Schema Reference¶
This page is a reference for the objects you can use in your Declarations on BIG-IP Next. For more information on BIG-IP objects and terminology, see the BIG-IP documentation at https://support.f5.com/csp/home.
Analytics_Profile¶
HTTP Analytics profile with configurable options
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Analytics_Profile |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
captureFilter (object) |
{} |
See “Capture_Filter” |
Criteria determining when the system captures a portion of the application traffic |
Core |
collectGeo (boolean) |
None |
true, false |
Specifies that the system collects statistics of the names of the countries from which that traffic was sent |
Core, Next |
collectClientSideStatistics (boolean) |
None |
true, false |
Specifies that the system collects statistics regarding the HTTP request and response times |
Core, Next |
collectUrl (boolean) |
None |
true, false |
Specifies that the system collects statistics of requested URLs |
Core, Next |
collectIp (boolean) |
None |
true, false |
Specifies that the system collects statistics of the IP addresses of where the traffic came from |
Core, Next |
collectDestinationIpGeo (boolean) |
None |
true, false |
Specifies that the system collects statistics of the destination IP addresses |
Next |
collectSubnet (boolean) |
None |
true, false |
Specifies that the system collects statistics of client subnets |
Core, Next |
collectUserAgent (boolean) |
None |
true, false |
Specifies that the system collects statistics about browsers used to send traffic |
Core, Next |
collectOsAndBrowser (boolean) |
true |
true, false |
Specifies that the system collect statistics about the OSs and Browsers used to send requests |
Core, Next |
collectResponseCode (boolean) |
true |
true, false |
Specifies that the system collects statistics about the distribution of HTTP response codes returned by the servers |
Core, Next |
collectMethod (boolean) |
true |
true, false |
Specifies that the system collects statistics about the distribution of HTTP methods found in requests |
Core, Next |
collectMaxTpsAndThroughput (boolean) |
None |
true, false |
Specifies that the system collects statistics for the maximum number of transactions per second, and the maximum amount of traffic moving through the system, both request and response throughput values |
Core, Next |
collectPageLoadTime (boolean) |
None |
true, false |
Specifies that the system collects statistics of the round-trip latency between client end-users and the servers |
Core, Next |
collectUserSession (boolean) |
None |
true, false |
Specifies that the system collects statistics of the number of unique user sessions in the application traffic, as determined by the value of the configured HTTP cookies found in the requests |
Core, Next |
collectedStatsInternalLogging (boolean) |
true |
true, false |
Specifies that statistics logs are stored in the system |
Core |
collectedStatsExternalLogging (boolean) |
None |
true, false |
Specifies that statistics logs are stored on a remote server |
Core |
capturedTrafficInternalLogging (boolean) |
None |
true, false |
Specifies that the system captures a portion of the application traffic and sends it to a remote server |
Core |
capturedTrafficExternalLogging (boolean) |
None |
true, false |
Specifies that the system captures a portion of the application traffic which can then be viewed on the System >> Logs >> Captured Transactions screen |
Core |
sampling (boolean) |
None |
true, false |
None |
Next |
samplingRatio (integer) |
100 |
[1-10000] |
None |
Next |
sessionCookieSecurity (string) |
ssl-only |
ssl-only, always-secure, never-secure |
Specify whether to secure session cookies |
Core, Next |
sessionTimeoutMinutes (integer) |
5 |
[5-60] |
The number of minutes of user non-activity ot allow before the system considers the session to be over |
Core, Next |
externalLoggingPublisher (object) |
None |
See “Pointer_Log_Publisher” |
Reference to a log publisher |
Core |
notificationBySyslog (boolean) |
None |
true, false |
Specifies that the system sends notifications to the syslog |
Core |
notificationBySnmp (boolean) |
None |
true, false |
Specifies that the system sends notifications as SNMP traps |
Core |
notificationByEmail (boolean) |
None |
true, false |
Specifies that the system sends notifications by e-mail |
Core |
notificationEmailAddresses (array) |
None |
None |
The e-mail addresses of a recipient to whom the system should send email notifications |
Core |
publishIruleStatistics (boolean) |
None |
true, false |
Specifies that the system collects and displays statistics according to the expressions written in an iRule |
Core |
urlsForStatCollection (array) |
None |
None |
Specifies the requested URLs for collecting statistics |
Core |
countriesForStatCollection (array) |
None |
None |
Specifies the countries for collecting statistics |
Core |
subnetsForStatCollection (array) |
None |
None |
Specifies the requested subnets for collecting statistics |
Core |
Capture_Filter¶
Criteria determining when the system captures a portion of the application traffic
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
requestCapturedParts (string) |
none |
all, body, headers, none |
Specifies which parts of the request data the system captures |
Core |
responseCapturedParts (string) |
none |
all, body, headers, none |
Specifies which parts of the response data the system captures |
Core |
dosActivity (string) |
any |
any, mitigated-by-dosl7 |
Specifies whether the system captures traffic data mitigated by the DoS Layer 7 Enforcer, or traffic regardless of DoS activity |
Core |
capturedProtocols (string) |
all |
all, http, https |
Specifies whether the system captures traffic data that is sent using any protocol, or a specific type of protocol |
Core |
capturedReadyForJsInjection (string) |
disabled |
disabled, enabled |
Specifies whether the system captures all traffic data from all transactions or only from transactions that qualify for JavaScript injection |
Core |
virtualServers (array) |
None |
Specifies whether the system captures traffic data sent from/to all virtual servers, or only from/to specific virtual servers. If none are specified then all will be collected |
Core |
|
nodeAddresses (array) |
None |
Specifies whether the system captures traffic data sent from/to all nodes, or only from/to specific nodes. If none are specified then all will be collected |
Core |
|
responseCodes (array) |
None |
Specifies whether the system captures traffic data based on the HTTP response status codes that the requests return. If none are specified then all will be collected |
Core |
|
methods (array) |
None |
Specifies whether the system captures traffic data based on the HTTP method that was requested. If none are specified then all will be collected |
Core |
|
urlFilterType (string) |
all |
all, black-list, white-list |
Specifies how the URL path prefixes are interpreted |
Core |
urlPathPrefixes (array) |
None |
Specifies URLs the filter type is to be applied to. If none are specified then all will be collected |
Core |
|
userAgentSubstrings (array) |
None |
Specifies whether the system captures traffic sent from all browsers, or only traffic sent from a specific browser |
Core |
|
clientIps (array) |
None |
Specifies the client IP addresses to collect stats for. If none are specified, then all will be collected |
Core |
|
requestContentFilterSearchPart (string) |
none |
all, headers, body, none, uri |
Specifies the part of the request that should be filtered by the search string |
Core |
requestContentFilterSearchString (string) |
None |
None |
Specifies the string the request should be searched for |
Core |
responseContentFilterSearchPart (string) |
none |
all, body, headers, none |
Specifies the part of the response that should be filtered by the search string |
Core |
responseContentFilterSearchString (string) |
None |
None |
Specifies the string the response should be searched for |
Core |
Enum_Country_Analytics¶
Enum values for Analytics_Profile
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Enum_Country_Analytics (string) |
None |
Afghanistan, Aland Islands, Albania, Algeria, American Samoa, Andorra, Angola, Anguilla, Anonymous Proxy, Antarctica, Antigua and Barbuda, Argentina, Armenia, Aruba, Asia/Pacific Region, Australia, Austria, Azerbaijan, Bahamas, Bahrain, Bangladesh, Barbados, Belarus, Belgium, Belize, Benin, Bermuda, Bhutan, Bolivia, Bonaire, Saint Eustatius and Saba, Bosnia and Herzegovina, Botswana, Bouvet Island, Brazil, British Indian Ocean Territory, Brunei Darussalam, Bulgaria, Burkina Faso, Burundi, Cambodia, Cameroon, Canada, Cape Verde, Cayman Islands, Central African Republic, Chad, Chile, China, Christmas Island, Cocos (Keeling) Islands, Colombia, Comoros, Congo, Congo, The Democratic Republic of the, Cook Islands, Costa Rica, Cote D’Ivoire, Croatia, Cuba, Cyprus, Czech Republic, Denmark, Djibouti, Dominica, Dominican Republic, Ecuador, Egypt, El Salvador, Equatorial Guinea, Eritrea, Estonia, Ethiopia, Europe, Falkland Islands (Malvinas), Faroe Islands, Fiji, Finland, France, France, Metropolitan, French Guiana, French Polynesia, French Southern Territories, Gabon, Gambia, Georgia, Germany, Ghana, Gibraltar, Greece, Greenland, Grenada, Guadeloupe, Guam, Guatemala, Guernsey, Guinea, Guinea-Bissau, Guyana, Haiti, Heard Island and McDonald Islands, Holy See (Vatican City State), Honduras, Hong Kong, Hungary, Iceland, India, Indonesia, Iran, Islamic Republic of, Iraq, Ireland, Isle of Man, Israel, Italy, Jamaica, Japan, Jersey, Jordan, Kazakhstan, Kenya, Kiribati, Korea, Democratic People’s Republic of, Korea, Republic of, Kuwait, Kyrgyzstan, Lao People’s Democratic Republic, Latvia, Lebanon, Lesotho, Liberia, Libyan Arab Jamahiriya, Liechtenstein, Lithuania, Luxembourg, Macau, Macedonia, Madagascar, Malawi, Malaysia, Maldives, Mali, Malta, Marshall Islands, Martinique, Mauritania, Mauritius, Mayotte, Mexico, Micronesia, Federated States of, Moldova, Republic of, Monaco, Mongolia, Montenegro, Montserrat, Morocco, Mozambique, Myanmar, Namibia, Nauru, Nepal, Netherlands, Netherlands Antilles, New Caledonia, New Zealand, Nicaragua, Niger, Nigeria, Niue, Norfolk Island, Northern Mariana Islands, Norway, Oman, Other, Pakistan, Palau, Palestinian Territory, Panama, Papua New Guinea, Paraguay, Peru, Philippines, Pitcairn Islands, Poland, Portugal, Puerto Rico, Qatar, Reunion, Romania, Russian Federation, Rwanda, Saint Barthelemy, Saint Helena, Saint Kitts and Nevis, Saint Lucia, Saint Martin, Saint Pierre and Miquelon, Saint Vincent and the Grenadines, Samoa, San Marino, Sao Tome and Principe, Satellite Provider, Saudi Arabia, Senegal, Serbia, Seychelles, Sierra Leone, Singapore, Slovakia, Slovenia, Solomon Islands, Somalia, South Africa, South Georgia and the South Sandwich Islands, Spain, Sri Lanka, Sudan, Suriname, Svalbard and Jan Mayen, Swaziland, Sweden, Switzerland, Syrian Arab Republic, Taiwan, Tajikistan, Tanzania, United Republic of, Thailand, Timor-Leste, Togo, Tokelau, Tonga, Trinidad and Tobago, Tunisia, Turkey, Turkmenistan, Turks and Caicos Islands, Tuvalu, Uganda, Ukraine, United Arab Emirates, United Kingdom, United States, United States Minor Outlying Islands, Unknown, Uruguay, Uzbekistan, Vanuatu, Venezuela, Vietnam, Virgin Islands, British, Virgin Islands, U.S., Wallis and Futuna, Western Sahara, Yemen, Zambia, Zimbabwe |
Enum values for Analytics_Profile |
Core |
Analytics_TCP_Profile¶
TCP Analytics profile with configurable options
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Analytics_TCP_Profile |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
collectCity (boolean) |
None |
true, false |
Specifies that the system saves the name of the city with which traffic was exchanged |
Core, Next |
collectContinent (boolean) |
true |
true, false |
Specifies that the system saves the name of the continent with which traffic was exchanged |
Core, Next |
collectCountry (boolean) |
true |
true, false |
Specifies that the system saves the name of the country with which traffic was exchanged |
Core, Next |
collectedByClientSide (boolean) |
true |
true, false |
Specifies that system collects statistics on the client side |
Core, Next |
collectedByServerSide (boolean) |
true |
true, false |
Specifies that system collects statistics on the server side |
Core, Next |
collectedStatsExternalLogging (boolean) |
None |
true, false |
Specifies that statistics logs are stored on a remote server |
Core |
collectedStatsInternalLogging (boolean) |
true |
true, false |
Specifies that statistics logs are stored in the system |
Core |
collectNexthop (boolean) |
None |
true, false |
Specifies that the system saves the address to which the traffic is being routed |
Core, Next |
collectPostCode (boolean) |
None |
true, false |
Specifies that the system saves the name of the postcode with which traffic was exchanged |
Core, Next |
collectRegion (boolean) |
true |
true, false |
Specifies that the system saves the name of the region with which traffic was exchanged |
Core, Next |
collectRemoteHostIp (boolean) |
None |
true, false |
Specifies that the system collects IP addresses with which traffic was exchanged |
Core, Next |
collectRemoteHostSubnet (boolean) |
true |
true, false |
Specifies that the system saves the address of the subnet with which traffic was exchanged |
Core, Next |
externalLoggingPublisher (object) |
None |
See “Pointer_Log_Publisher” |
Reference to a log publisher |
Core |
CA_Bundle¶
Bundle of one or more PKI Certificate-Authority certificates
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
CA_Bundle |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
bundle (object) |
None |
None |
Reference to a CA bundle or string of PEM encoded certificates |
Core, Next |
Certificate_Validator_OCSP¶
OCSP validator for certificates
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Certificate_Validator_OCSP |
None |
None |
Core |
dnsResolver (object) |
None |
None |
BIG-IP AS3 pointer to DNS resolver used to resolve hostnames in client requests |
Core |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core |
responderUrl (string) |
None |
None |
Specifies the absolute URL that overrides the OCSP responder URL obtained from the certificate’s AIA extension(s). This should be a HTTP based URL. |
Core |
signingCertificate (object) |
None |
None |
Specifies the certificate object to use for OCSP responders that require the request to be signed |
Core |
signingHashAlgorithm (string) |
sha256 |
sha1, sha256 |
Specifies a hash algorithm used to sign an OCSP request |
Core |
timeout (integer) |
8 |
[1-300] |
Specifies the time interval (in seconds) that the BIG-IP waits for before ending the connection to the OCSP responder. The default value is 8 |
Core |
Certificate¶
Configures a Certificate
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Certificate |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
certificate (object) |
None |
None |
X.509 public-key certificate |
Core, Next |
privateKey (object) |
None |
None |
Private key matching certificate’s public key (optional) |
Core, Next |
chainCA (object,string) |
None |
None |
Bundle of one or more CA certificates in trust-chain from root CA to certificate (optional) |
Core, Next |
passphrase (object) |
None |
None |
If supplied, used to decrypt privateKey at runtime (optional) |
Core, Next |
pkcs12 (object) |
None |
None |
The pkcs12 value which may be a url to fetch the binary file from or base64 encoded string |
Core |
pkcs12Options (object) |
None |
None |
Options for importing PKCS12 file |
Core |
staplerOCSP (object) |
None |
None |
BIG-IP AS3 pointer to OCSP Stapler declaration (optional) |
Core |
issuerCertificate (object) |
None |
None |
Specifies the name of the issuer certificate for this certificate |
Core |
Constants¶
Named values for (re-)use by declaration objects
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Constants |
None |
None |
Core, Next |
Controls¶
Optional controls configuration
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
archiveId (number,string) |
None |
None |
Read-only property present when you GET a declaration from configuration system. Archived versions of declaration are identified by a combination of ‘id’ and ‘archiveId’ |
Core |
archiveTimestamp (string) |
None |
None |
Read-only property present when you GET a declaration from configuration system. Indicates when this version (see archiveId) of declaration was archived |
Core |
betaRemark (string) |
None |
None |
Property used primarily for testing the beta schema |
Next (Beta) |
class (string) |
Controls |
None |
None |
Core, Next |
dryRun (boolean) |
None |
true, false |
Boolean that indicates if this declaration will be run as a dry-run. If true, the declaration will NOT make any changes to the system, but will respond with whether or not it would. |
Core |
fortune (boolean) |
None |
true, false |
If true, BIG-IP AS3 will activate Zoltar mode and read you your fortune |
Core |
logLevel (string) |
None |
emergency, alert, critical, error, warning, notice, info, debug |
Controls the amount of detail in logs produced while configuring this Tenant (default is whole-declaration Controls/logLevel value) |
Core, Next |
trace (boolean) |
None |
true, false |
If true, BIG-IP AS3 creates a detailed trace of the configuration process for this Tenant for subsequent analysis (default is whole-declaration Controls/trace value). Warning: trace files may contain sensitive configuration data |
Core |
traceResponse (boolean) |
None |
true, false |
If true, the response will contain the trace files |
Core, Next |
userAgent (string) |
None |
None |
User Agent information to include in TEEM report |
Core, Next |
Data_Group¶
Data group definition with configurable options
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Data_Group |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
dataGroupFile (object) |
None |
See “Pointer_Data_Group_File” |
Reference to a Data Group File |
Core |
externalFilePath (string) |
None |
None |
Specifies the location (URI) from where the records will be copied |
Core |
ignoreChanges (boolean) |
None |
true, false |
If false (default), the system updates data group in every AS3 declaration deployment. If true, AS3 creates the data group on first deployment, and leaves it untouched afterwards |
Core |
keyDataType (string) |
None |
integer, ip, string |
Specifies the type of record keys the data group contains. If string, the value will be escaped by default |
Core, Next |
records (array) |
None |
None |
List of records |
Core, Next |
separator (string) |
:= |
None |
Specifies the character(s) that separate the record key and value |
Core |
storageType (string) |
internal |
internal, external |
Toggles whether the data group is internal or external |
Core |
DNS_Logging_Profile¶
Configures a Domain Name System (DNS) logging profile
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
DNS_Logging_Profile |
None |
None |
Core |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core |
includeCompleteAnswer (boolean) |
true |
true, false |
Specifies whether the system logs the complete answer from the query |
Core |
includeQueryId (boolean) |
None |
true, false |
Specifies whether the system logs the ID of the query |
Core |
includeSource (boolean) |
true |
true, false |
Specifies whether the system logs the source (the BIG-IP system that receives the packet) |
Core |
includeTimestamp (boolean) |
true |
true, false |
Specifies whether the system logs the timestamp of when the query was created |
Core |
includeView (boolean) |
true |
true, false |
Specifies whether the system includes the view in the log |
Core |
logPublisher (object) |
None |
See “Pointer_Log_Publisher” |
Reference to a log publisher |
Core |
logQueriesEnabled (boolean) |
true |
true, false |
Specifies whether the system logs queries |
Core |
logResponsesEnabled (boolean) |
None |
true, false |
Specifies whether the systems logs responses |
Core |
HTTP_Acceleration_Profile¶
HTTP acceleration profile with configurable options
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
HTTP_Acceleration_Profile |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Next |
agingRate (integer) |
9 |
[0-10] |
Rate at which a cache entry ages |
Core, Next |
cacheSize (integer) |
100 |
[1-65536] |
The maximum size (in megabytes) for the cache. |
Core, Next |
ignoreHeaders (string) |
all |
none, max-age, all |
Which cache disabling headers will be ignored by the system |
Core, Next |
insertAgeHeaderEnabled (boolean) |
true |
true, false |
Age and date headers are inserted into the response when enabled |
Core, Next |
maximumAge (integer) |
3600 |
[0-4294967295] |
How long (in seconds) the system will consider the cached content valid |
Core, Next |
maximumEntries (integer) |
10000 |
[1-4294967295] |
The maximum number of entries that can reside in the cache |
Core, Next |
maximumObjectSize (integer) |
50000 |
[0-4294967295] |
The largest object (in bytes) that the system will cache |
Core, Next |
metadataMaxSize (integer) |
25 |
[0-4294967295] |
The maximum size (in megabytes) of the metadata cache |
Core |
minimumObjectSize (integer) |
500 |
[0-4294967295] |
The smallest object (in bytes) that the system will cache |
Core, Next |
parentProfile (object) |
{“bigip”:”/Common/webacceleration”} |
See “Pointer_HTTP_Acceleration_Profile” |
Reference to a HTTP Acceleration Profile |
Core |
uriExcludeList (array) |
None |
None |
A list of URIs that will be excluded from the cache |
Core, Next |
uriIncludeList (array) |
None |
None |
A list of URIs that will be cacheable |
Core, Next |
uriIncludeOverrideList (array) |
None |
None |
A list of URIs that should be cached even though they may normally not be due to existing constraints |
Core, Next |
uriPinnedList (array) |
None |
None |
A list of URIs that are kept in the cache regardless of maxAge or expiry settings |
Core, Next |
HTTP_Compress¶
HTTP Compression profile with configurable options
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
HTTP_Compress |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
allowHTTP10 (boolean) |
None |
true, false |
Specifies whether to forward HTTP 1.0 requests/responses (default false) |
Core, Next |
bufferSize (integer) |
4096 |
[256-4294967295] |
Maximum number of response octets to buffer before deciding whether to apply compression (default 4096) |
Core, Next |
contentTypeExcludes (array) |
None |
None |
List of response Content-Type values which BIG-IP AS3 should not compress. Values are regular expressions that match Content-Type strings |
Core, Next |
contentTypeIncludes (array) |
None |
None |
List of response Content-Type values which BIG-IP AS3 should compress. Values are regular expressions that match Content-Type strings |
Core, Next |
cpuSaver (boolean) |
true |
true, false |
If true (default), system will reduce compression rate when CPU utilization exceeds cpuSaverHigh threshold and increase it when CPU utilization falls below cpuSaverLow threshold |
Core |
cpuSaverHigh (integer) |
90 |
[15-99] |
CPU utilization percentage (default 90) above which BIG-IP AS3 should moderate compression |
Core |
cpuSaverLow (integer) |
75 |
[10-95] |
CPU utilization percentage (default 75) below which the system returns compression to normal |
Core |
gzipLevel (integer) |
1 |
[1-9] |
Compression level (default 1); higher values produce greater compression but use more CPU cycles |
Core, Next |
gzipMemory (integer) |
8 |
[1-256] |
Compression memory allocation in kilobytes (default 8), should be a power of two |
Core, Next |
gzipWindowSize (integer) |
16 |
[1-128] |
Compression window size in kilobytes (default 16), should be a power of two |
Core, Next |
keepAcceptEncoding (boolean) |
None |
true, false |
Specifies that the system does not remove the Accept-Encoding header from an HTTP request (default false) |
Core, Next |
minimumSize (integer) |
1024 |
[128-131072] |
BIG-IP AS3 will not compress responses of fewer octets than this (default 1024) |
Core |
preferMethod (string) |
gzip |
gzip, deflate |
Select preferred compression method (default gzip, strongly recommended) |
Core |
selective (boolean) |
None |
true, false |
If true, BIG-IP AS3 will only compress a response when an iRule attached to the virtual server requests it (default is false, meaning BIG-IP AS3 will compress responses which meet the criteria in this profile) |
Core |
uriExcludes (array) |
None |
None |
List of request URI’s for which BIG-IP AS3 should not compress responses. Values are regular expressions that match request URI strings |
Core, Next |
uriIncludes (array) |
None |
None |
List of request URI’s for which BIG-IP AS3 should compress responses. Values are regular expressions that match URI strings |
Core, Next |
varyHeader (boolean) |
true |
true, false |
If true (default), a Vary header will appear in compressed responses |
Core |
HTTP_Profile¶
HTTP profile with configurable options
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
HTTP_Profile |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
allowBlankSpaceAfterHeaderName (boolean) |
None |
true, false |
Specifies whether to allow blank space in an HTTP header between the header name and the separator colon in an HTTP request or response. Requires TMOS version 16.1 or newer. |
Core |
allowedResponseHeaders (array) |
None |
None |
By default BIG-IP AS3 passes HTTP headers in responses from pool members to clients unaltered. You may list names of allowed response headers here and BIG-IP AS3 removes any you do not list from responses. |
Core |
cookiePassphrase (object) |
None |
None |
Used to create secret key for cookie encryption (when missing, BIG-IP AS3 uses a system-generated key) |
Core, Next |
encryptCookies (array) |
None |
None |
List cookies to encrypt en-route to the client and decrypt en-route to a pool member |
Core, Next |
enforceRFCCompliance (boolean) |
None |
true, false |
BIG-IP LTM performs basic RFC compliance checks as described in the latest RFC for the HTTP protocol. If a client request fails these checks, then the connection is reset. Requires TMOS version 15.0 or newer. |
Core |
fallbackRedirect (string) |
None |
None |
Domain name (or IP address) of service (if any) to which BIG-IP AS3 should redirect a request when no pool member is responsive or selected pool member returns a fallbackStatusCode |
Core, Next |
fallbackStatusCodes (array) |
None |
None |
When a pool member responds to a request with one of these HTTP status codes (for example, 500), redirect the client to the fallbackRedirect |
Core |
hstsIncludeSubdomains (boolean) |
true |
true, false |
If true then HSTS headers (see hstsInsert) will tell clients to apply HSTS settings to the hostnames of this service and all their possible subdomains. Warning: an incorrect value here can make multiple websites unreachable, not just this service |
Core |
hstsInsert (boolean) |
None |
true, false |
If true, insert HSTS (HTTP Strict Transport Security) headers into responses sent to clients (default false). Warning: misconfiguration of HSTS can make a website unreachable |
Core |
hstsPeriod (integer) |
7862400 |
[0-4294967295] |
If hstsInsert is true, this value tells each client how long (in seconds; default 7862400 equals 91 days) to wait before refreshing HSTS settings for this service. Warning: once a client receives erroneous HSTS settings it will ignore any attempt to correct them until this period has expired |
Core |
hstsPreload (boolean) |
None |
true, false |
If true, include the domain for the web site associated with this HTTP profile in the browser’s preload list. This forces the client to send packets over SSL/TLS. |
Core |
requestChunking (string) |
preserve |
selective, preserve, rechunk, sustain |
Controls handling of HTTP payload chunking in requests from clients (default is ‘preserve’). Note: ‘selective’ and ‘preserve’ will be translated to ‘sustain’ when TMOS version is 15.0 or newer |
Core, Next |
responseChunking (string) |
selective |
selective, preserve, unchunk, rechunk, sustain |
Controls handling of HTTP payload chunking in responses from pool members (default ‘selective’ adapts to most situations). Note: ‘selective’ and ‘preserve’ will be translated to ‘sustain’ when TMOS version is 15.0 or newer |
Core, Next |
rewriteRedirects (string) |
none |
none, all, matching, addresses, nodes |
In selected Location-header values (default none) of redirect responses from pool members, change protocol HTTP to HTTPS before passing redirects to clients |
Core, Next |
insertHeader (object) |
None |
None |
You may insert one header into each request before BIG-IP AS3 sends it to a pool member. The header value may be a simple string or the result of an iRules TCL expression (for example, [IP::client_addr]). This is the most efficient way to insert a single header; to insert multiple headers use an iRule or an Endpoint policy |
Core, Next |
knownMethods (array) |
CONNECT, DELETE, GET, HEAD, LOCK, OPTIONS, POST, PROPFIND, PUT, TRACE, UNLOCK |
None |
List of HTTP request methods BIG-IP AS3 should recognize as normal. Any method not in this list will provoke the ‘unknownMethodAction’ action |
Core |
maxRequests (integer) |
None |
[0-2147483647] |
When BIG-IP AS3 has processed more than this number of requests through a connection, the system closes it. Default 0 means permit unlimited requests |
Core |
multiplexTransformations (boolean) |
true |
true, false |
If true (default), BIG-IP AS3 adjusts request headers to work properly when the virtual server uses a Multiplex profile |
Core |
otherXFF (array) |
None |
None |
Names of request headers to treat as equivalent to X-Forwarded-For (see trustXFF) |
Core |
pipelineAction (string) |
allow |
allow, reject, pass-through |
Default ‘allow’ means clients may pipeline HTTP/1.1 requests to pool members which support pipelining. Otherwise, ‘reject’ prevents pipelining, and ‘pass-through’ causes the connection to switch to pass-through mode when the system detects pipelining |
Core |
profileWebSocket (object) |
None |
None |
Deprecated. Specifies the WebSocket profile that will be used on Services alongside this HTTP profile. When the ‘profileWebSocket’ property is used on a Service, it will supersede this property. |
Core |
proxyConnectEnabled (boolean) |
None |
true, false |
Determines if a proxy connection profile will be created |
Core |
proxyType (string) |
reverse |
reverse, transparent, explicit |
Default value ‘reverse’ is usually appropriate. You may use ‘transparent’ when virtual server will handle a mix of HTTP and non-HTTP traffic. You may use ‘explicit’ when clients will ask ADC to proxy connections to arbitrary remote services |
Core |
whiteOutHeader (string) |
None |
None |
You may name one request header you want whited-out of each request before BIG-IP AS3 sends it to a pool member. To remove more than a single named header, use an iRule or an Endpoint policy. (Whiting-out a header leaves its name but replaces its value in the request with space characters (ASCII 0x20) to avoid changing the length of the headers.) |
Core, Next |
xForwardedFor (boolean) |
true |
true, false |
If true, insert an X-Forwarded-For header carrying the client IP address into each HTTP request sent to a pool member (default true) |
Core, Next |
serverHeaderValue (string) |
BigIP |
None |
Server header value to place in responses generated by the ADC itself (not obtained from a pool member) |
Core, Next |
trustXFF (boolean) |
None |
true, false |
If true, WAF (ASM) and AVR may trust X-Forwarded-For headers found in incoming requests and report statistics using client IP addresses appearing in them (default false). Use this feature only when you control upstream gateway(s) |
Core |
unknownMethodAction (string) |
allow |
allow, reject, pass-through |
Default ‘allow’ means clients may make HTTP requests using unknown methods. Otherwise, ‘reject’ means to discard any unknown-method request and reject the client connection, and ‘pass-through’ causes the connection to switch to pass-through mode upon the first unknown-method request |
Core |
viaHost (string) |
None |
None |
Hostname to place in Via header when viaRequest or viaResponse is ‘append’ |
Core |
viaRequest (string) |
remove |
append, preserve, remove |
Controls treatment of Via: headers in requests from clients. When set to ‘append’ BIG-IP AS3 requires viaHost |
Core |
viaResponse (string) |
remove |
append, preserve, remove |
Controls treatment of Via: headers in responses from pool members. When set to ‘append’ BIG-IP AS3 requires viaHost |
Core |
webSocketMasking (string) |
unmask |
preserve, remask, selective, unmask |
Deprecated. WebSocket stream data is always masked from client to ADC and from ADC to server. Default value ‘unmask’ makes stream data passing through visible to ADC security policy and/or iRules attached to the service. ‘selective’ unmasks stream data only when a security policy is attached. ‘preserve’ passes data through masked (unreadable by security policy). ‘remask’ causes different masking keys to be used on client and server sides. When specified the property ‘profileWebSocket’ supersedes this property. |
Core |
webSocketsEnabled (boolean) |
None |
true, false |
Deprecated. When true, allow clients to initiate WebSocket connections (default false). When specified the property ‘profileWebSocket’ supersedes this property. |
Core |
HTTP_Profile_Reverse¶
Extra HTTP profile configurable options when proxyType is ‘reverse’
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
maxHeaderCount (integer) |
64 |
[1-1024] |
When the number of headers in an incoming HTTP request exceeds this value, discard the request and reset the client connection |
Core |
maxHeaderSize (integer) |
32768 |
[9-262144] |
When the total size in octets of the headers of an incoming HTTP request exceeds this value, discard the request and reset the client connection |
Core |
truncatedRedirects (boolean) |
None |
true, false |
If false (default) elide malformed redirects from pool members, otherwise pass them to client |
Core |
HTTP_Profile_Transparent¶
Extra HTTP profile configurable options when proxyType is ‘transparent’
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
maxHeaderCount (integer) |
32 |
[1-1024] |
When the number of headers in a request or response exceeds this value (default 32), take the excessX…Headers action |
Core |
maxHeaderSize (integer) |
16384 |
[9-262144] |
When the total size in octets of the headers of request or response exceeds this value (default 16384), take the oversizeX…Headers action |
Core |
excessClientHeaders (string) |
pass-through |
pass-through, reject |
When a client request violates maxHeaderCount, either switch to pass-through mode (default) or reject the connection |
Core |
excessServerHeaders (string) |
pass-through |
pass-through, reject |
When a pool member response violates maxHeaderCount, either switch to pass-through mode (default) or reject the connection |
Core |
oversizeClientHeaders (string) |
pass-through |
pass-through, reject |
When a client request violates maxHeaderSize, either switch to pass-through mode (default) or reject the connection |
Core |
oversizeServerHeaders (string) |
pass-through |
pass-through, reject |
When a pool member response violates maxHeaderSize, either switch to pass-through mode (default) or reject the connection |
Core |
truncatedRedirects (boolean) |
true |
true, false |
If true (default) pass malformed redirects to client |
Core |
HTTP_Profile_Explicit¶
Extra HTTP profile configurable options when proxyType is ‘explicit’
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
maxHeaderCount (integer) |
64 |
[1-1024] |
When the number of headers in an incoming HTTP request exceeds this value, discard the request and reset the client connection |
Core |
maxHeaderSize (integer) |
32768 |
[9-262144] |
When the total size in octets of the headers of an incoming HTTP request exceeds this value, discard the request and reset the client connection |
Core |
truncatedRedirects (boolean) |
None |
true, false |
If false (default) elide malformed redirects from pool members, otherwise pass them to client |
Core |
resolver (object) |
None |
None |
BIG-IP AS3 pointer to DNS resolver used to resolve hostnames in client requests |
Core |
doNotProxyHosts (array) |
none |
None |
When a client makes a (proxy-type) request to some host on this list, that request will simply be load-balanced to a pool member (without DNS resolution). This is ineffective for HTTPS requests |
Core |
tunnelName (string) |
http-tunnel |
None |
Name of tunnel used for outbound CONNECT requests (default ‘http-tunnel’) |
Core |
defaultConnectAction (string) |
deny |
deny, allow |
By default (value ‘deny’) the system refuses CONNECT requests from clients except when there is a virtual server listening to the tunnelName tunnel to accept and process them (typically to authorize and/or intercept outbound TLS connections). Value ‘allow’ will let clients CONNECT to arbitrary remote services |
Core |
routeDomain (object) |
None |
None |
Proxy requests will leave the ADC from a Self IP in this route domain (default 0) |
Core |
connectErrorMessage (string) |
<html><head><title>Connection Error</title></head><body><h2>Unable to connect to host in proxy request</h2></body></html> |
None |
Message returned to client when the system cannot establish a proxy connection. May include iRules TCL expressions |
Core |
dnsErrorMessage (string) |
<html><head><title>DNS Resolution Error</title></head><body><h2>Cannot resolve hostname in proxy request</h2></body></html> |
None |
Message returned to the client when the system cannot resolve the hostname in the request. May include iRules TCL expressions |
Core |
badRequestMessage (string) |
<html><head><title>Bad Request</title></head><body><h2>Invalid proxy request</h2></body></html> |
None |
Message returned to client when proxy request is erroneous. May include iRules TCL expressions |
Core |
badResponseMessage (string) |
<html><head><title>Bad Response</title></head><body><h2>Proxy request provoked invalid response</h2></body></html> |
None |
Message returned to client when response to proxy request is erroneous. May include iRules TCL expressions |
Core |
ipv6 (boolean) |
None |
true, false |
Specifies the relative order of IPv4 and IPv6 DNS resolutions for URIs. If false (default), then the system performs IPv4 lookup before IPv6. |
Core |
HTTP2_Profile¶
Profile to enable HTTP2
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
HTTP2_Profile |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
activationMode (string) |
alpn |
alpn, always |
This setting specifies the condition that will cause the BIG-IP system to handle an incoming connection as an HTTP/2 connection. |
Core, Next |
concurrentStreamsPerConnection (integer) |
10 |
[1-256] |
The number of concurrent connections to allow on a single HTTP/2 connection. |
Core, Next |
connectionIdleTimeout (integer) |
300 |
[1-4294967295] |
The number of seconds that a HTTP/2 connection is left open idly before it is closed. |
Core |
enforceTlsRequirements (boolean) |
true |
true, false |
Enable or disable enforcement of TLS requirements. |
Core, Next |
frameSize (integer) |
2048 |
[1024-16384] |
The size of the data frames, in bytes, that the HTTP/2 protocol sends to the client. |
Core |
headerTableSize (integer) |
4096 |
[0-65535] |
The size of the header table, in KB, for the HTTP headers that the HTTP/2 protocol compresses to save bandwidth. |
Core |
includeContentLength (boolean) |
None |
true, false |
Enable to include content-length in HTTP/2 headers. |
Core |
insertHeader (boolean) |
None |
true, false |
This setting specifies whether the BIG-IP system should add an HTTP header to the HTTP request to show that the request was received over HTTP/2. |
Core, Next |
insertHeaderName (string) |
X-HTTP2 |
None |
This setting specifies the name of the header that the BIG-IP system will add to the HTTP request when the Insert Header is enabled. |
Core, Next |
receiveWindow (integer) |
32 |
[16-128] |
The flow-control size for upload streams, in KB. |
Core |
writeSize (integer) |
16384 |
[2048-32768] |
The total size of combined data frames, in bytes, that the HTTP/2 protocol sends in a single write function. |
Core |
IRule¶
iRule definition with configurable options
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
iRule |
None |
None |
Core, Next |
expand (boolean) |
true |
true, false |
If true (default), expand backquoted variables in iRule |
Core |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
iRule (object) |
None |
See “IRule_Core” |
Reference to an iRule or text of an iRule |
Core, Next |
IRule_Core¶
Reference to an iRule or text of an iRule
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
IRule_Core (object | object | object) |
None |
See “F5_String” | None | None |
Reference to an iRule or text of an iRule |
Core, Next |
L4_Profile¶
Configures a Fast Layer 4 profile
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
L4_Profile |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
clientTimeout (integer) |
30 |
[-1-86400] |
Number of seconds allowed for a client to transmit enough data to select a server when you have late binding enabled. Value -1 means indefinite (not recommended) |
Core |
idleTimeout (integer) |
300 |
None |
Number of seconds (default 300; may not be 0) connection may remain idle before it becomes eligible for deletion. Value -1 (not recommended) means infinite |
Core, Next |
keepAliveInterval (integer) |
None |
[0-4294967295] |
Number of seconds between keep-alive probes. A value of 0 seconds disables the feature. |
Core |
looseClose (boolean) |
None |
true, false |
When true, system closes a loosely-initiated connection when the system receives the first FIN packet from either the client or the server (default false). |
Core, Next |
looseInitialization (boolean) |
None |
true, false |
When true, system initializes a connection when it receives any TCP packet, rather than requiring a SYN packet for connection initiation (default false). |
Core, Next |
maxSegmentSize (integer) |
None |
None |
Sets MSS advertised to peer. Value 0 (default) will set MSS automatically in proportion to interface MTU. Default 0 is usually the best choice |
Core |
resetOnTimeout (boolean) |
true |
true, false |
If true (default), connections which time out will be reset (that is, the system sends an RST packet to the peer) before the system expunges them |
Core, Next |
synCookieAllowlist (boolean) |
None |
true, false |
Specifies whether or not to use a SYN Cookie Allowlist when doing software SYN Cookies. This means not doing a SYN Cookie for the same src IP address if it has been done already in the previous tm.flowstate.timeout (30) seconds. The default value is disabled. |
Core |
synCookieEnable (boolean) |
true |
true, false |
Enables syn-cookies capability on this virtual server. If true (default), the system may use SYN cookies to avert connection-table overflow (for example, from DoS attacks) |
Core |
tcpCloseTimeout (integer) |
5 |
[undefined-86400] |
Specifies an TCP close timeout in seconds. Value -1 means indefinite (not recommended) |
Core, Next |
tcpHandshakeTimeout (integer) |
5 |
[undefined-86400] |
Specifies a TCP handshake timeout in seconds. The default value is 5 seconds. Value -1 means indefinite (not recommended) |
Core, Next |
pvaAccelerationMode (string) |
full |
full, assisted, none, dedicated |
Specifies the preferred acceleration mode for the Packet Velocity ASIC (PVA) if the platform supports PVA acceleration. Full - Specifies the system applies full PVA acceleration when possible. Assisted - Specifies the system applies partial PVA acceleration. None - Specifies the system does not use PVA acceleration. Dedicated - Unconditionally enables ePVA acceleration for all TCP FastL4 connections. Inactive, but established connections are not removed from the ePVA to guarantee low latency forwarding for future packets. |
Next |
pvaDynamicServerPackets (integer) |
None |
[0-10] |
Indicates the number of server packets before dynamic ePVA hardware re-offloading occurs. The valid range is from 0 (zero) through 10. |
Next |
pvaDynamicClientPackets (integer) |
1 |
[0-10] |
Indicates the number of client packets before dynamic ePVA hardware re-offloading occurs. The valid range is from 0 (zero) through 10. |
Next |
Log_Destination¶
Configures a log destination
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Log_Destination (object | object | object | object) |
None |
None | None | None | None |
Configures a log destination |
Core |
Log_Destination_Management_Port¶
Sends received messages to a specified IP address and port through the management interface
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
address (string) |
None |
None |
Specifies the IP address that will receive messages from the specified local Log Destination |
Core |
port (integer) |
None |
[0-65535] |
Specifies the port of the IP address that will receive messages from the specified local Log Destination |
Core |
protocol (string) |
tcp |
tcp, udp |
Specifies the protocol for the system to use to send logs to the specified location |
Core |
Log_Destination_Remote_Syslog¶
Configures Remote Syslog destinations to format log messages into Syslog format and forward them to a Remote High-Speed Log destination
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
format (string) |
rfc3164 |
legacy-bigip, rfc3164, rfc5424 |
Specifies the method to use to format the logs |
Core |
defaultFacility (string) |
local0 |
local0, local1, local2, local3, local4, local5, local6, local7 |
Specifies the facility given to log messages received that do not already have a facility listed |
Core |
defaultSeverity (string) |
info |
alert, crit, debug, emerg, err, info, notice, warn |
Specifies the severity given to log messages received that do not already have a severity listed |
Core |
remoteHighSpeedLog (object) |
None |
None |
Specifies a remote high-speed log destination, which the system uses to forward the logs to a pool of remote log servers |
Core |
Log_Destination_Remote_High_Speed_Log¶
Sends received messages to a specified pool
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
distribution (string) |
adaptive |
adaptive, balanced, replicated |
Specifies the distribution method used to send messages to pool members |
Core |
protocol (string) |
tcp |
tcp, udp |
Specifies the protocol for the system to use to send logs to the pool |
Core |
pool (object) |
None |
See “Pointer_Pool” |
Reference to a pool |
Core |
Log_Destination_Splunk¶
Configures Splunk formatting destinations to format incoming log messages into Splunk format
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
forwardTo (object) |
None |
None |
Specifies the log destination to which logs are forwarded |
Core |
Log_Publisher¶
Configures lists of destinations for the common logging interface
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Log_Publisher |
None |
None |
Core |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core |
destinations (array) |
None |
None |
specify log destinations for this log publisher to use |
Core |
Monitor¶
Declares a (possibly complex) monitor
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Monitor (object | object | object | object | object | object | object | object | object | object | object | object | object | object | object | object | object) |
None |
None | None | None | None | None | None | None | None | None | None | None | None | None | None | None | None | None |
Declares a (possibly complex) monitor |
Core, Next |
Basic_Monitor¶
Monitor definition
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Basic_Monitor (string | object) |
None |
http, https, http2, icmp, tcp | None |
Monitor definition |
Core, Next |
Monitor_DNS¶
Additional Monitor class properties available when monitorType = dns
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Monitor_DNS (object | object | object) |
None |
None | None | None |
Additional Monitor class properties available when monitorType = dns |
Core |
Monitor_External¶
Monitor External definition
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Monitor |
None |
None |
Core |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core |
arguments (string) |
None |
None |
Arguments to specified external monitor (will be backquote-expanded) |
Core |
environmentVariables (object) |
{} |
None |
Specifies user defined command line parameters that the external program requires. |
Core |
expand (boolean) |
true |
true, false |
If true (default), expand backquoted variables in script |
Core |
interval (integer) |
5 |
[0-3600] |
Poll interval (seconds) |
Core |
monitorType (string) |
None |
None |
Specifies the type of monitor |
Core |
pathname (string) |
None |
None |
Tmsh object path name of an imported existing external monitor (e.g. /Common/arg_example) |
Core |
script (object) |
None |
None |
Bash(1) script which implements external monitor |
Core |
targetAddress (string) |
None |
None |
IP address monitor should probe; if empty (default) then pool member address |
Core |
targetPort (integer) |
None |
[0-65535] |
L4 port (if any) monitor should probe; if 0 (default) then pool member port |
Core |
timeout (integer) |
16 |
[0-900] |
Time limit for node to respond (seconds) |
Core |
timeUntilUp (integer) |
None |
[0-1800] |
Delay between successful probe and sending traffic to node (seconds) |
Core |
upInterval (integer) |
None |
[0-3600] |
Poll interval when service is already up (seconds) |
Core |
Monitor_FTP¶
Monitor FTP definition
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Monitor |
None |
None |
Core |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core |
filename (string) |
None |
None |
Specifies the full path and file name of the file that the system attempts to download. The health check is successful if the system can download the file. |
Core |
interval (integer) |
5 |
[0-3600] |
Poll interval (seconds) |
Core |
mode (string) |
passive |
passive, port |
Specifies the data transfer process (DTP) mode. The default value is passive. |
Core |
monitorType (string) |
None |
None |
Specifies the type of monitor |
Core |
passphrase (object) |
None |
None |
Passphrase if any for query authentication |
Core |
targetAddress (string) |
None |
None |
IP address monitor should probe; if empty (default) then pool member address |
Core |
targetPort (integer) |
None |
[0-65535] |
L4 port (if any) monitor should probe; if 0 (default) then pool member port |
Core |
timeout (integer) |
16 |
[0-900] |
Time limit for node to respond (seconds) |
Core |
timeUntilUp (integer) |
None |
[0-1800] |
Delay between successful probe and sending traffic to node (seconds) |
Core |
upInterval (integer) |
None |
[0-3600] |
Poll interval when service is already up (seconds) |
Core |
username (string) |
None |
None |
Username if any for query authentication |
Core |
Monitor_HTTP¶
Monitor HTTP definition
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Monitor |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
adaptive (boolean) |
None |
true, false |
If true, use adaptive probe timing |
Core |
adaptiveDivergenceType (string) |
relative |
absolute, relative |
Adaptive divergence, ‘absolute’ selects milliseconds, ‘relative’ (default) selects percentage |
Core |
adaptiveDivergenceMilliseconds (integer) |
500 |
[1-10000] |
Probe fails if response latency exceeds mean by this number of milliseconds |
Core |
adaptiveDivergencePercentage (integer) |
100 |
[1-500] |
Probe fails if response latency exceeds mean by this percentage |
Core |
adaptiveLimitMilliseconds (integer) |
1000 |
[1-10000] |
Probe fails if response latency exceeds this number of milliseconds |
Core |
adaptiveWindow (integer) |
180 |
[1-1800] |
Time window over which the system samples latency (seconds) |
Core |
dscp (integer) |
None |
[0-63] |
Value for IP DSCP (ex-TOS) field (default 0) |
Core |
interval (integer) |
5 |
[0-3600] |
Poll interval (seconds) |
Core, Next |
monitorType (string) |
None |
None |
Specifies the type of monitor |
Core, Next |
passphrase (object) |
None |
None |
None |
Core, Next |
receive (string) |
None |
None |
Mark node up upon receipt of this (backquote-expanded) string |
Core, Next |
receiveDown (string) |
None |
None |
Mark node down upon receipt of this (backquote-expanded) string (optional; must be empty when ‘reverse’ is true) |
Core, Next |
reverse (boolean) |
None |
true, false |
If true, mark node down upon receipt of ‘receive’ string |
Core |
send (string) |
None |
None |
Send this (backquote-expanded) string to query node |
Core, Next |
targetAddress (string) |
None |
None |
IP address monitor should probe; if empty (default) then pool member address |
Core |
targetPort (integer) |
None |
[0-65535] |
L4 port (if any) monitor should probe; if 0 (default) then pool member port |
Core |
timeout (integer) |
16 |
[0-900] |
Time limit for node to respond (seconds) |
Core, Next |
timeUntilUp (integer) |
None |
[0-1800] |
Delay between successful probe and sending traffic to node (seconds) |
Core |
transparent (boolean) |
None |
true, false |
If true, treat pool member address as gateway to server (node) (default false) |
Core |
upInterval (integer) |
None |
[0-3600] |
Poll interval when service is already up (seconds) |
Core |
username (string) |
None |
None |
Username if any for query authentication |
Core, Next |
Monitor_HTTP2¶
Monitor HTTP2 definition
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Monitor |
None |
None |
Core |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core |
adaptive (boolean) |
None |
true, false |
If true, use adaptive probe timing |
Core |
adaptiveDivergenceType (string) |
relative |
absolute, relative |
Adaptive divergence, ‘absolute’ selects milliseconds, ‘relative’ (default) selects percentage |
Core |
adaptiveDivergenceMilliseconds (integer) |
500 |
[1-10000] |
Probe fails if response latency exceeds mean by this number of milliseconds |
Core |
adaptiveDivergencePercentage (integer) |
100 |
[1-500] |
Probe fails if response latency exceeds mean by this percentage |
Core |
adaptiveLimitMilliseconds (integer) |
1000 |
[1-10000] |
Probe fails if response latency exceeds this number of milliseconds |
Core |
adaptiveWindow (integer) |
180 |
[1-1800] |
Time window over which the system samples latency (seconds) |
Core |
clientTLS (object) |
None |
None |
BIG-IP AS3 pointer to client TLS Profile |
Core |
dscp (integer) |
None |
[0-63] |
Value for IP DSCP (ex-TOS) field (default 0) |
Core |
interval (integer) |
5 |
[0-3600] |
Poll interval (seconds) |
Core |
monitorType (string) |
None |
None |
Specifies the type of monitor |
Core |
passphrase (object) |
None |
None |
Passphrase if any for query authentication |
Core |
receive (string) |
HTTP/2. |
None |
Mark node up upon receipt of this (backquote-expanded) string |
Core |
receiveDown (string) |
None |
None |
Mark node down upon receipt of this (backquote-expanded) string (optional; must be empty when ‘reverse’ is true) |
Core |
reverse (boolean) |
None |
true, false |
If true, mark node down upon receipt of ‘receive’ string |
Core |
send (string) |
GET /rnrn |
None |
Send this (backquote-expanded) string to query node |
Core |
targetAddress (string) |
None |
None |
IP address monitor should probe; if empty (default) then pool member address |
Core |
targetPort (integer) |
None |
[0-65535] |
L4 port (if any) monitor should probe; if 0 (default) then pool member port |
Core |
timeout (integer) |
16 |
[0-900] |
Time limit for node to respond (seconds) |
Core |
timeUntilUp (integer) |
None |
[0-1800] |
Delay between successful probe and sending traffic to node (seconds) |
Core |
transparent (boolean) |
None |
true, false |
If true, treat pool member address as gateway to server (node) (default false) |
Core |
upInterval (integer) |
None |
[0-3600] |
Poll interval when service is already up (seconds) |
Core |
username (string) |
None |
None |
Username if any for query authentication |
Core |
Monitor_HTTPS¶
Monitor HTTPS definition
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Monitor |
None |
None |
Core |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core |
adaptive (boolean) |
None |
true, false |
If true, use adaptive probe timing |
Core |
adaptiveDivergenceType (string) |
relative |
absolute, relative |
Adaptive divergence, ‘absolute’ selects milliseconds, ‘relative’ (default) selects percentage |
Core |
adaptiveDivergenceMilliseconds (integer) |
500 |
[1-10000] |
Probe fails if response latency exceeds mean by this number of milliseconds |
Core |
adaptiveDivergencePercentage (integer) |
100 |
[1-500] |
Probe fails if response latency exceeds mean by this percentage |
Core |
adaptiveLimitMilliseconds (integer) |
1000 |
[1-10000] |
Probe fails if response latency exceeds this number of milliseconds |
Core |
adaptiveWindow (integer) |
180 |
[1-1800] |
Time window over which the system samples latency (seconds) |
Core |
ciphers (string) |
DEFAULT |
None |
Ciphersuite selection string |
Core |
clientCertificate (string) |
None |
None |
BIG-IP AS3 pointer to client Certificate declaration, for TLS authentication (optional) |
Core |
clientTLS (object) |
None |
None |
BIG-IP AS3 pointer to client TLS Profile |
Core |
dscp (integer) |
None |
[0-63] |
Value for IP DSCP (ex-TOS) field (default 0) |
Core |
interval (integer) |
5 |
[0-3600] |
Poll interval (seconds) |
Core |
monitorType (string) |
None |
None |
Specifies the type of monitor |
Core |
passphrase (object) |
None |
None |
Passphrase if any for query authentication |
Core |
receive (string) |
HTTP/1. |
None |
Mark node up upon receipt of this (backquote-expanded) string |
Core |
receiveDown (string) |
None |
None |
Mark node down upon receipt of this (backquote-expanded) string (optional; must be empty when ‘reverse’ is true) |
Core |
reverse (boolean) |
None |
true, false |
If true, mark node down upon receipt of ‘receive’ string |
Core |
send (string) |
HEAD / HTTP/1.0rnrn |
None |
Send this (backquote-expanded) string to query node |
Core |
targetAddress (string) |
None |
None |
IP address monitor should probe; if empty (default) then pool member address |
Core |
targetPort (integer) |
None |
[0-65535] |
L4 port (if any) monitor should probe; if 0 (default) then pool member port |
Core |
timeout (integer) |
16 |
[0-900] |
Time limit for node to respond (seconds) |
Core |
timeUntilUp (integer) |
None |
[0-1800] |
Delay between successful probe and sending traffic to node (seconds) |
Core |
transparent (boolean) |
None |
true, false |
If true, treat pool member address as gateway to server (node) (default false) |
Core |
upInterval (integer) |
None |
[0-3600] |
Poll interval when service is already up (seconds) |
Core |
username (string) |
None |
None |
Username if any for query authentication |
Core |
Monitor_ICMP¶
Monitor ICMP definition
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Monitor |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
adaptive (boolean) |
None |
true, false |
If true, use adaptive probe timing |
Core |
adaptiveDivergenceType (string) |
relative |
absolute, relative |
Adaptive divergence, ‘absolute’ selects milliseconds, ‘relative’ (default) selects percentage |
Core |
adaptiveDivergenceMilliseconds (integer) |
500 |
[1-10000] |
Probe fails if response latency exceeds mean by this number of milliseconds |
Core |
adaptiveDivergencePercentage (integer) |
100 |
[1-500] |
Probe fails if response latency exceeds mean by this percentage |
Core |
adaptiveLimitMilliseconds (integer) |
1000 |
[1-10000] |
Probe fails if response latency exceeds this number of milliseconds |
Core |
adaptiveWindow (integer) |
180 |
[5-1800] |
Time window over which the system samples latency (seconds) |
Core |
interval (integer) |
5 |
[0-3600] |
Poll interval (seconds) |
Core, Next |
monitorType (string) |
None |
None |
Specifies the type of monitor |
Core, Next |
targetAddress (string) |
None |
None |
IP address monitor should probe; if empty (default) then pool member address |
Core |
targetPort (integer) |
None |
[0-65535] |
L4 port (if any) monitor should probe; if 0 (default) then pool member port |
Core |
timeout (integer) |
16 |
[0-900] |
Time limit for node to respond (seconds) |
Core, Next |
timeUntilUp (integer) |
None |
[0-1800] |
Delay between successful probe and sending traffic to node (seconds) |
Core |
transparent (boolean) |
None |
true, false |
If true, treat pool member address as gateway to server (node) (default false) |
Core |
upInterval (integer) |
None |
[0-3600] |
Poll interval when service is already up (seconds) |
Core |
Monitor_Inband¶
Monitor Inband definition
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Monitor |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
failureInterval (integer) |
None |
None |
Specifies an interval, in seconds. If the number of failures specified in the failures option occurs within this interval, the system marks the pool member as being unavailable. |
Core, Next |
failures (integer) |
None |
None |
Specifies the number of failures that the system allows to occur, within the time period specified in the failureInterval property, before marking a pool member unavailable. The multiple tmm processes use a per-process number to calculate failures, depending on the specified load. For example, for the Round Robin load balancing method, if there are N tmm processes and M pool members, and the Failures property is set to L, then up to N*M*L+1 failures can occur before the system marks the node as down. Specifying a value of 0 disables this option. A failure can be either a failure to connect or a failure of the pool member to respond within the time specified in the responseTime property. |
Core, Next |
monitorType (string) |
None |
None |
Specifies the type of monitor |
Core, Next |
responseTime (integer) |
None |
None |
Specifies an amount of time, in seconds. If the pool member does not respond with data after the specified amount of time has passed, the number of failures in this interval increments by 1. Specifying a value of 0 disables this option. |
Core, Next |
retryTime (integer) |
None |
None |
Specifies the amount of time in seconds after the pool member has been marked unavailable before the system retries to connect to the pool member. Specifying a value of 0 disables this option. |
Core, Next |
Monitor_LDAP¶
Monitor LDAP definition
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Monitor |
None |
None |
Core |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core |
base (string) |
None |
None |
Specifies the location in the LDAP tree from which the monitor starts the health check |
Core |
chaseReferrals (boolean) |
true |
true, false |
Specifies, whether, upon receipt of an LDAP referral entry, the referral is followed |
Core |
filter (string) |
None |
None |
Specifies an LDAP key which the monitor searches |
Core |
interval (integer) |
5 |
[0-3600] |
Poll interval (seconds) |
Core |
mandatoryAttributes (boolean) |
None |
true, false |
Specifies whether the target must include attributes in its response to be considered up |
Core |
monitorType (string) |
None |
None |
Specifies the type of monitor |
Core |
passphrase (object) |
None |
None |
Passphrase if any for query authentication |
Core |
security (string) |
none |
none, ssl, tls |
Specifies the secure protocol type for communications with the target |
Core |
targetAddress (string) |
None |
None |
IP address monitor should probe; if empty (default) then pool member address |
Core |
targetPort (integer) |
None |
[0-65535] |
L4 port (if any) monitor should probe; if 0 (default) then pool member port |
Core |
timeout (integer) |
16 |
[0-900] |
Time limit for node to respond (seconds) |
Core |
timeUntilUp (integer) |
None |
[0-1800] |
Delay between successful probe and sending traffic to node (seconds) |
Core |
upInterval (integer) |
None |
[0-3600] |
Poll interval when service is already up (seconds) |
Core |
username (string) |
None |
None |
Username if any for query authentication |
Core |
Monitor_MySQL¶
Monitor MySQL definition
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Monitor |
None |
None |
Core |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core |
count (integer) |
None |
[0-2147483647] |
Number of monitor probes after which the connection to the database will be terminated. Count value of zero indicates that the connection will never be terminated. |
Core |
database (string) |
None |
None |
The name of the database with which the monitor attempts to communicate. |
Core |
interval (integer) |
5 |
[0-3600] |
Poll interval (seconds) |
Core |
monitorType (string) |
None |
None |
Specifies the type of monitor |
Core |
passphrase (object) |
None |
None |
Passphrase if any for query authentication |
Core |
receive (string) |
None |
None |
Mark node up upon receipt of this (backquote-expanded) string |
Core |
receiveColumn (integer) |
None |
[1-4096] |
Specifies the column in the database where the system expects the specified Receive String to be located. Specify this property only if you configure the Send and Receive properties. |
Core |
receiveRow (integer) |
None |
[1-65535] |
Specifies the row in the database where the system expects the specified Receive String to be located. Specify this property only if you configure the Send and Recieve properties. |
Core |
send (string) |
None |
None |
Send this (backquote-expanded) string to query node |
Core |
targetAddress (string) |
None |
None |
IP address monitor should probe; if empty (default) then pool member address |
Core |
targetPort (integer) |
None |
[0-65535] |
L4 port (if any) monitor should probe; if 0 (default) then pool member port |
Core |
timeout (integer) |
16 |
[0-900] |
Time limit for node to respond (seconds) |
Core |
timeUntilUp (integer) |
None |
[0-1800] |
Delay between successful probe and sending traffic to node (seconds) |
Core |
upInterval (integer) |
None |
[0-3600] |
Poll interval when service is already up (seconds) |
Core |
username (string) |
None |
None |
Username if any for query authentication |
Core |
Monitor_PostgreSQL¶
Monitor PostgreSQL definition
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Monitor |
None |
None |
Core |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core |
count (integer) |
None |
[0-2147483647] |
Number of monitor probes after which the connection to the database will be terminated. Count value of zero indicates that the connection will never be terminated. |
Core |
database (string) |
None |
None |
The name of the database with which the monitor attempts to communicate. |
Core |
interval (integer) |
5 |
[0-3600] |
Poll interval (seconds) |
Core |
monitorType (string) |
None |
None |
Specifies the type of monitor |
Core |
receive (string) |
None |
None |
Mark node up upon receipt of this (backquote-expanded) string |
Core |
receiveColumn (integer) |
None |
[1-1600] |
Specifies the column in the database where the system expects the specified Receive String to be located. Specify this property only if you configure the Send and Receive properties. |
Core |
receiveRow (integer) |
None |
[1-4294967294] |
Specifies the row in the database where the system expects the specified Receive String to be located. Specify this property only if you configure the Send and Recieve properties. |
Core |
passphrase (object) |
None |
None |
Passphrase if any for query authentication |
Core |
send (string) |
None |
None |
Send this (backquote-expanded) string to query node |
Core |
targetAddress (string) |
None |
None |
IP address monitor should probe; if empty (default) then pool member address |
Core |
targetPort (integer) |
None |
[0-65535] |
L4 port (if any) monitor should probe; if 0 (default) then pool member port |
Core |
timeout (integer) |
16 |
[0-900] |
Time limit for node to respond (seconds) |
Core |
timeUntilUp (integer) |
None |
[0-1800] |
Delay between successful probe and sending traffic to node (seconds) |
Core |
upInterval (integer) |
None |
[0-3600] |
Poll interval when service is already up (seconds) |
Core |
username (string) |
None |
None |
Username if any for query authentication |
Core |
Monitor_RADIUS¶
Monitor RADIUS definition
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Monitor |
None |
None |
Core |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core |
interval (integer) |
5 |
[0-3600] |
Poll interval (seconds) |
Core |
monitorType (string) |
None |
None |
Specifies the type of monitor |
Core |
nasIpAddress (string) |
None |
None |
Specifies the networks access server’s IP address (NAS IP address) for a RADIUS monitor |
Core |
passphrase (object) |
None |
None |
Passphrase if any for query authentication |
Core |
secret (object) |
None |
None |
Specifies the secret the monitor needs to access the resource |
Core |
targetAddress (string) |
None |
None |
IP address monitor should probe; if empty (default) then pool member address |
Core |
targetPort (integer) |
None |
[0-65535] |
L4 port (if any) monitor should probe; if 0 (default) then pool member port |
Core |
timeout (integer) |
16 |
[0-900] |
Time limit for node to respond (seconds) |
Core |
timeUntilUp (integer) |
None |
[0-1800] |
Delay between successful probe and sending traffic to node (seconds) |
Core |
upInterval (integer) |
None |
[0-3600] |
Poll interval when service is already up (seconds) |
Core |
username (string) |
None |
None |
Specifies the user name, if the monitor target requires authentication |
Core |
Monitor_SIP¶
Monitor SIP definition
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Monitor |
None |
None |
Core |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core |
ciphers (string) |
DEFAULT |
None |
Ciphersuite selection string |
Core |
clientCertificate (string) |
None |
None |
BIG-IP AS3 pointer to client Certificate declaration, for TLS authentication (optional) |
Core |
codesDown (array) |
None |
None |
List of status codes meaning service is down (0 matches any code) |
Core |
codesUp (array) |
None |
None |
List of additional (to all 1/2/3xx) status codes meaning service is up (0 matches any code) |
Core |
headers (string) |
None |
None |
SIP headers to send in probes (if any)–separate by newlines (backquote-expanded) |
Core |
interval (integer) |
5 |
[0-3600] |
Poll interval (seconds) |
Core |
monitorType (string) |
None |
None |
Specifies the type of monitor |
Core |
protocol (string) |
udp |
sips, tcp, tls, udp |
SIP transport protocol |
Core |
request (string) |
None |
None |
SIP request to send in probes (default empty) |
Core |
targetAddress (string) |
None |
None |
IP address monitor should probe; if empty (default) then pool member address |
Core |
targetPort (integer) |
None |
[0-65535] |
L4 port (if any) monitor should probe; if 0 (default) then pool member port |
Core |
timeout (integer) |
16 |
[0-900] |
Time limit for node to respond (seconds) |
Core |
timeUntilUp (integer) |
None |
[0-1800] |
Delay between successful probe and sending traffic to node (seconds) |
Core |
upInterval (integer) |
None |
[0-3600] |
Poll interval when service is already up (seconds) |
Core |
Monitor_SMTP¶
Monitor SMTP definition
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Monitor |
None |
None |
Core |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core |
domain (string) |
None |
None |
Mail domain to check, if any (backquote-expanded) |
Core |
interval (integer) |
5 |
[0-3600] |
Poll interval (seconds) |
Core |
monitorType (string) |
None |
None |
Specifies the type of monitor |
Core |
targetAddress (string) |
None |
None |
IP address monitor should probe; if empty (default) then pool member address |
Core |
targetPort (integer) |
None |
[0-65535] |
L4 port (if any) monitor should probe; if 0 (default) then pool member port |
Core |
timeout (integer) |
16 |
[0-900] |
Time limit for node to respond (seconds) |
Core |
timeUntilUp (integer) |
None |
[0-1800] |
Delay between successful probe and sending traffic to node (seconds) |
Core |
upInterval (integer) |
None |
[0-3600] |
Poll interval when service is already up (seconds) |
Core |
Monitor_TCP¶
Monitor TCP definition
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Monitor |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
adaptive (boolean) |
None |
true, false |
If true, use adaptive probe timing |
Core |
adaptiveDivergenceMilliseconds (integer) |
500 |
[1-10000] |
Probe fails if response latency exceeds mean by this number of milliseconds |
Core |
adaptiveDivergencePercentage (integer) |
100 |
[1-500] |
Probe fails if response latency exceeds mean by this percentage |
Core |
adaptiveDivergenceType (string) |
relative |
absolute, relative |
Adaptive divergence, ‘absolute’ selects milliseconds, ‘relative’ (default) selects percentage |
Core |
adaptiveLimitMilliseconds (integer) |
1000 |
[1-10000] |
Probe fails if response latency exceeds this number of milliseconds |
Core |
adaptiveWindow (integer) |
180 |
[5-1800] |
Time window over which the system samples latency (seconds) |
Core |
dscp (integer) |
None |
[0-63] |
Value for IP DSCP (ex-TOS) field (default 0) |
Core |
interval (integer) |
5 |
[0-3600] |
Poll interval (seconds) |
Core, Next |
monitorType (string) |
None |
None |
Specifies the type of monitor |
Core, Next |
receive (string) |
None |
None |
Mark node up upon receipt of this (backquote-expanded) string |
Core, Next |
receiveDown (string) |
None |
None |
Mark node down upon receipt of this (backquote-expanded) string (optional; must be empty when ‘reverse’ is true) |
Core, Next |
reverse (boolean) |
None |
true, false |
If true, mark node down upon receipt of ‘receive’ string |
Core |
send (string) |
None |
None |
Send this (backquote-expanded) string to query node |
Core, Next |
timeout (integer) |
16 |
[0-900] |
Time limit for node to respond (seconds) |
Core, Next |
timeUntilUp (integer) |
None |
[0-1800] |
Delay between successful probe and sending traffic to node (seconds) |
Core |
transparent (boolean) |
None |
true, false |
If true, treat pool member address as gateway to server (node) (default false) |
Core |
upInterval (integer) |
None |
[0-3600] |
Poll interval when service is already up (seconds) |
Core |
Monitor_TCP_Half_Open¶
Monitor properties available when monitorType = tcp-half-open
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Monitor |
None |
None |
Core |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core |
interval (integer) |
5 |
[0-3600] |
Poll interval (seconds) |
Core |
monitorType (string) |
None |
None |
Specifies the type of monitor |
Core |
targetAddress (string) |
None |
None |
IP address monitor should probe; if empty (default) then pool member address |
Core |
targetPort (integer) |
None |
[0-65535] |
L4 port (if any) monitor should probe; if 0 (default) then pool member port |
Core |
timeout (integer) |
16 |
[0-900] |
Time limit for node to respond (seconds) |
Core |
timeUntilUp (integer) |
None |
[0-1800] |
Delay between successful probe and sending traffic to node (seconds) |
Core |
transparent (boolean) |
None |
true, false |
If true, treat pool member address as gateway to server (node) (default false) |
Core |
upInterval (integer) |
None |
[0-3600] |
Poll interval when service is already up (seconds) |
Core |
Monitor_UDP¶
Monitor UDP definition
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Monitor |
None |
None |
Core |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core |
adaptive (boolean) |
None |
true, false |
If true, use adaptive probe timing |
Core |
adaptiveDivergenceMilliseconds (integer) |
500 |
[1-10000] |
Probe fails if response latency exceeds mean by this number of milliseconds |
Core |
adaptiveDivergencePercentage (integer) |
100 |
[1-500] |
Probe fails if response latency exceeds mean by this percentage |
Core |
adaptiveDivergenceType (string) |
relative |
absolute, relative |
Adaptive divergence, ‘absolute’ selects milliseconds, ‘relative’ (default) selects percentage |
Core |
adaptiveLimitMilliseconds (integer) |
1000 |
[1-10000] |
Probe fails if response latency exceeds this number of milliseconds |
Core |
adaptiveWindow (integer) |
180 |
[60-1800] |
Time window over which the system samples latency (seconds) |
Core |
interval (integer) |
5 |
[0-3600] |
Poll interval (seconds) |
Core |
monitorType (string) |
None |
None |
Specifies the type of monitor |
Core |
receive (string) |
none |
None |
Mark node up upon receipt of this (backquote-expanded) string |
Core |
receiveDown (string) |
None |
None |
Mark node down upon receipt of this (backquote-expanded) string (optional; must be empty when ‘reverse’ is true) |
Core |
reverse (boolean) |
None |
true, false |
If true, mark node down upon receipt of ‘receive’ string |
Core |
send (string) |
default send string |
None |
Send this (backquote-expanded) string to node |
Core |
targetAddress (string) |
None |
None |
IP address monitor should probe; if empty (default) then pool member address |
Core |
targetPort (integer) |
None |
[0-65535] |
L4 port (if any) monitor should probe; if 0 (default) then pool member port |
Core |
timeout (integer) |
16 |
[0-900] |
Time limit for node to respond (seconds) |
Core |
timeUntilUp (integer) |
None |
[0-1800] |
Delay between successful probe and sending traffic to node (seconds) |
Core |
transparent (boolean) |
None |
true, false |
If true, treat pool member address as gateway to server (node) (default false) |
Core |
upInterval (integer) |
None |
[0-3600] |
Poll interval when service is already up (seconds) |
Core |
Multiplex_Profile¶
Multiplex (OneConnect) profile with configurable options
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Multiplex_Profile |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
sourceMask (string) |
None |
None |
Idle connection re-use applies to connections whose source address matches this mask |
Core, Next |
Property_Always_Set¶
If true, set cookie with every HTTP response (default false)
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Property_Always_Set (boolean) |
None |
true, false |
If true, set cookie with every HTTP response (default false) |
Core, Next |
Property_Cookie_Method¶
Selects cookie processing method (default is insert)
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Property_Cookie_Method (string) |
insert |
insert, hash, passive, rewrite |
Selects cookie processing method (default is insert) |
Core, Next |
Property_Cookie_Name¶
Cookie name (for method ‘insert’, default (empty-string) yields system-generated name)
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Property_Cookie_Name (string) |
None |
None |
Cookie name (for method ‘insert’, default (empty-string) yields system-generated name) |
Core, Next |
Property_Duration¶
Lifetime of persistence record (seconds, default 0 means indefinite)
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Property_Duration (integer) |
None |
[0-604800] |
Lifetime of persistence record (seconds, default 0 means indefinite) |
Core, Next |
Property_Encrypt¶
If true, prevent disclosure of (or tampering with) ADC info in cookie (default false, to reduce latency)
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Property_Encrypt (boolean) |
None |
true, false |
If true, prevent disclosure of (or tampering with) ADC info in cookie (default false, to reduce latency) |
Core, Next |
Property_Encrypt_Cookie_L4_Server_Side¶
Specifies whether the L4-serverside name in the inserted BigIPServer default cookie should be encrypted
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Property_Encrypt_Cookie_L4_Server_Side (boolean) |
None |
true, false |
Specifies whether the L4-serverside name in the inserted BigIPServer default cookie should be encrypted |
Next |
Property_Ttl¶
Requested cookie lifetime (seconds, default 0 means session cookie)
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Property_Ttl (integer) |
None |
[0-604800] |
Requested cookie lifetime (seconds, default 0 means session cookie) |
Core, Next |
Property_Match_Across_Pools¶
Specifies that the system can use any pool that contains this persistence record
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Property_Match_Across_Pools (boolean) |
None |
true, false |
Specifies that the system can use any pool that contains this persistence record |
Core, Next |
Property_Match_Across_Virtual_Addresses¶
Specifies that all persistent connections from the same client IP address go to the same node
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Property_Match_Across_Virtual_Addresses (boolean) |
None |
true, false |
Specifies that all persistent connections from the same client IP address go to the same node |
Core, Next |
Property_Match_Across_Virtual_Ports¶
Specifies that all persistent connections from a client IP address that go to the same virtual IP address also go to the same node
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Property_Match_Across_Virtual_Ports (boolean) |
None |
true, false |
Specifies that all persistent connections from a client IP address that go to the same virtual IP address also go to the same node |
Core, Next |
Property_Persistence_Method¶
You may customize each basic persistence method
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Property_Persistence_Method (string) |
None |
None |
You may customize each basic persistence method |
Core, Next |
Persist_Cookie_Insert¶
Configures a cookie persistence profile for Insert Method
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Persist |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
alwaysSet (object) |
None |
See “Property_Always_Set” |
If true, set cookie with every HTTP response (default false) |
Core, Next |
cookieMethod (object) |
insert |
See “Property_Cookie_Method” |
Selects cookie processing method (default is insert) |
Core, Next |
cookieName (object) |
None |
See “Property_Cookie_Name” |
Cookie name (for method ‘insert’, default (empty-string) yields system-generated name) |
Core, Next |
duration (object) |
None |
See “Property_Duration” |
Lifetime of persistence record (seconds, default 0 means indefinite) |
Core, Next |
encrypt (object) |
None |
See “Property_Encrypt” |
If true, prevent disclosure of (or tampering with) ADC info in cookie (default false, to reduce latency) |
Core, Next |
encryptCookieL4serverside (object) |
None |
See “Property_Encrypt_Cookie_L4_Server_Side” |
Specifies whether the L4-serverside name in the inserted BigIPServer default cookie should be encrypted |
Next |
httpOnly (boolean) |
true |
true, false |
If true (default) the system sets the HTTPOnly flag |
Core, Next |
passphrase (object) |
None |
See “Property_Passphrase” |
A passphrase (passphrase property) |
Core, Next |
persistenceMethod (object) |
None |
See “Property_Persistence_Method” |
You may customize each basic persistence method |
Core, Next |
ttl (object) |
None |
See “Property_Ttl” |
Requested cookie lifetime (seconds, default 0 means session cookie) |
Core, Next |
secure (boolean) |
true |
true, false |
If true (default) the system sets the Secure (TLS) flag |
Core, Next |
Persist_Cookie_Hash¶
Configures a cookie persistence profile hash method
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Persist |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
alwaysSet (object) |
None |
See “Property_Always_Set” |
If true, set cookie with every HTTP response (default false) |
Core, Next |
cookieMethod (object) |
None |
See “Property_Cookie_Method” |
Selects cookie processing method (default is insert) |
Core, Next |
cookieName (string) |
None |
None |
Cookie name for hash method (requires non-empty string) |
Core, Next |
duration (object) |
None |
See “Property_Duration” |
Lifetime of persistence record (seconds, default 0 means indefinite) |
Core, Next |
encrypt (object) |
None |
See “Property_Encrypt” |
If true, prevent disclosure of (or tampering with) ADC info in cookie (default false, to reduce latency) |
Core, Next |
hashCount (integer) |
None |
[0-4096] |
Number of octets in cookie value to hash; 0 (default) means all |
Core |
matchAcrossPools (object) |
None |
See “Property_Match_Across_Pools” |
Specifies that the system can use any pool that contains this persistence record |
Core, Next |
matchAcrossVirtualAddresses (object) |
None |
See “Property_Match_Across_Virtual_Addresses” |
Specifies that all persistent connections from the same client IP address go to the same node |
Core, Next |
matchAcrossVirtualPorts (object) |
None |
See “Property_Match_Across_Virtual_Ports” |
Specifies that all persistent connections from a client IP address that go to the same virtual IP address also go to the same node |
Core, Next |
passphrase (object) |
None |
See “Property_Passphrase” |
A passphrase (passphrase property) |
Core, Next |
persistenceMethod (object) |
None |
See “Property_Persistence_Method” |
You may customize each basic persistence method |
Core, Next |
startAt (integer) |
None |
[0-4096] |
Index of first octet in cookie value to hash |
Core |
Persist_Cookie_Passive¶
Configures a cookie persistence profile passive method
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Persist |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
alwaysSet (object) |
None |
See “Property_Always_Set” |
If true, set cookie with every HTTP response (default false) |
Core, Next |
cookieMethod (object) |
None |
See “Property_Cookie_Method” |
Selects cookie processing method (default is insert) |
Core, Next |
cookieName (string) |
None |
None |
Cookie name for passive method (requires non-empty string) |
Core, Next |
encrypt (object) |
None |
See “Property_Encrypt” |
If true, prevent disclosure of (or tampering with) ADC info in cookie (default false, to reduce latency) |
Core, Next |
passphrase (object) |
None |
See “Property_Passphrase” |
A passphrase (passphrase property) |
Core, Next |
persistenceMethod (object) |
None |
See “Property_Persistence_Method” |
You may customize each basic persistence method |
Core, Next |
Persist_Cookie_Rewrite¶
Configures a cookie persistence profile rewrite method
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Persist |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
alwaysSet (object) |
None |
See “Property_Always_Set” |
If true, set cookie with every HTTP response (default false) |
Core, Next |
cookieName (object) |
None |
See “Property_Cookie_Name” |
Cookie name (for method ‘insert’, default (empty-string) yields system-generated name) |
Core, Next |
cookieMethod (object) |
None |
See “Property_Cookie_Method” |
Selects cookie processing method (default is insert) |
Core, Next |
encrypt (object) |
None |
See “Property_Encrypt” |
If true, prevent disclosure of (or tampering with) ADC info in cookie (default false, to reduce latency) |
Core, Next |
encryptCookieL4serverside (object) |
None |
See “Property_Encrypt_Cookie_L4_Server_Side” |
Specifies whether the L4-serverside name in the inserted BigIPServer default cookie should be encrypted |
Next |
passphrase (object) |
None |
See “Property_Passphrase” |
A passphrase (passphrase property) |
Core, Next |
persistenceMethod (object) |
None |
See “Property_Persistence_Method” |
You may customize each basic persistence method |
Core, Next |
ttl (object) |
None |
See “Property_Ttl” |
Requested cookie lifetime (seconds, default 0 means session cookie) |
Core, Next |
Persist_Addr¶
Configures an address affinity persistence profile
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Persist |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
duration (object) |
None |
See “Property_Duration” |
Lifetime of persistence record (seconds, default 0 means indefinite) |
Core, Next |
matchAcrossPools (object) |
None |
See “Property_Match_Across_Pools” |
Specifies that the system can use any pool that contains this persistence record |
Core, Next |
matchAcrossVirtualAddresses (object) |
None |
See “Property_Match_Across_Virtual_Addresses” |
Specifies that all persistent connections from the same client IP address go to the same node |
Core, Next |
matchAcrossVirtualPorts (object) |
None |
See “Property_Match_Across_Virtual_Ports” |
Specifies that all persistent connections from a client IP address that go to the same virtual IP address also go to the same node |
Core, Next |
persistenceMethod (object) |
None |
See “Property_Persistence_Method” |
You may customize each basic persistence method |
Core, Next |
Persist_TLS_Session¶
Configures an address affinity persistence profile
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Persist |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
duration (object) |
None |
See “Property_Duration” |
Lifetime of persistence record (seconds, default 0 means indefinite) |
Core, Next |
matchAcrossPools (object) |
None |
See “Property_Match_Across_Pools” |
Specifies that the system can use any pool that contains this persistence record |
Core, Next |
matchAcrossVirtualAddresses (object) |
None |
See “Property_Match_Across_Virtual_Addresses” |
Specifies that all persistent connections from the same client IP address go to the same node |
Core, Next |
matchAcrossVirtualPorts (object) |
None |
See “Property_Match_Across_Virtual_Ports” |
Specifies that all persistent connections from a client IP address that go to the same virtual IP address also go to the same node |
Core, Next |
persistenceMethod (object) |
None |
See “Property_Persistence_Method” |
You may customize each basic persistence method |
Core, Next |
Persist_UIE¶
Configures a universal persistence profile
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Persist |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
duration (object) |
None |
See “Property_Duration” |
Lifetime of persistence record (seconds, default 0 means indefinite) |
Core, Next |
matchAcrossPools (object) |
None |
See “Property_Match_Across_Pools” |
Specifies that the system can use any pool that contains this persistence record |
Core, Next |
matchAcrossVirtualAddresses (object) |
None |
See “Property_Match_Across_Virtual_Addresses” |
Specifies that all persistent connections from the same client IP address go to the same node |
Core, Next |
matchAcrossVirtualPorts (object) |
None |
See “Property_Match_Across_Virtual_Ports” |
Specifies that all persistent connections from a client IP address that go to the same virtual IP address also go to the same node |
Core, Next |
persistenceMethod (object) |
None |
See “Property_Persistence_Method” |
You may customize each basic persistence method |
Core, Next |
Persist¶
Declares persistence settings
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Persist (object | object | object | object | object | object | object) |
None |
None | None | None | None | None | None | None |
Declares persistence settings |
Core, Next |
Pool¶
Declares a service pool
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Pool |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
loadBalancingMode (string) |
round-robin |
fastest-app-response, least-connections-member, predictive-member, ratio-least-connections-member, ratio-session, round-robin, weighted-round-robin |
Load-balancing mode |
Core, Next |
monitors (array) |
None |
None |
None |
Core, Next |
members (array) |
None |
None |
None |
Core, Next |
Pool_Member¶
Declares a service pool member
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
addressDiscovery (string) |
None |
None |
Selects how server (node) addresses are discovered |
Core, Next |
priorityGroup (integer) |
None |
[0-65535] |
None |
Core, Next |
ratio (integer) |
None |
[0-100] |
Specifies the weight of the pool member for load balancing purposes |
Core, Next |
servicePort (integer) |
None |
[0-65535] |
None |
Core, Next |
serverAddresses (array) |
None |
None |
Static IP addresses of servers (nodes) |
Core, Next |
servers (array) |
None |
None |
Same as serverAddresses, but allowing for further specification of each node |
Core, Next |
shareNodes (boolean) |
None |
true, false |
If enabled, nodes are created in /Common instead of the tenant’s partition |
Core, Next |
weight (integer) |
None |
[1-65535] |
Specifies the weight for load balancing with weight-based load balancing methods |
Next |
Service_HTTP¶
HTTP virtual server
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Service_HTTP |
None |
None |
Core, Next |
persistenceMethods (object) |
cookie |
See “Pointer_Profile_Persistence” |
Reference for Profile persistance |
Core, Next |
clientTLS (object) |
None |
None |
None |
Core, Next |
enable (boolean) |
true |
true, false |
None |
Core, Next |
inlineConnector (object) |
None |
See “Pointer_Use” |
Reference for use property |
Core, Next |
inspectionServices (array) |
None |
None |
None |
Next |
mirroring (object) |
None |
See “Mirroring” |
Controls connection-mirroring for high-availability |
Core, Next |
allowVlans (object) |
None |
See “Pointer_Allow_Vlans” |
Names of existing VLANs that the application will pass traffic to. |
Next |
profileAnalytics (object) |
None |
See “Pointer_Profile_Standard” |
Reference for a standard profile |
Core, Next |
profileAnalyticsTcp (object) |
None |
See “Pointer_Profile_Standard” |
Reference for a standard profile |
Core, Next |
profileHTTP (object) |
None |
See “Pointer_Profile_Ingress_Egress” |
Reference use, ingress, and egress on profile |
Core, Next |
profileHTTP2 (object) |
None |
See “Pointer_Profile_Ingress_Egress” |
Reference use, ingress, and egress on profile |
Core, Next |
profileHTTPCompression (object) |
None |
See “Pointer_Profile_Standard_Plus_Template” |
Reference for a standard profile with template |
Core, Next |
profileHTTPAcceleration (object) |
None |
See “Pointer_Profile_Standard” |
Reference for a standard profile |
Core, Next |
profileMultiplex (object) |
None |
See “Pointer_Profile_Standard” |
Reference for a standard profile |
Core, Next |
profileTCP (object) |
None |
See “Pointer_Profile_Ingress_Egress” |
Reference use, ingress, and egress on profile |
Core, Next |
serverTLS (object) |
None |
See “Pointer_String” |
Reference that is a string |
Core, Next |
snat (object) |
auto |
See “Pointer_SNAT” |
Reference for SNAT pointer (includes string and snat pool) |
Core, Next |
tap (object) |
None |
See “Pointer_Use” |
Reference for use property |
Core, Next |
iRules (object) |
None |
See “Pointer_IRules” |
List of iRule references |
Core, Next |
policyWAF (object) |
None |
None |
None |
Core, Next |
policyIAM (object) |
None |
See “Pointer_BIGIP” |
Reference for a BIG-IP object |
Core, Next |
policyPerRequestAccess (object) |
None |
See “Pointer_BIGIP” |
Reference for a BIG-IP object |
Core, Next |
pool (object) |
None |
See “Pointer_Use_Or_String” |
Reference for use property or string |
Core, Next |
virtualAddresses (object) |
None |
See “Virtual_Addresses” |
Virtual addresses array |
Core, Next |
virtualPort (object) |
80 |
See “Virtual_Port” |
Virtual port |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
Service_HTTPS¶
HTTPS virtual server
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Service_HTTPS |
None |
None |
Core, Next |
clientTLS (object) |
None |
None |
None |
Core, Next |
enable (boolean) |
true |
true, false |
None |
Core, Next |
inlineConnector (object) |
None |
See “Pointer_Use” |
Reference for use property |
Core, Next |
inspectionServices (array) |
None |
None |
None |
Next |
profileBotDefense (array) |
None |
None |
Attaches a Bot Defense profile to the service |
Core, Next |
mirroring (object) |
None |
See “Mirroring” |
Controls connection-mirroring for high-availability |
Core, Next |
allowVlans (object) |
None |
See “Pointer_Allow_Vlans” |
Names of existing VLANs that the application will pass traffic to. |
Next |
persistenceMethods (object) |
cookie |
See “Pointer_Profile_Persistence” |
Reference for Profile persistance |
Core, Next |
profileAnalytics (object) |
None |
See “Pointer_Profile_Standard” |
Reference for a standard profile |
Core, Next |
profileAnalyticsTcp (object) |
None |
See “Pointer_Profile_Standard” |
Reference for a standard profile |
Core, Next |
profileHTTP (object) |
None |
See “Pointer_Profile_Ingress_Egress” |
Reference use, ingress, and egress on profile |
Core, Next |
profileHTTP2 (object) |
None |
See “Pointer_Profile_Ingress_Egress” |
Reference use, ingress, and egress on profile |
Core, Next |
profileHTTPCompression (object) |
None |
See “Pointer_Profile_Standard_Plus_Template” |
Reference for a standard profile with template |
Core, Next |
profileHTTPAcceleration (object) |
None |
See “Pointer_Profile_Standard” |
Reference for a standard profile |
Core, Next |
profileMultiplex (object) |
None |
See “Pointer_Profile_Standard” |
Reference for a standard profile |
Core, Next |
profileTCP (object) |
None |
See “Pointer_Profile_Ingress_Egress” |
Reference use, ingress, and egress on profile |
Core, Next |
redirect80 (boolean) |
None |
true, false |
None |
Core, Next |
serverTLS (object) |
None |
See “Pointer_String” |
Reference that is a string |
Core, Next |
snat (object) |
auto |
See “Pointer_SNAT” |
Reference for SNAT pointer (includes string and snat pool) |
Core, Next |
tap (object) |
None |
See “Pointer_Use” |
Reference for use property |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
iRules (object) |
None |
See “Pointer_IRules” |
List of iRule references |
Core, Next |
policyWAF (object) |
None |
None |
None |
Core, Next |
policyIAM (object) |
None |
See “Pointer_BIGIP” |
Reference for a BIG-IP object |
Core, Next |
policyPerRequestAccess (object) |
None |
See “Pointer_BIGIP” |
Reference for a BIG-IP object |
Core, Next |
pool (object) |
None |
See “Pointer_Use_Or_String” |
Reference for use property or string |
Core, Next |
virtualAddresses (object) |
None |
See “Virtual_Addresses” |
Virtual addresses array |
Core, Next |
virtualPort (object) |
443 |
See “Virtual_Port” |
Virtual port |
Core, Next |
Service_L4¶
Fast L4 virtual server
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Service_L4 |
None |
None |
Core, Next |
enable (boolean) |
true |
true, false |
Enables property function |
Core, Next |
profileL4 (object) |
None |
See “Pointer_Profile_Standard” |
Reference for a standard profile |
Core, Next |
virtualAddresses (object) |
None |
See “Virtual_Addresses” |
Virtual addresses array |
Core, Next |
virtualPort (object) |
80 |
See “Virtual_Port” |
Virtual port |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
mirroring (object) |
None |
See “Mirroring” |
Controls connection-mirroring for high-availability |
Core, Next |
allowVlans (object) |
None |
See “Pointer_Allow_Vlans” |
Names of existing VLANs that the application will pass traffic to. |
Next |
profileBotDefense (array) |
None |
None |
Attaches a Bot Defense profile to the service |
Core, Next |
persistenceMethods (object) |
source-address |
See “Pointer_Profile_Persistence” |
Reference for Profile persistance |
Core, Next |
snat (object) |
auto |
See “Pointer_SNAT” |
Reference for SNAT pointer (includes string and snat pool) |
Core, Next |
iRules (object) |
None |
See “Pointer_IRules” |
List of iRule references |
Core, Next |
policyWAF (object) |
None |
None |
None |
Core, Next |
policyIAM (object) |
None |
See “Pointer_BIGIP” |
Reference for a BIG-IP object |
Core, Next |
policyPerRequestAccess (object) |
None |
See “Pointer_BIGIP” |
Reference for a BIG-IP object |
Core, Next |
pool (object) |
None |
See “Pointer_Use_Or_String” |
Reference for use property or string |
Core, Next |
Service_Pool¶
Pool Service
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Service_Pool |
None |
None |
Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Next |
pool (object) |
None |
See “Pointer_Use_Or_String” |
Reference for use property or string |
Next |
Service_TCP¶
TCP virtual server
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Service_TCP |
None |
None |
Core, Next |
enable (boolean) |
true |
true, false |
None |
Core, Next |
clientTLS (object) |
None |
None |
None |
Core, Next |
mirroring (object) |
None |
See “Mirroring” |
Controls connection-mirroring for high-availability |
Core, Next |
allowVlans (object) |
None |
See “Pointer_Allow_Vlans” |
Names of existing VLANs that the application will pass traffic to. |
Next |
persistenceMethods (object) |
source-address |
See “Pointer_Profile_Persistence” |
Reference for Profile persistance |
Core, Next |
profileAnalyticsTcp (object) |
None |
See “Pointer_Profile_Standard” |
Reference for a standard profile |
Core, Next |
profileTCP (object) |
None |
See “Pointer_Profile_Ingress_Egress” |
Reference use, ingress, and egress on profile |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
iRules (object) |
None |
See “Pointer_IRules” |
List of iRule references |
Core, Next |
inlineConnector (object) |
None |
See “Pointer_Use” |
Reference for use property |
Core, Next |
inspectionServices (array) |
None |
None |
None |
Next |
policyWAF (object) |
None |
None |
None |
Core, Next |
policyIAM (object) |
None |
See “Pointer_BIGIP” |
Reference for a BIG-IP object |
Core, Next |
policyPerRequestAccess (object) |
None |
See “Pointer_BIGIP” |
Reference for a BIG-IP object |
Core, Next |
pool (object) |
None |
See “Pointer_Use_Or_String” |
Reference for use property or string |
Core, Next |
snat (object) |
auto |
See “Pointer_SNAT” |
Reference for SNAT pointer (includes string and snat pool) |
Core, Next |
tap (object) |
None |
See “Pointer_Use” |
Reference for use property |
Core, Next |
virtualAddresses (object) |
None |
See “Virtual_Addresses” |
Virtual addresses array |
Core, Next |
virtualPort (object) |
80 |
See “Virtual_Port” |
Virtual port |
Core, Next |
serverTLS (object) |
None |
See “Pointer_String” |
Reference that is a string |
Core, Next |
Service_UDP¶
UDP virtual server
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Service_UDP |
None |
None |
Core, Next |
enable (boolean) |
true |
true, false |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
mirroring (object) |
None |
See “Mirroring” |
Controls connection-mirroring for high-availability |
Core, Next |
allowVlans (object) |
None |
See “Pointer_Allow_Vlans” |
Names of existing VLANs that the application will pass traffic to. |
Next |
persistenceMethods (object) |
source-address |
See “Pointer_Profile_Persistence” |
Reference for Profile persistance |
Core, Next |
profileUDP (object) |
None |
See “Pointer_Profile_Standard” |
Reference for a standard profile |
Core, Next |
profileBotDefense (array) |
None |
None |
None |
Core, Next |
iRules (object) |
None |
See “Pointer_IRules” |
List of iRule references |
Core, Next |
inlineConnector (object) |
None |
See “Pointer_Use” |
Reference for use property |
Core, Next |
inspectionServices (array) |
None |
None |
None |
Next |
policyWAF (object) |
None |
None |
None |
Core, Next |
policyIAM (object) |
None |
See “Pointer_BIGIP” |
Reference for a BIG-IP object |
Core, Next |
policyPerRequestAccess (object) |
None |
See “Pointer_BIGIP” |
Reference for a BIG-IP object |
Core, Next |
pool (object) |
None |
See “Pointer_Use_Or_String” |
Reference for use property or string |
Core, Next |
snat (object) |
auto |
See “Pointer_SNAT” |
Reference for SNAT pointer (includes string and snat pool) |
Core, Next |
tap (object) |
None |
See “Pointer_Use” |
Reference for use property |
Core, Next |
virtualAddresses (object) |
None |
See “Virtual_Addresses” |
Virtual addresses array |
Core, Next |
virtualPort (object) |
80 |
See “Virtual_Port” |
Virtual port |
Core, Next |
SNAT_Pool¶
SNAT pool
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
SNAT_Pool |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
snatAddresses (array) |
None |
None |
List of SNAT addresses– may include both IPv4 and IPv6 |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
TCP_Profile¶
TCP Profile
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
TCP_Profile |
None |
None |
Core, Next |
idleTimeout (integer) |
None |
None |
Number of seconds (may not be 0) connection may remain idle before it becomes eligible for deletion |
Core, Next |
proxyBufferHigh (integer) |
262144 |
[64-33554432] |
The system closes the receive window when the number of octets in proxy buffer rises above this value |
Core, Next |
proxyBufferLow (integer) |
196608 |
[64-33554432] |
The system opens the receive window when the number of octets in proxy buffer falls below this value |
Core, Next |
sendBufferSize (integer) |
262144 |
[64-33554432] |
Maximum size of send buffer |
Core, Next |
template (string) |
None |
lan, wan, mobile, normal |
None |
Next |
TLS_Client¶
TLS Client Profile
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
TLS_Client |
None |
None |
Core, Next |
ciphers (string) |
None |
None |
Ciphersuite selection string. ciphers and cipherGroup are mutually exclusive, only use one. |
Core, Next |
tls1_1Enabled (boolean) |
true |
true, false |
Allow TLS 1.1 Ciphers. |
Core, Next |
tls1_2Enabled (boolean) |
true |
true, false |
Allow TLS 1.2 Ciphers. |
Core, Next |
tls1_3Enabled (boolean) |
true |
true, false |
Allow TLS 1.3 Ciphers. |
Core, Next |
trustCA (object,string) |
None |
None |
CA’s trusted to validate server certificate; ‘generic’ (default) or else BIG-IP AS3 pointer to declaration of CA Bundle |
Core, Next |
TLS_Server¶
TLS Server Profile
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
authenticationTrustCA (object) |
None |
None |
Pointer to CA Bundle used to validate client certificates |
Next |
class (string) |
TLS_Server |
None |
None |
Core, Next |
certificates (array) |
None |
None |
Primary and (optional) additional certificates (order is significant, element 0 is primary cert) |
Core, Next |
ciphers (string) |
None |
None |
Ciphersuite selection string. ciphers and cipherGroup are mutually exclusive, only use one. |
Core, Next |
enableAuthentication (boolean) |
None |
true, false |
Enables authentication |
Next |
tls1_1Enabled (boolean) |
true |
true, false |
Allow TLS 1.1 Ciphers. |
Core, Next |
tls1_2Enabled (boolean) |
true |
true, false |
Allow TLS 1.2 Ciphers. |
Core, Next |
tls1_3Enabled (boolean) |
true |
true, false |
Allow TLS 1.3 Ciphers. |
Core, Next |
UDP_Profile¶
Configures a User Datagram Protocol (UDP) profile
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
UDP_Profile |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
allowNoPayload (boolean) |
None |
true, false |
When true, forward UDP datagrams with empty payloads (default false) |
Core |
bufferMaxBytes (integer) |
655350 |
[65535-16777215] |
Limit to number of octets which the system may buffer for a UDP flow (default 655350) |
Core |
bufferMaxPackets (integer) |
None |
[0-255] |
Limit to number of packets which the system may buffer for a UDP flow (default 0) |
Core |
datagramLoadBalancing (boolean) |
None |
true, false |
When true, process UDP datagrams independently, without recognizing flows (default false) |
Core, Next |
idleTimeout (integer) |
60 |
[-1-86400] |
Number of seconds (default 60) flow may remain idle before it becomes eligible for deletion. Value 0 allows system to recover per-flow resources whenever convenient (always safe with UDP). Value -1 means indefinite (not recommended) |
Core, Next |
ipDfMode (string) |
pmtu |
clear, pmtu, preserve, set |
Controls DF (Don’t Fragment) flag in outgoing datagrams. Value ‘pmtu’ (default) sets DF based on IP PMTU value. Value ‘preserve’ copies DF from received datagram. Value ‘set’ forces DF true in all outgoing datagrams. Value ‘clear’ forces DF false in all outgoing datagrams |
Core |
ipTosToClient (object) |
None |
None |
Specifies the IP TOS/DSCP value in packets sent to clients (default 0). Numeric values in this property are decimal representations of eight-bit numbers, of which the leftmost six bits are the DSCP code per rfc2474 (and the rightmost two bits reserved). You may have to calculate the value of this property by multiplying a DSCP code, such as CS5+EF = 46, by four, to obtain the ‘ipTosToClient’ value, such as 184. Value ‘pass-through’ sets DSCP from the initial server-side value. Value ‘mimic’ copies DSCP from the most-recently received server-side packet (allowing DSCP to vary during the life of a connection) |
Core |
linkQosToClient (object) |
None |
None |
Specifies the Layer-2 QOS value in packets sent to clients (default 0). Ethernet-type networks recognize numeric codes from 0 to 7. Value ‘pass-through’ sets QOS from the initial server-side value |
Core |
proxyMSS (boolean) |
None |
true, false |
When true, MSS advertised on the server side will match that negotiated with the client, if permitted by MTU and other constraints (default false) |
Core |
ttlIPv4 (integer) |
255 |
[1-255] |
TTL the system sets in outgoing IPv4 datagrams |
Core |
ttlIPv6 (integer) |
64 |
[1-255] |
TTL the system sets in outgoing IPv6 datagrams |
Core |
ttlMode (string) |
proxy |
decrement, preserve, proxy, set |
Controls IP TTL in outgoing datagrams. Value ‘set’ forces TTL to value of property ‘ttlIPv4’ or ‘ttlIPv6’ as appropriate. Value ‘proxy’ forces TTL to the default value for IPv4 or IPv6 as appropriate. Value ‘preserve’ copies TTL from received datagram. Value ‘decrement’ sets TTL to one less than received datagram’s TTL |
Core |
useChecksum (boolean) |
None |
true, false |
When true, system will validate UDP checksums for IPv4 datagrams (default false). Checksums are always validated for IPv6 |
Core |
WAF_Policy¶
Configures a WAF policy
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
WAF_Policy |
None |
None |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
file (string) |
None |
None |
None |
Core, Next |
ignoreChanges (boolean) |
None |
true, false |
If false (default), the system updates the policy in every BIG-IP AS3 declaration deployment. If true, BIG-IP AS3 creates the policy on first deployment, and leaves it untouched afterwards |
Core, Next |
enforcementMode (string) |
None |
blocking, transparent |
Overrides the enforcement mode setting of the WAF policy |
Core, Next |
policy (object) |
None |
See “F5_String” |
The value can be either a string, text property, base64 property, url property, etc. |
Core, Next |
WebSocket_Profile¶
WebSocket profile with configurable options
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
WebSocket_Profile (object) |
None |
None |
WebSocket profile with configurable options |
Core |
Bearer_Token¶
Describes using a bearer token to access a resource
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
method (string) |
bearer-token |
None |
Specifies the authentication method |
Core |
token (object) |
None |
None |
Specifies the bearer token |
Core |
F5_String¶
The value can be either a string, text property, base64 property, url property, etc.
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
F5_String (string | object) |
None |
None | None |
The value can be either a string, text property, base64 property, url property, etc. |
Core, Next |
IP_Address¶
IP address (v4 or v6)
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
IP_Address (object | object | object | object) |
None |
See “IPv4_Address” | See “IPv6_Address” | See “IPv4_Address_Route_Domain” | See “IPv6_Address_Route_Domain” |
IP address (v4 or v6) |
Core, Next |
IPv4_Address¶
IPv4 Address
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
IPv4_Address (string) |
None |
None |
IPv4 Address |
Core, Next |
IPv4_Address_Route_Domain¶
IPv4 Address Route Domain
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
IPv4_Address_Route_Domain (string) |
None |
None |
IPv4 Address Route Domain |
Core |
IPv6_Address¶
IPv6 Address
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
IPv6_Address (string) |
None |
None |
IPv6 Address |
Core, Next |
IPv6_Address_Route_Domain¶
IPv6 Address Route Domain
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
IPv6_Address_Route_Domain (string) |
None |
None |
IPv6 Address Route Domain |
Core |
IP_Address_Range¶
IP address (v4 or v6) Range
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
IP_Address_Range (object | object | object | object) |
None |
See “IPv4_Address_Range” | See “IPv6_Address_Range” | See “IPv4_Address_Route_Domain” | See “IPv6_Address_Route_Domain” |
IP address (v4 or v6) Range |
Core, Next |
IPv4_Address_Range¶
IPv4 Address Range
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
IPv4_Address_Range (string) |
None |
None |
IPv4 Address Range |
Core, Next |
IPv6_Address_Range¶
IPv6 Address Range
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
IPv6_Address_Range (string) |
None |
None |
IPv6 Address Range |
Core, Next |
JWE¶
A value in a cryptogram which is a Flattened JWE JSON Serialization object. If ‘miniJWE’ is true then enc=(none|f5sv) only (in JOSE header)
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
ciphertext (string) |
None |
None |
Put base64url(data_value) here |
Core, Next |
ignoreChanges (boolean) |
None |
true, false |
If false (default), the system updates the ciphertext in every BIG-IP AS3 declaration deployment. If true, BIG-IP AS3 creates the ciphertext on first deployment, and leaves it untouched afterwards |
Core |
miniJWE (boolean) |
true |
true, false |
If true (default), object is an f5 mini-JWE |
Core |
protected (string) |
eyJhbGciOiJkaXIiLCJlbmMiOiJub25lIn0 |
None |
JOSE header: alg=dir, enc=(none|f5sv); default enc=none (encoded default is ‘protected’=’eyJhbGciOiJkaXIiLCJlbmMiOiJub25lIn0’, use with secret simply base64 url-encoded into ‘ciphertext’). If you see ‘protected’=’eyJhbGciOiJkaXIiLCJlbmMiOiJmNXN2In0’, ‘ciphertext’ contains base64url-encoded SecureVault cryptogram |
Core, Next |
Label¶
Optional friendly name for this object
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Label (string) |
None |
None |
Optional friendly name for this object |
Core, Next |
Mirroring¶
Controls connection-mirroring for high-availability
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Mirroring (string) |
None |
none, L4 |
Controls connection-mirroring for high-availability |
Core, Next |
Pointer_Allow_Vlans¶
Names of existing VLANs that the application will pass traffic to.
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_Allow_Vlans (array) |
None |
None |
Names of existing VLANs that the application will pass traffic to. |
Next |
Pointer_HTTP_Acceleration_Profile¶
Reference to a HTTP Acceleration Profile
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_HTTP_Acceleration_Profile (object) |
None |
None |
Reference to a HTTP Acceleration Profile |
Core |
Pointer_HTTP_Profile¶
Reference to a HTTP Profile
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_HTTP_Profile (object | object) |
None |
See “Pointer_BIGIP_Or_Use” | None |
Reference to a HTTP Profile |
Core |
Pointer_IRules¶
List of iRule references
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_IRules (array) |
None |
None |
List of iRule references |
Core, Next |
Pointer_L4_Profile¶
Reference to a fast L4 profile
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_L4_Profile (object | object) |
None |
See “Pointer_BIGIP_Or_Use” | None |
Reference to a fast L4 profile |
Core |
Pointer_Log_Destination¶
Reference to a log destination
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_Log_Destination (object | object) |
None |
See “Pointer_BIGIP_Or_Use” | None |
Reference to a log destination |
Core |
Pointer_Log_Publisher¶
Reference to a log publisher
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_Log_Publisher (object | object) |
None |
See “Pointer_BIGIP_Or_Use” | None |
Reference to a log publisher |
Core |
Pointer_Pool¶
Reference to a pool
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_Pool (object | object) |
None |
See “Pointer_BIGIP_Or_Use” | None |
Reference to a pool |
Core |
Pointer_Profile_Ingress_Egress¶
Reference use, ingress, and egress on profile
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
use (string) |
None |
None |
None |
Core, Next |
ingress (object) |
None |
See “Pointer_Use_Or_String” |
Reference for use property or string |
Core, Next |
egress (object) |
None |
See “Pointer_Use_Or_String” |
Reference for use property or string |
Core, Next |
Pointer_Profile_Standard¶
Reference for a standard profile
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_Profile_Standard (object) |
None |
See “Pointer_Use” |
Reference for a standard profile |
Core, Next |
Pointer_Profile_Standard_Plus_Template¶
Reference for a standard profile with template
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_Profile_Standard_Plus_Template (object) |
None |
None |
Reference for a standard profile with template |
Core, Next |
Pointer_BIGIP¶
Reference for a BIG-IP object
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
bigip (string) |
None |
None |
Path to BIG-IP object |
Core, Next |
Pointer_F5_String_Or_BIGIP¶
Reference for a property or BIG-IP object
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_F5_String_Or_BIGIP (object) |
None |
None |
Reference for a property or BIG-IP object |
Core, Next |
Pointer_BIGIP_Or_Use¶
Reference for a BIG-IP or Use object
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_BIGIP_Or_Use (object) |
None |
None |
Reference for a BIG-IP or Use object |
Core, Next |
Pointer_CA_Bundle¶
Reference to a Ca Bundle
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
bigip (string) |
None |
None |
Pathname of existing BIG-IP Ca Bundle |
Core, Next |
use (string) |
None |
None |
BIG-IP AS3 pointer to Ca Bundle declaration |
Core, Next |
Pointer_Certificate_Validator_OCSP¶
Reference to a OCSP Cert Validator
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_Certificate_Validator_OCSP (object) |
None |
None |
Reference to a OCSP Cert Validator |
Core, Next |
Pointer_Copy_From¶
pointer to declaration object/property from which to copy value
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_Copy_From (string) |
None |
None |
pointer to declaration object/property from which to copy value |
Core |
Pointer_Data_Group_File¶
Reference to a Data Group File
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
bigip (string) |
None |
None |
Pathname of existing BIG-IP Data Group File |
Core |
Pointer_DNS_Resolver¶
Reference to a DNS resolver
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_DNS_Resolver (object) |
None |
None |
Reference to a DNS resolver |
Core |
Pointer_Profile_Persistence¶
Reference for Profile persistance
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_Profile_Persistence (array) |
None |
None |
Reference for Profile persistance |
Core, Next |
Pointer_SNAT¶
Reference for SNAT pointer (includes string and snat pool)
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_SNAT (object) |
None |
None |
Reference for SNAT pointer (includes string and snat pool) |
Core, Next |
Pointer_SSL_Certificate¶
Reference to a SSL certificate
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_SSL_Certificate (object) |
None |
None |
Reference to a SSL certificate |
Core |
Pointer_TLS_Client¶
Reference to a TLS Client
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_TLS_Client (object) |
None |
None |
Reference to a TLS Client |
Core |
Pointer_Use¶
Reference for use property
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
use (string) |
None |
None |
Path to object in declaration |
Core, Next |
Pointer_Use_Or_String¶
Reference for use property or string
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_Use_Or_String (object) |
None |
None |
Reference for use property or string |
Core, Next |
Pointer_String¶
Reference that is a string
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_String (string) |
None |
None |
Reference that is a string |
Core, Next |
Pointer_WebSocket_Profile¶
Reference to a WebSocket Profile
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Pointer_WebSocket_Profile (object) |
None |
None |
Reference to a WebSocket Profile |
Core |
Property_Base64¶
A Base64-encoded value (base64 property)
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Property_Base64 (object) |
None |
See “Resource_Base64” |
A Base64-encoded value (base64 property) |
Core, Next |
Property_Passphrase¶
A passphrase (passphrase property)
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Property_Passphrase (object) |
None |
See “Secret” |
A passphrase (passphrase property) |
Core, Next |
Property_Text¶
A text value (text property)
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Property_Text (object) |
None |
See “Resource_Text” |
A text value (text property) |
Core, Next |
Remark¶
Arbitrary (brief) text pertaining to this object (optional)
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Remark (string) |
None |
None |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
Resource_Base64¶
A Base64-encoded value
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Resource_Base64 (string) |
None |
None |
A Base64-encoded value |
Core, Next |
Resource_Text¶
UTF-8 text (in JSON string)
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Resource_Text (string) |
None |
None |
UTF-8 text (in JSON string) |
Core, Next |
Resource_URL¶
The URL for a required resource
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Resource_URL (string | object) |
None |
None | None |
The URL for a required resource |
Core, Next |
Secret¶
A value: (a) in a cryptogram in this object; (b) in a cryptogram elsewhere in this declaration; or (c) available from a URL
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Secret (string | object) |
None |
None | None |
A value: (a) in a cryptogram in this object; (b) in a cryptogram elsewhere in this declaration; or (c) available from a URL |
Core, Next |
Secret_Resource_URL¶
Describes the URL to remote resource and optional parameters
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Secret_Resource_URL (string | object) |
None |
None | None |
Describes the URL to remote resource and optional parameters |
Core |
Virtual_Addresses¶
Virtual addresses array
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Virtual_Addresses (array) |
None |
None |
Virtual addresses array |
Core, Next |
Virtual_Port¶
Virtual port
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Virtual_Port (integer | array) |
None |
None | None |
Virtual port |
Core, Next |
Basic_Auth¶
Describes the basic authentication to access a resource
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
method (string) |
None |
basic |
Specifies the authentication method |
Core, Next |
username (string) |
None |
None |
Specifies the user name for authentication |
Core, Next |
passphrase (object) |
None |
None |
Specifies the password for authentication |
Core, Next |
Application¶
Declares an Application
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Application |
None |
None |
Core, Next |
template (string) |
None |
None |
This is a deprecated property found in older BIG-IP AS3 declarations and it will be ignored |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
constants (object) |
None |
See “Constants” |
Named values for (re-)use by declaration objects |
Core, Next |
Application_Objects¶
Application objects definition
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Application_Objects (object | object | object | object | object | object | object | object | object | object | object | object | object | object | object | object | object | object | object | object | object | object | object | object | object | object | object | object) |
None |
None | None | None | None | None | None | None | None | None | None | None | None | None | None | None | None | None | None | None | None | None | None | None | None | None | None | None | None |
Application objects definition |
Core, Next |
Property_Names¶
Property names
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
Property_Names (object) |
None |
None |
Property names |
Core, Next |
Tenant¶
Declares a Tenant
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
Tenant |
None |
None |
Core, Next |
controls (object) |
None |
See “Controls” |
Optional controls configuration |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
constants (object) |
None |
See “Constants” |
Named values for (re-)use by declaration objects |
Core, Next |
ADC¶
Indicates this document is an ADC declaration
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
ADC |
None |
Indicates this document is an ADC declaration |
Core, Next |
schemaVersion (string) |
None |
3.47.0, 3.46.0, 3.45.0, 3.44.0, 3.43.0, 3.42.0, 3.41.0, 3.40.0, 3.39.0, 3.38.0, 3.37.0, 3.36.0, 3.35.0, 3.34.0, 3.33.0, 3.32.0, 3.31.0, 3.30.0, 3.29.0, 3.28.0, 3.27.0, 3.26.0, 3.25.0, 3.24.0, 3.23.0, 3.22.0, 3.21.0, 3.20.0, 3.19.0, 3.18.0, 3.17.0, 3.16.0, 3.15.0, 3.14.0, 3.13.0, 3.12.0, 3.11.0, 3.10.0, 3.9.0, 3.8.1, 3.7.1, 3.6.0, 3.5.2, 3.5.1, 3.4.0, 3.3.0, 3.2.0, 3.1.0, 3.0.0 |
Version of ADC Declaration schema this declaration uses |
Core, Next |
id (string) |
None |
None |
Unique identifier for this declaration (max 255 printable chars with no spaces, quotation marks, angle brackets, nor backslashes) |
Core, Next |
controls (object) |
None |
See “Controls” |
Optional controls configuration |
Core, Next |
label (object) |
None |
See “Label” |
Optional friendly name for this object |
Core, Next |
remark (object) |
None |
See “Remark” |
Arbitrary (brief) text pertaining to this object (optional) |
Core, Next |
constants (object) |
None |
See “Constants” |
Named values for (re-)use by declaration objects |
Core, Next |
AS3¶
BIG-IP AS3 class definition
Name |
Default |
Values |
Description |
Supported On |
|---|---|---|---|---|
class (string) |
AS3 |
None |
Indicates this document is an BIG-IP AS3 declaration |
Core, Next |
$schema (string) |
None |
None |
URL of schema against which to validate. Used by validation in your local environment only (via Visual Studio Code, for example) |
Core, Next |
id (string) |
None |
None |
Unique identifier for this declaration (max 255 printable chars with no spaces, quotation marks, angle brackets, nor backslashes) |
Core, Next |
action (string) |
None |
deploy, dry-run |
Specifies the action to the performed on the ADC declaration |
Core, Next |
declaration (object) |
None |
See “ADC” |
Indicates this document is an ADC declaration |
Core, Next |