[Virtual Server 33 125 ssl Service Menu] ssl - SSL Load Balancing Menu appshape - AppShape++ Menu tcpopt - TCP Optimization Menu pip - Proxy IP Menu group - Set real server group number rport - Set real port hname - Set hostname cont - Set BW contract for this virtual service pbind - Set persistent binding type thash - Set hash parameter tmout - Set minutes inactive connection remains open ptmout - Set in minutes for inactive persistent connection dbind - Enable/disable/forceproxy delayed binding clsrst - Enable/disable send RST on connection close nonat - Enable/disable only substituting MAC addresses direct - Enable/disable direct access mode mirror - Enable/disable session mirroring winsize0 - Enable/disable using window size zero in SYN+ACK sesslog - Enable/disable session logging del - Delete virtual service cur - Display current virtual service configuration |
Command Syntax and Usage | |
---|---|
ssl <srvrcert|sslpol|cur> | |
Displays the SSL Load Balancing menu. To view this menu, see /cfg/slb/virt <server number>/service/ssl SSL Load Balancing Menu. | |
appshape++ | |
Displays the AppShape++ menu for managing AppShape++ scripts. To view this menu, see /cfg/slb/virt/service/basic-slb/appshape AppShape++ Menu. | |
tcpopt | |
Displays the TCP Optimization menu for adding a TCP optimization policy to the client-side and server-side flows of a virtual service. To view this menu, see /cfg/slb/virt/service/basic-slb/tcpopt TCP Optimization Menu. | |
pip | |
Displays the Proxy IP menu. To view this menu, see /cfg/slb/virt/service/basic-slb/pip Proxy IP Menu. | |
group <real server group ID (alphanumeric)> | |
See the description of this command at /cfg/slb/virt <server id>/service/basic-slb Virtual Server Basic SLB Service Configuration Menu. | |
rport <real server port (0, 1, 5-65534)> | |
Defines the real server TCP or UDP port assigned to this service. By default, this is the same as the virtual port (service virtual port). If rport is configured to be different than the virtual port defined in /cfg/slb/virt <number> /service <virtual port>, Alteon maps the virtual port to this real port. When configuring an SSL-based virtual service, how the rport value is set is usually dependent on whether encryption between Alteon and the back-end servers is enabled (meaning that there is back-end encryption). The back-end encryption setting is part of the associated SSL policy configuration using the bessl (back-end listening port) command (see a description of this command in /cfg/slb/ssl/sslpol SSL Policy Menu). The following describes how rport is set based on the bessl setting: ![]() ![]() Notes: • You can also configure SSL offloading for other protocols encrypted by SSL by using SSL as the application type. To select the virtual service application type, see /cfg/slb/virt <server number> /service <virtual port or application name> Virtual Server Service Configuration. • When using the SSL application type, HTTP-based capabilities such as setting HTTP redirection conversion, setting the SSL client information, or passing authentication policy information to the back-end servers are not available. Also, this capability is not supported for protocols that include special treatment of SSL, such as FTPS, SMPTS and POPS. If your network environment requires it, you can change the default back-end listening port. Note: If you have associated an SSL policy to a virtual service but have not yet configured the SSL policy, the default value of the listening port is set as the same value as the virtual service port. When you eventually set the back-end encryption using the bessl command, you receive a message similar to the following, based on how you configure the back-end listening port: Note: You may want to update rport in the following virtual services associating this SSL policy: virt 1 service 443 HTTPS virt 3 service 8080 HTTPS Note: If you set rport to 0 (meaning that no specific port is defined), Alteon determines the back-end listening port based on the SSL policy definition and dynamically sets the real port as appropriate. | |
hname <hostname> |none | |
See the description of this command at /cfg/slb/virt <server id>/service/basic-slb Virtual Server Basic SLB Service Configuration Menu. | |
cont <BWM Contract (0-1024), 0 for VIP default> | |
See the description of this command at /cfg/slb/virt <server id>/service/basic-slb Virtual Server Basic SLB Service Configuration Menu. | |
pbind clientip|sslid|disable | |
Specifies the parameter that defines a persistent session. Values: ![]() Different services from the same client may not map to the same server. The real server connection timeout value (/cfg/slb/real/tmout) controls how long these inactive but persistent connections remain associated with their real servers. When the client resumes activity after their connection has been aged out, they are connected to the most appropriate real server based on the load balancing metric. An alternative approach may be to use the /cfg/slb/group/content/metric command to set the minmisses or hash real server group metrics. With clientip enabled, Alteon maps HTTP and HTTPS traffic from the same client to the same server regardless of the load balancing metric used because the services are related. For more information, see Server Load Balancing Metrics. ![]() Available only for HTTPS and SSL services without SSL offload. Alteon does not support the sslid option when you set the virtual service /cfg/slb/virt/service/dbind command to forceproxy. ![]() Default: disable | |
thash sip|sip+sport | |
See the description of this command at /cfg/slb/virt <server id>/service/basic-slb Virtual Server Basic SLB Service Configuration Menu. | |
tmout | |
See the description of this command at /cfg/slb/virt <server id>/service/basic-slb Virtual Server Basic SLB Service Configuration Menu. | |
ptmout | |
See the description of this command at /cfg/slb/virt <server id>/service/basic-slb Virtual Server Basic SLB Service Configuration Menu. | |
dbind disable|forceproxy | |
See the description of this command at /cfg/slb/virt <server id>/service/basic-slb Virtual Server Basic SLB Service Configuration Menu. | |
clsrst disable|enable | |
Enables or disables client reset. Values: ![]() ![]() Note: To enable session reset on connection close, full proxy mode (forceproxy) must be enabled. Default: disable | |
nonat disable|enable | |
See the description of this command at /cfg/slb/virt <server id>/service/basic-slb Virtual Server Basic SLB Service Configuration Menu. | |
direct disable|enable | |
See the description of this command at /cfg/slb/virt <server id>/service/basic-slb Virtual Server Basic SLB Service Configuration Menu. | |
mirror disable|enable | |
See the description of this command at /cfg/slb/virt <server id>/service/basic-slb Virtual Server Basic SLB Service Configuration Menu. | |
winsize0 disable|enable | |
See the description of this command at /cfg/slb/virt <server id>/service/basic-slb Virtual Server Basic SLB Service Configuration Menu. | |
sesslog disable|enable | |
Specifies whether to enable or disable session logging. Session logs are sent to the syslog servers via the data port when the sessions are deleted or aged out. The Alteon switch processor sends the buffered session logging data to the syslog server at regular intervals (every 30 seconds) if the buffer is not completely filled. There will be no session syslog if no sessions have aged out during this duration of 30 seconds. Note: Syslog servers configured on Alteon must be accessible via the data ports. Default: disable | |
del | |
cur | |