[HTTP Load Balancing Menu] httpslb - Set content based server selection cachepol - Set caching policy for this virtual service http2pol - Set HTTP2 policy for this virtual service comppol - Set compression policy for this virtual service botmng - Set Bot Manager Protection policy for this virtual service secpath - Set SecPath Protection policy for this virtual service fastwa - Set FastView web application for this virtual service secwa - Set secured web application for this virtual service errcode - Set error code update urlchang - Set URL adjustments for page location changes in servers pathhide - Set URL path obfuscation textrep - Set free text replacement for server responses httpmod - Set HTTP content modification rule-list connmgt - Set connection management for HTTP traffic clntprox - Set client proximity processing type for Global SLB urlcont - Set BW cont of an SLB string specific to this service rcount - Set multi response count parselen - Set buffer length for content based selection parselmt - Enable/disable buffer limit for content based selection jsinject - Enable/disable JS injection to client’s browser urinorm - Enable/disable URI normalization for HTTP modification and content matching xforward - Enable/disable X-Forwarded-For for proxy mode cloaksrv - Enable/disable server cloaking redirect - Enable/disable HTTP/HTTPS redirection for Global SLB cur - Display current HTTP configuration |
Command Syntax and Usage | |
---|---|
httpslb urlslb|host|cookie|browser|urlhash|headerhash|version|others|none | |
Specifies the HTTP server Layer 7 selection method for this virtual service. ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Default: none For a description of the cookie options, see Cookie-Based Persistence. You can combine or select applications to load balance using the and and/or or operators. For example: httpslb <application> httpslb application and|or <application> | |
cachepol | |
Displays the Caching Policy menu for setting the caching policy for this virtual service. To view this menu, see /cfg/slb/accel/caching/cachepol <policy ID (alphanumeric)> Caching Policy Menu. | |
http2pol | |
Sets the HTTP/2 policy to be associated with this HTTPS service. To configure an HTTP/2 policy, see /cfg/slb/accel/http2 HTTP2 Menu. | |
comppol | |
Displays the Compression Policy menu for setting the compression policy for this virtual service. To view this menu, see /cfg/slb/accel/compress/comppol <compression policy ID> Compression Policy Menu. | |
botmng | |
Associates a Bot Manager protection policy with this virtual service. Bot Manager provides comprehensive protection of web applications, mobile apps and APIs from automated threats like bots. Bot Manager provides precise bot management across all channels by combining behavioral modeling for granular intent analysis, collective bot intelligence and fingerprinting of browsers, devices and machines. It protects against all forms of account takeover (such as credential stuffing and brute force), denial of inventory, DDoS, ad and payment fraud, and web scraping to help organizations safeguard and grow their online operations. Enter new Bot Manager policy or none. You use /cfg/security/botmng/ to configure a Bot Manager policy. For details, see /cfg/security/botmng Bot Manager Menu. | |
secpath enable|disable | |
Specifies whether to enable or disable SecPath protection for this virtual service. Values: enable, disable Default: disable | |
fastwa | |
Associates the FastView web application with this virtual service. FastView is a Web Performance Optimization (WPO) solution that accelerates Web sites and customer-facing Web applications by up to 40% (with the FastView configuration optimized by Radware Technical Support). It transforms front-end optimization (FEO) from a lengthy and complex process to an automated function performed in real-time, accelerating Web application response time for any browser, client, or end-user device. FastView is a simple-to-deploy solution, based on an asymmetrical architecture that does not require any integration into Web application servers or any client installation on the end-user device. Note: A FastView license must be installed and resources allocated before Web acceleration can be enabled. Enter new FastView web application or none. | |
secwa | |
Sets the Secured Web Application for this virtual service. | |
errcode disable|enable|clear | |
Controls server response codes. You can change the error code generated by the server, edit the error reason, or redirect to a different HTTP location. You can define multiple error codes per service if all use the same behavior. Values: ![]() — Match error codes — The error codes to be matched. — HTTP Redirection — Determines whether or not to redirect to a different HTTP location: ![]() ![]() ![]() ![]() Default: disable | |
urlchang disable|enable|clear | |
Changes URLs in server responses. You can adjust changes made on servers, making them transparent to end-users, by matching the hostname, URL, page, and page type, and updating the URL, page, and page type. Values: ![]() — Hostname match type — Enter one of the following hostname types to determine how to match the hostname you provide for the hostname to match parameter: ![]() ![]() ![]() ![]() ![]() — Hostname to match — Enter the hostname to be matched based on the selected hostname match type. Examples: If you set the type to eq, if the hostname to match is set to www.company.com, then only www.company.com matches. If you set the type to prefx, if the hostname to match is set to www.company, then www.company.com, www.company1.com, www.company1111.com, and www.companyabcgtalk.com match. — Path match type — The path you provide for the path the match parameter: ![]() ![]() ![]() ![]() ![]() — Path to match — The path to be matched based on the selected path match type. — Page name to match — The page name to be matched. — Page type to match — The page type to be matched. — Path action type — Enter one of the following path action types: ![]() >> Enter path to insert []: >>Insert the specified path before or after the matched section? [b/a]: ![]() ![]() | |
— New page name — The new page name to be used for the path change or none. — New type name — The new page type to be used for the path change or none. ![]() ![]() Default: disable | |
pathhide disable|enable|clear | |
Specifies whether to enhance security by hiding page locations. This capability hides links within the server responses to avoid exposing the internal data structure on the server. When hiding path locations, specified URLs within the server responses are removed and added back to the client requests. Default: disable | |
textrep disable|enable|clear | |
Replaces or removes free text in server responses. Disabled by default. When you enable this option, configure the following parameters: ![]() ![]() Note: Alteon performs de-chunking on the server response before text modification, but does not decompress the response unless you have added a compression policy. | |
httpmod | |
Sets an HTTP modification rule list. After setting an HTTP Modification rule list, you can configure it. To view this menu, see /cfg/slb/layer7/httpmod HTTP Modification Rule-List Menu. | |
connmgt enabled|disabled|pooling|h2 | |
Specifies the connection management mode for HTTP/S traffic. Connection management increases throughput and server capacity by minimizing the number of TCP connection establishments between Alteon and back-end servers. The TCP overhead is reduced by allowing multiple client connections to reuse existing server connections. Values: ![]() This feature can work in conjunction with SSL, caching, and compression. When used with back-end SSL (where SSL is used between Alteon and the servers), it also reduces load on servers because fewer SSL handshakes are needed to be performed by them. In this mode Alteon operates as a proxy (force proxy mode) and Client NAT (PIP) is required. Prompts you to set a timeout, in minutes, after which an idle server connection is closed. Values: 0 – 32768 Default: 10 ![]() ![]() This mode is supported only in delayed bind enable mode. Note: From Alteon version 32.6.2.0 delayed bind enable mode is supported for backward compatibility only. Virtual services that were configured with delayed bind enable, and server connections management pooling in older versions, will retain the capability after upgrade, but delayed bind enable mode is no longer available for new virtual services. Note: TCP connection pooling is also available for basic TCP services. ![]() Radware recommends that you use this option for services that use HTTP/2 and require client IP visibility on back-end servers. Note: This option only works if you have configured an HTTP/2 policy. Default: disabled | |
clntprox | |
Sets the client proximity processing type for GSLB. The GSLB client proximity metric measures the response time between each data center and the client. Using GSLB with the client proximity metric, Alteon selects the optimal site for the end-client, when HTTP/S redirection must be performed because local resources are unavailable. This is based on the calculated shortest response time from site to site in GSLB mode. When configuring client proximity, carefully analyze your network mask requirements. Increasing the client IP mask reduces computation time for client proximity, because the clients with the same IP subnet mask can reuse the client proximity that is already calculated. Values: http, https, none Default: none | |
urlcont | |
Sets the Bandwidth Management contract of an SLB string specific to this service. | |
rcount <1-16> | |
The maximum number of responses in which Alteon looks for the specified cookie (when the server does not insert the cookie in the first response). Cookie-based persistence requires Alteon to search the HTTP response packet from the server and, if a persistence cookie is found, set up a persistence connection between the server and the client. Alteon looks through the first HTTP response from the server. While this approach works for most servers, some customers with complex server configurations might send the persistence cookie a few responses later. In order to achieve cookie-based persistence in such cases, Alteon lets the network administrator configure Alteon to search through multiple HTTP responses from the server. In Alteon, the network administrator can modify a response counter to a value from 1 through 16. Alteon looks for the persistence cookie in this number of responses (each of them can be multi-frame) from the server. Note: When a passive cookie is used, the server might not insert the cookie in the first response. Values: 1 – 16 Default: 1 | |
parselen <buffer length in bytes (0-18200)> | |
Specifies the length of the HTTP request, in bytes, that Alteon parses when a buffer size is set in the parselmt command. Default: 0 | |
parselmt enable|disable | |
Specifies whether to enable or disable a limit for the amount of content Alteon collects. When using Layer 7 rules to parse requests, by default Alteon buffers an incoming HTTP request until a match is found. This option allows you to set a fixed buffer to prevent issues when the HTTP headers or body are very large. Default: disable | |
jsinject enable|disable | |
Specifies whether to enable or disable JS injection to client’s browser. As part of generic HTTP sideband, JS injection to a client browser may be required. When enabled, it will automatically attach a compression policy to the service. Values: enable, disable Default: disable | |
urinorm enable|disable | |
Specifies whether to enable or disable the URI normalization for HTTP modification and content matching. When enabled, Alteon normalizes characters in the HTTP strings that are encoded to real characters and performs URL path traversal reversals before performing rule matching for HTTP Layer 7 content switching and HTTP modifications. After matching the content, it is sent back to the real servers in its original format. Values: enable, disable Default: disable | |
xforward enable|disable | |
Specifies whether to insert an X-Forwarded-For header with the client IP address in HTTP requests. This capability is useful in preserving client IP address information when NAT is performed. Alteon can insert the inclusion of the X-Forwarded-For header in client HTTP requests to preserve client IP address information. This feature is useful in proxy mode, where the client source IP address information is replaced with the proxy IP address. However, it may also be used for all Layer 4 load balancing in both proxy and non-proxy mode, if there is a need to include the X-Forwarded-For header. This feature is supported for Layer 4 and Layer 7. Note: To enable X-Forwarded-For, either set delayed binding to full proxy mode and configure a proxy IP address, or enable Direct Access Mode. | |
cloaksrv enable|disable | |
Specifies whether to enhance server security by hiding its identity. This is achieved by modifying in HTTP responses the HTTP headers that include information about the server computer and operating system. | |
redirect enable|disable | |
Enables or disables HTTP and HTTPS redirection for GSLB. Typically, client requests for HTTP applications are redirected to the location with the best response and least load for the requested content. The HTTP protocol has a built-in redirection function that allows requests to be redirected to an alternate site. However, if a client requests a non-HTTP application such as FTP, POP3, or SMTP, then the lack of a redirection functionality in these applications requires that a proxy IP address be configured on the client port. The client port initiates a redirect only if resources are unavailable at the first site. Note: This feature should be used as the method of last resort for GSLB implementations in topologies where the remote servers are usually virtual server IP addresses in other Alteons. Default: enable | |
cur | |
Displays the current HTTP configuration. |