APIRef_tm_ltm_virtual

mgmt/tm/ltm/virtual

/tm/ltm

Virtual server configuration

REST Endpoints

Collection URI
/mgmt/tm/ltm/virtual
Collection Methods
OPTIONS, GET
Resource URI
/mgmt/tm/ltm/virtual/~resource id
Resource Methods
OPTIONS, GET, PUT, PATCH, DELETE, POST
Resource Natural Key
name, partition, subPath

Properties

Name Type Default Value Required Access Description
addressStatus string yes optional read/write Specifies whether the virtual will contribute to the operational status of the associated virtual-address. The default is ‘yes’.
appService string   optional read/write The application service to which the object belongs.
autoLasthop string default optional read/write Specifies whether to automatically map last hop for pools or not. The default is to use next level’s default.
bwcPolicy string   optional read/write Specifies the name of an existing bwc policy for the virtual server to use to enforce a throughput policy for incoming network traffic.
cmpEnabled string yes optional read/write Enables or disables clustered multi-processor (CMP) acceleration. This feature applies to certain platforms only. The default value is enabled.
connectionLimit integer   optional read/write Specifies the maximum number of concurrent connections you want to allow for the virtual server.
description string   optional read/write User defined description.
destination string   optional read/write Specifies the <virtual-address>:<port> on which the virtual server listens for connections. <virtual-address> can be an IP address or a previously created virtual-address.
dhcpRelay boolean pool-based optional read/write Specifies a virtual server that relays all received DHCP requests to all pool members. If there is no pool, the received request get dropped.
disabled boolean true optional read/write Note that when you disable a virtual server, the virtual server no longer accepts new connection requests. However, it allows current connections to finish processing before going to a down state.
enabled boolean true optional read/write Specifies the state of the virtual server. The default value is enabled. This brings the virtual server to a state where it will accept new connections.
fallbackPersistence string   optional read/write Specifies a fallback persistence profile for the virtual server to use when the default persistence profile is not available.
null string   optional read  
flowEvictionPolicy string   optional read/write Specifies the flow eviction policy for the virtual server to use when the connection limit is approached
fwEnforcedPolicy string   optional read/write Enforced firewall policy.
fwStagedPolicy string   optional read/write Staged firewall policy.
gtmScore integer   optional read/write Specifies a score that is associated with the virtual server. Global Traffic Manager (GTM) can rely on this value to load balance traffic in a proportional manner.
internal boolean pool-based optional read/write Specifies an internal virtual server that handles requests on the side for a parent virtual server, such as content adaptation.
ipForward boolean pool-based optional read/write Specifies a virtual server like other virtual servers, except that the virtual server has no pool members to load balance. The virtual server simply forwards the packet directly to the destination IP address specified in the client request. Internal virtual servers do not receive external connections, instead they are specified by name by profiles in the parent virtual server (see ltm profile request-adapt and ltm profile response-adapt). Since internal virtual servers do not listen for external connections, not all attributes are used for internal virtual servers. The destination, mask, translate-address, translate-port, vlans, vlans-disabled and vlans-enabled attributes are set by the system and any attempt to change them will have no effect.
ipIntelligencePolicy string   optional read/write Name of the IP Intelligence (Dynamic White/Black List) policy that is attached.
ipProtocol string   optional read/write Specifies the IP protocol for which you want the virtual server to direct traffic. Sample protocol names are tcp and udp.
l2Forward boolean pool-based optional read/write Specifies a virtual server that shares the same IP address as a node in an associated VLAN. This is the type of virtual server you create when you want to create a VLAN group.
lastHopPool string   optional read/write Specifies the name of the last hop pool that you want the virtual server to use to direct reply traffic to the last hop router.
mask string ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff optional read/write Specifies the netmask for a network virtual server only. This setting is required for a network virtual server. The netmask clarifies whether the host bit is an actual zero or a wildcard representation.
mirror string   optional read/write Enables or disables state mirroring. You can use state mirroring to maintain the same state information in the standby unit that is in the active unit, allowing transactions such as FTP file transfers to continue as though uninterrupted. The default value is disabled.
mobileAppTunnel string disabled optional read/write  
nat64 string disabled optional read/write Specifies whether this virtual does NAT64 translation
tmPartition string Common optional read/write Displays the administrative partition within which this profile resides.
perFlowRequestAccessPolicy string   optional read/write  
pool string   optional read/write Specifies a default pool to which you want the virtual server to automatically direct traffic.
rateClass string   optional read/write Specifies the name of an existing rate class for the virtual server to use to enforce a throughput policy for incoming network traffic.
rateLimit string 0 optional read/write Specifies the maximum number of connections per second allowed for a virtual server. The default value is ‘disabled’.
rateLimitDstMask integer 0 optional read/write Specifies a mask, in bits, to be applied to the destination address as part of the rate limiting. The default value is ‘0’, which is equivalent to using the entire address - ‘32’ in IPv4, or ‘128’ in IPv6.
rateLimitMode string object optional read/write Indicates whether the rate limit is applied per virtual object, per source address, per destination address, or some combination thereof. The default value is ‘object’, which does not use the source or destination address as part of the key.
rateLimitSrcMask integer 0 optional read/write Specifies a mask, in bits, to be applied to the source address as part of the rate limiting. The default value is ‘0’, which is equivalent to using the entire address - ‘32’ in IPv4, or ‘128’ in IPv6.
reject boolean pool-based optional read/write Specifies that the BIG-IP system rejects any traffic destined for the virtual server IP address.
serviceDownImmediateAction string none optional read/write Specifies the immediate action to take upon the receipt of the initial client’s SYN packet if the availability status of the virtual server is Offline or Unavailable. This is supported for the virtual server of Standard type and TCP protocol. The default value is none.
servicePolicy string   optional read/write Name of the Service Policy.
snat string   optional read/write Enable or disable SNAT automap for the virtual server. DEPRECATED - see Virtual Server Property Groups source-address-translation
snatpool string   optional read/write Specifies the name of an existing SNAT pool that you want the virtual server to use to implement selective and intelligent SNATs. DEPRECATED - see Virtual Server Property Groups source-address-translation
source string   optional read/write Specifies an IP address or network from which the virtual server will accept traffic.
sourcePort string preserve optional read/write Specifies whether the system preserves the source port of the connection. The default is preserve. Use of the preserve-strict setting should be restricted to UDP only under very special circumstances such as nPath or transparent (that is, no translation of any other L3/L4 field), where there is a 1:1 relationship between virtual IP addresses and node addresses, or when clustered multi-processing (CMP) is disabled. The change setting is useful for obfuscating internal network addresses.
stateless boolean pool-based optional read/write The virtual server load balances each packet to a pool member, but no connection state is maintained.
synCookieStatus string not-activated optional read/write Displays the SYN Cookies status which controlled by The Traffic Management Microkernel (TMM).
throughputCapacity uint64   optional read/write Specifies the max throughput capacity of this virtual server in Mbps.
trafficAccelerationStatus string none optional read/write  
translateAddress string enabled optional read/write Enables or disables address translation for the virtual server. Turn address translation off for a virtual server if you want to use the virtual server to load balance connections to any address. This option is useful when the system is load balancing devices that have the same IP address.
translatePort string enabled optional read/write Enables or disables port translation. Turn port translation off for a virtual server if you want to use the virtual server to load balance connections to any service.
transparentNexthop string   optional read/write Specifies the egress interface for traffic and enables layer 2 (MAC) address preservation. Layer 2 address preservation disables layer 3 (IP/IPv6) address translation.
urldbFeedPolicy string   optional read/write Specifies the name of the URLDB feed policy that is attached. This is deprecated since version 13.0.0.
vlansDisabled boolean   optional read/write Disables the virtual server on the VLANs specified by the VLANs option.
vlansEnabled boolean   optional read/write Enables the virtual server on the VLANs specified by the VLANs option.
vsIndex integer 0 optional read/write  

Subcollections

Name Type Default Value Required Access Description
fw-active array_structure   optional read Firewall policy rule entry
fw-enforced-policy-rules array_structure   optional read/write Firewall policy rule entry
fw-staged-policy-rules array_structure   optional read/write Firewall policy rule entry
policies (ltm/policy) array_structure   optional read/write  
profiles array_structure   optional read/write Manage the set of profiles that are associated with virtual servers
security-nat-rules array_structure   optional read/write NAT policy rule entry

Lists

Name Type Default Value Required Access Description
auth (ltm/auth/profile) array_structure   optional read/write Specifies a list of authentication profile names separated by spaces that the virtual server uses to manage authentication.
relatedRules (ltm/rule) array_structure   optional read/write Specifies a list of iRules that customize the behavior of secondary channels
rules (ltm/rule) array_structure   optional read/write The iRules you want run on this virtual server. iRules help automate the intercepting, processing, and routing of application traffic.
securityLogProfiles (security/log/profile) array_structure   optional read/write Specifies a list of Security log profiles for the virtual server to use to record requests.
trafficClasses (ltm/traffic-class) array_structure   optional read/write Specifies a list of traffic classes that are associated with the virtual server. The default is “none”. See also “help traffic-class”.
vlans (net/tunnels/tunnel) array_structure   optional read/write The virtual server is enabled/disabled on this set of VLANs. See vlans-disabled and vlans-enabled.

Structures

Name Type Default Value Required Access Description
/security-nat-policy array_structure   optional read/write  
/security-nat-policy/policy string   optional read/write Name of the Security NAT Policy.
/security-nat-policy/use-device-policy string no optional read/write Specifies whether to use the security device context NAT policy.
/security-nat-policy/use-route-domain-policy string no optional read/write Specifies whether to use the virtual server’s route domain context NAT policy.
/security-nat-policy/policy string   optional read/write Name of the Security NAT Policy.
/security-nat-policy/use-device-policy string no optional read/write Specifies whether to use the security device context NAT policy.
/security-nat-policy/use-route-domain-policy string no optional read/write Specifies whether to use the virtual server’s route domain context NAT policy.
/source-address-translation array_structure   optional read/write  
/source-address-translation/pool string   optional read/write Specifies the name of a LSN or SNAT pool used by the specified virtual server.
/source-address-translation/type string none optional read/write Specifies the type of source address translation associated with the specified virtual server.

Array Structures

Name Type Default Value Required Access Description
/clone-pools array_structure   optional read/write  
/clone-pools/context string   optional read/write  
/metadata array_structure   optional read/write User defined generic data for the virtual server. It is a name and value pair.
/metadata/app-service string   optional read/write  
/metadata/persist string true optional read/write Specifies whether the command “tmsh save sys config” will save the metadata entry to the configuration files.
/metadata/value string   optional read/write Value of the virtual server metadata
/persist array_structure   optional read/write Manage the set of persistence profiles associated with the virtual server
/persist/default string no optional read/write If yes, indicates that this profile will be the default when no iRule overrides it. If no persistence profile default is yes and persistence is not set by iRule, then no persistence profile will be used. Defaults to yes if only one profile is provided, or no if multiple persistence profiles are provided.
/virtual-persist array_structure   optional read/write  
/virtual-persist/app-service string   optional read/write  
/virtual-persist/mode string   optional read/write  
/virtual-persist/partition string Common optional read/write  
Copyright (c) 2016, F5 Networks Inc. All Rights Reserved.

The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.