L4 Profile (object)¶
Configures a Fast Layer 4 profile
Properties (* = required):
| name | type(s) | default | allowed values | description |
|---|---|---|---|---|
| class* | string | “L4_Profile” | ||
| clientTimeout | integer | 30 | -1 - 86400 | Number of seconds allowed for a client to transmit enough data to select a server when you have late binding enabled. Value -1 means indefinite (not recommended) |
| idleTimeout | integer | 300 | -∞ - -Infinity | Number of seconds (default 300; may not be 0) connection may remain idle before it becomes eligible for deletion. Value -1 (not recommended) means infinite |
| keepAliveInterval | integer | 0 | 0 - 4294967295 | Number of seconds between keep-alive probes. A value of 0 seconds disables the feature. |
| label | string | “^[^x00-x1fx22#&*<>?x5b-x5d`x7f]*$” | Optional friendly name for this object. Allows 0-64 chars, excluding a few likely to cause trouble with string searching, JS, TCL, or HTML | |
| looseClose | boolean | false | true, false | When true, system closes a loosely-initiated connection when the system receives the first FIN packet from either the client or the server |
| looseInitialization | boolean | false | true, false | When true, system initializes a connection when it receives any TCP packet, rather than requiring a SYN packet for connection initiation |
| maxSegmentSize | integer | 0 | -∞ - -Infinity | Sets MSS advertised to peer. Value 0 (default) will set MSS automatically in proportion to interface MTU. Default 0 is usually the best choice |
| pvaAcceleration | string | “full” | “full”, “partial”, “none”, “dedicated” | Specifies the preferred acceleration mode for the Packet Velocity ASIC (PVA) if the platform supports PVA acceleration. Full - Specifies the system applies full PVA acceleration when possible. Partial - Specifies the system applies partial PVA acceleration. None - Specifies the system does not use PVA acceleration. Dedicated - Unconditionally enables ePVA acceleration for all TCP FastL4 connections. Inactive, but established connections are not removed from the ePVA to guarantee low latency forwarding for future packets. |
| remark | string | “^[^x00-x1fx22x5cx7f]*$” | Arbitrary (brief) text pertaining to this object. Allows 0-64 chars, excluding only control characters, double-quote, and backslash. This is permissive enough that you should worry about XSS attacks | |
| resetOnTimeout | boolean | true | true, false | Specifies whether to reset connections on timeout |
| synCookieAllowlist | boolean | false | true, false | Specifies whether or not to use a SYN Cookie Allowlist when doing software SYN Cookies. This means not doing a SYN Cookie for the same src IP address if it has been done already in the previous tm.flowstate.timeout (30) seconds. The default value is disabled. |
| synCookieEnable | boolean | true | true, false | Enables syn-cookies capability on this virtual server. If true (default), the system may use SYN cookies to avert connection-table overflow (for example, from DoS attacks) |
| tcpCloseTimeout | integer | 5 | -1 - 86400 | Specifies a TCP close timeout in seconds. Value -1 means indefinite (not recommended) |
| tcpHandshakeTimeout | integer | 5 | -1 - 86400 | Specifies a TCP handshake timeout in seconds. Value -1 means indefinite (not recommended) |
Property_Loose_Close (boolean)¶
When true, system closes a loosely-initiated connection when the system receives the first FIN packet from either the client or the server
Allowed values: true, false
Property_Loose_Initialization (boolean)¶
When true, system initializes a connection when it receives any TCP packet, rather than requiring a SYN packet for connection initiation
Allowed values: true, false
Property_PVA_Acceleration (string)¶
Specifies the preferred acceleration mode for the Packet Velocity ASIC (PVA) if the platform supports PVA acceleration. Full - Specifies the system applies full PVA acceleration when possible. Partial - Specifies the system applies partial PVA acceleration. None - Specifies the system does not use PVA acceleration. Dedicated - Unconditionally enables ePVA acceleration for all TCP FastL4 connections. Inactive, but established connections are not removed from the ePVA to guarantee low latency forwarding for future packets.
Allowed values: “full”, “partial”, “none”, “dedicated”
Property_Reset_On_Timeout (boolean)¶
Specifies whether to reset connections on timeout
Allowed values: true, false
Property_TCP_Close_Timeout (integer)¶
Specifies a TCP close timeout in seconds. Value -1 means indefinite (not recommended)
Allowed values: -1 - 86400
Property_TCP_Handshake_Timeout (integer)¶
Specifies a TCP handshake timeout in seconds. Value -1 means indefinite (not recommended)
Allowed values: -1 - 86400