ltm global-settings connectionΒΆ

ltm global-settings connection(1)		  BIG-IP TMSH Manual		    ltm global-settings connection(1)

NAME
       connection - Configures the global settings that pertain to connections for the BIG-IP(r) and VIPRION(r) local
       traffic management systems.

MODULE
       ltm global-settings

SYNTAX
       Configure the connection component within the ltm global-settings module using the syntax shown in the
       following sections.

   MODIFY
	modify connection
	  options:
	    adaptive-reaper-hiwater [integer]
	    adaptive-reaper-lowater [integer]
	    auto-last-hop [disabled | enabled]
	    default-vs-syn-challenge-threshold [infinite | integer]
	    global-flow-eviction-policy [name]
	    global-syn-challenge-threshold [infinite | integer]
	    syncookies-threshold [integer]
	    vlan-keyed-conn [disabled | enabled]
	    vlan-syn-cookie [disabled | enabled]

   DISPLAY
	list connection
	list connection [option name]
	show running-config connection
	show running-config connection [option name]
	  options:
	    all-properties
	    non-default-properties
	    one-line

DESCRIPTION
       You can use the connection component to modify how the system processes connections.

EXAMPLES
       modify connection auto-last-hop disabled
	    Specifies that the system does not automatically map the last hop for pools.

       list connection
	    Displays the global settings for how the system processes connections.

OPTIONS
       adaptive-reaper-hiwater
	    *IMPORTANT* This command has been deprecated (as of 11.6.0). Please use ltm eviction-policy instead.
	    Specifies, in a percentage, the memory usage at which the system stops establishing new connections. Once
	    the system meets the reaper high-water mark, the system does not establish new connections until the
	    memory usage drops below the reaper low-water mark. The adaptive reaper settings help mitigate the
	    effects of a denial-of-service attack.

	    The available range is 85 - 100. The default value is 95. To disable the adaptive reaper, set the high-
	    water mark to 100.

       adaptive-reaper-lowater
	    *IMPORTANT* This command has been deprecated (as of 11.6.0). Please use ltm eviction-policy instead.
	    Specifies, in percent, the memory usage at which the system silently purges stale connections, without
	    sending reset packets (RST) to the client. If the memory usage remains above the low-water mark after the
	    purge, then the system starts purging established connections closest to their service timeout.

	    The available range is 70 - 100. The default value is 85. To disable the adaptive reaper, set the low-
	    water mark to 100.

       auto-last-hop
	    Specifies that the system automatically maps the last hop for pools. The default value is enabled.

       default-vs-syn-challenge-threshold
	    Specifies the default value of per-virtual server SYN Cookie activation threshold per chassis. The
	    default value is infinite. The valid range is 128 - 1024K or infinite (encoded as 0).

       global-flow-eviction-policy
	    Specifies the flow eviction policy to use when approaching memory usage limits. The settings in the
	    policy determine the adaptive reaper high and low water marks, and help determine which client
	    connections to terminate when memory limits have exceeded the "low-water" threshold in the eviction
	    policy. The settings help mitigate the effects of a denial-of-service attack.

       global-syn-challenge-threshold
	    Specifies the default value of the global SYN Cookie activation threshold per TMM. The default value is
	    64K. The valid range is 2048 - 4096K or infinite (encoded as 0).

       syncookies-threshold
	    This option is deprecated in version 13.0.0 and is replaced by default-vs-syn-challenge-threshold.
	    Specifies the number of new or untrusted TCP connections that can be established before the system
	    activates the SYN Cookies authentication method for subsequent TCP connections. The default value is
	    16384.

       vlan-keyed-conn
	    Enables or disables VLAN-keyed connections. You use VLAN-keyed connections when traffic for the same
	    connection must pass through the system several times, on multiple pairs of VLANs (or in different VLAN
	    groups). The default value is enabled.

       vlan-syn-cookie
	    Enables or disables the hardware per-VLAN SYN cookie protection on platforms with supported firmware.
	    The default value is enabled.

SEE ALSO
       list, ltm node, modify, show, tmsh

COPYRIGHT
       No part of this program may be reproduced or transmitted in any form or by any means, electronic or
       mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose
       other than the purchaser's personal use, without the express written permission of F5 Networks, Inc.

       F5 Networks and BIG-IP (c) Copyright 2009-2010, 2013, 2016. All rights reserved.

BIG-IP						      2016-09-06		    ltm global-settings connection(1)