Non-HTTP declarations

This section contains relatively simple examples of declarations that create non-HTTP services or objects, such as TCP, UDP, and so on.

Use the index under Current Page on the left to locate specific examples.

1: UDP virtual service

This example is for a UDP DNS load balancer service, and creates the following objects on the BIG-IP:

  • Partition (tenant) named Sample_non_http_01.
  • A UDP virtual server named serviceMain on port 53.
  • A pool named Pool1 monitored by the default ICMP health monitor.
{
  "class": "AS3",
  "action": "deploy",
  "declaration": {
    "class": "ADC",
    "schemaVersion": "3.0.0",
    "id": "UDP_DNS_Sample",
    "label": "UDP_DNS_Sample",
    "remark": "Sample of a UDP DNS Load Balancer Service",
    "Sample_non_http_01": {
      "class": "Tenant",
      "DNS_Service": {
        "class": "Application",
        "template": "udp",
        "serviceMain": {
          "class": "Service_UDP",
          "virtualPort": 53,
          "virtualAddresses": [
            "10.1.20.121"
          ],
          "pool": "Pool1"
        },
        "Pool1": {
          "class": "Pool",
          "monitors": [
            "icmp"
          ],
          "members": [
            {
              "servicePort": 53,
              "serverAddresses": [
                "10.1.10.100"
              ]
            },
            {
              "servicePort": 53,
              "serverAddresses": [
                "10.1.10.101"
              ]
            }
          ]
        }
      }
    }
  }
 }

Back to top

2: TCP load-balanced to ICAP with custom monitor

This example creates the following objects on the BIG-IP:

  • Partition (tenant) named Sample_non_http_02.
  • A TCP virtual server named serviceMain on port 1344 (called _A1 in the BIG-IP GUI).
  • A TCP profile using the mptcp-mobile-optimized parent.
  • A pool named svc_pool containing two members (also using port 1344).
  • A custom TCP health monitor with custom Send and Receive strings for ICAP.
{
  "class": "AS3",
  "action": "deploy",
  "persist": true,
  "declaration": {
    "class": "ADC",
    "schemaVersion": "3.0.0",
    "id": "123456abcd",
    "label": "Sample TCP 1",
    "remark": "TCP load-balanced to ICAP with custom monitor",
    "Sample_non_http_02": {
      "class": "Tenant",
      "A1": {
        "class": "Application",
        "template": "tcp",
        "serviceMain": {
          "class": "Service_TCP",
          "virtualAddresses": [
            "10.0.5.10"
          ],
          "virtualPort": 1344,
          "pool": "svc_pool"
        },
        "svc_pool": {
          "class": "Pool",
          "monitors": [{
            "use": "icap_monitor"
          }],
          "members": [{
            "servicePort": 1344,
            "serverAddresses": [
              "192.0.5.10",
              "192.0.5.11"
            ]
          }]
        },
        "icap_monitor": {
          "class": "Monitor",
          "monitorType": "tcp",
          "send": "OPTIONS icap://icap.example.net/ ICAP/1.0\r\nUser-Agent: f5-ADC\r\n\r\n",
          "receive": "ICAP/1.0 200 OK",
          "adaptive": false
        }
      }
    }
  }
}

Back to top

3: Using BIG-IP DNS features in a declaration

This example shows how you can use some BIG-IP DNS features (DNS profiles, TSIG keys, DNS Zones, Nameservers) in an AS3 declaration. The DNS features we use in this declaration are well-documented in the BIG-IP DNS Services: Implementations guide, so for specific information, see this documentation. Also see the Schema Reference for usage options for using these features in your AS3 declarations.

This declaration creates the following objects on the BIG-IP:

  • Partition (tenant) named Sample_non_http_03.
  • A virtual server named serviceMain.
  • A DNS Zone that uses DNS Express.
  • A DNS Nameserver Zone.
  • A DNS TSIG Key using the hmacmd5 algorithm.
{
    "class": "ADC",
    "updateMode": "selective",
    "schemaVersion": "3.0.0",
    "id": "DNS",
    "Sample_non_http_03": {
        "class": "Tenant",
        "TEST_DNS_Zone": {
            "class": "Application",
            "template": "generic",
            "dnsZone": {
                "class": "DNS_Zone",
                "label": "dnsZone",
                "remark": "DNS Zone test",
                "dnsExpress": {
                    "enabled": true,
                    "nameserver": {
                        "use": "dnsNameserverZone"
                    },
                    "notifyAction": "consume",
                    "allowNotifyFrom": [
                        "10.1.1.1"
                    ],
                    "verifyNotifyTsig": false
                },
                "responsePolicyEnabled": true,
                "serverTsigKey": {
                    "use": "tsigKeyZone"
                },
                "transferClients": [
                    {
                        "use": "dnsNameserverZone"
                    }
                ]
            },
            "dnsNameserverZone": {
                "class": "DNS_Nameserver",
                "label": "dnsNameserverZone",
                "remark": "A DNS Nameserver",
                "address": "10.1.1.2",
                "port": 53,
                "routeDomain": {
                    "bigip": "/Common/0"
                },
                "tsigKey": {
                    "use": "tsigKeyZone"
                }
            },
            "tsigKeyZone": {
                "class": "DNS_TSIG_Key",
                "label": "tsigKeyZone",
                "remark": "TSIG Key test",
                "algorithm": "hmacmd5",
                "secret": {
                    "ciphertext": "ZjVmNQ==",
                    "miniJWE": true,
                    "protected": "eyJhbGciOiJkaXIiLCJlbmMiOiJub25lIn0",
                    "ignoreChanges": true,
                    "allowReuse": false
                }
            }
        }
    },
    "DNS_PROFILE_1": {
        "class": "Tenant", 
        "DNS_PROFILE_1": {
            "class": "Application",
            "template": "udp",
            "serviceMain": {
                "class": "Service_UDP",
                "virtualPort": 80,
                "virtualAddresses": [
                    "198.19.192.210"
                ],
                "profileUDP": {
                    "use": "profileUdp"
                },

                "profileDNS": {
                    "use": "profileDnsHW"
                }
            },
            "profileDnsHW": {
                "class": "DNS_Profile",
                "label": "profileDnsHW",
                "remark": "DNS Profile test",
                "parentProfile": {
                    "bigip": "/Common/dns"
                },
                "rapidResponseEnabled": false,
                "rapidResponseLastAction": "allow",
                "hardwareQueryValidationEnabled": true,
                "hardwareResponseCacheEnabled": true,
                "dnssecEnabled": false,
                "globalServerLoadBalancingEnabled": false,
                "dnsExpressEnabled": false,
                "cacheEnabled": false,
                "dns64Mode": "secondary",
                "dns64Prefix": "0:0:0:0:0:0:0:0",
                "dns64AdditionalSectionRewrite": "any",
                "unhandledQueryAction": "drop",
                "localBindServerEnabled": false,
                "zoneTransferEnabled": true,
                "recursionDesiredEnabled": false,
                "securityEnabled": false,
                "loggingEnabled": false,
                "statisticsSampleRate": 20
            },
            "profileUdp": {
                "class": "UDP_Profile",
                "datagramLoadBalancing": true
            }

        }
    }
}


 

Back to top


4: Using a FIX profile and data groups in a declaration

This example shows how you can create a FIX (Financial Information eXchange) Profile which is commonly used for electronic trading. It also shows how the tag substitution mapping can be configured using data groups. Note: Some FIX features may require appropriate licensing. For more information, see https://www.f5.com/pdf/solution-profiles/fix-solution-profile.pdf. This declaration creates the following objects on the BIG-IP:

  • Partition (tenant) named Sample_non_http_04.
  • A standard TCP service named serviceMain with a pool named poolWeb.
  • A FIX Profile.
  • A tag substitution mapping using data groups.
  • Three types of referenced data groups: (new) internal, (new) external, and an external data group from an existing data-group file.
{
    "class": "ADC",
    "schemaVersion": "3.0.0",
    "id": "profileFix",
    "label": "sample 23 FIX profile",
    "remark": "Sample Application with FIX Profile",
    "Sample_non_http_04": {
        "class": "Tenant",
        "appWeb": {
            "class": "Application",
            "template": "tcp",
            "serviceMain": {
                "class": "Service_TCP",
                "virtualAddresses": [
                    "192.0.2.21"
                ],
                "virtualPort": 100,
                "pool": "poolWeb",
                "profileTCP": "normal",
                "profileFIX": {
                    "use": "profileFIXcustom"
                }
            },
            "poolWeb": {
                "class": "Pool",
                "monitors": [
                    "tcp-half-open"
                ],
                "members": [
                    {
                        "servicePort": 80,
                        "serverAddresses": [
                            "192.0.2.12",
                            "192.0.2.13"
                        ]
                    }
                ]
            },
            "profileFIXcustom": {
                "class": "FIX_Profile",
                "label": "test",
                "parentProfile": {
                    "bigip": "/Common/fix"
                },
                "errorAction": "drop-connection",
                "fullLogonParsingEnabled": false,
                "messageLogPublisher": {
                    "bigip": "/Common/local-db-publisher"
                },
                "reportLogPublisher": {
                    "bigip": "/Common/local-db-publisher"
                },
                "quickParsingEnabled": true,
                "responseParsingEnabled": true,
                "statisticsSampleInterval": 45,
                "senderTagMappingList": [
                    {
                        "senderId": "ExistingInternalDG",
                        "tagDataGroup": {
                            "bigip": "/Common/testInternalDG"
                        }
                    },
                    {
                        "senderId": "ExistingExternalDG",
                        "tagDataGroup": {
                            "bigip": "/Common/testExternalDG",
                            "isExternal": true
                        }
                    },
                    {
                        "senderId": "RefInternalDG",
                        "tagDataGroup": {
                            "use": "dataGroupRefInternal"
                        }
                    },
                    {
                        "senderId": "RefExternalDG",
                        "tagDataGroup": {
                            "use": "dataGroupRefExternal"
                        }
                    },
                    {
                        "senderId": "RefExternalDGFile",
                        "tagDataGroup": {
                            "use": "dataGroupRefExistingFileNoDG"
                        }
                    }
                ]
            },
            "dataGroupRefInternal": {
                "class": "Data_Group",
                "label": "Tag values mapping",
                "storageType": "internal",
                "name": "Internal Int",
                "keyDataType": "integer",
                "records": [
                    {
                        "key": 121212,
                        "value": "Summer"
                    },
                    {
                        "key": 3434,
                        "value": "Internal Field: \"see guide\""
                    }
                ]
            },
            "dataGroupRefExternal": {
                "class": "Data_Group",
                "label": "From URL or file path",
                "storageType": "external",
                "keyDataType": "string",
                "externalFilePath": "http://yourfile.yourdomain.com",
                "ignoreChanges": true,
                "separator": ":"
            },
            "dataGroupRefExistingFileNoDG": {
                "class": "Data_Group",
                "label": "From existing data-group file",
                "storageType": "external",
                "keyDataType": "string",
                "dataGroupFile": {
                    "bigip": "/Common/{{dataGroupFileName}}"
                }
            }
        }
    }
}

Back to top

5: Using GSLB features in a declaration

This example shows how you use F5s Global Server Load Balancing (GSLB) features in a declaration. You must have BIG-IP DNS (formerly GTM) provisioned to use these features. See the Schema Reference for usage options and additional features for GSLB.

  • Partition (tenant) named Sample_non_http_05.
  • A GSLB wide IP (domain) named example.edu with an alias of another.example.
  • A GSLB pool named testPool monitored by both the http and https health monitors.
  • A GSLB data center named testDataCenter.
  • A GSLB server named testServer with a device and two virtual servers.
{
    "class": "ADC",
    "schemaVersion": "3.6.0",
    "id": "GSLB_Sample",
    "Sample_non_http_05": {
        "class": "Tenant",
        "Application": {
            "class": "Application",
            "template": "generic",
            "testDomain": {
                "class": "GSLB_Domain",
                "domainName": "example.edu",
                "aliases": [
                              "another.example*" ],
                "resourceRecordType": "A",
                "poolLbMode": "ratio",
                "pools": [
                              { "use": "testPool" }
                ]
            },
            "testPool": {
               "class": "GSLB_Pool",
                "enabled": false,
                "lbModeAlternate": "ratio",
                "lbModeFallback": "ratio",
                "manualResumeEnabled": true,
                "verifyMemberEnabled": false,
                "qosHitRatio": 10,
                "qosHops": 11,
                "qosKbps": 8,
                "qosLinkCapacity": 35,
                "qosPacketRate": 5,
                "qosRoundTripTime": 75,
                "qosTopology": 3,
                "qosVirtualServerCapacity": 2,
                "qosVirtualServerScore": 1,
                "members": [
                    {
                        "ratio": 10,
                        "server": {
                            "use": "/Common/Shared/testServer"
                        },
                        "virtualServer": "0"
                    }
                ],
                "bpsLimit": 5,
                "bpsLimitEnabled": true,
                "ppsLimit": 4,
                "ppsLimitEnabled": true,
                "connectionsLimit": 3,
                "connectionsLimitEnabled": true,
                "maxAnswersReturned": 10,
                "monitors": [
                    {
                        "bigip": "/Common/http"
                    },
                    {
                        "bigip": "/Common/https"
                    }
                ],
                "resourceRecordType": "A",
                "fallbackIP": "1.1.1.1"
            }
        }
    },
    "Common": {
        "class": "Tenant",
        "Shared": {
            "class": "Application",
            "template": "shared",
            "testDataCenter": {
                "class": "GSLB_Data_Center"
            },
            "testServer": {
                "class": "GSLB_Server",
                "dataCenter": {
                    "use": "testDataCenter"
                },
                "devices": [
                    {
                        "address": "1.2.3.7"
                    }
                ],
                "virtualServers": [
                    {
                        "address": "1.2.3.8",
                        "port": 5050
                    },
                    {
                        "address": "2001:0db8:85a3:0000:0000:8a2e:0370:7334",
                        "port": 5051
                    }
                ]
            }

        }
    }
}

Back to top

6: Using an LDAP monitor in a declaration

This example shows how you use an LDAP monitor in a declaration. This example shows 4 different LDAP monitors that you can use in your declarations. See the Schema Reference for usage options and additional features.

  • Partition (tenant) named Sample_non_http_06.
  • A pool named monitorLDAP_pool with one member.
  • Four LDAP monitors, named monitorLDAPdefault, monitorLDAPsimple, monitorLDAPnonDefault1, and monitorLDAPnonDefault2.
{
    "class": "ADC",
    "schemaVersion": "3.6.0",
    "id": "TEST_MONITOR_LDAP",
    "remark": "Test LDAP Monitor",
    "TEST_MONITOR_LDAP": {
      "class": "Tenant",
      "TEST_Monitor_LDAP": {
        "class": "Application",
        "template": "generic",
        "monitorLDAP_simple": {
          "class": "Monitor",
          "monitorType": "ldap"
        },
        "monitorLDAP_default": {
          "class": "Monitor",
          "monitorType": "ldap",
          "targetAddress": "",
          "targetPort": 0,
          "interval": 5,
          "upInterval": 0,
          "timeUntilUp": 0,
          "timeout": 16,
          "security": "none",
          "mandatoryAttributes": false,
          "chaseReferrals": true
        },
        "monitorLDAP_nonDefault1": {
          "class": "Monitor",
          "monitorType": "ldap",
          "targetAddress": "192.0.2.17",
          "targetPort": 389,
          "interval": 10,
          "upInterval": 15,
          "timeUntilUp": 20,
          "timeout": 46,
          "security": "ssl",
          "mandatoryAttributes": true,
          "chaseReferrals": false,
          "username": "Adm-nM+nkey",
          "passphrase": {
            "ciphertext": "ZjVmNQ==",
            "protected": "eyJhbGciOiJkaXIiLCJlbmMiOiJub25lIn0",
            "ignoreChanges": true
          },
          "base": "dc=bigip-test,dc=org",
          "filter": "objectClass=employee"
        },
        "monitorLDAP_nonDefault2": {
          "class": "Monitor",
          "monitorType": "ldap",
          "targetAddress": "192.0.2.18",
          "targetPort": 389,
          "username": "B*zzL!ghtyear",
          "passphrase": {
            "ciphertext": "ZjVmNQ==",
            "protected": "eyJhbGciOiJkaXIiLCJlbmMiOiJub25lIn0",
            "ignoreChanges": true
          },
          "base": "dc=bigip-test,dc=net",
          "filter": "objectClass=person",
          "security": "tls"
        },
        "monitorLDAP_pool": {
          "class": "Pool",
          "members": [
            {
              "servicePort": 443,
              "serverAddresses": [
                "192.0.2.19"
              ],
              "minimumMonitors": 1,
              "monitors": [
                { "use": "monitorLDAP_nonDefault1" },
                { "use": "monitorLDAP_nonDefault2" }
              ]
            }
          ]
        }
      }
    }
  }
  

Back to top

7: Using a DNS monitor in a declaration

This example shows how you use a DNS monitor in a declaration. This example shows two monitors, a simple DNS monitor and a DNS monitor with all available properties that you can use in your declarations. See the Schema Reference for usage options and information.

  • Partition (tenant) named Sample_non_http_07.
  • A pool named monitorDNS_pool with one member.
  • Two monitors attached to the pool: monitorDNS_simple and monitorDNS_AllProperties.
{
    "class": "ADC",
    "schemaVersion": "3.6.0",
    "id": "TEST_MONITOR_DNS",
    "remark": "Test DNS Monitor",
    "Sample_non_http_07": {
      "class": "Tenant",
      "TEST_Monitor_DNS": {
        "class": "Application",
        "template": "generic",
        "monitorDNS_simple": {
          "class": "Monitor",
          "monitorType": "dns",
          "queryName": "apple.test"
        },
        "monitorDNS_AllProperties": {
          "class": "Monitor",
          "monitorType": "dns",
          "queryName": "radish.test",
          "acceptRCODE": "no-error",
          "adaptive": true,
          "adaptiveDivergenceType": "absolute",
          "adaptiveDivergenceMilliseconds": 200,
          "adaptiveLimitMilliseconds": 5000,
          "adaptiveWindow": 1500,
          "answerContains": "query-type",
          "queryType": "aaaa",
          "receive": "fdf5:4153:3300::a",
          "reverse": false,
          "interval": 60,
          "timeUntilUp": 1200,
          "timeout": 600,
          "upInterval": 2400,
          "transparent": false,
          "targetAddress": "fdf5:4153:3300::b",
          "targetPort": 53
        },
        "monitorDNS_pool": {
          "class": "Pool",
          "members": [
            {
              "servicePort": 443,
              "serverAddresses": [
                "fdf5:4153:3300::c"
            ],
              "minimumMonitors": 1,
              "monitors": [
                { "use": "monitorDNS_AllProperties" },
                { "use": "monitorDNS_simple" }
              ]
            }
          ]
        }
      }
    }
  }
  

Back to top

8: Using tcpOptions in a TCP Profile

This simple example declaration shows how you use TCP Options for use in a TCP profile. This allows to specify which of the TCP Header option number fields should be collected and stored for iRules. First and Last determines if the first or last appearance of the field is stored. For information on TCP Options, see https://www.iana.org/assignments/tcp-parameters/tcp-parameters.xml. For information on using TCP options in iRules, see https://devcentral.f5.com/articles/accessing-tcp-options-from-irules.

  • Partition (tenant) named Sample_non_http_08.
  • A TCP profile named pTcpOptions that uses tcpOptions.
{
    "class": "ADC",
    "schemaVersion": "3.6.0",
    "id": "TEST_TCP_OPTIONS",
    "Sample_non_http_08": {
      "class": "Tenant",
      "TEST_TCP_Profile": {
        "class": "Application",
        "template": "generic",
        "pTcpOptions" : {
            "class": "TCP_Profile",
            "tcpOptions": [
                {
                    "option": 8,
                    "when": "first"
                },
                {
                    "option": 28,
                    "when": "last"
                }
            ]
        }
      }
    }
  }
  

Back to top