APIRef_tm_ltm_profile_tcp¶
mgmt/tm/ltm/profile/tcp
Virtual server TCP traffic profile configuration
REST Endpoints
- Collection URI
/mgmt/tm/ltm/profile/tcp- Collection Methods
OPTIONS, GET- Resource URI
/mgmt/tm/ltm/profile/tcp/~resource id- Resource Methods
OPTIONS, GET, PUT, PATCH, DELETE, POST- Resource Natural Key
name, partition, subPath
Properties
| Name | Type | Default Value | Required | Access | Description |
|---|---|---|---|---|---|
abc |
string | enabled | optional | read/write | When enabled, increases the congestion window by basing the increase amount on the number of previously unacknowledged bytes that each ACK covers. The default value is enabled. |
ackOnPush |
string | disabled | optional | read/write | When enabled, significantly improves performance to Windows and MacOS peers who are writing out on a very small send buffer. The default value is enabled. |
appService |
string | optional | read/write | The application service to which the object belongs. | |
autoProxyBufferSize |
string | disabled | optional | read/write | When enabled, specifies that the system uses the network measurements to set the optimal proxy buffer size. The default value is disabled. |
autoReceiveWindowSize |
string | disabled | optional | read/write | When enabled, specifies that the system uses the network measurements to set the optimal receive window size. The default value is disabled. |
autoSendBufferSize |
string | disabled | optional | read/write | When enabled, specifies that the system uses the network measurements to set the optimal send buffer size. The default value is disabled. |
closeWaitTimeout |
integer | optional | read/write | Specifies the number of seconds that a connection remains in a LAST-ACK state before quitting. A value of 0 represents a term of forever (or until the maxrtx of the FIN state). The default value is 5 seconds. | |
cmetricsCache |
string | enabled | optional | read/write | Specifies, when enabled, that the system uses a cache for storing congestion metrics. The default value is enabled. |
cmetricsCacheTimeout |
integer | 0 | optional | read/write | Specifies the time, in seconds, for which entries in the congestion metrics cache are valid. The default value is 0, which defers to the sys db variable route.metrics.timeout. |
congestionControl |
string | new-reno | optional | read/write | Specifies the algorithm to use to share network resources among competing users to reduce congestion. The default value is high-speed. |
defaultsFrom |
string | optional | read/write | Specifies the profile that you want to use as the parent profile. Your new profile inherits all settings and values from the parent profile specified. | |
deferredAccept |
string | optional | read/write | Specifies, when enabled, that the system defers allocation of the connection chain context until the client response is received. This option is useful for dealing with 3-way handshake DOS attacks. The default value is disabled. | |
delayWindowControl |
string | disabled | optional | read/write | Specifies whether the system uses an estimate of queuing delay as a measure of congestion, in addition to the normal loss-based control, to control the amount of data sent. The default is disabled. |
delayedAcks |
string | optional | read/write | When enabled, the traffic management system allows coalescing of multiple ACK responses. The default value is enabled. | |
description |
string | optional | read/write | User defined description. | |
dsack |
string | optional | read/write | When enabled, specifies the use of the Selective ACKs (SACK) option to acknowledge duplicate segments. The default value is disabled. | |
earlyRetransmit |
string | disabled | optional | read/write | When enabled, specifies that the system uses early fast retransmits (as specified in RFC 5827) to reduce the recovery time for connections that are receive-buffer or user-data limited. The default value is disabled. |
ecn |
string | optional | read/write | Specifies, when enabled, that the system uses the TCP flags CWR and ECE to notify its peer of congestion and congestion counter-measures. The default value is disabled. | |
enhancedLossRecovery |
string | disabled | optional | read/write | When enabled, specifies that the system uses enhanced loss recovery to recover from random packet losses more effectively. The default value is disabled. |
fastOpen |
string | disabled | optional | read/write | When enabled, permits TCP Fast Open, allowing properly equipped TCP clients to send data with the SYN packet. |
fastOpenCookieExpiration |
integer | 21600 | optional | read/write | Seconds for which a Fast Open Cookie provided by the BIG-IP is valid for incoming SYN packets. The default value is 21,600 seconds (6 hours). The range is from 0 (meaning use the default) to 1000000. |
finWait_2Timeout |
integer | 300 | optional | read/write | Specifies the number of seconds that a connection is in the FIN-WAIT-2 state before quitting. The default value is 300 seconds. A value of 0 (zero) represents a term of forever (or until the maxrtx of the FIN state). |
finWaitTimeout |
integer | optional | read/write | Specifies the number of seconds that a connection is in the FIN-WAIT-1 or closing state before quitting. The default value is 5 seconds. A value of 0 (zero) represents a term of forever (or until the maxrtx of the FIN state). You can also specify immediate or indefinite. | |
hardwareSynCookie |
string | enabled | optional | read/write | *IMPORTANT* This command has been deprecated (as of 13.0.0). Specifies whether or not to use hardware SYN Cookie when cross system limit. The default is enabled. |
idleTimeout |
integer | 300 | optional | read/write | Specifies the number of seconds that a connection is idle before the connection is eligible for deletion. The default value is 300 seconds. |
initCwnd |
integer | 0 | optional | read/write | Specifies the initial congestion window size for connections to this destination. The actual window size is this value multiplied by the MSS (Maximal Segment Size) for the same connection. The default value is 3. The range is from 0 to 64. |
initRwnd |
integer | 0 | optional | read/write | Specifies the initial receive window size for connections to this destination. The actual window size is this value multiplied by the MSS (Maximal Segment Size) for the same connection. The default value is 3. The range is from 0 to 64. |
ipDfMode |
string | pmtu | optional | read/write | Describe the Don’t Fragment (DF) bit setting in the outgoing packet’s IP Header. |
ipTosToClient |
string | 0 | optional | read/write | Specifies the Type of Service level that the traffic management system assigns to TCP packets when sending them to clients. |
ipTtlMode |
string | proxy | optional | read/write | Describe the outgoing packet’s IP Header TTL value modes. |
ipTtlV4 |
integer | 255 | optional | read/write | Specifies the outgoing IPV4 Header TTL value for ip-ttl-mode SET |
ipTtlV6 |
integer | 64 | optional | read/write | Specifies the outgoing IPV6 Header TTL value for ip-ttl-mode SET |
keepAliveInterval |
integer | optional | read/write | Specifies the keep alive probe interval, in seconds. The default value is 1800 seconds. | |
limitedTransmit |
string | enabled | optional | read/write | When enabled, specifies that the system uses limited transmit recovery revisions for fast retransmits (as specified in RFC 3042) to reduce the recovery time for connections on a lossy network. The default value is enabled. |
linkQosToClient |
string | 0 | optional | read/write | Specifies the Quality of Service level that the system assigns to TCP packets when sending them to clients. The default value is 0 (zero). |
maxRetrans |
integer | optional | read/write | Specifies the maximum number of retransmissions of data segments that the system allows. The default value is 8. | |
maxSegmentSize |
integer | 1460 | optional | read/write | |
md5Signature |
string | disabled | optional | read/write | Specifies, when enabled, that the system uses RFC2385 TCP-MD5 signatures to protect TCP traffic against intermediate tampering. The default value is disabled. |
md5SignaturePassphrase |
string | optional | read/write | Specifies, when enabled, a plaintext passphrase which may be between 1 and 80 characters in length, and is used in a shared-secret scheme to implement the spoof-prevention parts of RFC2385. The default value is none. | |
minimumRto |
integer | 0 | optional | read/write | Specifies the minimum TCP retransmission timeout in milliseconds. The default value is 1000 milliseconds. |
mptcp |
string | disabled | optional | read/write | When enabled all incoming flows are handled by the MPTCP stack, allowing for support of multipath-enabled connections. When passthrough MPTCP connections are not terminated by this virtual. |
mptcpCsum |
string | disabled | optional | read/write | If enabled, checksums are supported by this MPTCP-enabled device. |
mptcpCsumVerify |
string | disabled | optional | read/write | If enabled, incoming checksums are verified, and checksum failure causes connection abort. |
mptcpDebug |
string | disabled | optional | read/write | This option is DEPRECATED v12.0.0 onwards and is maintained here for backward compatibility reasons. When enabled, the debug output and statistics are available. |
mptcpFallback |
string | reset | optional | read/write | Specifies the algorithm for fallback. The default value is reset. |
mptcpFastjoin |
string | disabled | optional | read/write | When enabled, permits FAST join, allowing data to be sent on the MP_JOIN SYN, which can allow a server response to occur in parallel with the join. |
mptcpIdleTimeout |
integer | 300 | optional | read/write | Number of seconds without traffic before a MPTCP connection is eligible for deletion. The range is from 1 to 2147483647 and the default is 300. |
mptcpJoinMax |
integer | 5 | optional | read/write | Specifies the maximum number of simultaneous join attempts on a given flow. The default value is 5. The range is from 1 to 20. |
mptcpMakeafterbreak |
string | disabled | optional | read/write | When enabled, permit after break functionality, allowing for long-lived MPTCP sessions. |
mptcpNojoindssack |
string | disabled | optional | read/write | When enabled, no DSS option is sent on the JOIN ACK. |
mptcpRtomax |
integer | 5 | optional | read/write | Specifies the number of RTOs before declaring subflow dead. The default value is 5. The range is from 1 to 12. |
mptcpRxmitmin |
integer | 1000 | optional | read/write | Specifies the minimum value of the retransmission timer for these MPTCP flows. The default value is 1000 msec. The range is from 200 to 5000 msec. |
mptcpSubflowmax |
integer | 6 | optional | read/write | Specifies the maximum number of subflows for a single flow. The range is 0 to 60 where 0 = unlimited. |
mptcpTimeout |
integer | 3600 | optional | read/write | Specifies the timeout value to discard long-lived sessions that do not have an active flow. The default value is 3600 seconds. The range is from 60 to 36000 seconds. |
nagle |
string | disabled | optional | read/write | Specifies, when enabled, that the system applies Nagle’s algorithm to reduce the number of short segments on the network. The default value is disabled. Note that for interactive protocols such as Telnet, rlogin, or SSH, F5 recommends disabling this setting on high-latency networks, to improve application responsiveness. When auto, the use of Nagle’s algorithm is decided based on network conditions. |
tmPartition |
string | Common | optional | read/write | Displays the administrative partition within which this profile resides. |
pktLossIgnoreBurst |
integer | 0 | optional | read/write | Specifies the probability of performing congestion control when multiple packets in a row are lost even if the pkt-loss-ignore-rate was not exceeded. Valid values are 0 to 32. The default is 0, meaning that the system should perform congestion control if any packets are lost. Higher values decrease the chance of performing congestion control. |
pktLossIgnoreRate |
integer | 0 | optional | read/write | Specifies the threshold of packets lost per million at which the system should perform congestion control. Valid values for n are 0 to 1,000,000. The default is 0, meaning the system should perform congestion control if any packet loss occurs. If you set the ignore rate to 10 and packet loss for a TCP connection is greater than 10 per million, congestion control occurs. |
proxyBufferHigh |
integer | 16384 | optional | read/write | Specifies the highest level at which the receive window is closed. The default value is 16384. |
proxyBufferLow |
integer | 4096 | optional | read/write | Specifies the lowest level at which the receive window is closed. The default value is 4096. |
proxyMss |
string | enabled | optional | read/write | Specifies, when enabled, that the system advertises the same mss to the server as was negotiated with the client. The default value is enabled. |
proxyOptions |
string | enabled | optional | read/write | Specifies, when enabled, that the system advertises an option, such as a time-stamp to the server only if it was negotiated with the client. The default value is enabled. |
ratePace |
string | disabled | optional | read/write | When enabled, the system will rate pace TCP data transmission. |
ratePaceMaxRate |
integer | 0 | optional | read/write | If not 0, the maximum rate in bytes per second that TCP connections will be paced to. |
receiveWindowSize |
integer | 65535 | optional | read/write | Specifies the size of the receive window, in bytes. The default value is 65535 bytes. |
resetOnTimeout |
string | optional | read/write | Specifies whether to reset connections on timeout. The default value is enabled. | |
rexmtThresh |
integer | 3 | optional | read/write | Specifies the number of duplicate ACKs (retransmit threshold) to start fast recovery. Higher values decrease the likelihood of performing fast recovery in a network with high packet reordering. The default value is 3. The range is from 3 to 255. |
selectiveAcks |
string | optional | read/write | Specifies, when enabled, that the system negotiates RFC2018-compliant Selective Acknowledgments with peers. The default value is enabled. | |
selectiveNack |
string | disabled | optional | read/write | Specifies whether Selective Negative Acknowledgment is enabled or not. The default value is disabled. |
sendBufferSize |
integer | 65535 | optional | read/write | Specifies the size of the buffer, in bytes. The default value is 65535 bytes. |
slowStart |
string | enabled | optional | read/write | Specifies, when enabled, that the system uses larger initial window sizes (as specified in RFC 3390) to help reduce round trip times. The default value is enabled. |
synCookieEnable |
string | enabled | optional | read/write | Specifies whether or not to use SYN Cookie. The default is enabled. |
synCookieWhitelist |
string | disabled | optional | read/write | This option to enable SYN Cookie WhiteList. The default is false. |
synMaxRetrans |
integer | optional | read/write | Specifies the maximum number of retransmissions of SYN segments that the system allows. The default value is 3. | |
synRtoBase |
integer | 0 | optional | read/write | Specifies the initial RTO (Retransmission TimeOut) base multiplier for SYN retransmission, in milliseconds. This value is modified by the exponential backoff table to select the interval for subsequent retransmissions. The default value is 3000. |
tailLossProbe |
string | disabled | optional | read/write | When enabled, specifies that the system uses tail loss probe to reduce the number of retransmission timeouts. The default value is disabled. |
tcpOptions |
string | optional | read/write | Specifies the option numbers that will be accessible from iRules (TCP::option) for the flow. The format of each entry should be, “{<option number> <first|last>} {<option number> <first|last>}”. The keyword “first” means the system records the option the first time it is occurs (after and including the ACK of the three way handshake), while “last” means the system updates the available value every time it occurs. | |
timeWaitRecycle |
string | optional | read/write | Specifies whether the system recycles the connection when a SYN packet is received in a TIME-WAIT state. The default value is enabled. | |
timeWaitTimeout |
string | 2000 | optional | read/write | Specifies the number of milliseconds that a connection is in the TIME-WAIT state before closing. The default value is 2000 milliseconds. The range is from 0 to 600,000 (10 minutes). |
timestamps |
string | enabled | optional | read/write | Specifies, when enabled, that the system uses the timestamps extension for TCP (as specified in RFC 1323) to enhance high-speed network performance. The default value is enabled. |
verifiedAccept |
string | disabled | optional | read/write | When enabled, a SYN-ACK will be sent only if the server port is open. Not compatible with iRules. The default is disabled. |
zeroWindowTimeout |
integer | 20000 | optional | read/write | Specifies the timeout in milliseconds for terminating a connection with an effective zero length TCP transmit window. The timeout starts when the peer advertises a zero length TCP window or when enough data has been sent to fill the previously advertised window. The timer is canceled when a non-zero length window is received. The default is 20000 milliseconds. |
Copyright (c) 2016, F5 Networks Inc. All Rights Reserved.
The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.