual servers in any partition.
- Not shared across partitions:
- Configuration objects: This includes Virtual servers, Nodes, Pools, Monitors, and so forth. These exist only within the partition in which they were created and can’t be accessed by objects in other partitions.
- VLANs, Self IPs, and routes: These belong to the partition in which they are created and aren’t available to other partitions by default. However, you can change their route domain context to share them across partitions.
- Rate shaping policies: These policies are used to control the rate of traffic processed by the BIGIP system. They only exist within the partition in which they were created and can’t be accessed by objects in other partitions.
- AFM (Advanced Firewall Manager) Policies: These security policies are specific to the partition where they were created and aren’t accessible to objects in other partitions.
- ASM (Application Security Manager) Policies: These security policies also can’t be shared between partitions.
- NATs (Network Address Translations): NAT entries are specific to the partition in which they are created and cannot be used in other partitions.
Partitions in the F5 BIGIP system enable you to segregate configuration objects for administrative control, traffic segregation, and delegation, allowing different teams to manage their own application delivery without affecting other applications on the same device. The Common partition serves as a special partition for shared resources and default configurations.