L4 Profile (object)

Configures a Fast Layer 4 profile

Properties (* = required):

name type(s) default allowed values description
class* string   “L4_Profile”  
clientTimeout integer 30 -1 - 86400 Number of seconds allowed for a client to transmit enough data to select a server when you have late binding enabled. Value -1 means indefinite (not recommended)
idleTimeout integer 300 -∞ - -Infinity Number of seconds (default 300; may not be 0) connection may remain idle before it becomes eligible for deletion. Value -1 (not recommended) means infinite
keepAliveInterval integer 0 0 - 4294967295 Number of seconds between keep-alive probes. A value of 0 seconds disables the feature.
label string   “^[^x00-x1fx22#&*<>?x5b-x5d`x7f]*$” Optional friendly name for this object. Allows 0-64 chars, excluding a few likely to cause trouble with string searching, JS, TCL, or HTML
looseClose boolean false true, false When true, system closes a loosely-initiated connection when the system receives the first FIN packet from either the client or the server
looseInitialization boolean false true, false When true, system initializes a connection when it receives any TCP packet, rather than requiring a SYN packet for connection initiation
maxSegmentSize integer 0 -∞ - -Infinity Sets MSS advertised to peer. Value 0 (default) will set MSS automatically in proportion to interface MTU. Default 0 is usually the best choice
remark string   “^[^x00-x1fx22x5cx7f]*$” Arbitrary (brief) text pertaining to this object. Allows 0-64 chars, excluding only control characters, double-quote, and backslash. This is permissive enough that you should worry about XSS attacks
resetOnTimeout boolean true true, false Specifies whether to reset connections on timeout
synCookieAllowlist boolean false true, false Specifies whether or not to use a SYN Cookie Allowlist when doing software SYN Cookies. This means not doing a SYN Cookie for the same src IP address if it has been done already in the previous tm.flowstate.timeout (30) seconds. The default value is disabled.
synCookieEnable boolean true true, false Enables syn-cookies capability on this virtual server. If true (default), the system may use SYN cookies to avert connection-table overflow (for example, from DoS attacks)
tcpCloseTimeout integer 5 -1 - 86400 Specifies a TCP close timeout in seconds. Value -1 means indefinite (not recommended)
tcpHandshakeTimeout integer 5 -1 - 86400 Specifies a TCP handshake timeout in seconds. Value -1 means indefinite (not recommended)

Property_Loose_Close (boolean)

When true, system closes a loosely-initiated connection when the system receives the first FIN packet from either the client or the server

Allowed values: true, false

Property_Loose_Initialization (boolean)

When true, system initializes a connection when it receives any TCP packet, rather than requiring a SYN packet for connection initiation

Allowed values: true, false

Property_Reset_On_Timeout (boolean)

Specifies whether to reset connections on timeout

Allowed values: true, false

Property_TCP_Close_Timeout (integer)

Specifies a TCP close timeout in seconds. Value -1 means indefinite (not recommended)

Allowed values: -1 - 86400

Property_TCP_Handshake_Timeout (integer)

Specifies a TCP handshake timeout in seconds. Value -1 means indefinite (not recommended)

Allowed values: -1 - 86400