APIRef_tm_ltm_profile_tcp

mgmt/tm/ltm/profile/tcp

/tm/ltm/profile

Virtual server TCP traffic profile configuration

REST Endpoints

Collection URI
/mgmt/tm/ltm/profile/tcp
Collection Methods
OPTIONS, GET
Resource URI
/mgmt/tm/ltm/profile/tcp/~resource id
Resource Methods
OPTIONS, GET, PUT, PATCH, DELETE, POST
Resource Natural Key
name, partition, subPath

Properties

Name Type Default Value Required Access Description
abc string enabled optional read/write When enabled, increases the congestion window by basing the increase amount on the number of previously unacknowledged bytes that each ACK covers. The default value is enabled.
ackOnPush string disabled optional read/write When enabled, significantly improves performance to Windows and MacOS peers who are writing out on a very small send buffer. The default value is enabled.
appService string   optional read/write The application service to which the object belongs.
autoProxyBufferSize string disabled optional read/write When enabled, specifies that the system uses the network measurements to set the optimal proxy buffer size. The default value is disabled.
autoReceiveWindowSize string disabled optional read/write When enabled, specifies that the system uses the network measurements to set the optimal receive window size. The default value is disabled.
autoSendBufferSize string disabled optional read/write When enabled, specifies that the system uses the network measurements to set the optimal send buffer size. The default value is disabled.
closeWaitTimeout integer   optional read/write Specifies the number of seconds that a connection remains in a LAST-ACK state before quitting. A value of 0 represents a term of forever (or until the maxrtx of the FIN state). The default value is 5 seconds.
cmetricsCache string enabled optional read/write Specifies, when enabled, that the system uses a cache for storing congestion metrics. The default value is enabled.
cmetricsCacheTimeout integer 0 optional read/write Specifies the time, in seconds, for which entries in the congestion metrics cache are valid. The default value is 0, which defers to the sys db variable route.metrics.timeout.
congestionControl string new-reno optional read/write Specifies the algorithm to use to share network resources among competing users to reduce congestion. The default value is high-speed.
defaultsFrom string   optional read/write Specifies the profile that you want to use as the parent profile. Your new profile inherits all settings and values from the parent profile specified.
deferredAccept string   optional read/write Specifies, when enabled, that the system defers allocation of the connection chain context until the client response is received. This option is useful for dealing with 3-way handshake DOS attacks. The default value is disabled.
delayWindowControl string disabled optional read/write Specifies whether the system uses an estimate of queuing delay as a measure of congestion, in addition to the normal loss-based control, to control the amount of data sent. The default is disabled.
delayedAcks string   optional read/write When enabled, the traffic management system allows coalescing of multiple ACK responses. The default value is enabled.
description string   optional read/write User defined description.
dsack string   optional read/write When enabled, specifies the use of the Selective ACKs (SACK) option to acknowledge duplicate segments. The default value is disabled.
earlyRetransmit string disabled optional read/write When enabled, specifies that the system uses early fast retransmits (as specified in RFC 5827) to reduce the recovery time for connections that are receive-buffer or user-data limited. The default value is disabled.
ecn string   optional read/write Specifies, when enabled, that the system uses the TCP flags CWR and ECE to notify its peer of congestion and congestion counter-measures. The default value is disabled.
enhancedLossRecovery string disabled optional read/write When enabled, specifies that the system uses enhanced loss recovery to recover from random packet losses more effectively. The default value is disabled.
fastOpen string disabled optional read/write When enabled, permits TCP Fast Open, allowing properly equipped TCP clients to send data with the SYN packet.
fastOpenCookieExpiration integer 21600 optional read/write Seconds for which a Fast Open Cookie provided by the BIG-IP is valid for incoming SYN packets. The default value is 21,600 seconds (6 hours). The range is from 0 (meaning use the default) to 1000000.
finWait_2Timeout integer 300 optional read/write Specifies the number of seconds that a connection is in the FIN-WAIT-2 state before quitting. The default value is 300 seconds. A value of 0 (zero) represents a term of forever (or until the maxrtx of the FIN state).
finWaitTimeout integer   optional read/write Specifies the number of seconds that a connection is in the FIN-WAIT-1 or closing state before quitting. The default value is 5 seconds. A value of 0 (zero) represents a term of forever (or until the maxrtx of the FIN state). You can also specify immediate or indefinite.
hardwareSynCookie string enabled optional read/write *IMPORTANT* This command has been deprecated (as of 13.0.0). Specifies whether or not to use hardware SYN Cookie when cross system limit. The default is enabled.
idleTimeout integer 300 optional read/write Specifies the number of seconds that a connection is idle before the connection is eligible for deletion. The default value is 300 seconds.
initCwnd integer 0 optional read/write Specifies the initial congestion window size for connections to this destination. The actual window size is this value multiplied by the MSS (Maximal Segment Size) for the same connection. The default value is 3. The range is from 0 to 64.
initRwnd integer 0 optional read/write Specifies the initial receive window size for connections to this destination. The actual window size is this value multiplied by the MSS (Maximal Segment Size) for the same connection. The default value is 3. The range is from 0 to 64.
ipDfMode string pmtu optional read/write Describe the Don’t Fragment (DF) bit setting in the outgoing packet’s IP Header.
ipTosToClient string 0 optional read/write Specifies the Type of Service level that the traffic management system assigns to TCP packets when sending them to clients.
ipTtlMode string proxy optional read/write Describe the outgoing packet’s IP Header TTL value modes.
ipTtlV4 integer 255 optional read/write Specifies the outgoing IPV4 Header TTL value for ip-ttl-mode SET
ipTtlV6 integer 64 optional read/write Specifies the outgoing IPV6 Header TTL value for ip-ttl-mode SET
keepAliveInterval integer   optional read/write Specifies the keep alive probe interval, in seconds. The default value is 1800 seconds.
limitedTransmit string enabled optional read/write When enabled, specifies that the system uses limited transmit recovery revisions for fast retransmits (as specified in RFC 3042) to reduce the recovery time for connections on a lossy network. The default value is enabled.
linkQosToClient string 0 optional read/write Specifies the Quality of Service level that the system assigns to TCP packets when sending them to clients. The default value is 0 (zero).
maxRetrans integer   optional read/write Specifies the maximum number of retransmissions of data segments that the system allows. The default value is 8.
maxSegmentSize integer 1460 optional read/write  
md5Signature string disabled optional read/write Specifies, when enabled, that the system uses RFC2385 TCP-MD5 signatures to protect TCP traffic against intermediate tampering. The default value is disabled.
md5SignaturePassphrase string   optional read/write Specifies, when enabled, a plaintext passphrase which may be between 1 and 80 characters in length, and is used in a shared-secret scheme to implement the spoof-prevention parts of RFC2385. The default value is none.
minimumRto integer 0 optional read/write Specifies the minimum TCP retransmission timeout in milliseconds. The default value is 1000 milliseconds.
mptcp string disabled optional read/write When enabled all incoming flows are handled by the MPTCP stack, allowing for support of multipath-enabled connections. When passthrough MPTCP connections are not terminated by this virtual.
mptcpCsum string disabled optional read/write If enabled, checksums are supported by this MPTCP-enabled device.
mptcpCsumVerify string disabled optional read/write If enabled, incoming checksums are verified, and checksum failure causes connection abort.
mptcpDebug string disabled optional read/write This option is DEPRECATED v12.0.0 onwards and is maintained here for backward compatibility reasons. When enabled, the debug output and statistics are available.
mptcpFallback string reset optional read/write Specifies the algorithm for fallback. The default value is reset.
mptcpFastjoin string disabled optional read/write When enabled, permits FAST join, allowing data to be sent on the MP_JOIN SYN, which can allow a server response to occur in parallel with the join.
mptcpIdleTimeout integer 300 optional read/write Number of seconds without traffic before a MPTCP connection is eligible for deletion. The range is from 1 to 2147483647 and the default is 300.
mptcpJoinMax integer 5 optional read/write Specifies the maximum number of simultaneous join attempts on a given flow. The default value is 5. The range is from 1 to 20.
mptcpMakeafterbreak string disabled optional read/write When enabled, permit after break functionality, allowing for long-lived MPTCP sessions.
mptcpNojoindssack string disabled optional read/write When enabled, no DSS option is sent on the JOIN ACK.
mptcpRtomax integer 5 optional read/write Specifies the number of RTOs before declaring subflow dead. The default value is 5. The range is from 1 to 12.
mptcpRxmitmin integer 1000 optional read/write Specifies the minimum value of the retransmission timer for these MPTCP flows. The default value is 1000 msec. The range is from 200 to 5000 msec.
mptcpSubflowmax integer 6 optional read/write Specifies the maximum number of subflows for a single flow. The range is 0 to 60 where 0 = unlimited.
mptcpTimeout integer 3600 optional read/write Specifies the timeout value to discard long-lived sessions that do not have an active flow. The default value is 3600 seconds. The range is from 60 to 36000 seconds.
nagle string disabled optional read/write Specifies, when enabled, that the system applies Nagle’s algorithm to reduce the number of short segments on the network. The default value is disabled. Note that for interactive protocols such as Telnet, rlogin, or SSH, F5 recommends disabling this setting on high-latency networks, to improve application responsiveness. When auto, the use of Nagle’s algorithm is decided based on network conditions.
tmPartition string Common optional read/write Displays the administrative partition within which this profile resides.
pktLossIgnoreBurst integer 0 optional read/write Specifies the probability of performing congestion control when multiple packets in a row are lost even if the pkt-loss-ignore-rate was not exceeded. Valid values are 0 to 32. The default is 0, meaning that the system should perform congestion control if any packets are lost. Higher values decrease the chance of performing congestion control.
pktLossIgnoreRate integer 0 optional read/write Specifies the threshold of packets lost per million at which the system should perform congestion control. Valid values for n are 0 to 1,000,000. The default is 0, meaning the system should perform congestion control if any packet loss occurs. If you set the ignore rate to 10 and packet loss for a TCP connection is greater than 10 per million, congestion control occurs.
proxyBufferHigh integer 16384 optional read/write Specifies the highest level at which the receive window is closed. The default value is 16384.
proxyBufferLow integer 4096 optional read/write Specifies the lowest level at which the receive window is closed. The default value is 4096.
proxyMss string enabled optional read/write Specifies, when enabled, that the system advertises the same mss to the server as was negotiated with the client. The default value is enabled.
proxyOptions string enabled optional read/write Specifies, when enabled, that the system advertises an option, such as a time-stamp to the server only if it was negotiated with the client. The default value is enabled.
ratePace string disabled optional read/write When enabled, the system will rate pace TCP data transmission.
ratePaceMaxRate integer 0 optional read/write If not 0, the maximum rate in bytes per second that TCP connections will be paced to.
receiveWindowSize integer 65535 optional read/write Specifies the size of the receive window, in bytes. The default value is 65535 bytes.
resetOnTimeout string   optional read/write Specifies whether to reset connections on timeout. The default value is enabled.
rexmtThresh integer 3 optional read/write Specifies the number of duplicate ACKs (retransmit threshold) to start fast recovery. Higher values decrease the likelihood of performing fast recovery in a network with high packet reordering. The default value is 3. The range is from 3 to 255.
selectiveAcks string   optional read/write Specifies, when enabled, that the system negotiates RFC2018-compliant Selective Acknowledgments with peers. The default value is enabled.
selectiveNack string disabled optional read/write Specifies whether Selective Negative Acknowledgment is enabled or not. The default value is disabled.
sendBufferSize integer 65535 optional read/write Specifies the size of the buffer, in bytes. The default value is 65535 bytes.
slowStart string enabled optional read/write Specifies, when enabled, that the system uses larger initial window sizes (as specified in RFC 3390) to help reduce round trip times. The default value is enabled.
synCookieEnable string enabled optional read/write Specifies whether or not to use SYN Cookie. The default is enabled.
synCookieWhitelist string disabled optional read/write This option to enable SYN Cookie WhiteList. The default is false.
synMaxRetrans integer   optional read/write Specifies the maximum number of retransmissions of SYN segments that the system allows. The default value is 3.
synRtoBase integer 0 optional read/write Specifies the initial RTO (Retransmission TimeOut) base multiplier for SYN retransmission, in milliseconds. This value is modified by the exponential backoff table to select the interval for subsequent retransmissions. The default value is 3000.
tailLossProbe string disabled optional read/write When enabled, specifies that the system uses tail loss probe to reduce the number of retransmission timeouts. The default value is disabled.
tcpOptions string   optional read/write Specifies the option numbers that will be accessible from iRules (TCP::option) for the flow. The format of each entry should be, “{<option number> <first|last>} {<option number> <first|last>}”. The keyword “first” means the system records the option the first time it is occurs (after and including the ACK of the three way handshake), while “last” means the system updates the available value every time it occurs.
timeWaitRecycle string   optional read/write Specifies whether the system recycles the connection when a SYN packet is received in a TIME-WAIT state. The default value is enabled.
timeWaitTimeout string 2000 optional read/write Specifies the number of milliseconds that a connection is in the TIME-WAIT state before closing. The default value is 2000 milliseconds. The range is from 0 to 600,000 (10 minutes).
timestamps string enabled optional read/write Specifies, when enabled, that the system uses the timestamps extension for TCP (as specified in RFC 1323) to enhance high-speed network performance. The default value is enabled.
verifiedAccept string disabled optional read/write When enabled, a SYN-ACK will be sent only if the server port is open. Not compatible with iRules. The default is disabled.
zeroWindowTimeout integer 20000 optional read/write Specifies the timeout in milliseconds for terminating a connection with an effective zero length TCP transmit window. The timeout starts when the peer advertises a zero length TCP window or when enough data has been sent to fill the previously advertised window. The timer is canceled when a non-zero length window is received. The default is 20000 milliseconds.
Copyright (c) 2016, F5 Networks Inc. All Rights Reserved.

The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.