APIRef_tm_ltm_virtual¶
mgmt/tm/ltm/virtual
Virtual server configuration
REST Endpoints
- Collection URI
/mgmt/tm/ltm/virtual
- Collection Methods
OPTIONS, GET
- Resource URI
/mgmt/tm/ltm/virtual/~resource id
- Resource Methods
OPTIONS, GET, PUT, PATCH, DELETE, POST
- Resource Natural Key
name, partition, subPath
Properties
Name | Type | Default Value | Required | Access | Description |
---|---|---|---|---|---|
addressStatus |
string | yes | optional | read/write | Specifies whether the virtual will contribute to the operational status of the associated virtual-address. The default is ‘yes’. |
appService |
string | optional | read/write | The application service to which the object belongs. | |
autoLasthop |
string | default | optional | read/write | Specifies whether to automatically map last hop for pools or not. The default is to use next level’s default. |
bwcPolicy |
string | optional | read/write | Specifies the name of an existing bwc policy for the virtual server to use to enforce a throughput policy for incoming network traffic. | |
cmpEnabled |
string | yes | optional | read/write | Enables or disables clustered multi-processor (CMP) acceleration. This feature applies to certain platforms only. The default value is enabled. |
connectionLimit |
integer | optional | read/write | Specifies the maximum number of concurrent connections you want to allow for the virtual server. | |
description |
string | optional | read/write | User defined description. | |
destination |
string | optional | read/write | Specifies the <virtual-address>:<port> on which the virtual server listens for connections. <virtual-address> can be an IP address or a previously created virtual-address. | |
dhcpRelay |
boolean | pool-based | optional | read/write | Specifies a virtual server that relays all received DHCP requests to all pool members. If there is no pool, the received request get dropped. |
disabled |
boolean | true | optional | read/write | Note that when you disable a virtual server, the virtual server no longer accepts new connection requests. However, it allows current connections to finish processing before going to a down state. |
enabled |
boolean | true | optional | read/write | Specifies the state of the virtual server. The default value is enabled. This brings the virtual server to a state where it will accept new connections. |
fallbackPersistence |
string | optional | read/write | Specifies a fallback persistence profile for the virtual server to use when the default persistence profile is not available. | |
null |
string | optional | read | ||
flowEvictionPolicy |
string | optional | read/write | Specifies the flow eviction policy for the virtual server to use when the connection limit is approached | |
fwEnforcedPolicy |
string | optional | read/write | Enforced firewall policy. | |
fwStagedPolicy |
string | optional | read/write | Staged firewall policy. | |
gtmScore |
integer | optional | read/write | Specifies a score that is associated with the virtual server. Global Traffic Manager (GTM) can rely on this value to load balance traffic in a proportional manner. | |
internal |
boolean | pool-based | optional | read/write | Specifies an internal virtual server that handles requests on the side for a parent virtual server, such as content adaptation. |
ipForward |
boolean | pool-based | optional | read/write | Specifies a virtual server like other virtual servers, except that the virtual server has no pool members to load balance. The virtual server simply forwards the packet directly to the destination IP address specified in the client request. Internal virtual servers do not receive external connections, instead they are specified by name by profiles in the parent virtual server (see ltm profile request-adapt and ltm profile response-adapt). Since internal virtual servers do not listen for external connections, not all attributes are used for internal virtual servers. The destination, mask, translate-address, translate-port, vlans, vlans-disabled and vlans-enabled attributes are set by the system and any attempt to change them will have no effect. |
ipIntelligencePolicy |
string | optional | read/write | Name of the IP Intelligence (Dynamic White/Black List) policy that is attached. | |
ipProtocol |
string | optional | read/write | Specifies the IP protocol for which you want the virtual server to direct traffic. Sample protocol names are tcp and udp. | |
l2Forward |
boolean | pool-based | optional | read/write | Specifies a virtual server that shares the same IP address as a node in an associated VLAN. This is the type of virtual server you create when you want to create a VLAN group. |
lastHopPool |
string | optional | read/write | Specifies the name of the last hop pool that you want the virtual server to use to direct reply traffic to the last hop router. | |
mask |
string | ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff | optional | read/write | Specifies the netmask for a network virtual server only. This setting is required for a network virtual server. The netmask clarifies whether the host bit is an actual zero or a wildcard representation. |
mirror |
string | optional | read/write | Enables or disables state mirroring. You can use state mirroring to maintain the same state information in the standby unit that is in the active unit, allowing transactions such as FTP file transfers to continue as though uninterrupted. The default value is disabled. | |
mobileAppTunnel |
string | disabled | optional | read/write | |
nat64 |
string | disabled | optional | read/write | Specifies whether this virtual does NAT64 translation |
tmPartition |
string | Common | optional | read/write | Displays the administrative partition within which this profile resides. |
perFlowRequestAccessPolicy |
string | optional | read/write | ||
pool |
string | optional | read/write | Specifies a default pool to which you want the virtual server to automatically direct traffic. | |
rateClass |
string | optional | read/write | Specifies the name of an existing rate class for the virtual server to use to enforce a throughput policy for incoming network traffic. | |
rateLimit |
string | 0 | optional | read/write | Specifies the maximum number of connections per second allowed for a virtual server. The default value is ‘disabled’. |
rateLimitDstMask |
integer | 0 | optional | read/write | Specifies a mask, in bits, to be applied to the destination address as part of the rate limiting. The default value is ‘0’, which is equivalent to using the entire address - ‘32’ in IPv4, or ‘128’ in IPv6. |
rateLimitMode |
string | object | optional | read/write | Indicates whether the rate limit is applied per virtual object, per source address, per destination address, or some combination thereof. The default value is ‘object’, which does not use the source or destination address as part of the key. |
rateLimitSrcMask |
integer | 0 | optional | read/write | Specifies a mask, in bits, to be applied to the source address as part of the rate limiting. The default value is ‘0’, which is equivalent to using the entire address - ‘32’ in IPv4, or ‘128’ in IPv6. |
reject |
boolean | pool-based | optional | read/write | Specifies that the BIG-IP system rejects any traffic destined for the virtual server IP address. |
serviceDownImmediateAction |
string | none | optional | read/write | Specifies the immediate action to take upon the receipt of the initial client’s SYN packet if the availability status of the virtual server is Offline or Unavailable. This is supported for the virtual server of Standard type and TCP protocol. The default value is none. |
servicePolicy |
string | optional | read/write | Name of the Service Policy. | |
snat |
string | optional | read/write | Enable or disable SNAT automap for the virtual server. DEPRECATED - see Virtual Server Property Groups source-address-translation | |
snatpool |
string | optional | read/write | Specifies the name of an existing SNAT pool that you want the virtual server to use to implement selective and intelligent SNATs. DEPRECATED - see Virtual Server Property Groups source-address-translation | |
source |
string | optional | read/write | Specifies an IP address or network from which the virtual server will accept traffic. | |
sourcePort |
string | preserve | optional | read/write | Specifies whether the system preserves the source port of the connection. The default is preserve. Use of the preserve-strict setting should be restricted to UDP only under very special circumstances such as nPath or transparent (that is, no translation of any other L3/L4 field), where there is a 1:1 relationship between virtual IP addresses and node addresses, or when clustered multi-processing (CMP) is disabled. The change setting is useful for obfuscating internal network addresses. |
stateless |
boolean | pool-based | optional | read/write | The virtual server load balances each packet to a pool member, but no connection state is maintained. |
synCookieStatus |
string | not-activated | optional | read/write | Displays the SYN Cookies status which controlled by The Traffic Management Microkernel (TMM). |
throughputCapacity |
uint64 | optional | read/write | Specifies the max throughput capacity of this virtual server in Mbps. | |
trafficAccelerationStatus |
string | none | optional | read/write | |
translateAddress |
string | enabled | optional | read/write | Enables or disables address translation for the virtual server. Turn address translation off for a virtual server if you want to use the virtual server to load balance connections to any address. This option is useful when the system is load balancing devices that have the same IP address. |
translatePort |
string | enabled | optional | read/write | Enables or disables port translation. Turn port translation off for a virtual server if you want to use the virtual server to load balance connections to any service. |
transparentNexthop |
string | optional | read/write | Specifies the egress interface for traffic and enables layer 2 (MAC) address preservation. Layer 2 address preservation disables layer 3 (IP/IPv6) address translation. | |
urldbFeedPolicy |
string | optional | read/write | Specifies the name of the URLDB feed policy that is attached. This is deprecated since version 13.0.0. | |
vlansDisabled |
boolean | optional | read/write | Disables the virtual server on the VLANs specified by the VLANs option. | |
vlansEnabled |
boolean | optional | read/write | Enables the virtual server on the VLANs specified by the VLANs option. | |
vsIndex |
integer | 0 | optional | read/write |
Subcollections
Name | Type | Default Value | Required | Access | Description |
---|---|---|---|---|---|
fw-active |
array_structure | optional | read | Firewall policy rule entry | |
fw-enforced-policy-rules |
array_structure | optional | read/write | Firewall policy rule entry | |
fw-staged-policy-rules |
array_structure | optional | read/write | Firewall policy rule entry | |
policies (ltm/policy) |
array_structure | optional | read/write | ||
profiles |
array_structure | optional | read/write | Manage the set of profiles that are associated with virtual servers | |
security-nat-rules |
array_structure | optional | read/write | NAT policy rule entry |
Lists
Name | Type | Default Value | Required | Access | Description |
---|---|---|---|---|---|
auth (ltm/auth/profile) |
array_structure | optional | read/write | Specifies a list of authentication profile names separated by spaces that the virtual server uses to manage authentication. | |
relatedRules (ltm/rule) |
array_structure | optional | read/write | Specifies a list of iRules that customize the behavior of secondary channels | |
rules (ltm/rule) |
array_structure | optional | read/write | The iRules you want run on this virtual server. iRules help automate the intercepting, processing, and routing of application traffic. | |
securityLogProfiles (security/log/profile) |
array_structure | optional | read/write | Specifies a list of Security log profiles for the virtual server to use to record requests. | |
trafficClasses (ltm/traffic-class) |
array_structure | optional | read/write | Specifies a list of traffic classes that are associated with the virtual server. The default is “none”. See also “help traffic-class”. | |
vlans (net/tunnels/tunnel) |
array_structure | optional | read/write | The virtual server is enabled/disabled on this set of VLANs. See vlans-disabled and vlans-enabled. |
Structures
Name | Type | Default Value | Required | Access | Description |
---|---|---|---|---|---|
/security-nat-policy |
array_structure | optional | read/write | ||
/security-nat-policy/policy |
string | optional | read/write | Name of the Security NAT Policy. | |
/security-nat-policy/use-device-policy |
string | no | optional | read/write | Specifies whether to use the security device context NAT policy. |
/security-nat-policy/use-route-domain-policy |
string | no | optional | read/write | Specifies whether to use the virtual server’s route domain context NAT policy. |
/security-nat-policy/policy |
string | optional | read/write | Name of the Security NAT Policy. | |
/security-nat-policy/use-device-policy |
string | no | optional | read/write | Specifies whether to use the security device context NAT policy. |
/security-nat-policy/use-route-domain-policy |
string | no | optional | read/write | Specifies whether to use the virtual server’s route domain context NAT policy. |
/source-address-translation |
array_structure | optional | read/write | ||
/source-address-translation/pool |
string | optional | read/write | Specifies the name of a LSN or SNAT pool used by the specified virtual server. | |
/source-address-translation/type |
string | none | optional | read/write | Specifies the type of source address translation associated with the specified virtual server. |
Array Structures
Name | Type | Default Value | Required | Access | Description |
---|---|---|---|---|---|
/clone-pools |
array_structure | optional | read/write | ||
/clone-pools/context |
string | optional | read/write | ||
/metadata |
array_structure | optional | read/write | User defined generic data for the virtual server. It is a name and value pair. | |
/metadata/app-service |
string | optional | read/write | ||
/metadata/persist |
string | true | optional | read/write | Specifies whether the command “tmsh save sys config” will save the metadata entry to the configuration files. |
/metadata/value |
string | optional | read/write | Value of the virtual server metadata | |
/persist |
array_structure | optional | read/write | Manage the set of persistence profiles associated with the virtual server | |
/persist/default |
string | no | optional | read/write | If yes, indicates that this profile will be the default when no iRule overrides it. If no persistence profile default is yes and persistence is not set by iRule, then no persistence profile will be used. Defaults to yes if only one profile is provided, or no if multiple persistence profiles are provided. |
/virtual-persist |
array_structure | optional | read/write | ||
/virtual-persist/app-service |
string | optional | read/write | ||
/virtual-persist/mode |
string | optional | read/write | ||
/virtual-persist/partition |
string | Common | optional | read/write |
Copyright (c) 2016, F5 Networks Inc. All Rights Reserved.
The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.