slb template tcp-proxy

TCP Proxy: Configure TCP/IP stack parameters.

tcp-proxy Specification

Type Collection
Object Key(s) name
Collection Name tcp-proxy-list
Collection URI /axapi/v3/slb/template/tcp-proxy/
Element Name tcp-proxy
Element URI /axapi/v3/slb/template/tcp-proxy/{name}
Element Attributes tcp-proxy_attributes
Schema tcp-proxy schema

Operations Allowed:

Operation Method URI Payload

Create Object

POST

/axapi/v3/slb/template/tcp-proxy/

tcp-proxy Attributes

Create List

POST

/axapi/v3/slb/template/tcp-proxy/

tcp-proxy Attributes

Get Object

GET

/axapi/v3/slb/template/tcp-proxy/{name}

tcp-proxy Attributes

Get List

GET

/axapi/v3/slb/template/tcp-proxy/

tcp-proxy-list

Modify Object

POST

/axapi/v3/slb/template/tcp-proxy/{name}

tcp-proxy Attributes

Replace Object

PUT

/axapi/v3/slb/template/tcp-proxy/{name}

tcp-proxy Attributes

Replace List

PUT

/axapi/v3/slb/template/tcp-proxy/

tcp-proxy-list

Delete Object

DELETE

/axapi/v3/slb/template/tcp-proxy/{name}

tcp-proxy Attributes

tcp-proxy-list

tcp-proxy-list is JSON List of tcp-proxy Attributes

tcp-proxy-list : [

tcp-proxy Attributes

ack-aggressiveness

Description: Specifies the cases in which the ACOS device sends an ACK to the client. You can set ACK aggressiveness to one of the following levels:

  • high : ACK, for each packet
  • medium : Delayed ACK, with ACK on each packet with PUSH flag
  • low : Delayed ACK

A high ACK aggressiveness helps reduce the delay of interactive client-server applications, but at a cost of more ACKS.

Type: string

Supported Values: low, medium, high

Default: low

alive-if-active

Description: Quickly terminates half-open TCP sessions on the virtual port while allowing active sessions to continue without being terminated.

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

backend-wscale

Description: Specifies the TCP window scaling factor for back-end connections to servers.

The TCP window scaling factor is applicable to virtual ports for which the ACOS device acts as a TCP proxy.

The TCP window scaling factor is used to calculate the TCP receive window, which is the maximum amount of data (in bytes) the receiver on a TCP connection will buffer. The sender is not allowed to send more than this amount of data before receiving an acknowledgment that the data has arrived.

Type: number

Range: 1-14

dynamic-buffer-allocation

Description: Adjust the transmit and receive buffer sizes of TCP proxy while keeping their sum constant.

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

fin-timeout

Description: Specifies the number of seconds that a connection can be in the FIN-WAIT or CLOSING state before the ACOS device terminates the connection.

Type: number

Range: 1-60

Default: 5

force-delete-timeout

Description: Specifies the maximum number of seconds a session can remain active, and forces deletion of any session that is still active after the specified number of seconds.

This option is useful for small, fast transactions for which the completion time of sessions is guaranteed. When used in combination with the reset_fwd and reset_rev options, the force_delete_timeout option can help clean up user connections with RSTs instead of allowing the connections to hang.

Type: number

Range: 1-31

Mutual Exclusion: force-delete-timeout and force-delete-timeout-100ms are mutually exclusive

force-delete-timeout-100ms

Description: The maximum time that a session can stay in the system before being deleted, default is off (number in 100ms)

Type: number

Range: 1-31

Mutual Exclusion: force-delete-timeout-100ms and force-delete-timeout are mutually exclusive

half-close-idle-timeout

Description: Enables aging of half-closed TCP sessions. A half-closed TCP session is a session in which the server sends a FIN but the client does not reply with an ACK.

Type: number

Range: 60-120

half-open-idle-timeout

Description: Enables aging of half-open TCP sessions. A half-open TCP session is one in which the client receives a SYN-ACK, but does not reply with an ACK.

Type: number

Range: 1-60

idle-timeout

Description: Specifies the number of minutes that a connection can be idle before the ACOS device terminates the connection.

Type: number

Range: 1-2097151

Default: 600

init-cwnd

Description: Specifies the maximum number of unacknowledged packets that can be sent on a TCP connection. A large initial congestion-control window size helps reduce HTTP response latency, especially for short web pages.

Type: number

Range: 1-15

Default: 10

initial-window-size

Description: Sets the initial TCP window size in SYN ACK packets to clients. The TCP window size in a SYN ACK or ACK packet specifies the amount of data that a client can send before it needs to receive an ACK. The initial TCP window size applies only to the SYN ACKs sent to the client. After the SYN ACK, the ACOS device does not modify the TCP window size for any other packets in the session.

By default, the ACOS device uses the TCP window size set by the client or server:

  • If the virtual port is one of the service types that is proxied by the ACOS device, initial TCP window size applies to SYN ACKs generated by the ACOS device and sent to clients. By default, the ACOS device uses the TCP window size in the client’s SYN. The following service types are proxied by the ACOS device: http, https, fast-http, sl-proxy, and smtp
  • If the virtual port is not one of the service types that is proxied by the ACOS device (for example, the tcp service type), initial TCP window size applies to SYN ACKs generated by servers and forwarded by the ACOS device to clients. By default, the ACOS device uses the TCP window size in the server’s SYN ACK.

NOTE: If SYN cookies are enabled, either globally or on the virtual service port, the ACOS device acts as a TCP proxy even though the service type is not normally proxied. In this case, the behavior is the same as for any of the other service types TCP proxied by the ACOS device.

Type: number

Range: 1-65535

insert-client-ip

Description: Places the client IP address into a TCP option field of type 0x1c, with a length of 6 bytes.

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

keepalive-interval

Description: Number of seconds a TCP-proxy session can remain idle before the ACOS device sends a TCP ACK to the devices on both ends of the session.

Type: number

Range: 60-12000

keepalive-probes

Description: Maximum number of times the ACOS device sends a keepalive ACK, before deleting the session.

Type: number

Range: 2-10

mss

Description: Change the minimum supported TCP Maximum Segment Size (MSS) in octets.

Type: number

Range: 128-1460

Default: 1460

nagle

Description: Enables Nagle congestion compression (described in RFC 896).

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

name

Description: Template name.

Type: string

Format: string-rlx

Default: default

Required: Yes

qos

Description: Marks the DSCP (Layer 3) and 802.1p priority (Layer 2) values in client-server SLB traffic. Based on the value you specify, ACOS marks the traffic as follows:

  • Layer 3 marking – ACOS sets the The Diffserv Control Point (DSCP) value in the IP header to value you specify.
  • Layer 2 marking – ACOS sets the 802.1p value in the MAC header to the value you specify, divided by 9.

Type: number

Range: 1-63

receive-buffer

Description: Specifies the maximum number of bytes addressed to the port that the ACOS device will buffer.

Type: number

Range: 1-2147483647

Default: 51200

reno

Description: Enables the TCP Reno congestion control algorithm, and disables Cubic.

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

reset-fwd

Description: Sends a TCP RST to the real server after a session times out.

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

reset-rev

Description: send reset to client if error happens

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

retransmit-retries

Description: Specifies the maximum number of times the ACOS device can retransmit a data segment for which the ACOS device does not receive an ACK.

Type: number

Range: 1-20

Default: 3

server-down-action

Description: ‘FIN’: FIN Connection; ‘RST’: Reset Connection;

Type: string

Supported Values: FIN, RST

syn-retries

Description: Specifies the maximum number of times the ACOS device can retransmit a SYN for which the Thunder Series does not receive an ACK.

Type: number

Range: 1-20

Default: 5

timewait

Description: Timewait Threshold (sec), default 5 (number)

Type: number

Range: 1-60

Default: 5

transmit-buffer

Description: Specifies the maximum number of bytes sent by the port that the ACOS device will buffer.

Type: number

Range: 1-2147483647

Default: 51200

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string