adc software reference guide - juniper networks · adc software reference guide software version...
TRANSCRIPT
ADC Software Reference Guide
Software Version 1.4R0.0
Document ID: RDWR-RSLB-V1.4R0.0_RG0711July, 2011
ADC Software Reference Guide
2 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 3
Important NoticesThe following important notices are presented in English, French, and German.
Important NoticesThis guide is delivered subject to the following conditions and restrictions: Copyright Radware Ltd. 2006–2011. All rights reserved. The copyright and all other intellectual property rights and trade secrets included in this guide are owned by Radware Ltd.The guide is provided to Radware customers for the sole purpose of obtaining information with respect to the installation and use of the Radware products described in this document, and may not be used for any other purpose. The information contained in this guide is proprietary to Radware and must be kept in strict confidence. It is strictly forbidden to copy, duplicate, reproduce or disclose this guide or any part thereof without the prior written consent of Radware.
Notice importanteCe guide est sujet aux conditions et restrictions suivantes : Copyright Radware Ltd. 2006–2011. Tous droits réservés.Le copyright ainsi que tout autre droit lié à la propriété intellectuelle et aux secrets industriels contenus dans ce guide sont la propriété de Radware Ltd.Ce guide d'informations est fourni à nos clients dans le cadre de l'installation et de l'usage des produits de Radware décrits dans ce document et ne pourra être utilisé dans un but autre que celui pour lequel il a été conçu.Les informations répertoriées dans ce document restent la propriété de Radware et doivent être conservées de manière confidentielle.Il est strictement interdit de copier, reproduire ou divulguer des informations contenues dans ce manuel sans avoir obtenu le consentement préalable écrit de Radware.
Wichtige AnmerkungDieses Handbuch wird vorbehaltlich folgender Bedingungen und Einschränkungen ausgeliefert: Copyright Radware Ltd. 2006–2011. Alle Rechte vorbehalten.Das Urheberrecht und alle anderen in diesem Handbuch enthaltenen Eigentumsrechte und Geschäftsgeheimnisse sind Eigentum von Radware Ltd.Dieses Handbuch wird Kunden von Radware mit dem ausschließlichen Zweck ausgehändigt, Informationen zu Montage und Benutzung der in diesem Dokument beschriebene Produkte von Radware bereitzustellen. Es darf für keinen anderen Zweck verwendet werden. Die in diesem Handbuch enthaltenen Informationen sind Eigentum von Radware und müssen streng vertraulich behandelt werden. Es ist streng verboten, dieses Handbuch oder Teile daraus ohne vorherige schriftliche Zustimmung von Radware zu kopieren, vervielfältigen, reproduzieren oder offen zu legen.
ADC Software Reference Guide
4 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
Copyright Notices The following copyright notices are presented in English, French, and German.
Copyright NoticesThis product contains work derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm.RSA Data Security, Inc. makes no representations concerning either the merchantability of the MD5 Message-Digest Algorithm or the suitability of the MD5 Message-Digest Algorithm for any particular purpose. It is provided “as is” without expressed or implied warranty of any kind.This product contains code developed by the OpenSSL Project.This product includes software developed by the OpenSSL Project. For use in the OpenSSL Toolkit. (http://www.openssl.org/).Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.This product contains the Rijndael cipher The Rijndael implementation by Vincent Rijmen, Antoon Bosselaers and Paulo Barreto is in the public domain and distributed with the following license: @version 3.0 (December 2000)Optimized ANSI C code for the Rijndael cipher (now AES)@author Vincent Rijmen <[email protected]>@author Antoon Bosselaers <[email protected]>@author Paulo Barreto <[email protected]>The OnDemand Switch may use software components licensed under the GNU General Public License Agreement Version 2 (GPL v.2) including LinuxBios and Filo open source projects. The source code of the LinuxBios and Filo is available from Radware upon request. A copy of the license can be viewed at: http://www.gnu.org/licenses/old-licenses/gpl-2.0.htmlThis code is hereby placed in the public domain.This product contains code developed by the OpenBSD ProjectCopyright (c) 1983, 1990, 1992, 1993, 1995The Regents of the University of California. All rights reserved.Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
3. Neither the name of the University nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
This product includes software developed by Markus FriedlThis product includes software developed by Theo de RaadtThis product includes software developed by Niels ProvosThis product includes software developed by Dug SongThis product includes software developed by Aaron CampbellThis product includes software developed by Damien MillerThis product includes software developed by Kevin Steves
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 5
This product includes software developed by Daniel KourilThis product includes software developed by Wesley GriffinThis product includes software developed by Per AllanssonThis product includes software developed by Nils NordmanThis product includes software developed by Simon WilkinsonRedistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
ALL THE SOFTWARE MENTIONED ABOVE IS PROVIDED BY THE AUTHOR “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Notice traitant du copyrightCe produit renferme des codes développés dans le cadre du projet OpenSSL.Ce produit inclut un logiciel développé dans le cadre du projet OpenSSL. Pour un usage dans la boîte à outils OpenSSL (http://www.openssl.org/).Copyright (c) 1998-2005 Le projet OpenSSL. Tous droits réservés. Ce produit inclut la catégorie de chiffre Rijndael. L'implémentation de Rijindael par Vincent Rijmen, Antoon Bosselaers et Paulo Barreto est du domaine public et distribuée sous les termes de la licence suivante :@version 3.0 (Décembre 2000)Code ANSI C code pour Rijndael (actuellement AES)@author Vincent Rijmen <[email protected]>@author Antoon Bosselaers <[email protected]>@author Paulo Barreto <[email protected]>.Le commutateur OnDemand peut utiliser les composants logiciels sous licence, en vertu des termes de la licence GNU General Public License Agreement Version 2 (GPL v.2), y compris les projets à source ouverte LinuxBios et Filo. Le code source de LinuxBios et Filo est disponible sur demande auprès de Radware. Une copie de la licence est répertoriée sur:http://www.gnu.org/licenses/old-licenses/gpl-2.0.htmlCe code est également placé dans le domaine public.Ce produit renferme des codes développés dans le cadre du projet OpenSSL.Copyright (c) 1983, 1990, 1992, 1993, 1995Les membres du conseil de l'Université de Californie. Tous droits réservés.
ADC Software Reference Guide
6 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
La distribution et l'usage sous une forme source et binaire, avec ou sans modifications, est autorisée pour autant que les conditions suivantes soient remplies :
1. La distribution d'un code source doit inclure la notice de copyright mentionnée ci-dessus, cette liste de conditions et l'avis de non-responsabilité suivant.
2. La distribution, sous une forme binaire, doit reproduire dans la documentation et/ou dans tout autre matériel fourni la notice de copyright mentionnée ci-dessus, cette liste de conditions et l'avis de non-responsabilité suivant.
3. Le nom de l'université, ainsi que le nom des contributeurs ne seront en aucun cas utilisés pour approuver ou promouvoir un produit dérivé de ce programme sans l'obtention préalable d'une autorisation écrite.
Ce produit inclut un logiciel développé par Markus Friedl Ce produit inclut un logiciel développé par Theo de Raadt Ce produit inclut un logiciel développé par Niels Provos Ce produit inclut un logiciel développé par Dug SongCe produit inclut un logiciel développé par Aaron Campbell Ce produit inclut un logiciel développé par Damien Miller Ce produit inclut un logiciel développé par Kevin Steves Ce produit inclut un logiciel développé par Daniel Kouril Ce produit inclut un logiciel développé par Wesley Griffin Ce produit inclut un logiciel développé par Per Allansson Ce produit inclut un logiciel développé par Nils NordmanCe produit inclut un logiciel développé par Simon Wilkinson.La distribution et l'usage sous une forme source et binaire, avec ou sans modifications, est autorisée pour autant que les conditions suivantes soient remplies :
1. La distribution d'un code source doit inclure la notice de copyright mentionnée ci-dessus, cette liste de conditions et l'avis de non-responsabilité suivant.
2. La distribution, sous une forme binaire, doit reproduire dans la documentation et/ou dans tout autre matériel fourni la notice de copyright mentionnée ci-dessus, cette liste de conditions et l'avis de non-responsabilité suivant.
LE LOGICIEL MENTIONNÉ CI-DESSUS EST FOURNI TEL QUEL PAR LE DÉVELOPPEUR ET TOUTE GARANTIE, EXPLICITE OU IMPLICITE, Y COMPRIS, MAIS SANS S'Y LIMITER, TOUTE GARANTIE IMPLICITE DE QUALITÉ MARCHANDE ET D'ADÉQUATION À UN USAGE PARTICULIER EST EXCLUE.EN AUCUN CAS L'AUTEUR NE POURRA ÊTRE TENU RESPONSABLE DES DOMMAGES DIRECTS, INDIRECTS, ACCESSOIRES, SPÉCIAUX, EXEMPLAIRES OU CONSÉCUTIFS (Y COMPRIS, MAIS SANS S'Y LIMITER, L'ACQUISITION DE BIENS OU DE SERVICES DE REMPLACEMENT, LA PERTE D'USAGE, DE DONNÉES OU DE PROFITS OU L'INTERRUPTION DES AFFAIRES), QUELLE QU'EN SOIT LA CAUSE ET LA THÉORIE DE RESPONSABILITÉ, QU'IL S'AGISSE D'UN CONTRAT, DE RESPONSABILITÉ STRICTE OU D'UN ACTE DOMMAGEABLE (Y COMPRIS LA NÉGLIGENCE OU AUTRE), DÉCOULANT DE QUELLE QUE FAÇON QUE CE SOIT DE L'USAGE DE CE LOGICIEL, MÊME S'IL A ÉTÉ AVERTI DE LA POSSIBILITÉ D'UN TEL DOMMAGE.
CopyrightvermerkeDieses Produkt enthält einen vom OpenSSL-Projekt entwickelten CodeDieses Produkt enthält vom OpenSSL-Projekt entwickelte Software. Zur Verwendung im OpenSSL Toolkit. (http://www.openssl.org/).Copyright (c) 1998-2005 The OpenSSL Project. Alle Rechte vorbehalten. Dieses Produkt enthält die Rijndael cipherDie Rijndael-Implementierung von Vincent Rijndael, Anton Bosselaers und Paulo Barreto ist öffentlich zugänglich und wird unter folgender Lizenz vertrieben:@version 3.0 (December 2000)
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 7
Optimierter ANSI C Code für den Rijndael cipher (jetzt AES)@author Vincent Rijmen <[email protected]>@author Antoon Bosselaers <[email protected]>@author Paulo Barreto <[email protected]>Der OnDemand Switch verwendet möglicherweise Software, die im Rahmen der DNU Allgemeine Öffentliche Lizenzvereinbarung Version 2 (GPL v.2) lizensiert sind, einschließlich LinuxBios und Filo Open Source-Projekte. Der Quellcode von LinuxBios und Filo ist bei Radware auf Anfrage erhältlich. Eine Kopie dieser Lizenz kann eingesehen werden unter:http://www.gnu.org/licenses/old-licenses/gpl-2.0.htmlDieser Code wird hiermit allgemein zugänglich gemacht.Dieses Produkt enthält einen vom OpenBSD-Projekt entwickelten CodeCopyright (c) 1983, 1990, 1992, 1993, 1995The Regents of the University of California. Alle Rechte vorbehalten.Die Verbreitung und Verwendung in Quell- und binärem Format, mit oder ohne Veränderungen, sind unter folgenden Bedingungen erlaubt:
1. Die Verbreitung von Quellcodes muss den voranstehenden Copyrightvermerk, diese Liste von Bedingungen und den folgenden Haftungsausschluss beibehalten.
2. Die Verbreitung in binärem Format muss den voranstehenden Copyrightvermerk, diese Liste von Bedingungen und den folgenden Haftungsausschluss in der Dokumentation und/oder andere Materialien, die mit verteilt werden, reproduzieren.
3. Weder der Name der Universität noch die Namen der Beitragenden dürfen ohne ausdrückliche vorherige schriftliche Genehmigung verwendet werden, um von dieser Software abgeleitete Produkte zu empfehlen oder zu bewerben.
Dieses Produkt enthält von Markus Friedl entwickelte Software Dieses Produkt enthält von Theo de Raadt entwickelte Software Dieses Produkt enthält von Niels Provos entwickelte Software Dieses Produkt enthält von Dug Song entwickelte Software Dieses Produkt enthält von Aaron Campbell entwickelte Software Dieses Produkt enthält von Damien Miller entwickelte Software Dieses Produkt enthält von Kevin Steves entwickelte Software Dieses Produkt enthält von Daniel Kouril entwickelte Software Dieses Produkt enthält von Wesley Griffin entwickelte Software Dieses Produkt enthält von Per Allansson entwickelte Software Dieses Produkt enthält von Nils Nordman entwickelte SoftwareDieses Produkt enthält von Simon Wilkinson entwickelte SoftwareDie Verbreitung und Verwendung in Quell- und binärem Format, mit oder ohne Veränderungen, sind unter folgenden Bedingungen erlaubt:
1. Die Verbreitung von Quellcodes muss den voranstehenden Copyrightvermerk, diese Liste von Bedingungen und den folgenden Haftungsausschluss beibehalten.
2. Die Verbreitung in binärem Format muss den voranstehenden Copyrightvermerk, diese Liste von Bedingungen und den folgenden Haftungsausschluss in der Dokumentation und/oder andere Materialien, die mit verteilt werden, reproduzieren.
SÄMTLICHE VORGENANNTE SOFTWARE WIRD VOM AUTOR IM IST-ZUSTAND ("AS IS") BEREITGESTELLT. JEGLICHE AUSDRÜCKLICHEN ODER IMPLIZITEN GARANTIEN, EINSCHLIESSLICH, DOCH NICHT BESCHRÄNKT AUF DIE IMPLIZIERTEN GARANTIEN DER MARKTGÄNGIGKEIT UND DER ANWENDBARKEIT FÜR EINEN BESTIMMTEN ZWECK, SIND AUSGESCHLOSSEN.UNTER KEINEN UMSTÄNDEN HAFTET DER AUTOR FÜR DIREKTE ODER INDIREKTE SCHÄDEN, FÜR BEI VERTRAGSERFÜLLUNG ENTSTANDENE SCHÄDEN, FÜR BESONDERE SCHÄDEN, FÜR SCHADENSERSATZ MIT STRAFCHARAKTER, ODER FÜR FOLGESCHÄDEN EINSCHLIESSLICH, DOCH NICHT BESCHRÄNKT AUF, ERWERB VON ERSATZGÜTERN ODER ERSATZLEISTUNGEN; VERLUST AN NUTZUNG, DATEN ODER GEWINN; ODER GESCHÄFTSUNTERBRECHUNGEN) GLEICH, WIE SIE ENTSTANDEN SIND, UND FÜR JEGLICHE ART VON HAFTUNG, SEI ES VERTRÄGE,
ADC Software Reference Guide
8 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
GEFÄHRDUNGSHAFTUNG, ODER DELIKTISCHE HAFTUNG (EINSCHLIESSLICH FAHRLÄSSIGKEIT ODER ANDERE), DIE IN JEGLICHER FORM FOLGE DER BENUTZUNG DIESER SOFTWARE IST, SELBST WENN AUF DIE MÖGLICHKEIT EINES SOLCHEN SCHADENS HINGEWIESEN WURDE.
Document ConventionsThe following describes the conventions and symbols that this guide uses:
Item Description Description (French) Beschreibung (German)
Example
An example scenario Un scénario d'exemple Ein Beispielszenarium
Caution:
Possible damage to equipment, software, or data
Endommagement possible de l'équipement, des données ou du logiciel
Mögliche Schäden an Gerät, Software oder Daten
Note:
Additional information Informations complémentaires
Zusätzliche Informationen
To
A statement and instructions
Références et instructions
Eine Erklärung und Anweisungen
Tip:
A suggestion or workaround
Une suggestion ou solution
Ein Vorschlag oder eine Umgehung
Warning:
Possible physical harm to the operator
Blessure possible de l'opérateur
Verletzungsgefahr des Bedieners
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 9
Table of ContentsImportant Notices .......................................................................................................... 3
Copyright Notices .......................................................................................................... 4
Document Conventions ................................................................................................. 8
Part 1 – Preface ....................................................................................................... 15
Who Should Use This Guide ....................................................................................... 15
What You Will Find In This Guide ................................................................................ 15
Related Documentation ............................................................................................... 15
Part 2 – Configuration Commands........................................................................ 17
Chapter 1 – adc Configuration Commands ................................................................. 19adc ....................................................................................................................................... 19file ........................................................................................................................................ 19flag ....................................................................................................................................... 20internal-unit-range ................................................................................................................ 20no-remote-trace ................................................................................................................... 21traceoptions ......................................................................................................................... 21
Chapter 2 – adc-instance Configuration Commands .................................................. 23adc-instance ........................................................................................................................ 24address ................................................................................................................................ 25broken-handshake-timeout .................................................................................................. 25checksum-validation ............................................................................................................ 25clear-on-tcp-reset ................................................................................................................. 25couple-wap-radius ............................................................................................................... 25cpu-threshold ....................................................................................................................... 26failed-server-loyalty .............................................................................................................. 26family ................................................................................................................................... 26force-full-failback .................................................................................................................. 26group-updates-interval ......................................................................................................... 27health-check-source ............................................................................................................ 27instance-unit ........................................................................................................................ 27no-connections-sync ............................................................................................................ 28tcp-close-timeout ................................................................................................................. 28tcp-port ................................................................................................................................. 28unit ....................................................................................................................................... 29workload-manager ............................................................................................................... 29
Chapter 3 – content-match Configuration Commands ................................................ 31and-higher ............................................................................................................................ 31and-lower ............................................................................................................................. 31binary-pattern ....................................................................................................................... 32binary-value ......................................................................................................................... 32
ADC Software Reference Guide
Table of Contents
10 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
content-match ..................................................................................................................... 32case-sensitive ..................................................................................................................... 33depth ................................................................................................................................... 33http-error-message .............................................................................................................. 33http-header .......................................................................................................................... 34no-regular-expression ......................................................................................................... 34offset ................................................................................................................................... 34string ................................................................................................................................... 34text-pattern .......................................................................................................................... 35text-search .......................................................................................................................... 35url-string .............................................................................................................................. 36
Chapter 4 – custom-health-check Configuration Commands ..................................... 37binary-expect ....................................................................................................................... 37binary-send ......................................................................................................................... 38cmd ..................................................................................................................................... 39custom-health-check ........................................................................................................... 39expect .................................................................................................................................. 39open .................................................................................................................................... 40script .................................................................................................................................... 40send .................................................................................................................................... 41tcp-commands ..................................................................................................................... 41udp-commands ................................................................................................................... 41
Chapter 5 – filters Configuration Commands ............................................................ 43accept .................................................................................................................................. 44client-nat .............................................................................................................................. 44connection-timeout .............................................................................................................. 44content-strings ..................................................................................................................... 44content-term ........................................................................................................................ 45destination-address ............................................................................................................. 45destination-nat ..................................................................................................................... 45destination-port ................................................................................................................... 45discard ................................................................................................................................. 46exclude-by-content .............................................................................................................. 46filters .................................................................................................................................... 47first-request-only ................................................................................................................. 47from ..................................................................................................................................... 48go-to .................................................................................................................................... 48group ................................................................................................................................... 48http-redirect ......................................................................................................................... 49load-balance ........................................................................................................................ 49load-balancing-hash ............................................................................................................ 49log ....................................................................................................................................... 50match-content ..................................................................................................................... 50no-cache-request ................................................................................................................ 50non-get-request ................................................................................................................... 51per-packet-load-balancing ................................................................................................... 51
ADC Software Reference Guide
Table of Contents
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 11
persistency ........................................................................................................................... 51protocol ................................................................................................................................ 52request-with-cookie .............................................................................................................. 52select-by-content ................................................................................................................. 52server-listening-port ............................................................................................................. 53source-address .................................................................................................................... 53source-port ........................................................................................................................... 53sync-connections ................................................................................................................. 54tcp-flags ............................................................................................................................... 54term ...................................................................................................................................... 54then ...................................................................................................................................... 54web-cache-redirection ......................................................................................................... 55
Chapter 6 – groups Configuration Commands ........................................................... 57always-up ............................................................................................................................. 58availability-threshold ............................................................................................................ 58backup-group ....................................................................................................................... 58backup-real-server ............................................................................................................... 58direct-server-return .............................................................................................................. 59dns ....................................................................................................................................... 59dnstcp .................................................................................................................................. 59ftp ......................................................................................................................................... 59group-health-formula ........................................................................................................... 59group-unit ............................................................................................................................. 60groups .................................................................................................................................. 60health-check ........................................................................................................................ 60http ....................................................................................................................................... 61imap ..................................................................................................................................... 61ldap ...................................................................................................................................... 61load-balancing-method ........................................................................................................ 62nntp ...................................................................................................................................... 62ping ...................................................................................................................................... 63pop3 ..................................................................................................................................... 63radius ................................................................................................................................... 63rtsp ....................................................................................................................................... 64script .................................................................................................................................... 64server-warm-up-time ............................................................................................................ 64sip ........................................................................................................................................ 64smtp ..................................................................................................................................... 65snmp .................................................................................................................................... 65ssl-hello ................................................................................................................................ 65tcp ........................................................................................................................................ 66tftp ........................................................................................................................................ 66wap ...................................................................................................................................... 66work-load-manager .............................................................................................................. 66wsp ...................................................................................................................................... 67wtls ....................................................................................................................................... 67
ADC Software Reference Guide
Table of Contents
12 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
wtp ....................................................................................................................................... 67wts ....................................................................................................................................... 68
Chapter 7 – real-server Configuration Commands .................................................... 69address ............................................................................................................................... 69allow-ldap-write ................................................................................................................... 70avoid-http-strings ................................................................................................................. 70backup-real-server .............................................................................................................. 70buddy-server ....................................................................................................................... 71buddy-service-port .............................................................................................................. 71client-nat .............................................................................................................................. 71connection-timeout .............................................................................................................. 71content-strings ..................................................................................................................... 72description ........................................................................................................................... 72do-not-preempt .................................................................................................................... 72failure-retries ....................................................................................................................... 73group ................................................................................................................................... 73health-check ........................................................................................................................ 73interval ................................................................................................................................. 73listening-ports ...................................................................................................................... 74max-connections ................................................................................................................. 74real-servers ......................................................................................................................... 75recovery-retries ................................................................................................................... 75use-when-overflow .............................................................................................................. 76weight .................................................................................................................................. 76
Chapter 8 – router-interfaces Configuration Commands ........................................... 77client-facing ......................................................................................................................... 77family ................................................................................................................................... 77ms-interfaces ....................................................................................................................... 78nat-address ......................................................................................................................... 78nat-address-range ............................................................................................................... 78router-interfaces .................................................................................................................. 79server-facing ....................................................................................................................... 79unit ...................................................................................................................................... 80
Chapter 9 – virtual-server and virtual-service Configuration Commands .................. 81add-x-forwarded-for ............................................................................................................. 82address ............................................................................................................................... 82allow-write-servers .............................................................................................................. 82close-unknown-ports ........................................................................................................... 82connection-pooling .............................................................................................................. 82cookie-name ........................................................................................................................ 83description ........................................................................................................................... 83dns-virtual-service ............................................................................................................... 83domain-name ...................................................................................................................... 84efficient-memory-use ........................................................................................................... 84fast-load-balancing .............................................................................................................. 84ftp-virtual-service ................................................................................................................. 84
ADC Software Reference Guide
Table of Contents
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 13
group .................................................................................................................................... 85groups .................................................................................................................................. 85hostname ............................................................................................................................. 86http-parsing-depth ................................................................................................................ 86http-virtual-service ............................................................................................................... 87insert .................................................................................................................................... 87inspect ................................................................................................................................. 88ldap-virtual-service ............................................................................................................... 89persistency ........................................................................................................................... 89persistency cookie ............................................................................................................... 91persistent-timeout ................................................................................................................ 91plain-virtual-service .............................................................................................................. 92port ....................................................................................................................................... 92protocol ................................................................................................................................ 93radius-authentication ........................................................................................................... 93radius-legacy-ports .............................................................................................................. 93rewrite .................................................................................................................................. 94rtsp-virtual-service ............................................................................................................... 94select-by-content ................................................................................................................. 95server-listening-port ............................................................................................................. 97service-timeout .................................................................................................................... 98sip-virtual-service ................................................................................................................. 98source-port-in-hash .............................................................................................................. 99ssl-virtual-service ................................................................................................................. 99syn-protection ................................................................................................................... 100sync-connections .............................................................................................................. 100tftp-virtual-service ............................................................................................................. 101virtual-server ..................................................................................................................... 102wap-virtual-service ............................................................................................................ 103wts-virtual-service ............................................................................................................. 103
Part 3 – Operational Commands.......................................................................... 105
Chapter 10 – adc-instance Operational Commands ............................................... 107show extensions adc status .............................................................................................. 107show extensions adc cpu .................................................................................................. 108show extensions adc license-info ..................................................................................... 109show extensions adc nat .................................................................................................. 110show extensions adc workload-manager .......................................................................... 111clear extensions adc statistics .......................................................................................... 111
Chapter 11 – connection-table Operational Commands ......................................... 113show extensions adc connection-table ............................................................................. 113clear extensions adc connection-entry ............................................................................. 116clear extensions adc connection-table .............................................................................. 117clear extensions adc persistency-entry ............................................................................. 117clear extensions adc persistency-table ............................................................................. 118
Chapter 12 – content-match Operational Commands ............................................. 121
ADC Software Reference Guide
Table of Contents
14 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
show extensions adc strings-statistics .............................................................................. 121
Chapter 13 – filters Operational Commands ........................................................... 123show extensions adc filters term ....................................................................................... 123show extensions adc filters load-balance .......................................................................... 123show extensions adc filters maintenance .......................................................................... 124
Chapter 14 – group Operational Commands ........................................................... 125show extensions adc group ............................................................................................... 125
Chapter 15 – internal and maintenance Operational Commands ........................... 127show extensions adc internal ............................................................................................ 127request extensions adc maintenance dump-and-restart ................................................... 130request extensions adc maintenance information ............................................................. 130
Chapter 16 – real-server Operational Commands ................................................... 133show extensions adc real-server ....................................................................................... 133request extensions adc disable ......................................................................................... 135request extensions adc enable ......................................................................................... 135
Chapter 17 – virtual-server and services Operational Commands .......................... 137show extensions adc virtual-server ................................................................................... 137show extensions adc dns .................................................................................................. 139show extensions adc ftp .................................................................................................... 140show extensions adc http .................................................................................................. 142show extensions adc ldap ................................................................................................. 144show extensions adc plain-virtual-service ......................................................................... 145show extensions adc rtsp .................................................................................................. 146show extensions adc sip ................................................................................................... 148show extensions adc ssl ................................................................................................... 150show extensions adc tftp ................................................................................................... 151show extensions adc wap ................................................................................................. 152show extensions adc wts .................................................................................................. 154
Index....................................................................................................................... 157
ADC Software Reference Guide
Preface
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 15
Part 1 – Preface
Juniper Networks® Application Delivery Controller (ADC) for the MX Series 3D Universal Edge Router offers advanced router-integrated ADC functions that enables service providers and enterprises to efficiently scale service capacity and increase service performance. Routers are already ubiquitously deployed throughout the network: at the network edge, in the network core, and in the data center. Integrating the advanced ADC with the carrier-grade MX3D router promotes network consolidation and reduces the number of network elements that providers must rack, power, cool, maintain, and upgrade. Furthermore, the ADC software, which is optionally licensed, improves service resiliency by monitoring server and application health and by automatically bypassing failures.This guide describes the commands used by the ADC software.
Who Should Use This GuideThis guide is intended for network installers and system administrators engaged in configuring and maintaining a network. The administrator should be familiar with Ethernet concepts, IP addressing, and SNMP configuration parameters.
What You Will Find In This GuideThe guide is divided into separate parts and chapters. Each chapter contains an alphabetical list of the ADC software commands and statements.
Related Documentation• ADC Software Release Notes• ADC Software User Guide• ADC Software Troubleshooting Guide
ADC Software Reference Guide Preface
16 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
ADC Software Reference Guide
Configuration Commands
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 17
Part 2 – Configuration Commands
This part includes the command-line interface (CLI) commands available for the configuration of the ADC Software. It is subdivided into chapters and each command in each section is alphabetized for easy use.Configuration Commands includes the following chapters:• adc Configuration Commands• adc-instance Configuration Commands• content-match Configuration Commands• custom-health-check Configuration Commands• filters Configuration Commands• groups Configuration Commands• real-server Configuration Commands• router-interfaces Configuration Commands• virtual-server and virtual-service Configuration Commands
ADC Software Reference Guide Configuration Commands
18 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 19
Chapter 1 – adc Configuration CommandsThis chapter includes the command-line interface (CLI) commands available for configuring the main ADC.This chapter includes the following commands, organized alphabetically:• adc• file• flag• internal-unit-range• no-remote-trace• traceoptions
adc
file
Syntax adc {internal-unit-range from start-number to end-number;adc-instance adc-name {
...}traceoptions {
...}
}
Hierarchy Level [edit extensions]
Release Information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the Application Delivery Controller (ADC) software extension name.
Options The remaining statements are explained separately.
Related Documentation
See also “Configuring a Juniper Network Device for SLB” in the ADC Software Users Guide.
Syntax file name <size size-value> <files number> <match match-value> <no-world-readable | world-readable>;
Hierarchy Level [edit extensions adc traceoptions]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
ADC Software Reference Guide
20 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
flag
internal-unit-range
Description Specifies the name of the file to receive the output of the tracing operation.
Options name—The name of the trace file into which the trace information is logged.files number—(Optional) Sets the maximum number of trace files. When a trace file reaches its maximum size, it is renamed with a “.0” extension, then a “.1” extension, and so on, until the maximum number of trace files is reached. Then the oldest trace file is overwritten. If you specify a maximum number of trace files, you must also specify a maximum size.
Range: 2 through 1000Default: 3
match match-value—(Optional) Enter the expression to use for the lines being logged.size size-value—(Optional) Sets the maximum trace file size. If you specify a maximum size, you must also specify a maximum number of trace files.
Range: 10240 through 1073741824Default: 128000
no-world-readable—(Optional) Do not allow any user access to read the log file. This option is mutually exclusive with the world-readable option.world-readable—(Optional) Allows any user access to read the log file. This option is mutually exclusive with the no-world-readable option.
Syntax flag all | configuration | connection | dfw | kcom | license | mibs | normal;
Hierarchy Level [edit extensions adc traceoptions]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the tracing operation to perform. To specify more than one tracing operation, include multiple flag statements.
Options all—Trace everything.configuration—Trace configuration events.connection—Trace connection events.dfw—Trace SSD and DFW related events.kcom—Trace kernal communication events.license—Trace license events.mibs—Trace MIB events.normal—Trace normal events. Without this flag, only unusual and abnormal events are traced.
Syntax internal-unit-range from start-number to end-number;
Hierarchy Level [edit extensions adc]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 21
no-remote-trace
traceoptions
Description Used for Direct Server Return configurations.Enter the number for the first internal unit that will be used with this load-balancing instance, then enter the number for the last internal unit that will be used with this load-balancing instance. Valid entries for each portion of the range are 1 to 16,385.
Options from start-number—Subunit range start.Range: 1 through 16385
to end-number—Subunit range end. The to value must be larger than the from value.
Range: 1 through 16385
Syntax no-remote-trace;
Hierarchy Level [edit extensions adc traceoptions]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description (Optional) Disables remote tracing.
Syntax traceoptions {file name <size size-value> <files number> <match match-value>
<no-world-<readable | world-readable>;flag all | configuration | connection | dfw | kcom | license | mibs |
normal;no-remote-trace;
}
Hierarchy Level [edit extensions adc]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the ADC trace options.
Options The remaining statements are explained separately.
ADC Software Reference Guide
22 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 23
Chapter 2 – adc-instance Configuration CommandsThis chapter includes the command-line interface (CLI) commands available for configuring specific ADC instances.This chapter includes the following commands, organized alphabetically:• adc-instance• address• broken-handshake-timeout• checksum-validation• clear-on-tcp-reset• couple-wap-radius• cpu-threshold• failed-server-loyalty• family• force-full-failback• group-updates-interval• health-check-source• instance-unit• no-connections-sync• tcp-close-timeout• tcp-port• unit• workload-manager
ADC Software Reference Guide
24 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
adc-instance
Syntax adc-instance adc-name {broken-handshake-timeout timeout;checksum-validation;clear-on-tcp-reset;content-match {
...}couple-wap-radius;cpu-threshold threshold-number;custom-health-check {
...}failed-server-loyalty;filters {
...}force-full-failback;groups {
...}group-updates-interval interval-time;health-check-source {
...}instance-unit number;no-connections-sync;real-servers {
...}router-interfaces {
...}tcp-close-timeout timeout;virtual-server name {
...}workload-manager name {
...}
}
Hierarchy Level [edit extensions adc]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the ADC instance configuration.
Options adc-name—Name of the ADC instance to create or edit.The remaining statements are explained separately.
Related Documentation
adc on page 19 (adc Configuration Commands)
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 25
address
broken-handshake-timeout
checksum-validation
clear-on-tcp-reset
couple-wap-radius
Syntax address ip-address;
Hierarchy Level [edit extensions adc adc-instance adc-name health-check-source unit unit-number family family-name],[edit extensions adc adc-instance adc-name workload-manager name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the source IP address.
Options ip-address—Configures the IP address.
Syntax broken-handshake-timeout timeout;
Hierarchy Level [edit extensions adc adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the timeout for incomplete delayed bind connection (10 to 60 seconds).
Options timeout—The amount of time, in seconds.Range: 10 through 60Default: 30
Syntax checksum-validation;
Hierarchy Level [edit extensions adc adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Uses TCP checksum validation for SYN-protected traffic.
Syntax clear-on-tcp-reset;
Hierarchy Level [edit extensions adc adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Immediately clears connections that were closed by a TCP reset from the connection-table.
Syntax couple-wap-radius;
Hierarchy Level [edit extensions adc adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies that when any RADIUS or WAP service health check fails, all the RADIUS or WAP groups fail.
ADC Software Reference Guide
26 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
cpu-threshold
failed-server-loyalty
family
force-full-failback
Syntax cpu-threshold threshold-number;
Hierarchy Level [edit extensions adc adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the CPU threshold used for alerts (1 to 100). When the CPU load exceeds the configured number, a trap and system log message are sent.
Options threshold-number—Enter a value for the CPU use threshold.Range: 1 through 100Default: 85
Syntax failed-server-loyalty;
Hierarchy Level [edit extensions adc adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Keeps existing sessions bound to a failed server. When this command is set, state information about existing sessions to a failed server is maintained and traffic associated with existing sessions continues to be sent to the server.
Syntax family {family-name {
address ip-address;}
Hierarchy Level [edit extensions adc adc-instance adc-name health-check-source unit unit-number]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the family of addresses.
Options family-name—Enter a family address. This must be set to INET.Value: Only INET (IPv4 protocol) addresses are allowed.
The remaining statements are explained separately.
Syntax force-full-failback;
Hierarchy Level [edit extensions adc adc-instance adc-name]
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 27
group-updates-interval
health-check-source
instance-unit
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Moves all connections to the main server if a failback instance occurs.When the master real server resumes service, all connections associated to the backup server are immediately moved to the main server. By default (when this parameter is not set), when the master real server resumes service, new connections are sent to the master server but existing connections are bound to the backup server until they are closed or timed out.
Syntax group-updates-interval interval-time;
Hierarchy Level [edit extensions adc adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Defines the frequency of updating real server information when using response time or bandwidth load-balancing methods.
Options interval-time—Enter the update frequency time in seconds.Range: 1 through 256Default: 60
Syntax health-check-source {unit unit-number {
family {family-name {
address ip-address;}
}}
}
Hierarchy Level [edit extensions adc adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the source IP address used for health checks sent to real servers. A health-check source address must be set for each unit on which real servers are configured, in order to allow sending health checks to the servers.
Options The remaining statements are explained separately.
Syntax instance-unit unit-number;
Hierarchy Level [edit extensions adc adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the default logical interface number for the adc-instance (0 to 16385).
Note: To allow for more granular configurations, units can be defined for a group of servers or specifically for a real server.
ADC Software Reference Guide
28 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
no-connections-sync
tcp-close-timeout
tcp-port
Output unit-number—Enter the default interface number.Range: 0 through 16385Default: 0
Related Documentation
group-unit on page 60 (groups Configuration Commands)address on page 69 (real-server Configuration Commands)
Syntax no-connections-sync;
Hierarchy Level [edit extensions adc adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the ADC software not to synchronize connection information to a backup RMS interface (virtual services and filters).
Related Documentation
sync-connections on page 54 (filters Configuration Commands)sync-connections on page 100 (virtual-server and virtual-service Configuration Commands)
Syntax tcp-close-timeout timeout;
Hierarchy Level [edit extensions adc adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the amount of time after the TCP closes before the connection is removed from the connection table (21-8 seconds).
Options timeout—The time in seconds after a TCP sesion closes (for example, with FIN) until it is removed from the connection table. The value you enter here is the “to the power of” amount from a base of 2 seconds. For example, if you enter “2”, the result will be a 4 second timeout (2 seconds base to the power of 2, or 2 x 2 = 4).
Range: 1 through 8; this corresponds to a result of: 2, 4, 8, 16, 32, 64, 128, and 256 seconds.Default: 1 (2 seconds)
Related Documentation
sync-connections on page 54 (filters Configuration Commands)sync-connections on page 100 (virtual-server and virtual-service Configuration Commands)
Syntax tcp-port port;
Hierarchy Level [edit extensions adc adc-instance adc-name workload-manager name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Configures the TCP port number to use for the workload manager.
Options port—Enter the port number to use.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 29
unit
workload-manager
Syntax unit unit-number {family {
family-name {address ip-address;
}}
}
Hierarchy Level [edit extensions adc adc-instance adc-name health-check-source]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Selects the number of the unit to edit.
Options unit-number—Enter the number of the unit to edit. A health-check source address must be set for each unit on which real servers are configured, in order to allow sending health checks to the servers.The remaining statements are explained separately.
Syntax workload-manager name {address ip-address;tcp-port port;
}
Hierarchy Level [edit extensions adc adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Configures the workload-manager per adc-instance; its internal identifying name, its IP address and TCP port. The workload manager uses the Server/Application State Protocol (SASP) to monitor server resources and provide additional input for load balancing decisions.When servers of a group are managed by a workload manager, you can associate this workload manager to the group.
Options name—Enter the name of the workload manager.
Related Documentation
groups on page 60 (groups Configuration Commands)work-load-manager on page 66 (groups Configuration Commands)
ADC Software Reference Guide
30 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 31
Chapter 3 – content-match Configuration CommandsThis chapter includes the command-line interface (CLI) commands available for configuring items to match specific content as defined by the user.This chapter includes the following commands, organized alphabetically:• and-higher• and-lower• binary-pattern• binary-value• content-match• case-sensitive• depth• http-error-message• http-header• no-regular-expression• offset• string• text-pattern• text-search• url-string
and-higher
and-lower
Syntax and-higher;
Hierarchy Level [edit extensions adc adc-instance adc-name content-match string string-name binary-pattern binary-value]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the ADC software to search for values equal to or higher than the value entered.
Syntax and-lower;
Hierarchy Level [edit extensions adc adc-instance adc-name content-match string string-name binary-pattern binary-value]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the ADC software to search for values equal to or lower than the value entered.
ADC Software Reference Guide
32 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
binary-pattern
binary-value
content-match
Syntax binary-pattern {binary-value {
value;and-higher;and-lower;
}offset offset-value;depth depth-value;
}
Hierarchy Level [edit extensions adc adc-instance adc-name content-match string string-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the binary-pattern search option for content-matching.
Options The remaining statements are explained separately.
Syntax binary-value {value;and-higher;and-lower;
}
Hierarchy Level [edit extensions adc adc-instance adc-name content-match string string-name binary-pattern]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the value for which the ADC software should search in a binary-pattern search.
Options value—A binary value.The remaining statements are explained separately.
Syntax content-match {case-sensitive;custom-http-methods [method method];http-error-message text;string string-name {
[ binary-pattern | text-pattern | text-search ];}
}
Hierarchy Level [edit extensions adc adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets strings used for content-based load balancing.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 33
case-sensitive
depth
http-error-message
Options The remaining statements are explained separately.
Related Documentation
adc-instance on page 24 (adc-instance Configuration Commands)content-strings on page 44 (filters Configuration Commands)exclude-by-content on page 46 (filters Configuration Commands)http-redirect on page 49 (filters Configuration Commands)content-strings on page 72 (real-server Configuration Commands)
Syntax case-sensitive;
Hierarchy Level [edit extensions adc adc-instance adc-name content-match]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Uses case-sensitive text search matching.
Syntax depth number;
Hierarchy Level [edit extensions adc adc-instance adc-name content-match string (content-match) string-name binary-value],[edit extensions adc adc-instance adc-name content-match string (content-match) string-name text-pattern]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the number of bytes in the IP packet that should be examined from either the beginning of the packet or from the offset value.
Default: 0 (beginning of the packet)
Syntax http-error-message text;
Hierarchy Level [edit extensions adc adc-instance adc-name content-match]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the custom message sent to HTTP users when there is no available server.The error message is sent when the device responds with the “HTTP/1.0 503 – service unavailable” message. If an HTTP error message exists, it is appended to the response just before the 503 error message. The default is not to append anything to the 503 error message.
Options text—Enter a custom message to send to HTTP users when a server is not available.
Length: 31 chars (maximum)
ADC Software Reference Guide
34 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
http-header
no-regular-expression
offset
stringThe command “string” is executed from different areas of the command hierarchy. Select one of the following options depending on which area of the hierarchy you are using:• string (content-match)• string (text-search)
string (content-match)
Syntax http-header header-name [value header-value];
Hierarchy Level [edit extensions adc adc-instance adc-name content-match string string-name text-search]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the HTTP header name and value.
Options header-name—Sets the HTTP header name.header-value—Sets the HTTP-header value.
Syntax no-regular-expression;
Hierarchy Level [edit extensions adc adc-instance adc-name content-match string string-name text-search]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the ADC software does not evaluate the string as a regular expression, even when it contains regular expression characters. This is required when variables are used in the matched content, such as $HOST or $URL.
Syntax offset number;
Hierarchy Level [edit extensions adc adc-instance adc-name content-match offset string-name binary-pattern],[edit extensions adc adc-instance adc-name content-match string string-name text-pattern]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the byte count from the start of the string from which to start a search operation.
Default: 0 (beginning of the string)
Syntax string string-name {[ binary-pattern | text-pattern | text-search ]
}
Hierarchy Level [edit extensions adc adc-instance adc-name content-match string string-name]
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 35
string (text-search)
text-pattern
text-search
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the name of the string used for content-based load balancing. The search can use one of: binary-pattern, text-pattern, or text-search.
Options string-name—Enter the name of the string to use for the content-based load balancing.The remaining statements are explained separately.
Syntax string ascii;
Hierarchy Level [edit extensions adc adc-instance adc-name content-match string string-name text-pattern]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the name of the string used for content-based load balancing. The search can use one of: binary-pattern, text-pattern, or text-search.
Options string-name—Enter the name of the string to use for the content-based load balancing.The remaining statements are explained separately.
Syntax text-pattern {string ascii;offset offset-value;depth depth-value;
}
Hierarchy Level [edit extensions adc adc-instance adc-name content-match string string-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the text-pattern search option for content matching.
Options The remaining statements are explained separately.
Syntax text-search {http-header header-name [ value header-value ];url-string url;no-regular-expression;
}
Hierarchy Level [edit extensions adc adc-instance adc-name content-match string string-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the text-based search option for content matching.
Options The remaining statements are explained separately.
ADC Software Reference Guide
36 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
url-string
Syntax url-string url;
Hierarchy Level [edit extensions adc adc-instance adc-name content-match string string-name text-search]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the host and path for HTTP or Real-Time Streaming Protocol (RTSP), hostname for DNS. Regular expressions are supported.
Options url—Sets the host and path for HTTP or RTSP or the hostname for DNS. Regular expressions are supported.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 37
Chapter 4 – custom-health-check Configuration CommandsThis chapter includes the command-line interface (CLI) commands available for configuring custom health checks for the ADC instance.This chapter the following commands, organized alphabetically:• binary-expect• binary-send• cmd• custom-health-check• expect• open• script• send• tcp-commands• udp-commands
binary-expect
Syntax binary-expect hexadecimal-value <depth number> <offset number> <wait interval>;
Hierarchy Level [edit extensions adc adc-instance adc-name custom-health-check script script-name tcp-commands name cmd cmd-id],[edit extensions adc adc-instance adc-name custom-health-check script script-name udp-commands name cmd cmd-id]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Used in the cmd parameter line of a script to specify the binary content to expect from the server response packet in hexadecimal format.
ADC Software Reference Guide
38 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
binary-send
Options hexadecimal-value—Specifies the content to expect from the server response packet using hexadecimal format.depth number—Specifies the number of bytes in the IP packet that should be examined. If no offset value is specified, depth is specified from the beginning of the packet.
Default: The default value is the length of the content.offset number—Specifies the offset from the beginning of the binary data area to start matching the content specified in the binary-expect command. The offset command is supported for both UDP- and TCP-based health checks. If you require an offset, specify the offset command after a binary-expect command.
Default: 0wait interval—Specifies a wait interval before the expected response is returned. The wait interval begins when the send string is sent from the ADC software. If the expected response is received within the interval, the wait step passes. Otherwise, the health check fails. The wait interval is expressed in units of milliseconds. When the wait interval is not specified, the script waits according to the real server configured interval.
Range: 0 through 65535
Related Documentation
See “Script-Based Health Checks” in the ADC Software Users Guide for examples of scripts using the cmd parameter.tcp-commands on page 41 (custom-health-check Configuration Commands)udp-commands on page 41 (custom-health-check Configuration Commands)
Syntax binary-send hexidecimal-value;
Hierarchy Level [edit extensions adc adc-instance adc-name custom-health-check script script-name tcp-commands name cmd cmd-id],[edit extensions adc adc-instance adc-name custom-health-check script script-name udp-commands name cmd cmd-id]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Used in the cmd parameter line of a script to specify binary content in hexadecimal format.
Options hexidecimal-value—Specifies the binary content to send using raw hexadecimal format for the request packet.
Related Documentation
See “Script-Based Health Checks” in the ADC Software Users Guide for examples of scripts using the cmd parameter.tcp-commands on page 41 (custom-health-check Configuration Commands)udp-commands on page 41 (custom-health-check Configuration Commands)
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 39
cmd
custom-health-check
expect
Syntax cmd cmd-id <open | send | binary-send | expect | binary-expect >;
Hierarchy Level [edit extensions adc adc-instance adc-name custom-health-check script script-name tcp-commands name],[edit extensions adc adc-instance adc-name custom-health-check script script-name udp-commands name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the command ID for the commands to be used. Multiple command lines are usually required in order to specify a full script.
Options cmd-id—Enter the command ID.
Related Documentation
See “Script-Based Health Checks” in the ADC Software Users Guide for examples of scripts using the cmd parameter.tcp-commands on page 41 (custom-health-check Configuration Commands)udp-commands on page 41 (custom-health-check Configuration Commands)
Syntax custom-health-check {script script-name {
tcp-commands tcp-name {cmd cmd-id <open | send | binary-send | expect | binary-expect >;
}udp-commands udp-name {
cmd cmd-id <open | send | binary-send | expect | binary-expect >;}
}}
Hierarchy Level [edit extensions adc adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the customized health-check option based on scripts.
Options The remaining statements are explained separately.
Related Documentation
adc-instance on page 24 (adc-instance Configuration Commands)
Syntax expect text <wait interval>;
Hierarchy Level [edit extensions adc adc-instance adc-name custom-health-check script script-name tcp-commands name cmd cmd-id],[edit extensions adc adc-instance adc-name custom-health-check script script-name udp-commands name cmd cmd-id]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Used in the cmd parameter line of a script to specify the content to expect in raw hexadecimal format.
ADC Software Reference Guide
40 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
open
script
Options text—Specifies the content to expect using raw hexadecimal format.wait interval—Specifies a wait interval before the expected response is returned. The wait interval begins when the send string is sent from the ADC software. If the expected response is received within the interval, the wait step passes. Otherwise, the health check fails. The wait interval is expressed in units of milliseconds. When the wait interval is not specified, the script waits according to the real server configured interval.
Range: 0 through 65535
Related Documentation
See “Script-Based Health Checks” in the ADC Software Users Guide for examples of scripts using the cmd parameter.tcp-commands on page 41 (custom-health-check Configuration Commands)udp-commands on page 41 (custom-health-check Configuration Commands)
Syntax open port;
Hierarchy Level [edit extensions adc adc-instance adc-name custom-health-check script script-name tcp-commands name cmd cmd-id],[edit extensions adc adc-instance adc-name custom-health-check script script-name udp-commands name cmd cmd-id]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Used in the cmd parameter line of a script to open a specific real-server port.
Options port—Specifies which destination real-server UDP port to use; for example, open 9201.
Related Documentation
See “Script-Based Health Checks” in the ADC Software Users Guide for examples of scripts using the cmd parameter.tcp-commands on page 41 (custom-health-check Configuration Commands)udp-commands on page 41 (custom-health-check Configuration Commands)
Syntax script script-name {tcp-commands tcp-name {cmd cmd-id <open | send | binary-send | expect | binary-expect>;
udp-commands udp-name {cmd cmd-id <open | send | binary-send | expect | binary-expect>;
}}
Hierarchy Level [edit extensions adc adc-instance adc-name custom-health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the name of the script to use in a custom health check. A script is made up of one or more TCP or UDP command containers. A script can contain any number of these containers, up to the allowable number of characters that a script supports.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 41
send
tcp-commands
udp-commands
Options script-name—Sets the name of the script to use for health-checking the server.The remaining statements are explained separately.
Related Documentation
health-check on page 60 (groups Configuration Commands)
Syntax send text;
Hierarchy Level [edit extensions adc adc-instance adc-name custom-health-check script script-name tcp-commands name cmd cmd-id],[edit extensions adc adc-instance adc-name custom-health-check script script-name udp-commands name cmd cmd-id]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Used in the cmd parameter line of a script to send designated content in hexadecimal format.
Options text—Specifies the send content in raw hexidecimal format.
Related Documentation
See “Script-Based Health Checks” in the ADC Software Users Guide for examples of scripts using the cmd parameter.tcp-commands on page 41 (custom-health-check Configuration Commands)udp-commands on page 41 (custom-health-check Configuration Commands)
Syntax tcp-commands tcp-name {cmd cmd-id <open | send | binary-send | expect | binary-expect >;
Hierarchy Level [edit extensions adc adc-instance adc-name custom-health-check script script-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the TCP commands for the script used for custom health checks. It is a container for one or more commands.
Options tcp-name—The name of the TCP command set to edit or add.The remaining statements are explained separately.
Related Documentation
script on page 40 (custom-health-check Configuration Commands)
Syntax udp-commands udp-name {cmd cmd-id <open | send | binary-send | expect | binary-expect>;
Hierarchy Level [edit extensions adc adc-instance adc-name custom-health-check script script-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
ADC Software Reference Guide
42 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
Description Specifies the UDP commands for the script used for custom health checks. It is a container for one or more commands.
Options udp-name—The name of the UDP command to edit or add.The remaining statements are explained separately.
Related Documentation
script on page 40 (custom-health-check Configuration Commands)
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 43
Chapter 5 – filters Configuration CommandsThis chapter includes the command-line interface (CLI) commands available for configuring the filters used by the ADC software.This chapter the following commands, organized alphabetically:• accept• client-nat• connection-timeout• content-strings• content-term• destination-address• destination-nat• destination-port• discard• exclude-by-content• filters• first-request-only• from• go-to• group• http-redirect• load-balance• load-balancing-hash• log• match-content• no-cache-request• non-get-request• per-packet-load-balancing• persistency• protocol• request-with-cookie• select-by-content• server-listening-port• source-address• source-port• sync-connections• tcp-flags• term• then• web-cache-redirection
ADC Software Reference Guide
44 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
accept
client-nat
connection-timeout
content-strings
Syntax accept;
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name then]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Accepts the packet. The packet is processed according to its destination: either handled by the ADC software virtual services or by the router and sent to its destination.
Syntax client-nat;
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name then load-balance]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Uses client-IP address translation.
Note: The client-nat address is taken from the Multiservices-DPC PIC configuration. If no NAT address is present, traffic will drop.
Related Documentation
nat-address on page 78 (router-interfaces Configuration Commands)nat-address-range on page 78 (router-interfaces Configuration Commands)
Syntax connection-timeout minutes;
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name then load-balance]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the timeout amount, in minutes, for inactive connections.
Options minutes—Timeout amount for inactive connection.Range: 1 through 32768Default: 4
Syntax content-strings [string-name string-name];
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name then content-term match-content]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Defines content match criteria.
Options string-name—Enter the content strings to match against.
Related Documentation
string on page 34 (content-match Configuration Commands)
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 45
content-term
destination-address
destination-nat
destination-port
Syntax content-term {match-content {
content-strings [string-name string-name];first-request-only;
}then {
discard;http-redirect {
from;log;
}}
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name then]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Matches content by selected action. Non-matched traffic is matched against further non-content terms.
Options The remaining statements are explained separately.
Related Documentation
See also “Regular Expression Matching” in the ADC Software User Guide.
Syntax destination-address prefix/prefix-length;
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name from]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Matches the IP destination address prefix; for example, 1.1.1.1/24.
Options prefix/prefix-length—Specify the address prefix and prefix length. Default: If you omit the prefix-length, it defaults to /32.
Syntax destination-nat;
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name then load-balance]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Translates the destination address to the real server address. When this flag is not set, only the destination MAC is changed (from the virtual address MAC to the MAC of the cache server). The destination IP address remains unchanged.
Syntax destination-port port to port;
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name from]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
ADC Software Reference Guide
46 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
discard
exclude-by-content
Description Matches the TCP/UDP destination port.
Options port—Enter one port or the first of a range of ports.Range: 0 through 65534Default: 0 (destination port is not part of the search criteria)
to port—(Optional) Enter the last of a range of ports. This port must be higher than the first port entered.
Range: 0 through 65534
Syntax discard;
Hierarchy Level [edit extensions adc adc-instance adc\name filters term name then],[edit extensions adc adc-instance adc-name filters term name then content-term then]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Discards the packet.
Syntax exclude-by-content [string-name string-name];
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name then load-balance]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Defines content that is accepted and not sent to the server. Client requests that include this content are sent directly through to the original destination. Other client requests are load-balanced among the servers in the group.
Options string-name—Enter the content strings to match against.
Related Documentation
content-match on page 32 (content-match Configuration Commands)
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 47
filters
first-request-only
Syntax filters {term term-name {
from {...
}then {
log;per-packet-load-balancing;[accept | content-term | discard | go-to | http-redirect | load-
balance]}
}web-cache-redirection {
...}
}
Hierarchy Level [edit extensions adc adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the traffic filters, primarily used for transparent redirection. Traffic coming from client-facing interfaces is matched against filters. Servers must be connected to server-facing interfaces. The order of the filter term matching process is according to the order the terms appear in the configuration. You can move terms around by using Juniper Networks CLI commands.
Options The remaining statements are explained separately.
Related Documentation
adc-instance on page 24 (adc-instance Configuration Commands)
Syntax first-request-only;
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name then content-term match-content]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Used to check the first HTTP request only. When set, the search will not match subsequent requests.
ADC Software Reference Guide
48 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
from
go-to
group
Syntax from {destination-address prefix/prefix-length;destination-port {
from-port [to to-port];}protocol;source-address prefix/prefix-length;source-port {
from-port [to to-port];}tcp-flags;
}
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Defines match criteria for this filter term. When a connection is matching the from criteria, the action, as defined in the then clause of that filter, is performed.
Syntax go-to term;
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name then]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies that when a match occurs, the software should skip to the designated term.
Options term—Enter the name of the term. This is the term that will be skipped to if a match occurs.
Note: The target term must appear further down the list than the currently evaluated term.
Syntax group name;
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name then load-balance]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the real server group. Transparent redirection is used by default.
Related Documentation
groups on page 60 (groups Configuration Commands)
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 49
http-redirect
load-balance
load-balancing-hash
Syntax http-redirect {match-string to destination-string;
}
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name then],[edit extensions adc adc-instance adc-name filters term name then content-term then]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the HTTP redirection strings.
Note: Multiple pairs of match-string to destination-string can be defined.
Options match-string—Enter a content-match string. When matched, HTTP redirection to the destination-string is sent.to destination-string—Enter a content-match string. When the match-string appears in a client request, an HTTP redirection to the destination-string is sent to the client.Range: Content-match strings
Related Documentation
content-match on page 32 (content-match Configuration Commands)
Syntax load-balance {group name;connection-timeout minutes;server-listening-port port;load-balancing-hash <destination-ip-and-port | source-ip | source-ip- and-port | destination-ip | source-and-destination | by-http-header <host | user-agent | user-define string length string-length>;
select-by-content;client-nat;persistency client-ip;destination-nat;sync-connections;exclude-by-content [string-name string-name];
}
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Load balances traffic to a group of real servers.
Options The remaining statements are explained separately.
Syntax load-balancing-hash <destination-ip-and-port | source-ip | source-ip-and-port | destination-ip | source-and-destination | by-http-header <host | user-agent | user-define string length string-length>;
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name then load-balance]
ADC Software Reference Guide
50 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
log
match-content
no-cache-request
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the server selection hash criteria. The selection implies the persistency type.
Options by-http-header—Hash based on HTTP header parameters.• host—Hash based on the HTTP host header.• user-agent—Hash based on the HTTP header User-agent.• user-define string—User-defined string header.• length string-length—User-defined string length.
Range: 1 through 255destination-ip—Hash based on destination IP address.destination-ip-and-port—Hash based on destination IP address and port.source-and-destination—Hash based on both source and destination.source-ip—Hash based on source IP address.source-ip-and-port—Hash based on source IP address and port.
Syntax log;
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name then content-term then]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Logs the packet to the system logs (syslog).
Syntax match-content {content-strings [string-name string-name];first-request-only;
}
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name then content-term]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Defines content match criteria.
Options The remaining statements are explained separately.
Related Documentation
content-match on page 32 (content-match Configuration Commands)
Syntax no-cache-request <match-url | pass-through>;
Hierarchy Level [edit extensions adc adc-instance adc-name filters web-cache-redirection]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 51
non-get-request
per-packet-load-balancing
persistency
Description Determines the behavior for requests that contain Cache-Control: no-cache in HTTP/1.1 header, or Pragma: no-cache in HTTP/1.0 header.It controls whether client requests with no-cache indication are sent to the destination server or use the filter configuration to determine behavior.
Options match-url—The URI in no-cache requests is compared against the filter configuration to determine behavior.pass-through—All no-cache requests are sent to the destination server; such requests do not go through filter processing.
Default: pass-through
Syntax non-get-request <match-url | pass-through>;
Hierarchy Level [edit extensions adc adc-instance adc-name filters web-cache-redirection]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Determines the behavior for non-GET requests. It controls whether client non-GET requests are sent to the destination server or use the filter configuration to determine behavior.
Options match-url—The URI in non-GET requests is compared against the filter configuration to determine behavior.pass-through—All non-GET requests are sent to the destination server; such requests do not go through filter processing.
Default: pass-through
Syntax per-packet-load-balancing;
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name],[edit extensions adc adc-instance adc-name virtual-server name dns-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name plain-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Enables per-packet load balancing. This type of load balancing does not use the connection table.
Syntax persistency client-ip;
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name then load-balance]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the server’s persistency criteria.
Options client-ip—Set session persistence based on using the source IP address as the key identifier for the connection.
ADC Software Reference Guide
52 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
protocol
request-with-cookie
select-by-contentThe command “select-by-content” is executed from different areas of the command hierarchy. Select one of the following options depending on which area of the hierarchy you are using:• select-by-content (web-cache-redirection)• select-by-content (load-balance)
select-by-content (web-cache-redirection)
Syntax protocol value;
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name from]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Matches the IP protocol type.
Options value—(Optional) TCP or UDP. To match both protocols, do not set a value for this command.
Values: TCP or UDPDefault: No value (both protocols are used)
Syntax request-with-cookie <match-url | pass-through>;
Hierarchy Level [edit extensions adc adc-instance adc-name filters web-cache-redirection]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Determines the behavior for client requests that include cookies. It controls whether client requests that include cookies are sent to the destination server or use the filter configuration to determine behavior.
Options match-url—The URI in requests with cookies is compared against the filter configuration to determine behavior.pass-through—All requests with cookies are sent to the destination server; such requests do not go through filter processing.
Default: match-url
Syntax select-by-content url-hash length;
Hierarchy Level [edit extensions adc adc-instance adc-name filters web-cache-redirection]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets hashing based on the URL to a select cache server.
Options url-hash length—Specifies the length of the URL to hash into the cache server.
Range: 1 through 255Default: 1
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 53
select-by-content (load-balance)
server-listening-port
source-address
source-port
Syntax select-by-content;
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name then load-balance]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets content-based load balancing. When set, server selection is based on the content-strings as defined in the real-server configuration.
Related Documentation
content-strings on page 72 (real-server Configuration Commands)
Syntax server-listening-port port;
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name then load-balance]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Changes the destination port of traffic to a specific port.
Options port—Enter the server listening port.Range: 0 through 65534
Syntax source-address prefix/prefix-length;
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name from]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Matches the IP destination address prefix; for example, 1.1.1.1/24.
Options prefix/prefix-length—Specify the address prefix and prefix length. Default: If you omit the prefix-length, it defaults to /32.
Syntax source-port port to port;
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name from]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Matches the TCP/UDP source port.
Options port—Enter one port or the first of a range of ports.Range: 0 through 65534Default: 0 (destination port is not part of the search criteria)
to port—(Optional) Enter the last of a range of ports. This port must be higher than the first port entered.
Range: 0 through 65534
ADC Software Reference Guide
54 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
sync-connections
tcp-flags
term
thenThe command “then” is executed from different areas of the command hierarchy. Select one of the following options depending on which area of the hierarchy you are using:• then (term)• then (content-term)
Syntax sync-connections;
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name then load-balance]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Synchronizes filter connections to the backup RMS interfaces.
Syntax tcp-flags flags;
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name from]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Matches using TCP flags, using either symbolic or hexadecimal format.
Options flags—Specify the TCP flags to use for matching, in symbolic or hexadecimal format. To specify multiple flags, use logical operators.
bit-name—fin, syn, rst, push, ack, urgentlogical operators—& (logical AND)
Syntax term term-name {from {
...}then {
log;per-packet-load-balancing;[accept | content-term | discard | go-to | http-redirect | load-balance]
}}
Hierarchy Level [edit extensions adc adc-instance adc-name filters]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets a filter term.
Options term-name—Enter a name that identifies the term. The name must be unique across all ADC instances.The remaining statements are explained separately.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 55
then (term)
then (content-term)
web-cache-redirection
Syntax then {log;per-packet-load-balancing;[accept | content-term | discard | go-to | http-redirect | load-balance]
}}
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the action to take if the “from” criteria is matched.
Options The remaining statements are explained separately.
Syntax then {discard;http-redirect {
match-string to destination-string;log;
}
Hierarchy Level [edit extensions adc adc-instance adc-name filters term name then content-term]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Matches content by select action. Non-matched traffic accepted.
Options The remaining statements are explained separately.
Syntax web-cache-redirection {no-cache-request <match-url | pass-through>;non-get-request <match-url | pass-through>;request-with-cookie <match-url | pass-through>select-by-content url-hash length;
}
Hierarchy Level [edit extensions adc adc-instance adc-name filters]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the Web cache redirection parameters.
Options The remaining statements are explained separately.
ADC Software Reference Guide
56 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 57
Chapter 6 – groups Configuration CommandsThis chapter includes the command-line interface (CLI) commands available for configuring the groups in your ADC instance.This chapter the following commands, organized alphabetically:• always-up• availability-threshold• backup-group• backup-real-server• direct-server-return• dns• dnstcp• ftp• group-health-formula• group-unit• groups• health-check• http• imap• ldap• load-balancing-method• nntp• ping• pop3• radius• rtsp• script• server-warm-up-time• sip• smtp• snmp• ssl-hello• tcp• tftp• wap• work-load-manager• wsp• wtls• wtp• wts
ADC Software Reference Guide
58 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
always-up
availability-threshold
backup-group
backup-real-server
Syntax always-up;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the health-check type not to check the servers, as they are always up.
Syntax availability-threshold number;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the minimum available servers threshold for alerts. If the number of available servers in this group drops below the threshold number, an alert is triggered.
Options number—Enter the minimum number of available servers in this group to trigger an alert.
Range: 1 through 15
Syntax backup-group name [ secondary-group name ];
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the backup real server group for the ADC instance. This group comes online and takes over for the original group if a failure event occurs.
Note: Only one backup-group or backup-real-server can be set, not both.
Options name—Name of the group to back up the original group if a failure occurs.secondary-group name— Name of the group to be used as a secondary backup group in case the primary backup fails.
Syntax backup-real-server name;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the backup server for the ADC instance. This server comes online and takes over for the original server if a failure event occurs.
Note: Only one backup-group or backup-real-server can be set, not both.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 59
direct-server-return
dns
dnstcp
ftp
group-health-formula
Options name—Name of the real server to back up the original real server if a failure occurs.
Related Documentation
backup-real-server on page 70 (real-server Configuration Commands)
Syntax direct-server-return;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets return traffic to go directly to the client.
Syntax dns hostname;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets DNS health-check parameters.
Options hostname—Enter the DNS health-check hostname.
Syntax dnstcp hostname;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets DNS TCP health-check parameters.
Options hostname—Enter the DNS TCP health-check hostname.
Syntax ftp filename;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets FTP health-check parameters.
Options filename—Enter the FTP health-check filename.
Syntax group-health-formula expression;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
ADC Software Reference Guide
60 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
group-unit
groups
health-check
Description Uses the real server’s health to determine the entire group’s health.
Options expression—Specifies a Boolean expression of server names in this group.
Related Documentation
For more on Boolean expressions, see “Server-Based Group Health” in the ADC Software Users Guide.
Syntax group-unit number;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the logical interface number for this group.
Options number—Enter the logical interface number for the group.Range: 0 through 16385
Syntax groups {group-name {
availability-threshold number; backup-real-server name | backup-group name [secondary-group name];
direct-server-return;group-health-formula expression;group-unit number;health-check <always-up | dns | dnstcp | ftp | http | imap | ldap | nntp | ping | pop3 | radius | rtsp | script | sip | smtp | snmp |
ssl-hello | tcp | tftp | wap | wts>;load-balancing-method <least-connection | round-robin | response-time | bandwidth | hash>;
real-servers [name name ...];server-warm-up-time seconds;work-load-manager name;
}}
Hierarchy Level [edit extensions adc adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the real server groups for the ADC instance.
Options The remaining statements are explained separately.
Related Documentation
adc-instance on page 24 (adc-instance Configuration Commands)group on page 73 (real-server Configuration Commands)
Syntax health-check <always-up | dns | dnstcp | ftp | http | imap | ldap | nntp | ping | pop3 | radius | rtsp | script | sip | smtp | snmp | ssl-hello | tcp | tftp | wap | wts>
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 61
http
imap
ldap
Description Specifies the health-check method to use for servers in this group.
Options The remaining statements are explained separately.
Related Documentation
health-check on page 73, (real-server Configuration Commands)
Syntax http url [use-head-method];
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets HTTP health-check parameters.
Options url—Sets the URL to use in the HTTP health check.use-head-method—When this is set, the HTTP Head method retrieves HTTP headers only.
Syntax imap {user-name name;password password;
}
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets IMAP health-check parameters.
Options password password—Sets a plain-text password, which is auto-encrypted.
Length: 128 charactersuser-name name—Sets the health check username.
Syntax ldap {dn-string string;user-name name;password password;version2;
}
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
ADC Software Reference Guide
62 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
load-balancing-method
nntp
Description Sets LDAP health-check parameters.
Options dn-string—Sets the LDAP distinguished name string for the health check.password password—Sets a plain-text password, which is auto-encrypted.
Length: 128 charactersuser-name name—Sets the health check username.version2—Sets the LDAP health check to use LDAP version 2 (LDAPv2), instead of the default LDAP version 3 (LDAPv3).
Syntax load-balancing-method <least-connection | round-robin | response-time | bandwidth | hash>;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the method used for real server selection.
Options least-connections—With the least-connections load-balancing method, the number of connections currently open on each real server is measured in real time. The server with the fewest current connections is considered to be the best choice for the next client connection request.round-robin—With the round-robin load-balancing method, new connections are issued to each server in turn; that is, the first real server in the group gets the first connection, the second real server gets the next connection, followed by the third real server, and so on. When all the real servers in this group have received at least one connection, the issuing process starts over with the first real server.response-time—The response-time load-balancing method uses real-server response time to assign sessions to servers. The response time between the servers and the load-balancing module is used as the weighting factor.bandwidth—The bandwidth load-balancing method uses real-server octet counts to assign sessions to a server.hash—The hash load-balancing method uses IP address information in the client request to select a server.
Default: hash
Syntax nntp newsgroup-name;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets NNTP health-check parameters.
Options newsgroup-name—Enter the newsgroup name for the NNTP health check.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 63
ping
pop3
radius
Syntax ping;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the PING health-check.
Syntax pop3 {user-name name;password password;
}
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets POP3 health-check parameters.
Options password password—Sets a plain-text password, which is auto-encrypted.
Length: 128 charactersuser-name name—Sets the health check username.
Syntax radius {accounting;authentication;secret secret;user-name name;password password;
}
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets RADIUS health-check parameters.
Options accounting—Sends a RADIUS accounting request.authenication—Sends a RADIUS authentication request.password password—Sets a plain-text password, which is auto-encrypted.
Length: 128 characterssecret secret—RADIUS secret.user-name name—Sets the health check username.
ADC Software Reference Guide
64 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
rtsp
script
server-warm-up-time
sip
Syntax rtsp filename;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the group health check to RTSP, and specifies the filename to be checked.
Options filename—Enter the filename.
Syntax script name;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets script-based health-check parameters.
Options name—Enter the name for the customized health-check script to use.
Related Documentation
script on page 40 (custom-health-check Configuration Commands)
Syntax server-warm-up-time time;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the time, in seconds, to gradually send connections to the server.
Options time—Enter the time.
Syntax sip {options;user-name name;domain-name domain;
}
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets SIP health-check parameters.
Options domain-name domain—Specifies the domain name used for the SIP ping health checks.options—Use SIP options instead of the default SIP ping.user-name name—Enter the username.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 65
smtp
snmp
ssl-hello
Syntax smtp user-name;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the SMTP health check for this group and specifies the username to use.
Options user-name—Enter the username.
Syntax snmp {oid oid-number;community value;adjust-number-weight number;<success-indicator value | failure-indicator value>
}
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the SNMP health check for this group and specifies the health-check parameters.
Options adjust-server-weight number—Updates the real server weights dynamically based on the SNMP health-check response.community value—Sets the SNMP group that the SNMP devices belong to.failure-indicator value—Specifies a value indicating a server failure. The health check fails if the response packet contains the value specified in the failure-indicator parameter.oid—Sets the SNMP Object Identifier (OID) to query that is being sent to real-servers in the group.success-indicator—Specifies a value indicating a healthy server. The health check succeeds if the response packet contains the value specified in the success-indicator parameter.
Syntax ssl-hello <version2>;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets Secure Sockets Layer (SSL) hello health-check parameters.
Options versions2—Select this parameter to use SSL version 2 (SSLv2) for the SSL health check.
ADC Software Reference Guide
66 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
tcp
tftp
wap
work-load-manager
Syntax tcp;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets TCP health-check fro this group. The TCP port is taken from the server configuration or from the real-server configuration (listening ports).
Related Documentation
real-servers on page 75 (real-server Configuration Commands)
Syntax tftp filename;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets TFTP health check for this group and specifies the filename to use.
Options filename—Enter the filename for the TFTP health check.
Syntax wap < wsp | wtp | wtls >;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets WAP health-check parameters.
Options The remaining statements are explained separately.
Syntax work-load-manager name;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the name of the workload manager.
Options name—Enter the name of the workload manager.
Related Documentation
adc-instance on page 24 (adc-instance Configuration Commands)
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 67
wsp
wtls
wtp
Syntax wsp {offset offset;receive hex-string;send hex-string;
}
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check wap]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets WAP Wireless Session Protocol (WSP) health-check parameters. The WSP is used within the WAP suite to manage sessions between wireless devices and WAP content servers or gateways.
Options offset—Sets the number of bytes from the beginning of the UDP data area at which the comparison begins to match with the expected receive content.receive—Specifies the content the ADC software should expect from the WAP gateway.send—Specifies the content provided to the WAP gateway.
Syntax wtls;
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check wap]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the WAP Wireless Transport Layer Security health-check parameter.
Syntax wtp {connect-content string;send hex-string;receive hex-string;offset offset;
}
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check wap]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the WAP Wireless Transaction Protocol health-check parameters.
Options connect-content—Sends the Connect PDU to the WAP gateway. This lets you customize the headers in the connect-content message. send hex-string—Specifies the content provided to the WAP gateway.receive—Specifies the content the ADC software should expect from the WAP gateway.offset—Sets the number of bytes from the beginning of the UDP data area at which the comparison begins to match with the expected receive content.
ADC Software Reference Guide
68 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
wts
Syntax wts [ user-name name ]
Hierarchy Level [edit extensions adc adc-instance adc-name groups group-name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets Windows Terminal Server (WTS) health-check parameters.
Options user-name name—Enter the username.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 69
Chapter 7 – real-server Configuration CommandsThis chapter includes the command-line interface (CLI) commands available for configuring the real servers used with the ADC.This chapter the following commands, organized alphabetically:• address• allow-ldap-write• avoid-http-strings• backup-real-server• buddy-server• buddy-service-port• client-nat• connection-timeout• content-strings• description• do-not-preempt• failure-retries• group• health-check• interval• listening-ports• max-connections• real-servers• recovery-retries• use-when-overflow• weight
address
Syntax address server-ip [unit number];
Hierarchy Level [edit extensions adc adc-instance adc-name real-servers name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the real-server IP address and routing instance.
Note: In order to check the health of the real server, a health-check source address with the same unit must be set for this ADC instance.
Options server-ip—Enter the server IP address.unit number—Enter the server’s unit number.
Related Documentation
health-check-source on page 27 (adc-instance Configuration Commands)
ADC Software Reference Guide
70 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
allow-ldap-write
avoid-http-strings
backup-real-server
Syntax allow-ldap-write;
Hierarchy Level [edit extensions adc adc-instance adc-name real-servers name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Allows this real server to handle LDAP write requests.
Related Documentation
allow-write-servers on page 82 (virtual-server and virtual-service Configuration Commands)ldap-virtual-service on page 89 (virtual-server and virtual-service Configuration Commands)
Syntax avoid-http-strings;
Hierarchy Level [edit extensions adc adc-instance adc-name real-servers name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Does not send HTTP traffic with content strings to the real server.This command is used in conjunction with the content-strings command. When the content-strings command is set and this command is used, the server will not handle requests that contain the URLs set in the content-strings command.
Note: If you configure a content-string “all” and set this command, the server will not handle any requests. This effectively disables the server from being used in services where select-by-comment is used.
Related Documentation
string on page 34 (content-match Configuration Commands)select-by-content on page 52 (filters Configuration Commands)content-strings on page 72 (real-server Configuration Commands)select-by-content on page 95 (virtual-server and virtual-service Configuration Commands)
Syntax backup-real-server name {use-when-overflow;do-not-preempt;
}
Hierarchy Level [edit extensions adc adc-instance adc-name real-servers name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Defines the backup real server.
Options name—Enter the name of the real server to use as a backup to the original real server.The remaining statements are explained separately.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 71
buddy-server
buddy-service-port
client-nat
connection-timeout
Syntax buddy-server server-name {group name;buddy-service-port port;
}
Hierarchy Level [edit extensions adc adc-instance adc-name real-servers name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Defines servers that are essential for the healthy operation of this real server. The original real server is only considered healthy if the buddy it is associated with is also healthy.
Options server-name—Enter the name of the server to tie to the original server’s health. This “buddy” server can be in the same real-server group or in a separate group.The remaining statements are explained separately.
Syntax buddy-service-port port;
Hierarchy Level [edit extensions adc adc-instance adc-name real-servers name buddy-server server-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the buddy service port number.
Options port—Enter the service port number.Range: 10 through 65534
Syntax client-nat;
Hierarchy Level [edit extensions adc adc-instance adc-name real-servers name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Uses client IP address translation for this server.
Related Documentation
nat-address on page 78 (router-interfaces Configuration Commands)nat-address-range on page 78 (router-interfaces Configuration Commands)
Syntax connection-timeout minutes;
Hierarchy Level [edit extensions adc adc-instance adc-name real-servers name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
ADC Software Reference Guide
72 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
content-strings
description
do-not-preempt
Description Sets the number of minutes that inactive connections to the server remain open.
Options minutes—Select the even number of minutes the inactive sessions will remain open.
Range: 2 through 32768
Syntax content-strings [string-name string-name];
Hierarchy Level [edit extensions adc adc-instance adc-name real-servers name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Associates content strings with this server.
Options string-name—Enter one or more string names.
Related Documentation
string on page 34 (content-match Configuration Commands)select-by-content on page 52 (filters Configuration Commands)avoid-http-strings on page 70 (real-server Configuration Commands)select-by-content on page 95 (virtual-server and virtual-service Configuration Commands)
Syntax description text;
Hierarchy Level [edit extensions adc adc-instance adc-name real-servers name],[edit extensions adc adc-instance adc-name virtual-server name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Allows a short text description of the server.
Options text—Enter a short descriptive text for this server. Typically, this explains the server’s use or function.
Syntax do-not-preempt;
Hierarchy Level [edit extensions adc adc-instance adc-name real-servers name backup-real-server name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Allows the backup real server to continue processing even when the primary server is alive. During this process, the primary server is operationally disabled and becomes active only if the backup server goes down.
Related Documentation
See “Backup Preemption” in the ADC Software User Guide.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 73
failure-retries
group
health-check
interval
Syntax failure-retries number;
Hierarchy Level [edit extensions adc adc-instance adc-name real-servers name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the number of health-check retries to perform before determining server failure.
Options number—Enter the number of retries to perform before marking a server as failed.
Range: 1 through 63Default: 4
Syntax group name;
Hierarchy Level [edit extensions adc adc-instance adc-name real-servers name buddy-server server-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description (Mandatory, when buddy-server is set) Defines the server group associated with the buddy real server.
Options name—Enter the name of the server group to associate with the buddy server. It is required that the buddy real server is configured as part of the group (in the group configuration).
Related Documentation
groups on page 60 (groups Configuration Commands)
Syntax health-check {failure-retries number;interval seconds;recovery-retries number;
}
Hierarchy Level [edit extensions adc adc-instance adc-name real-servers name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the health check parameters for the real server.
Options The remaining statements are explained separately.
Syntax interval seconds;
Hierarchy Level [edit extensions adc adc-instance adc-name real-servers name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
ADC Software Reference Guide
74 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
listening-ports
max-connections
Description Sets the interval between health checks, in seconds.
Options seconds—Enter the number of seconds between each health check on the server.
Note: A value of 0 (zero) disables health checks to this server.Range: 0 through 60Default: 2
Syntax listening-ports [ports ports ...];
Hierarchy Level [edit extensions adc adc-instance adc-name real-servers name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Explicitly specifies the real server service ports.
Options ports—Enter one or more service ports. For example, to set up a real server for a web application you might use:
listening-ports [8080 8081];
Syntax max-connections number;
Hierarchy Level [edit extensions adc adc-instance adc-name real-servers name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the maximum number of connections for this real server. If this parameter is not set, the maximum number of connections to the real server is unlimited.
Options number—Enter the maximum number of connections that this real server allows.
Range: 1 through 200000
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 75
real-servers
recovery-retries
Syntax real-servers {name {
address server-ip [unit number];allow-ldap-write;avoid-http-strings;backup-real-server name {
...}buddy-server server-name {
...}client-nat;connection-timeout minutes;content-strings [string-name string-name];description text;health-check {
...}listening-ports [ports ports ...];max-connections number;weight server-weight;
}}
Hierarchy Level [edit extensions adc adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Configures the real servers to which traffic is load balanced. Real servers are then aggregated into groups of identical servers. Virtual services and filter terms use these groups of real servers.
Options name—Enter the name of the real server to add or edit.The remaining statements are explained separately.
Related Documentation
adc-instance on page 24 (adc-instance Configuration Commands)groups on page 60 (groups Configuration Commands)
Syntax recovery-retries number;
Hierarchy Level [edit extensions adc adc-instance adc-name real-servers name health-check]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the number of recovery retries to attempt to determine server recovery.
Options number—Enter the number of retries to perform in an attempt to determine server recovery.
Range: 1 through 63Default: 2
ADC Software Reference Guide
76 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
use-when-overflow
weight
Syntax use-when-overflow;
Hierarchy Level [edit extensions adc adc-instance adc-name real-servers name backup-real-server name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Allows the backup server to handle overflow traffic when the maximum connection limit is reached by the primary server in addition to backing up the server in case of failure.
Related Documentation
See “Backup Servers and Overflow Configuration” in the ADC Software User Guide.
Syntax weight server-weight;
Hierarchy Level [edit extensions adc adc-instance adc-name real-servers name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the weighting value that this real server will be given in the load-balancing algorithms. Higher weighting values force the server to receive more connections than the other servers configured in the same real-server group. By default, each real server is given a weight setting of 1. A weight setting of 10 would assign the server roughly 10 times the number of connections as a server with a weight of 1.
Options server-weight—Enter the weight for the real-server.Range: 1 through 48Default: 1
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 77
Chapter 8 – router-interfaces Configuration CommandsThis chapter includes the command-line interface (CLI) commands available for configuring the router interfaces used by the ADC.This chapter the following commands, organized alphabetically:• client-facing• family• ms-interfaces• nat-address• nat-address-range• router-interfaces• server-facing• unit
client-facing
family
Syntax client-facing [ interface interface];
Hierarchy Level [edit extensions adc adc-instance name router-interfaces]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the device interfaces where client traffic is received. Traffic arriving on these interfaces is handled by the ADC software and destined to be routed to the virtual IP addresses and filter-destination addresses configured in the instance.At least one client-facing interface must be specified for each adc-instance. A client-facing interface can be shared between instances
Options interface—Enter the client-processing interface name.
Syntax family family-name {nat-address nat-ip;nat-address-range from nat-ip to nat-ip;
}
Hierarchy Level [edit extensions adc adc-instance name router-interfaces ms-interfaces name unit number]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the family of addresses.
Options family-name—Enter a family address. This must be set to INET.Value: Only INET (IPv4 protocol) addresses are allowed.
The remaining statements are explained separately.
ADC Software Reference Guide
78 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
ms-interfaces
nat-address
nat-address-range
Syntax ms-interfaces {name {
unit number {family family-name {
nat-address nat-ip;nat-address-range from nat-ip to nat-ip;
}}
}}
Hierarchy Level [edit extensions adc adc-instance name router-interfaces]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the physical multiservices interfaces of a device that are used to run the ADC instance application. The more multiservices interfaces used for an ADC instance, the more capacity and processing power the instance has. At least one multiservices interface must be specified for each ADC instance, and up to eight interfaces can run the same instance.A multiservices interface is associated exclusively to a single load-balancing instance (it cannot be shared between instances).
Multiservices interfaces are the physical interface (IFD); for example: ms-1/0/0.
Options name—Enter an interface name to add or edit.The remaining statements are explained separately.
Syntax nat-address nat-ip;
Hierarchy Level [edit extensions adc adc-instance name router-interfaces ms-interfaces name unit number family family-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the NAT address to use for traffic sent over the interface to the real servers.
Options nat-ip—Enter the IP address to use.
Related Documentation
client-nat on page 44 (filters Configuration Commands)client-nat on page 71 (real-server Configuration Commands)
Syntax nat-address-range from nat-ip to nat-ip;
Hierarchy Level [edit extensions adc adc-instance name router-interfaces ms-interfaces name unit number family family-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets a range of NAT addresses to use for traffic sent over the interface to the real servers.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 79
router-interfaces
server-facing
Options from nat-ip—Enter the first IP address to useto nat-ip—Enter the last IP address to use.
Related Documentation
client-nat on page 44 (filters Configuration Commands)client-nat on page 71 (real-server Configuration Commands)
Syntax router-interfaces {client-facing [ interface interface ];ms-interfaces
name {unit number {
family family-name {nat-address nat-ip;nat-address-range from nat-ip to nat-ip;
}}
}}server-facing [ interface interface ];
}
Hierarchy Level [edit extensions adc adc-instance name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Configures the router-interfaces for a specific adc-instance.
Options The remaining statements are explained separately.
Related Documentation
adc-instance on page 24 (adc-instance Configuration Commands)
Syntax server-facing [ interface interface];
Hierarchy Level [edit extensions adc adc-instance name router-interfaces]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the device interfaces where servers are connected, usually through switches or routers. Traffic to the servers is routed to these interfaces.At least one server-facing interface must be specified for each ADC instance. A server facing interface can be shared between instances.The same device interface can be used as a client-facing interface in one (or more) ADC instances, and as a server-facing interface in other instances.
Options interface—Enter the server-processing interface name.
ADC Software Reference Guide
80 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
unit
Syntax unit number {family family-name {
nat-address nat-ip;nat-address-range from nat-ip to nat-ip;
}}
Hierarchy Level [edit extensions adc adc-instance name router-interfaces ms-interfaces name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the logical interface.
Options number—Enter the subunit number to use.Range: 0 through 16385
The remaining statements are explained separately.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 81
Chapter 9 – virtual-server and virtual-service Configuration CommandsThis section includes the command-line interface (CLI) commands available for configuring virtual servers and virtual services for an ADC instance.This chapter the following commands, organized alphabetically:• add-x-forwarded-for• address• allow-write-servers• close-unknown-ports• connection-pooling• cookie-name• description• dns-virtual-service• domain-name• efficient-memory-use• fast-load-balancing• ftp-virtual-service• group• groups• hostname• http-parsing-depth• http-virtual-service• insert• inspect• ldap-virtual-service• persistency• persistency cookie• persistent-timeout• plain-virtual-service• port• protocol• radius-authentication• radius-legacy-ports• rewrite• rtsp-virtual-service• select-by-content• server-listening-port• service-timeout• sip-virtual-service• source-port-in-hash• ssl-virtual-service• syn-protection
ADC Software Reference Guide
82 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
• sync-connections• tftp-virtual-service• virtual-server• wap-virtual-service• wts-virtual-service
add-x-forwarded-for
address
allow-write-servers
close-unknown-ports
connection-pooling
Syntax add-x-forwarded-for;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name http-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Inserts an x-forwarded-for header to client requests.
Syntax address virtual-server-address;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the IP address for the virtual server.
Options virtual-server-address—Enter the IP address for the virtual server.
Syntax allow-write-servers;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name ldap-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sends LDAP write-requests to dedicated servers.
Related Documentation
allow-ldap-write on page 70 (real-server Configuration Commands)
Syntax close-unknown-ports;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets a TCP reset for traffic to ports not used by the virtual server.
Syntax connection-pooling;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name http-virtual-service name]
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 83
cookie-name
description
dns-virtual-service
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Allows HTTP connection pooling for the virtual service.
Syntax cookie-name name;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name http-virtual-service name persistency cookie]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the name of the cookie to use for persistence.
Related Documentation
See “HTTP Persistency” in the ADC Software User Guide.
Syntax description text;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Allows a short text description of the server.
Options text—Enter a short descriptive text for this server. Typically, this is explains the server’s use or function.
Syntax dns-virtual-service name {fast-load-balancing;group name;sync-connections;per-packet-load-balancing;protocol value;select-by-content;server-listening-port port;service-timeout seconds;syn-protection;
}
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Configures a DNS virtual service.
Options name—Enter the name for the DNS virtual service.The remaining statements are explained separately.
Related Documentation
dns on page 59 (groups Configuration Commands)
ADC Software Reference Guide
84 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
domain-name
efficient-memory-use
fast-load-balancing
ftp-virtual-service
Syntax domain-name dns-name;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the domain name for the cookie.
Options dns-name—Enter the a domain name for the cookie.
Syntax efficient-memory-use;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name http-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Allows the virtual service to use an HTTP GET only after a full handshake. The default behavior provides faster client-response time but higher memory use. When setting the efficient-memory-use parameter, memory use is lower but client-response time is slower. It is recommended to use this configuration only when there are known memory issues.
Syntax fast-load-balancing;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name dns-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name ldap-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name plain-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name ssl-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the connection table for use with requests only for this virtual service.
Syntax ftp-virtual-service name {group name;sync-connections;persistent-timeout minutes;server-listening-port port;service-timeout seconds;syn-protection;
}
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 85
group
groups
Description Configures a FTP virtual service.
Options name—Enter the name for the FTP virtual service.The remaining statements are explained separately.
Related Documentation
ftp on page 59 (groups Configuration Commands)
Syntax group name;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name dns-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name ftp-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name http-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name ldap-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name plain-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name rtsp-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name sip-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name ssl-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name tftp-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name wts-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Associates a real-server group to use with this virtual service.
Options name—(Mandatory) Enter the name of the real-server group to use with this virtual service.
Related Documentation
groups on page 60 (groups Configuration Commands)health-check on page 60 (groups Configuration Commands)
Syntax groups {wsp-group name;wtp-group name;wtls-group name;radius-group name;
}
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name wap-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
ADC Software Reference Guide
86 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
hostname
http-parsing-depth
Description Specifies real-server groups to use for the WAP and RADIUS protocols with this virtual service. At least one WAP protocol must have a group specified.
Options radius-group name—Designates a group of real servers under the RADIUS group.wsp-group name—Designates a group of real servers under the WSP group.wtp-group name—Designates a group of real servers under the WTP group.wtls-group name—Designates a group of real servers under the WTLS group.
Syntax hostname name;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name http-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Specifies the HTTP hostname, which is used for health checks.
Options name—Enter the HTTP hostname.
Syntax http-parsing-depth depth;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name http-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the search depth in HTTP requests for content strings. When this parameter is not set, the search depth is unlimited.
Options depth—Enter the maximum depth for the search.Range: 1 through 18200
Related Documentation
select-by-content (load-balance) on page 53 (filters Configuration Commands)
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 87
http-virtual-service
insert
Syntax http-virtual-service name {add-x-forwarded-for;connection-pooling;efficient-memory-use;fast-load-balancing;group name;hostname name;http-parsing-depth depth;sync-connections;persistency [client-ip [cross-services] cookie];persistent-timeout minutes;port port;select-by-content {
...}server-listening-port port;service-timeout seconds;source-port-in-hash;syn-protection;
}
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Configures a HTTP virtual service.
Options name—Enter the name for the HTTP virtual service.The remaining statements are explained separately.
Related Documentation
http on page 61 (groups Configuration Commands)
Syntax insert {expiration <date | duration >;domain-name name;path path;secure;when-cookie-missing <select-server | keep-server>;
}
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name http-virtual-service name persistency cookie]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
ADC Software Reference Guide
88 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
inspect
Description Inserts cookie-to-server replies for server persistency.
Options expiration—Sets the cookie expiration date or duration.date—Enter a specific date and time at which the cookie expires.Format: yyyy-mm-dd[.hh:mm]duration—Enter a relative time in days, hours, and minutes after the creation of the cookie at which the cookie expires.Format: days [:hours [:min]]
domain-name name—Sets the domain name for the cookie.path path—Sets the path to define the scope of the cookie. The cookie is sent only for URL requests that are a subset of the path.
Default: “/”secure—Sets the secure flag. When set, the client is required to use a secure connection to obtain content associated with the cookie.when-cookie-missing—Determines how to handle subsequent requests with no cookie in a TCP session where a server was already selected.
select-server—Select a new server for new requests with no cookie.keep-server—Continue using the same server for requests in this connection.Default: keep-server
Syntax inspect {cookie-value-offset cookie-offset; cookie-value-length cookie-length;look-in-uri;response-count number;
}
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name http-virtual-service name persistency cookie]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Inspects the cookie in client requests for server persistency.
Options cookie-value-length cookie-length—Enter the number of bytes to extractRange: 1 through 64
cookie-value-offset cookie-offset—Enter the offset value to use.Range: 1 through 64
look-in-uri—Specifies that the cookie should appear in the URI and not in the HTTP header.response-count number—Allows the ADC software to search through multiple HTTP responses from the server. Enter the number of responses to search.
Range: 1 through 16
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 89
ldap-virtual-service
persistencyThe command “persistency” is executed from different areas of the command hierarchy. Select one of the following options depending on which area of the hierarchy you are using:• persistency (http-virtual-service)• persistency (ssl-virtual-service)• persistency (wap-virtual-service)• persistency (wts-virtual-service)
persistency (http-virtual-service)
Syntax ldap-virtual-service name {allow-write-servers;fast-load-balancing;group name;sync-connections;server-listening-port port;service-timeout seconds;syn-protection;
}
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Configures a LDAP virtual service.
Options name—Enter the name for the LDAP virtual service.The remaining statements are explained separately.
Related Documentation
ldap on page 61 (groups Configuration Commands)
Syntax persistency [ client-ip [cross-services] cookie];
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name http-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Uses the client-IP address to maintain persistence between the service and the client for both HTTP and Secure Socket Layer (SSL or HTTPS) sessions only.
Options client-ip—Maintains persistence for the same service across multiple sessions from the same client, or maintains persistence between different services (for HTTP and HTTPS traffic only) from the same client to map to the same server.cross-services—Maintains persistence for different services to the same real server. It can be used when client IP-based persistence is not dependent on the load-balancing method.cookie—See persistency cookie on page 91.
Related Documentation
See “HTTP Persistency” in the ADC Software User Guide.
ADC Software Reference Guide
90 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
persistency (ssl-virtual-service)
persistency (wap-virtual-service)
persistency (wts-virtual-service)
Syntax persistency [ client-ip [cross-services] | ssl-id];
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name ssl-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Uses the client-IP address to maintain persistence between the service and the client for both HTTP and Secure Socket Layer (SSL or HTTPS) sessions only.
Options client-ip—Maintains persistence for the same service across multiple sessions from the same client, or maintains persistence between different services (for HTTP and HTTPS traffic only) from the same client to map to the same server.cross-services—Maintains persistence for different services to the same real server. It can be used when client IP-based persistence is not dependent on the load-balancing method.ssl-id—Maintains persistence using SSL session IDs.
Related Documentation
See “Secure Sockets Layer SLB” in the ADC Software User Guide.
Syntax persistency wap-radius;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name wap-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Uses the client-IP address to maintain persistence between the service and the client for both HTTP and Secure Socket Layer (SSL or HTTPS) sessions only.
Options wap-radius—Maintains WAP RADIUS persistence on the filter by binding both WAP and RADIUS sessions to the same server.
Related Documentation
See “WAP SLB with RADIUS/WAP Persistence” in the ADC Software User Guide.
Syntax persistency [ session-directory | user-hash ];
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name wts-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Uses the client-IP address to maintain persistence between the service and the client for both HTTP and Secure Socket Layer (SSL or HTTPS) sessions only.
Options session-directory—Use sesssion-directory to manage user assignments on the server.user-hash—Use when WTS session-directory is not used.
Related Documentation
See “HTTP Persistency” in the ADC Software User Guide.See “Configuring Windows Terminal Server Load Balancing” in the ADC Software User Guide.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 91
persistency cookie
persistent-timeout
Syntax persistency cookie {cookie-name name;<insert | rewrite | inspect>
}
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Maintains persistence between the real server and the client by establishing an identifiable token on the client.
Options The remaining statements are explained separately.
Related Documentation
persistency on page 89 (virtual-server and virtual-service Configuration Commands)See “HTTP Persistency” in the ADC Software User Guide.
Syntax persistent-timeout minutes;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name ftp-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name http-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name rtsp-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name sip-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name ssl-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the amount of time that persistency information is kept, even if no new relevant connections are detected, in minutes. If this command is not set, the service-timeout value is used.
Options minutes—Timeout for inactive connection.Range: 0 through 32768Default: 0 (service connection-timeout is used)
ADC Software Reference Guide
92 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
plain-virtual-service
port
Syntax plain-virtual-service name {fast-load-balancing;group name;sync-connections;per-packet-load-balancing;port port-number;protocol value;server-listening-port port;service-timeout seconds;syn-protection;
}
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Configures a plain virtual service.
Options name—Enter the name for the plain virtual service.The remaining statements are explained separately.
Syntax port port-number;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name http-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name plain-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name rtsp-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name ssl-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the application port for the virtual service
Options port-number—Enter the application port to use.Range: 10 through 65534Default: The following is a list of the default ports used by various virtual services:DNS—53 (not modifiable)FTP—21 (not modifiable)HTTP—80LDAP—389 (not modifiable)RTSP—554SIP—5060 (not modifiable)TFTP—69 (not modifiable)WTS—3389 (not modifiable)
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 93
protocol
radius-authentication
radius-legacy-ports
Syntax protocol value;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name dns-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name plain-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Matches the IP protocol type.
Options value—TCP or UDP. To match both protocols, do not set a value for this command.
Values: TCP or UDPDefault: The following is a list of the default protocols used by various virtual services:DNS—UDPFTP—TCP (not modifiable)LDAP—TCP (not modifiable)Plain—TCPSIP—UDP (not modifiable)SSL—TCP (not modifiable)TFTP—UDP (not modifiable)WTS—UDP (not modifiable)
Syntax radius-authentication;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name wap-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Configures the virtual service to load-balance RADIUS authentication in addition to RADIUS accounting.
Syntax radius-legacy-ports;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name wap-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the virtual service to use RADIUS legacy ports (port 1645 for authentication, and port 1646 for accounting).
ADC Software Reference Guide
94 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
rewrite
rtsp-virtual-service
Syntax rewrite {look-in-uri;response-count number;when-cookie-missing <select-server | keep-server>;
}
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name http-virtual-service name persistency cookie]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Rewrites the cookie in server replies for server persistency
Options look-in-uri—Specifies that the cookie should appear in the URI and not in the HTTP headerresponse-count number—Allows the ADC software to search through multiple HTTP responses from the server. Enter the number of responses to search.
Range: 1 through 16when-cookie-missing—Determines how to handle subsequent requests with no cookie in a TCP session where a server was already selected.
select-server—Select a new server for new requests with no cookie.keep-server—Continue using the same server for requests in this connection.Default: keep-server
Related Documentation
See “HTTP Persistency” in the ADC Software User Guide.
Syntax rtsp-virtual-service name {group name;sync-connections;persistent-timeout minutes;port port-number;protocol value;select-by-content;server-listening-port port;service-timeout seconds;source-port-in-hash;syn-protection;
}
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Configures an RTSP virtual service.
Options name—Enter the name for the RTSP virtual service.The remaining statements are explained separately.
Related Documentation
rtsp on page 64 (groups Configuration Commands)
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 95
select-by-contentThe command “select-by-content” is executed from different areas of the command hierarchy. Select one of the following options depending on which area of the hierarchy you are using:• select-by-content (dns-virtual-service)• select-by-content (http-virtual-service)• select-by-content (rtsp-virtual-service)
select-by-content (dns-virtual-service)
select-by-content (http-virtual-service)
Syntax select-by-content;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name dns-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets content-based load balancing for the DNS virtual service. Distinguishes users by the requested hostname and allows use of different servers according to the requested hostname.
Related Documentation
content-strings, page 72 (real-server Configuration Commands)
Syntax select-by-content {first-content-tem {
<virtual-hosting | browser | cookie | header | url>; }and | or;second-content-term {
same as above}
}
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name http-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets HTTP content-based server selection. Content-intelligent HTTP load balancing supports up to two methods for an HTTP virtual service with a logical AND or OR between them. The first method is set by the first-content-term container. Optionally, you can set the second-content-term container to define a second matching criteria. If you do set the second container, you must also define the relationship between the two content terms using AND or OR.
ADC Software Reference Guide
96 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
select-by-content (rtsp-virtual-service)
Options virtual-hosting—Sets a single virtual-server IP address to host multiple websites per customer, each with their own hostname.browser—Redirects HTTP requests based on browser type by inspecting the “User-Agent” header.cookie—Distinguishes users by cookie values, allowing the use of different servers according to the cookie value. When using cookie-based server selection, the following configuration options are available:
cookie-name—(Mandatory) Sets the name of the cookie to use for server selection.cookie-value-length—(Mandatory) Sets the number of bytes to extract.Range: 1 through 64cookie-value-offset—(Mandatory) Sets the starting point of the cookie value.Range: 1 through 64look-in-uri—Specifies that the cookie should appear in the URI and not in the HTTP header.
header—Distinguishes users by HTTP header values, allowing use of different servers according to the header values. When using header-based server selection, the following configuration options are available:
header-name—(Mandatory) Sets the name of the HTTP header to use for server selection.hash-length—(Optional) Uses hash on HTTP header values for server selection, and defines the number of bytes to use for the hash.Range: 1 through 255
url—Redirects requests going to the same page of an origin server to the same real server or cache server. When using url-based server selection, the following configuration options are available:
hash-length—(Optional) Uses hash on URL values for server selection, and defines the number of bytes to use for the hash.Range: 1 through 255
and | or—Operators used to combine the first-content-term with the second-content-term. When and is used, both terms must be present in order to redirect the request. When or is used, either term must be present in order to redirect the request.
Related Documentation
content-strings on page 72 (real-server Configuration Commands)
Syntax select-by-content [hash-url | url];
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name rtsp-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets content-based load balancing for the virtual service.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 97
server-listening-port
Options url—Select the server according to content-strings associated to the servers.hash-url—Select the server according to the hash of the url string, ensuring URL-to-server persistency. When this mode is used, there is no need to associate strings to servers using the content-strings parameter.
Related Documentation
content-strings on page 72 (real-server Configuration Commands)
Syntax server-listening-port port;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name dns-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name ftp-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name http-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name ldap-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name plain-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name rtsp-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name ssl-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name wts-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Changes the destination port of client requests before traffic is forwarded to the server. It reflects the real-server listening port for the virtual service connection.
Options port—Enter the real-server listening port.Range: 0 through 65534Default: Do not change the destination port; use instead the service port
ADC Software Reference Guide
98 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
service-timeout
sip-virtual-service
Syntax service-timeout number;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name dns-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name ftp-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name http-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name ldap-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name plain-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name rtsp-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name sip-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name ssl-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name tftp-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name wap-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name wts-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the amount of time, in seconds, that idle connections should remain in the connection table before being removed.
Options number—Timeout amount for inactive connection, in seconds.Range: 0 through 32768
Syntax sip-virtual-service name {group name;sync-connections;persistent-timeout minutes;service-timeout seconds;
}
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Configures a SIP virtual service.
Options name—Enter the name for the SIP virtual service.The remaining statements are explained separately.
Related Documentation
sip on page 64 (groups Configuration Commands)
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 99
source-port-in-hash
ssl-virtual-service
Syntax source-port-in-hash;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name http-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name plain-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name rtsp-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name ssl-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets client-based persistency when the load-balancing method is set to hash.
Syntax ssl-virtual-service name {fast-load-balancing;group name;sync-connections;persistency [ client-ip [cross-services] | ssl-id ];persistent-timeout minutes;port port-number;server-listening-port port;service-timeout seconds;syn-protection;
}
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Configures a SSL virtual service.
Options name—Enter the name for the SSL virtual service.The remaining statements are explained separately.
Related Documentation
ssl-hello on page 65 (groups Configuration Commands)
ADC Software Reference Guide
100 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
syn-protection
sync-connections
Syntax syn-protection;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name dns-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name ftp-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name http-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name ldap-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name plain-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name rtsp-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name ssl-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name wts-virtual-service name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Prevents denial-of-service (DoS) attacks on the virtual service.
Note: SYN protection is only available for TCP services.
Syntax sync-connections;
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name dns-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name ftp-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name http-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name ldap-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name plain-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name rtsp-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name sip-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name ssl-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name tftp-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name wap-virtual-service name],[edit extensions adc adc-instance adc-name virtual-server name wts-virtual-service name]
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 101
tftp-virtual-service
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Sets the mirroring of all connection data related to the virtual service.
Syntax tftp-virtual-service name {group name;sync-connections;service-timeout seconds;
}
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Configures a TFTP virtual service.
Options name—Enter the name for the TFTP virtual service.The remaining statements are explained separately.
Related Documentation
tftp on page 66 (groups Configuration Commands)
ADC Software Reference Guide
102 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
virtual-server
Syntax virtual-server name {address virtual-server-address;close-unknown-ports;description text;domain-name dns-name;dns-virtual-service {
...}ftp-virtual-service {
...}http-virtual-service {
...}ldap-virtual-service {
...}plain-virtual-service {
...}rtsp-virtual-service {
...}sip-virtual-service {
...}ssl-virtual-service {
...}tftp-virtual-service {
...}wap-virtual-service {
...}wts-virtual-service {
...}
}
Hierarchy Level [edit extensions adc adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Configures a virtual IP address that accepts client requests and services provided to clients when accessing this IP address.
Options name—Enter the name of the virtual server to add or edit.The remaining statements are explained separately.
Related Documentation
adc-instance on page 24 (adc-instance Configuration Commands)
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 103
wap-virtual-service
wts-virtual-service
Syntax wap-virtual-service name {groups {
...}sync-connections;persistency wap-radius;radius-authentication;radius-legacy-ports;service-timeout seconds;
}
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Configures a WAP virtual service.
Options name—Enter the name for the WAP virtual service.The remaining statements are explained separately.
Related Documentation
radius, page 63 (groups Configuration Commands)wap, page 66 (groups Configuration Commands)
Syntax wts-virtual-service name {group name;sync-connections;persistency [session-directory | user-hash ];server-listening-port port;service-timeout seconds;syn-protection;
}
Hierarchy Level [edit extensions adc adc-instance adc-name virtual-server name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Configures a WTS virtual service.
Options name—Enter the name for the WTS virtual service.The remaining statements are explained separately.
Related Documentation
wts on page 68 (groups Configuration Commands)
ADC Software Reference Guide
104 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
ADC Software Reference Guide
Operational Commands
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 105
Part 3 – Operational Commands
This part includes the command-line interface (CLI) commands available for use in Operational mode. These commands are used to view various aspects of the configuration. There are three main operational commands used: show, clear, and request. The show command displays the current settings of the command in question. The clear command deletes information for the command in question. The request command is used to perform various system-level requests. Additional commands may be referenced.The part is subdivided into chapters and each command in each chapter is alphabetized for easy use.Operational Commands includes the following chapters:• adc-instance Operational Commands• connection-table Operational Commands• content-match Operational Commands• filters Operational Commands• group Operational Commands• internal and maintenance Operational Commands• real-server Operational Commands• virtual-server and services Operational Commands
ADC Software Reference Guide Operational Commands
106 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 107
Chapter 10 – adc-instance Operational CommandsThe following command-line interfaces (CLI) commands help you with information concerning the ADC instances.• show extensions adc status• show extensions adc cpu• show extensions adc license-info• show extensions adc nat• show extensions adc workload-manager• clear extensions adc statistics
show extensions adc status
Syntax show extensions adc status
<detail>
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Shows the current status of the ADC extension.
Options detail—Display a more detailed output.
List of Outputs show extensions adc statusshow extensions adc status detail
Sample Output
ADC Software Reference Guide
108 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
show extensions adc cpu
show extensions adc statususer@host> show extensions adc status
ADC daemon status : UpUp Since Sat Mar 31 17:20:39 2012adc instance lb1:Interface Status Control Daemon #Data Daemons up #Disconns License----------+--------+----------------+-----------------+-----------+-------ms-1/0/0 Up Up 21 0 Licensed
show extensions adc status detailuser@host> show extensions adc status detail
ADC daemon status : UpUp Since Thu Apr 5 14:35:46 2012ADC daemon to SDK Services daemon (SSD) connection:
current status: Upnumber of disconnections: 0
ADC daemon to Dynamic Firewall Filters Daemon (DFWD) connection:current status: Downnumber of disconnections: 0
Interface status:Interfaces running adc: ms-0/1/0, ms-1/0/0Interfaces that appear in the configuration: ms-1/0/0
adc instance lb1:Interface Status Control Daemon #Data Daemons up #Disconnections License---------+------+---------------+-----------------+----------------+------ms-1/0/0 Up Up 21 0 Licensed
Unattached:Interface Status-------------+---------------ms-0/1/0 Down
Syntax show extensions adc cpu
<interface>
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Shows the current status of the CPU associated with the ADC software.
Options interface—(Optional) Display CPU information for specific service-interfaces.
List of Outputs show extensions adc cpushow extensions adc cpu interface
Sample Output
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 109
show extensions adc license-info
show extensions adc cpuuser@host> show extensions adc cpu
CPU Utilization for interface ms-1/0/0CP average for last 64 seconds: 63DP average for last 64 seconds: 56, max: 57, min: 56
show extensions adc cpu interfaceuser@host> show extensions adc cpu ms-1/0/0
CPU Utilization for interface ms-1/0/0DP average for last 64 seconds: 56DP max for last 64 seconds: 57DP min for last 64 seconds: 56
cpu threshold: 85Alert is triggered when at least half DPs cross this threshold.
1 second 4seconds 64seconds
CP 62 63 63DP 1 57 57 57DP 2 56 56 56DP 3 57 57 57DP 4 56 57 56DP 5 55 60 54DP 6 56 57 61DP 7 56 62 56DP 8 55 57 56DP 9 57 57 57DP10 56 56 56DP11 57 57 57DP12 56 57 56DP13 55 60 54DP14 56 57 61DP15 56 62 56DP16 55 57 56DP17 57 57 57DP18 56 56 56DP19 57 57 57DP20 56 57 56DP21 55 60 54
Syntax show extensions adc license-info
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Shows the current status of the ADC licenses.
ADC Software Reference Guide
110 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
show extensions adc nat
Sample Output
show extensions adc license-infouser@host> show extensions adc license-info
2 PICs appear in the configuration
adc instance lb1:Interface Status License------------+----------+-----------ms-1/2/3 Up Licensedms-1/4/5 Up No License
Syntax show extensions adc nat
<nat-address unit unit>
<adc-instance adc-name>
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Shows the current status of the ADC CPU.
Options nat-address—Specify the NAT address and unit.adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.
List of Outputs show extensions adc natshow extensions adc adc nat adc-instance adc-name
Sample Output
show extensions adc natuser@host> show extensions adc nat 8.9.77.56 unit 1001
NAT IP 8.9.77.56.1001 is used with adc-instance lb1:
Interface NAT IP Unit Connection count Free ports ms-1/2/0 8.9.77.56 1001 899
show extensions adc adc nat adc-instance adc-nameuser@host> show extensions adc nat adc-instance lb1
NAT IP Summary Table for adc-instance lb1:
Interface NAT IP Unit Connection count Free ports ms-1/2/0 8.9.77.56 1001 899
44.55.66.77 5671 6,577
ms-1/3/0 8.9.77.57 1002 4,777 44.55.66.78 5672 0
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 111
show extensions adc workload-manager
clear extensions adc statistics
Syntax show extensions adc workload-manager name [adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Shows the current status of the ADC CPU.
Options name—Enter the name of the workload manager to show.adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.
Sample Output
show extensions adc workload-manager adc-instance adc-nameuser@host> show extensions adc workload-manager adc-instance lb1
Workload Manager Information for adc-instance lb1:
Name IP address Port StateWLM1 5.5.5.5 3860 ConnectedWLM2 5.5.5.6 3860 Not Connected
Syntax clear extensions adc statistics [adc-instance adc-name | all]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Removes the current adc-instance statistics. This resets the statistics to zero.
Options adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.all—Clear statistics from all ADC instances.
List of Outputs clear extensions adc statistics adc-instance adc-nameclear extensions adc statistics all
Sample Output
clear extensions adc statistics adc-instance adc-nameuser@host> clear extensions adc statistics adc-instance lb1
Statistics for adc-instance lb1 have been cleared
clear extensions adc statistics alluser@host> clear extensions adc statistics all
Statistics for all adc-instances have been cleared
ADC Software Reference Guide
112 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 113
Chapter 11 – connection-table Operational CommandsThe following command-line interfaces (CLI) commands help you with information concerning the connection table data.• show extensions adc connection-table• clear extensions adc connection-entry• clear extensions adc connection-table• clear extensions adc persistency-entry• clear extensions adc persistency-table
show extensions adc connection-table
Syntax show extensions adc connection-table
<adc-instance adc-name>
<brief>
<count>
<destination destination-address port destination-port [adc-instance adc-name limit number]>
<extensive>
<flags-description [flag]>
<filter-term term adc-instance adc-name [limit number]>
<interface interface adc-instance adc-name [brief count limit number]>
<limit number>
<nat-address address>
<real-server name>
<source-address address>
<source-port port>
<with-flag>
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Displays connection table entries.
ADC Software Reference Guide
114 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
Options adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.brief—Display brief output (default).count—Show count of entries.destination destination-address port destination-port—Display entries matching the destination address and port.extensive—Display a more detailed output.flags-description flag—Display explanations for flags used in the connection table extensive output. Enter a specific flag to get a description of only that flag.filter-term name—Display entries matching filter term.interface name—Display entries matching the service interface.limit—Sets the maximum number of entries to display.nat-address address—Display entries matching the NAT address and unit.real-server name—Display entries matching the real server name.source-address address—Display entries matching the source IP address.source-port port—Display entries matching the source port.with-flag—Display entries matching a connection-table flag.
List of Outputs show extensions adc connection-table briefshow extensions adc connection-table adc-instanceshow extensions adc connection-table countshow extensions adc connection-table destination destination-address port destination-port [adc-instance limit]show extensions adc connection-table extensive adc-instanceshow extensions adc connection-table flags-descriptionshow extensions adc connection-table filter-term term adc-instance [limit]
Sample Output
show extensions adc connection-table briefuser@host> show extensions adc connection-table brief
Connection table brief for lb1:
Service set Connection countv1 IP 6.2.2.50 6,899
dns-virtual-service dns1 5,788http-virtual-service http1 1,111
v2 IP 6.2.2.55 22,222dns-virtual-service dns2 22,222
Total 88,888
show extensions adc connection-table adc-instanceThe output for the show extensions adc connection-table adc-instance adc-name command is identical to that for the show extensions adc connection-table brief command. For sample output, see show extensions adc connection-table brief.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 115
show extensions adc connection-table countuser@host> show extensions adc connection-table count
Connection table brief for lb1:
Interface Connection Countms-1/1/0 0
Total 0Note: Maximum Connection Table entries per interface is 688128
show extensions adc connection-table destination destination-address port destination-port [adc-instance limit]The output for the show extensions adc connection-table destination destination-address port destination-port [adc-instance limit] command is identical to that for the show extensions adc connection-table extensive adc-instance command. For sample output, see show extensions adc connection-table extensive adc-instance.
show extensions adc connection-table extensive adc-instanceuser@host> show extensions adc connection-table extensive adc-instance lb1
Connection table for adc-instance lb1:
Current number of connections: 2,252,678Displaying 30 rows (use limit command to change)For flags description use flag-descriptions command
Interface Prot source destination real age flags---------+---+---------------+----------------+-----------------+--+------ms-1/2/3 T 17.1.121.32:609 17.1.1.10:80 111.11.11.110:8080 45 XYms-3/4/1 T 27.1.1.15:80 17.1.121.32:609 222.22.22.222:8181 38 XuZ
NAT: 99.99.99.99.1001:8989ms-6/7/3 T 17.1.181.34:8320 17.1.1.10:80 212.12.12.222:9090 72 VW P:25ms-1/9/0 T 27.1.1.12:80 17.1.181.34:830 31.31.131.131:999 102 XXms-8/1/0 U 4.4.4.4:53 17.1.181.34:53 31.31.131.131:53 102 XX
ADC Software Reference Guide
116 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
clear extensions adc connection-entry
show extensions adc connection-table flags-descriptionuser@host> show extensions adc connection-table flags-description
E: Indicates connection is established, and will be aged out if no traffic is received within session timeout value.N: Indicates no NAT, which means the connection only translates the destination MAC when forwarding client traffic to the real server.P: Indicates the session is a persistent connection and is not to be aged out.S: Indicates the session is a persistent connection and the application is SSL session ID, or Cookie.Vr: Indicates the connection is a SIP REGISTER connection.Vs: Indicates the connection is a SIP SUBSCRIBE connection.Vi: Indicates the connection is a SIP INVITE connection.Vm: Indicates the connection is a SIP MESSAGE connection.Vd: Indicates the connection is a SIP NAT data connection. Sc: Indicates the connection is an opened server connection used in connection pooling.U: Indicates the connection is using Layer 7 information.W: Indicates the connection only translates the destination MAC when forwarding Layer 7 Web Cache Redirection traffic to the real server.
show extensions adc connection-table filter-term term adc-instance [limit]user@host> show extensions adc connection-table filter-term term1 adc-instance lb1
Connection table for adc-instance lb1 Showing only entries matching filter-term term1 Displaying 30 rows (use limit command to change)For flags description use flag-descriptions command
Interface Prot source destination real age flags ---------+---+---------------+----------------+-----------------+--+------ms-1/2/3 T 17.1.121.32:609 17.1.1.10:80 111.11.11.110:8080 45 XYms-3/4/1 T 27.1.1.15:80 17.1.121.32:609 222.22.22.222:8181 38 XuZ
NAT: 99.99.99.99.1001:8989ms-6/7/3 T 17.1.181.34:8320 17.1.1.10:80 212.12.12.222:9090 72 VW P:25ms-1/9/0 T 27.1.1.12:80 17.1.181.34:830 31.31.131.131:999 102 XXms-8/1/0 U 4.4.4.4:53 17.1.181.34:53 31.31.131.131:53 102 XX
Syntax clear extensions adc connection-entry adc-instance adc-name source-address address source-port port destination-address dst-address destination-port dst-port <tcp | udp>
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Clears specified entries in the connection table.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 117
clear extensions adc connection-table
clear extensions adc persistency-entry
Options source-address address—Filter by the source IP address.source-port port—Filter by the the source port.destination-address address—Filter by the the destination IP address.destination-port port—Filter by the destination port.tcp | udp—Clear either TCP or UDP entries.
Note: All parameters must be specified in order to indicate a single connection-table entry.
Sample Output
clear extensions adc connection-entry adc-instance adc-name source-address source-port destination-address destination-port tcp | udpuser@host> clear extensions adc connection-table adc-instance lb1 source-address 1.1.1.1 source-port 80 destination-address 10.2.2.0 destination-port 8080 TCP
This will clear all matching connection table entries of adc-instance lb1.Continue with clear [y|n] [n]?
- OR -
No matching connection was found in the connection table for adc-instance lb1.
Syntax clear extensions adc connection-table adc-instance adc-name
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Clears the connection table of a load-balancing instance.
Sample Output
clear extensions adc connection-table adc-instanceuser@host> clear extensions adc connection-table adc-instance lb1
This will clear the entire connection table of adc-instance lb1. Continue with clear [y|n] [n]?
If yes, the following message displays on completion:
Connection table cleared
Syntax clear extensions adc persistency-entry <http-cookie value | ssl-session-id id-value | wap-client-address dot-address | hex-address> adc-instance adc-name
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Clears the specified entries in the persistency table.
ADC Software Reference Guide
118 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
clear extensions adc persistency-table
Options http-cookie value—Clears an HTTP cookie persistency entry.ssl-session-id id-value—Clears an SSL session ID persistency entry.wap-client-address dot-address | hex-address—Clears a WAP client IP address persistency entry.adc-instance adc-name—Specifies the persistency table where the entries are to be cleared for the specific ADC instance.
List of Outputs clear extensions adc persistency-entry http-cookie adc-instanceclear extensions adc persistency-entry ssl-session-id adc-instanceclear extensions adc persistency-entry wap-client-address adc-instance
Sample Output
clear extensions adc persistency-entry http-cookie adc-instance user@host> clear extensions adc persistency-entry http-cookie id87654321 adc-instance lb1
A matching persistency entry was found and removed for adc-instance lb1
- OR -
No matching persistency entry was found for adc-instance lb1
clear extensions adc persistency-entry ssl-session-id adc-instance user@host> clear extensions adc persistency-entry ssl-session-id 23 adc-instance lb1
A matching persistency entry was found and removed for adc-instance lb1
- OR -
No matching persistency entry was found for adc-instance lb1
clear extensions adc persistency-entry wap-client-address adc-instance user@host> clear extensions adc persistency-entry wap-client-address 10.2.5.10 adc-instance lb1
A matching persistency entry was found and removed for adc-instance lb1
- OR -
No matching persistency entry was found for adc-instance lb1
Note: The wap-client-address parameter can be specified using either dotted address format or hexidecimal address format.
Syntax clear extensions adc persistency-table adc-instance adc-name
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Clears the persistency table of a load-balancing instance.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 119
Sample Output
clear extensions adc persistency-table adc-instanceuser@host> clear extensions adc persistency-table adc-instance lb1
This will clear the entire persistency table of adc-instance lb1. Continue with clear [y|n] [n]?
If yes, the following message displays on completion:
Persistency table cleared
ADC Software Reference Guide
120 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 121
Chapter 12 – content-match Operational CommandsThe following command-line interfaces (CLI) commands help you with information concerning content match strings.• show extensions adc strings-statistics
show extensions adc strings-statistics
Syntax show extensions adc strings-statistics string-name [adc-instance adc-name extensive]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Displays information for specific strings on a for an ADC instance.
Options adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.extensive—Display a more detailed output.
List of Outputs show extensions adc strings-statistics adc-instanceshow extensions adc strings-statistics adc-instance extensive
Sample Output
show extensions adc strings-statistics adc-instanceuser@host> show extensions adc strings-statistics adc-instance lb1
Strings Statistics for lb1:
String Name Hits-------------- -----------MyString 0String67 0
show extensions adc strings-statistics adc-instance extensiveuser@host> show extensions adc strings-statistics string67 adc-instance lb1 extensive
Per-Interface Strings Statistics for lb1: String name Interface Hits------------ -------------- -------- Mystring ms-1/0/1 0
ms-1/0/2 0 ms-1/0/3 0 Total 0
Str36 ms-1/0/1 0 ms-1/0/2 0 ms-1/0/3 0 Total 0
ADC Software Reference Guide
122 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 123
Chapter 13 – filters Operational CommandsThe following command-line interfaces (CLI) commands help you with information concerning filters.• show extensions adc filters term• show extensions adc filters load-balance• show extensions adc filters maintenance
show extensions adc filters term
show extensions adc filters load-balance
Syntax show extensions adc filters term name [adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Displays filter term match statistics
Options name—Displays filter term match statistics for the specific term.adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.
Sample Output
show extensions adc filters termuser@host> show extensions adc filters term
Term matches for adc-instance lb1:Filter term # Requests match ----------------------------------------+------------------------Term-name 748Term55 555
Syntax show extensions adc filters load-balance [adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Displays filters load-balancing statistics.
Options adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.
Sample Output
show extensions adc filters load-balance user@host> show extensions adc filters load-balance
Total URL based web cache redirection stats for adc-instance lb1:Total cache server hits: 0Total origin server hits: 0Total straight to origin server hits: 0Total none-GETs hits: 0Total 'Cookie: ' hits: 0Total no-cache hits: 0Total RTSP cache server hits: 0Total RTSP origin server hits: 0Total HTTP redirection hits: 0
ADC Software Reference Guide
124 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
show extensions adc filters maintenance
Syntax show extensions adc filters maintenance [adc-instance adc-name]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Displays filter maintenance information.
Options adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.
Sample Output
show extensions adc filters maintenance user@host> show extensions adc filters maintenance
Layer 7 maintenance statistics for adc-instance lb1:Clients reset by switch on client side: 0Clients reset by switch on server side: 0Connection Splicing to support HTTP/1.1: 0Invalid HTTP methods: 0Aged delayed binding sessions: 0Half open connections: 0Total 3-way-handshake retries: 0Random early drops: 0Requests exceeded 18200 bytes: 0Invalid 3-way handshakes: 0Exceeded max frame size: 0Out of order packet drops: 0Out of order packets received: 0Current SEQ buffer entries: 0 Highest: 0Current Data buffer use: 0 Highest: 0Current DP buffer entries: 0 Highest: 0Total Nonzero SEQ Alloc: 0Total SEQ Buffer Allocs: 0 Total SEQ Frees: 0Total Data Buffer Allocs: 0 Total Data Frees: 0Alloc Fails - Seq buffers: 0 Alloc Fails - Ubufs: 0Max sessions per bucket: 0 Max frames per session: 0Max bytes buffered (sess): 0
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 125
Chapter 14 – group Operational CommandsThe following command-line interfaces (CLI) commands help you with information concerning groups.• show extensions adc group
show extensions adc group
Syntax show extensions adc group group-name
<hash client-ip>
[adc-instance adc-name extensive]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Displays server group related information.
Options adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.extensive—Display a more detailed output.hash client-ip—Display the real server selected by hash.
List of Outputs show extensions adc groupshow extensions adc group extensiveshow extensions adc group group-nameshow extensions adc group group-name extensiveshow extensions adc group group-name hash client-ip
Sample Output
show extensions adc groupuser@host> show extensions adc group
Groups statistics for adc instance lb1:
Group Total servers Active servers Connections---------+-------------+--------------+-------------g1 1 1 0g2 2 2 0
show extensions adc group extensiveuser@host> show extensions adc group extensive
Groups statistics for adc instance lb1:
Group Total servers Active Interface Connections---------+-------------+-------+----------+-------------g1 10 5 Total 906
ms-1/2/3 784 ms-5/6/7 44 ms-2/3/4 78
g2 2 2 Total 0
ADC Software Reference Guide
126 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
show extensions adc group group-nameuser@host> show extensions adc group g1
Group g1 Adc instance lb1:
Health check information:Health check type is ALWAYS UPProtocol: TCPPorts: 53
80
Servers:
s1 address 3.3.3.11, unit 0, Active(enabled & UP)
Services:Virtual server v1 dns-virtual-service dns1Virtual server v1 http-virtual-service http1
Connections: Current connections 0, Total connections 0, Highest connects 0
Real Server Status Cur Connections Total Highest------------+--------+-----------------+-------+---------s1 Active 0 0 0
show extensions adc group group-name extensiveuser@host> show extensions adc group g1 extensive
Group g1 adc-instance lb1:Servers:
s1 address 3.3.3.11, unit 0, Active(enabled & UP)When active use -
s1 address 4.4.4.11, unit 0, Active(enabled & UP)
Services: Virtual server v1 dns-virtual-service dns1Virtual server v1 http-virtual-service http1
Per-interface statistics table for group group-name:Interface Cur Connections Total Highest ------------+-------------------+------------+--------------ms-1/2/3 784 1,564 999ms-3/4/5 0 0 0Total 784 1,564 999
show extensions adc group group-name hash client-ipuser@host> show extensions adc group g1 hash 10.205.130.10
Client 10.205.130.10 binds to real-server r1 in group g1 instance lb1.
- OR -
Group g1 instance lb1 does not use hash based load balancing method.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 127
Chapter 15 – internal and maintenance Operational CommandsThe following command-line interfaces (CLI) commands help you with information concerning general maintenance.• show extensions adc internal• request extensions adc maintenance dump-and-restart• request extensions adc maintenance information
show extensions adc internal
Syntax show extensions adc internal
<generated-configuration [adc-instance adc-name]>
<software-version>
<maintenance interface>
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Displays internal information about the ADC software.
Options generated-configuration—Display generated configuration information.software-version—Displays the software version and build information.maintenance—Displays maintenance information per interface.adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.
List of Outputs show extensions adc internal generated-configurationshow extensions adc internal software-versionshow extensions adc internal maintenance interface
Sample Output
show extensions adc internal generated-configurationuser@host> show extensions adc internal generated-configuration
Front End firewall Filter name: rdwr-fe-filtRelated interfaces: ge-0/2/2.0Adc instance kobis:
Active VIPs: 6.2.2.50 (routes added)6.2.3.55 (routes added)
Non-active VIPs: NoneRouting instance: rdwr-kobis-fe-riPacket counter: 0Total Bytes: 0
Back End Firewall Filter term name: rdwr-ms-100-termRelated interfaces: ge-0/3/0.0
ms-1/0/0.10000From server in adc instance: s1
s2 s3 s4Ports: 0-8191Routing instance: rdwr-ms-100-ri
ADC Software Reference Guide
128 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
show extensions adc internal software-versionuser@host> show extensions adc internal software-version
Software Build Information:Software Version: 1.1Build ID: 087Build time: FW_VERSION: #2 Mon Apr 11 11:48:48 IDT 2011
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 129
show extensions adc internal maintenance interfaceuser@host> show extensions adc internal maintenance ms-1/0/0
ADC Maintenance statistics:
Maximum sessions: 688128Current sessions: 04 second average: 0
64 second average: 0Terminated sessions: 0Allocation failures: 0UDP datagrams: 0No available real server: 0Backup server activations: 0No TCP control bits: 0Invalid reset packet drops: 0Out of State FIN Pkt drops: 0Cookies regenerated: 1Free cookie pool entries: 0Total IP fragment sessions: 0Current IP4 fragment sessions 0IP4 fragment discards: 0IP fragment table full: 0Current IPF buffer sessions: 0Highest IPF buffer sessions: 0IPF buffer alloc fails: 0IPF SP buffer alloc fails: 0Exceeded 50 OOO packets: 0IPF invalid lengths: 0IPF Null Payloads: 0Fragment Overlaps: 0Duplicate fragments: 0Current real service stats: 0Real service stats failures: 0Free Service pool entries: 8186Core Persist Free entries: 688128Core Persist Current entries: 0Core Persist Total entries: 0Core Persist Lookup Failed: 0Core Persist Delete Failed: 0Core Persist Hash Entry Chain: 0Total Jbuf processed per sec 0Total Letters proces per sec 0Total entries aged per sec 0Global pool Jbuf received: 0Local pool Jbuf allocated: 0Global pool Jbuf sent out: 0Local pool Jbuf sent out: 0Global pool Jbuf freed: 0Local pool Jbuf freed: 0
ADC Software Reference Guide
130 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
request extensions adc maintenance dump-and-restart
request extensions adc maintenance information
Syntax request extensions adc maintenance dump-and-restart [adc-instance adc-name | service-interface interface]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Manages support and troubleshooting information.
Options dump-and-restart—Dumps the state information and restarts the ADC instance or service interface.adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.service-interface interface—Enter the name of the service-interface for which to display statistics.
List of Outputs request extensions adc maintenance dump-and-restart adc-instancerequest extensions adc maintenance dump-and-restart service-interface
Sample Output
request extensions adc maintenance dump-and-restart adc-instanceuser@host> request extensions adc maintenance dump-and-restart adc-instance lb1
This restarts the adc-instance lb1, all connections will be discarded.Continue with dump and restart [y|n] [n]? y
If yes, then the following displays:
The dump is written to adc-ctrl.core files at /var/tmp/adc-instance lb1 restart initiated. Use the adc status command to follow up.
request extensions adc maintenance dump-and-restart service-interface Tuser@host> request extensions adc maintenance dump-and-restart service-interface ms-1/0/0
his restarts the service interface lb1, all connections managed by this service interface will be discarded.Continue with dump and restart [y|n] [n]? y
If yes, then the following displays:
The dump is written to adc-ctrl.core files at /var/tmp/Service interface ms-1/0/0 restart initiated. Use the adc status command to follow up.
Syntax request extensions adc maintenance information
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Displays the dump information for technical assistance.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 131
Sample Output
request extensions adc maintenance informationuser@host> request extensions adc maintenance information
Note: This report generates a long output that is a collection of many other commands. This command is useful to use when there is a problem and you are asked to send troubleshooting data. In those cases, this command suffices and no other output is required.
ADC Software Reference Guide
132 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 133
Chapter 16 – real-server Operational CommandsThe following command-line interfaces (CLI) commands help you with information concerning real servers.• show extensions adc real-server• request extensions adc disable• request extensions adc enable
show extensions adc real-server
Syntax show extemsopms adc real-server
<real-server-name>
[adc-instance adc-name extensive]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Displays server-related information.
Options real-server-name—Enter the name of a real server in order to see statistics specific to that server.adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.extensive—Display a more detailed output.
List of Outputs show extensions adc real-servershow extensions adc real-server real-server-nameshow extensions adc real-server adc-instance adc-nameshow extensions adc real-server extensive
Sample Output
show extensions adc real-serveruser@host> show extensions adc real-server
Real Server’s statistics for adc instance lb1:Real Server Address Status Cur Connections--------------+----------------+--------------+----------------r1 200.0.0.10 Active 0r2 200.0.0.11 Active 0r3 200.0.0.12 DOWN 0
ADC Software Reference Guide
134 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
show extensions adc real-server real-server-nameuser@host> show extensions adc real-server r1
Real-server r1 adc instance lb1:Address 200.0.0.10, unit 0, Active<enabled & UP>Listening ports:
port NoneGroup g1:
Virtual server v1 dns-virtual-service dns1, Server is UPReal-server r1 adc instance lb1 statistics:
Server failures: 0Last time real server up: Sat Apr 7 18:19:26 2012Health check:
Attempts: 0, Failures: 0, Response: 1Valid response time:
Last: 314520845 usecs, Average: 314520845 usecs, Longest: 314520845 usecs
Health check type: ALWAYS-UPLast SNMP HC response: NoneBuddy Health check failures: 0
Connections: Current: 0, Total: 0, Highest: 0Octets: 0Cookie pop out: 0Cookie unavailable: 0Cookie count: 0
show extensions adc real-server adc-instance adc-nameuser@host> show extensions adc real-server adc-instance lb1
Real Server’s statistics for adc instance lb1:Real Server Address Status Cur Connections-------------+----------------+--------------+----------------r1 200.0.0.10 Active 0r2 200.0.0.11 Active 0r3 200.0.0.12 DOWN 0
show extensions adc real-server extensiveuser@host> show extensions adc real-server extensive
Real Server’s statistics for adc instance lb1 :Real Server Address Status Interface Cur Connections-------------+----------------+--------------+------------+---------------r1 200.0.0.10 Active ms-1/0/0 0
Total 0r2 200.0.0.11 Active ms-1/0/0 0
Total 0r3 200.0.0.12 DOWN ms-1/0/0 0
Total 0
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 135
request extensions adc disable
request extensions adc enable
Syntax request extensions adc disable real-server
<real-server-name>
<allow-cookie>
<force>
<gracefully>
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Does not send any new connections to the real servers.
Options real-server-name—Specifies the real server to disable.allow-cookie—Allow new connection according to cookie persistency.force—Immediately remove existing connections to this server.gracefully—Do not send any new connections to the server (default)
Syntax request extensions adc enable
<adc-instance adc-name | real-server server-instance>
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Starts using real servers for application delivery. You must pick one of the two available options: adc-instance or real-server.
Options adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.real-server server-instance—Specifies a real server to enable.
ADC Software Reference Guide
136 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 137
Chapter 17 – virtual-server and services Operational CommandsThe following command-line interfaces (CLI) commands help you with information concerning virtual servers and virtual services.• show extensions adc virtual-server• show extensions adc dns• show extensions adc ftp• show extensions adc http• show extensions adc ldap• show extensions adc plain-virtual-service• show extensions adc rtsp• show extensions adc sip• show extensions adc ssl• show extensions adc tftp• show extensions adc wap• show extensions adc wts
show extensions adc virtual-server
Syntax show extensions adc virtual-server
<server-name [adc-instance adc-name extensive]>
<server-listening-ports ports>
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Displays virtual server information.
Options server-name—Name of the virtual server to show.adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.extensive—Display a more detailed output.server-listening-ports ports—Display statistics using the server listening port.
List of Outputs show extensions adc virtual-servershow extensions adc virtual-server virtual-server-nameshow extensions adc virtual-server adc-instance nameshow extensions adc virtual-server extensiveshow extensions adc virtual-server server-listening-ports
Sample Output
show extensions adc virtual-serveruser@host> show extensions adc virtual-server
Virtual servers’ statistics for adc instance name:Virtual Server Cur Connections Total Highest-----------------+----------------+-----------+-----------myDNS 784 1,564 999
ADC Software Reference Guide
138 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
show extensions adc virtual-server virtual-server-nameuser@host> show extensions adc virtual-server vs1
Virutal server vs1, Address 10.20.20.1adc instance lb1
Service Active Servers Cur Connections Total Highest------------+---------------+---------------+---------+----------myDNS 17 784 1,564 999myHTTP 3 0 0 0Total 3 784 1,564 999
show extensions adc virtual-server adc-instance nameuser@host> show extensions adc virtual-server adc-instance lb1
Virtual servers’ statistics for adc instance lb1:Virtual Server Cur Connections Total Highest-----------------+----------------+-----------+-----------v1 0 0 0
show extensions adc virtual-server extensiveuser@host> show extensions adc virtual-server extensive
Virtual servers' statistics for adc-instance lb1:Virtual Server Interface Cur Connections Total Highest--------------+-------------+------------------+--------+--------Virt1 ms-1/2/3 784
ms-5/6/7 44ms-2/3/4 78Total <sum>
VirtMy58 Total 0
show extensions adc virtual-server server-listening-portsuser@host> show extensions adc virtual-server server-listening-ports
Virtual server vs1 server-listening-ports statistics:
Current Total HighestReal IP address Sessions Sessions Sessions Octets ------+-----------------+----------+-----------+---------+-------- Name1 Port 8004 - 31 - -Name1 Port 8005 - 13 - -Name1 20.20.20.10 0 227 19 742766AAA2 Port 8004 - 124 - -AAA2 Port 8005 - 10 - -AAA2 20.20.20.11 1 421 22 906641---- ------------------- ---------- ----------- ---------- ---------
20.21.21.100 1 648 41 1649407
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 139
show extensions adc dns
Syntax show extensions adc dns
<statistics>
<virtual-service virtual-service-name [adc-instance adc-name extensive]>
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Displays DNS virtual services information.
Options virtual-service virtual-server-name—Name of the virtual server to show.adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.extensive—Display a more detailed output.
List of Outputs show extensions adc dns statisticsshow extensions adc dns virtual-serviceshow extensions adc dns virtual-service nameshow extensions adc dns virtual-service name extensive
Sample Output
show extensions adc dns statisticsuser@host> show extensions adc dns statistics
DNS Statistics for instance <name>: Total number of TCP DNS queries: 0Total number of UDP DNS queries: 0Total number of invalid DNS queries: 0Total number of multiple DNS queries: 0Total number of domain name parse errors: 0Total number of failed real server name matches: 0Total number of DNS parsing internal errors: 0
show extensions adc dns virtual-serviceuser@host> show extensions adc dns virtual-service
virtual services statistics for adc instance lb1:
Virtual Server Virtual Service Active Servers Cur Connections
--------------+---------------+--------------+---------------------
v1 dns1 1 0
ADC Software Reference Guide
140 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
show extensions adc ftp
show extensions adc dns virtual-service nameuser@host> show extensions adc dns virtual-service dns1
Virtual service dns1adc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Connections: Current 0, Total 0, Highest 0Real Cur Connections Total Highest--------------+---------------+------------+-----------r1 0 1 0
show extensions adc dns virtual-service name extensiveuser@host> show extensions adc dns virtual-service dns1 extensive
Virtual service dns1adc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Per-interface statistics table for virtual Service dns1:Interface Cur Connections Total Highest--------------+---------------+------------+-----------ms-1/0/0 0 1 0Total 0 1 0
Syntax show extensions adc ftp
<statistics>
<virtual-service virtual-service-name [adc-instance adc-name extensive]>
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Displays DNS virtual services information.
Options virtual-service virtual-server-name—Name of the virtual server to show.adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.extensive—Display a more detailed output.
List of Outputs show extensions adc ftp statisticsshow extensions adc ftp virtual-serviceshow extensions adc ftp virtual-service nameshow extensions adc ftp virtual-service name extensive
Sample Output
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 141
show extensions adc ftp statisticsuser@host> show extensions adc ftp statistics
FTP statistics for lb1:Total FTP Active (PORT): 0
Total new active FTP NAT Index: 0FTP Active FTP NAT ACK/SEQ diff: 0
Total FTP Parsing (PASV): 0Total new FTP SLB parsing Index: 0FTP SLB parsing ACK/SEQ diff: 0
show extensions adc ftp virtual-serviceuser@host> show extensions adc ftp virtual-service
virtual services statistics for adc instance lb1:
Virtual Server Virtual Service Active Servers Cur Connections
--------------+---------------+--------------+---------------------
v1 ftp1 1 0
show extensions adc ftp virtual-service nameuser@host> show extensions adc ftp virtual-service ftp1
Virtual service ftp1adc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Connections: Current 0, Total 0, Highest 0Real Cur Connections Total Highest--------------+---------------+------------+-----------r1 0 1 0
show extensions adc ftp virtual-service name extensiveuser@host> show extensions adc ftp virtual-service ftp1 extensive
irtual service ftp1adc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Per-interface statistics table for virtual Service dtp1:Interface Cur Connections Total Highest--------------+---------------+------------+-----------ms-1/0/0 0 1 0Total 0 1 0
ADC Software Reference Guide
142 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
show extensions adc http
Syntax show extensions adc http
<cookie-statistics virtual-server server-name>
<cookie-to-server value virtual-server server-name>
<select-by-content virtual-server server-name>
<virtual-service virtual-service-name [adc-instance adc-name extensive]>
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Displays HTTP virtual services informaiton.
Options cookie-statistics—Display virtual server cookie statistics.cookie-to-server value—Display real server according to HTTP cookie value.select-by-content—Display virtual server select-by-content information.virtual-server server-name—Name of the virtual server to show.virtual-service virtual-server-name—Name of the virtual server to show.adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.extensive—Display a more detailed output.
List of Outputs show extensions adc http cookie-statistics virtual-server server-nameshow extensions adc http cookie-to-server value virtual-server server-nameshow extensions adc http select-by-content virtual-server server-nameshow extensions adc http virtual-serviceshow extensions adc http virtual-service virtual-service-nameshow extensions adc http virtual-service virtual-service-name extensive
Sample Output
show extensions adc http cookie-statistics virtual-server server-nameuser@host> show extensions adc http cookie-statistics virtual-server vs1
Persistency Cookie statistics:'Cookie' Hits: 1'Cookie' Misses: 1Cookie Inserts: 26Cookie Rewrites: 26Total 'Cookie' Sessions: 2------------------------------------------------------------------Persistent Cookie inspection statistics:
Current Total Highest Sessions Sessions Sessions
------------------------- -------- ---------- --------Cookie-based Connection entries 1 1 1Learned cookies 1 2 1
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 143
show extensions adc http cookie-to-server value virtual-server server-nameuser@host> show extensions adc http cookie-to-server 22 virtual-server vs1
virtual-service vs1 Cookie value 22 for service vs1 in instance lb1 is mapped to real server r1 address 102.1.1.10 with age of 35 minutes.
show extensions adc http select-by-content virtual-server server-nameuser@host> show extensions adc http select-by-content virtual-server vs1
HTTP select-by-content statistics:'text' Hits: 1'text' Misses: 1
Total 'text' Sessions: 2------------------------------------------------------------------
'text' can be: host, cookie, user-agnet or configured header-name (from configuration)
show extensions adc http virtual-serviceuser@host> show extensions adc http virtual-service
virtual services statistics for adc instance lb1:Virtual Server Virtual Service Active Servers Cur Connections--------------+---------------+--------------+---------------------v1 http1 1 0
ADC Software Reference Guide
144 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
show extensions adc ldap
show extensions adc http virtual-service virtual-service-nameuser@host> show extensions adc http virtual-service http1
Virtual service http1adc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Connections: Current 0, Total 0, Highest 0Real Cur Connections Total Highest--------------+---------------+------------+-----------r1 0 1 0
show extensions adc http virtual-service virtual-service-name extensiveuser@host> show extensions adc http virtual-service http1 extensive
Virtual service http1adc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Per-interface statistics table for virtual Service dns1:Interface Cur Connections Total Highest--------------+---------------+------------+-----------ms-1/0/0 0 1 0Total 0 1 0
Syntax show extensions adc ldap virtual-service virtual-service-name [adc-instance adc-name extensive]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Displays LDAP virtual services information.
Options virtual-service virtual-server-name—Name of the virtual server to show.adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.extensive—Display a more detailed output.
List of Outputs show extensions adc ldap virtual-serviceshow extensions adc ldap virtual-service virtual-service-nameshow extensions adc ldap virtual-service virtual-service-name extensive
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 145
show extensions adc plain-virtual-service
Sample Output
show extensions adc ldap virtual-serviceuser@host> show extensions adc ldap virtual-service
virtual services statistics for adc instance lb1:Virtual Server Virtual Service Active Servers Cur Connections--------------+---------------+--------------+---------------------v1 ldap1 1 0
show extensions adc ldap virtual-service virtual-service-nameuser@host> show extensions adc ldap virtual-service ldap1
Virtual service ldap1adc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Connections: Current 0, Total 0, Highest 0Real Cur Connections Total Highest--------------+---------------+------------+-----------r1 0 1 0
show extensions adc ldap virtual-service virtual-service-name extensiveuser@host> show extensions adc ldap virtual-service ldap1
Virtual service ldap1adc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Per-interface statistics table for virtual Service dns1:Interface Cur Connections Total Highest--------------+---------------+------------+-----------ms-1/0/0 0 1 0Total 0 1 0
Syntax show extensions adc plain-virtual-service virtual-service-name [adc-instance adc-name extensive]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Displays plain virtual services information.
Options virtual-service virtual-server-name—Name of the virtual server to show.adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.extensive—Display a more detailed output.
ADC Software Reference Guide
146 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
show extensions adc rtsp
List of Outputs show extensions adc plain-virtual-service virtual-service-nameshow extensions adc plain-virtual-service virtual-service-name extensive
Sample Output
show extensions adc plain-virtual-service virtual-service-nameuser@host> show extensions adc plain-virtual-service plain1
Virtual service plain-virtual-serviceadc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Connections: Current 0, Total 0, Highest 0Real Cur Connections Total Highest--------------+---------------+------------+-----------r1 0 1 0
show extensions adc plain-virtual-service virtual-service-name extensiveuser@host> show extensions adc plain-virtual-service plain1 extensive
Virtual service plain-virtual-serviceadc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Per-interface statistics table for virtual Service dns1:Interface Cur Connections Total Highest--------------+---------------+------------+-----------ms-1/0/0 0 1 0Total 0 1 0
Syntax show extensions adc rtsp
<statistics>
<virtual-service virtual-service-name> [adc-instance adc-name extensive]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Displays RTSP virtual services information.
Options virtual-service virtual-server-name—Name of the virtual server to show.adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.extensive—Display a more detailed output.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 147
List of Outputs show extensions adc rtsp statisticsshow extensions adc rtsp virtual-serviceshow extensions adc rtsp virtual-service virtual-service-nameshow extensions adc rtsp virtual-service virtual-service-name extensive
Sample Output
show extensions adc rtsp statisticsuser@host> show extensions adc rtsp statistics
RTSP Statistics for lb1: Total number of active RTSP control connections: 0Total number of active UDP streams: 0Total number of switch redirects: 0Total connections denied due to RTSP connection limit: 0Total cases of Buffer allocation for multi-packet requests: 0Total cases of memory allocation failures: 0
show extensions adc rtsp virtual-serviceuser@host> show extensions adc rtsp virtual-service
virtual services statistics for adc instance lb1:Virtual Server Virtual Service Active Servers Cur Connections--------------+---------------+--------------+---------------------v1 rtsp1 1 0
ADC Software Reference Guide
148 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
show extensions adc sip
show extensions adc rtsp virtual-service virtual-service-nameuser@host> show extensions adc rtsp virtual-service rtsp1
Virtual service rtsp1adc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Connections: Current 0, Total 0, Highest 0Real Cur Connections Total Highest--------------+---------------+------------+-----------r1 0 1 0
show extensions adc rtsp virtual-service virtual-service-name extensiveuser@host> show extensions adc rtsp virtual-service rtsp1 extensive
Virtual service rtsp1adc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Per-interface statistics table for virtual Service dns1:Interface Cur Connections Total Highest--------------+---------------+------------+-----------ms-1/0/0 0 1 0Total 0 1 0
Syntax show extensions adc sip
<statistics>
<virtual-service virtual-service-name [adc-instance adc-name extensive]>
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Displays SIP virtual services information.
Options virtual-service virtual-server-name—Name of the virtual server to show.adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.extensive—Display a more detailed output.
List of Outputs show extensions adc sip statisticsshow extensions adc sip virtual-serviceshow extensions adc sip virtual-service virtual-service-nameshow extensions adc sip virtual-service virtual-service-name extensive
Sample Output
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 149
show extensions adc sip statisticsuser@host> show extensions adc sip statistics
SIP Statistics for adc-instance <name>:Total number of SIP Client Parse Errors: 0Total number of SIP Server Parse Errors: 0Total number of SIP Unknown Method packets: 0Total number of SIP Incomplete Messages: 0Total number of SIP Filter Parse Errors: 0Total number of packets with SIP SDP NAT: 0
show extensions adc sip virtual-serviceuser@host> show extensions adc sip virtual-service
virtual services statistics for adc instance lb1:Virtual Server Virtual Service Active Servers Cur Connections--------------+---------------+--------------+---------------------v1 sip1 1 0
show extensions adc sip virtual-service virtual-service-nameuser@host> show extensions adc sip virtual-service sip1
Virtual service sip1adc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Connections: Current 0, Total 0, Highest 0Real Cur Connections Total Highest--------------+---------------+------------+-----------r1 0 1 0
show extensions adc sip virtual-service virtual-service-name extensiveuser@host> show extensions adc sip virtual-service sip1
Virtual service sip1adc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Per-interface statistics table for virtual Service dns1:Interface Cur Connections Total Highest--------------+---------------+------------+-----------ms-1/0/0 0 1 0Total 0 1 0
ADC Software Reference Guide
150 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
show extensions adc ssl
Syntax show extensions adc ssl
<session-id-to-server session-id virtual-server server-name>
<statistics>
<virtual-service virtual-service-name [adc-instance adc-name extensive]>
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Displays SSL virtual services information.
Options session-id-to-server session-id—Displays the real server according to the SSL Session ID value.virtual-server server-name—Name of the virtual server to show.virtual-service virtual-server-name—Name of the virtual server to show.adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.extensive—Display a more detailed output.
List of Outputs show extensions adc ssl session-id-to-server session-id virtual-server server-nameshow extensions adc ssl statisticsshow extensions adc ssl virtual-serviceshow extensions adc ssl virtual-service virtual-service-nameshow extensions adc ssl virtual-service virtual-service-name extensive
Sample Output
show extensions adc ssl session-id-to-server session-id virtual-server server-nameuser@host> show extensions adc ssl session-id-to-server virtual-server vs1
SSL Session ID <hex value> for service vs1 in instance lb1 is mapped to real server r1 address 10.130.10.1 with age of 22 minutes.
show extensions adc ssl statisticsuser@host> show extensions adc ssl statistics
SSL load balancing statistics for instance lb1:Session ID allocation fails: 0Total number of SSL ID reassignments: 0
Current Total Highest------------------------- -------- ---------- --------Unique Session IDs 0 0 0SSL connections 0 0 0Persistent Port Sessions 0 0 0
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 151
show extensions adc tftp
show extensions adc ssl virtual-serviceuser@host> show extensions adc ssl virtual-service
virtual services statistics for adc instance lb1:Virtual Server Virtual Service Active Servers Cur Connections--------------+---------------+--------------+---------------------v1 ssl1 1 0
show extensions adc ssl virtual-service virtual-service-nameuser@host> show extensions adc ssl virtual-service ssl1
Virtual service ssl1adc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Connections: Current 0, Total 0, Highest 0Real Cur Connections Total Highest--------------+---------------+------------+-----------r1 0 1 0
show extensions adc ssl virtual-service virtual-service-name extensiveuser@host> show extensions adc ssl virtual-service ssl1 extensive
Virtual service ssl1adc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Per-interface statistics table for virtual Service dns1:Interface Cur Connections Total Highest--------------+---------------+------------+-----------ms-1/0/0 0 1 0Total 0 1 0
Syntax show extensions adc tftp virtual-service virtual-service-name [adc-instance adc-name extensive]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Displays TFTP virtual services information.
Options virtual-service virtual-server-name—Name of the virtual server to show.adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.extensive—Display a more detailed output.
List of Outputs show extensions adc tftp virtual-service virtual-service-nameshow extensions adc tftp virtual-service virtual-service-name extensive
ADC Software Reference Guide
152 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
show extensions adc wap
Sample Output
show extensions adc tftp virtual-service virtual-service-nameuser@host> show extensions adc tftp virtual-service tftp1
Virtual service tft1adc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Connections: Current 0, Total 0, Highest 0Real Cur Connections Total Highest--------------+---------------+------------+-----------r1 0 1 0
show extensions adc tftp virtual-service virtual-service-name extensiveuser@host> show extensions adc tftp virtual-service tftp1 extensive
Virtual service tft1adc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Per-interface statistics table for virtual Service dns1:Interface Cur Connections Total Highest--------------+---------------+------------+-----------ms-1/0/0 0 1 0Total 0 1 0
Syntax show extensions adc wap
<client-ip-to-server dot-address | hex-address virtual-server server-name>
<statistics>
<virtual-service virtual-service-name [adc-instance adc-name extensive]>
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Displays WAP virtual services information.
Options client-ip-to-server address—Display the real server according to the client IP address.virtual-server server-name—Enter the name of the virtual server to use.virtual-service virtual-server-name—Name of the virtual server to show.adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.extensive—Display a more detailed output.
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 153
List of Outputs show extensions adc wap client-ip-to-servershow extensions adc wap statisticsshow extensions adc wap virtual-service virtual-service-nameshow extensions adc wap virtual-service virtual-service-name extensive
Sample Outpur
show extensions adc wap client-ip-to-serveruser@host> show extensions adc wap client-ip-to-server
Client address 120.10.50.1 for service vs1 in instance lb1 is mapped to real server r1 address 1.1.1.10 with age of 55 minutes.
show extensions adc wap statisticsuser@host> show extensions adc wap statistics
WAP Maintenance statistics:current sessions: 0allocation failures: 0incorrect VIPs: 0incorrect service ports: 0no available real server: 0requests to wrong DP: 0
RADIUS Snooping statistics:accounting requests: 0 accounting wrap requests: 0accounting start requests: 0 accounting update requests: 0accounting stop requests: 0 accounting bad requests: 0accounting requests -with Framed IP: 0 no Framed IP: 0add session requests: 0 delete session requests: 0requests failed due to DP dead: 0
ADC Software Reference Guide
154 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
show extensions adc wts
show extensions adc wap virtual-service virtual-service-nameuser@host> show extensions adc wap virtual-service wap1
Virtual service wap1adc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Connections: Current 0, Total 0, Highest 0Current connections to real-servers, by service port:Real Server radius-acc radius-auth wsp wtp wtls 9202 9203-------------+------------+------------+------+----+----------+-----Server45 784 564 999 123 502 122newServer 0 777 568 765 502 122
show extensions adc wap virtual-service virtual-service-name extensiveuser@host> show extensions adc wap virtual-service wap1
Virtual service wap1adc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Per-interface statistics table for virtual Service dns1:Interface Cur Connections Total Highest--------------+---------------+------------+-----------ms-1/0/0 0 1 0Total 0 1 0
Syntax show extensions adc wts virtual-service virtual-service-name [adc-instance adc-name extensive]
Release information Command introduced in ADC software for Junos OS Release 1.4R0.0.
Description Displays WTS virtual services information.
Options virtual-service virtual-server-name—Name of the virtual server to show.adc-instance adc-name—Enter the name of the adc-instance for which to display statistics.extensive—Display a more detailed output.
List of Outputs show extensions adc wts virtual-serviceshow extensions adc wts virtual-service virtual-service-nameshow extensions adc wts virtual-service virtual-service-name extensive
Sample Output
ADC Software Reference Guide
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 155
show extensions adc wts virtual-serviceuser@host> show extensions adc wts virtual-service
virtual services statistics for adc instance lb1:Virtual Server Virtual Service Active Servers Cur Connections--------------+---------------+--------------+---------------------v1 wts1 1 0
show extensions adc wts virtual-service virtual-service-nameuser@host> show extensions adc wts virtual-service wts1
Virtual service wts1adc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Connections: Current 0, Total 0, Highest 0Real Cur Connections Total Highest--------------+---------------+------------+-----------r1 0 1 0
show extensions adc wts virtual-service virtual-service-name extensiveuser@host> show extensions adc wts virtual-service wts1 extensive
Virtual service wts1adc instance lb1, Virtual server v1, address 150.0.0.10UDP Port 53, server listening port 53Group g1:
Active Servers: 0 (up and enabled)Total Servers: 1
Per-interface statistics table for virtual Service dns1:Interface Cur Connections Total Highest--------------+---------------+------------+-----------ms-1/0/0 0 1 0Total 0 1 0
ADC Software Reference Guide
156 Document ID: RDWR-RSLB-V1.4R0.0_RG0711
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 157
Index
Aaccept 44adc 19
adc-instance 24internal-unit-range 20traceoptions 21
adc-instance 24broken-handshake-timeout 25checksum-validation 25clear extensions adc statistics 111clear-on-tcp-reset 25content-match 32couple-wap-radius 25cpu-threshold 26custom-health-check 39failed-server-loyalty 26filters 47force-full-failback 26groups 60group-updates-interval 27health-check-source 27instance-unit 27no-connections-sync 28real-servers 75router-interfaces 79show extensions adc cpu 108show extensions adc license-info 109show extensions adc nat 110show extensions adc status 107show extensions adc workload-manager 111tcp-close-timeout 28virtual-server 102
address 25, 69, 82add-x-forwarded-for 82allow-ldap-write 70allow-write-servers 82always-up 58and-higher 31and-lower 31availability-threshold 58avoid-http-strings 70
Bbackup-group 58backup-real-server 58, 70
do-not-preempt 72use-when-overflow 76
binary-expect 37binary-pattern 32
binary-value 32offset 34
binary-send 38
binary-value 32and-higher 31and-lower 31depth 33
broken-handshake-timeout 25buddy-server 71
buddy-service-port 71failure-retries 73group 73
buddy-service-port 71
Ccase-sensitive 33checksum-validation 25clear
extensions adc connection-entry 116extensions adc connection-table 117extensions adc persistency-entry 117extensions adc persistency-table 118extensions adc statistics 111
clear extensions adc connection-entry 116clear extensions adc connection-table 117clear extensions adc persistency-entry 117clear extensions adc persistency-table 118clear extensions adc statistics 111clear-on-tcp-reset 25client-facing 77client-nat 44, 71close-unknown-ports 82cmd 39
binary-expect 37binary-send 38
connection-pooling 82connection-timeout 44, 71content-match 32
case-sensitive 33http-error-message 33string 34, 35
content-strings 44, 72content-term 45
http-redirect 49then 55
content-termsmatch-content 50
cookie-name 83insert 87inspect 88rewrite 94
couple-wap-radius 25cpu-threshold 26custom-health-check 39
script 40
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 158
Ddepth 33description 72, 83destination-address 45destination-nat 45destination-port 45direct-server-return 59discard 46dns 59dnstcp 59dns-virtual-service 83
fast-load-balancing 84protocol 93
domain-name 84do-not-preempt 72
Eefficient-memory-use 84exclude-by-content 46
Ffailed-server-loyalty 26failure-retries 73family 26, 77
address 25nat-address 78nat-address-range 78
fast-load-balancing 84file 19filters 47
term 54web-cache-redirection 55
first-request-only 47flag 20force-full-failback 26from 48
destination-address 45destination-port 45protocol 52source-address 53source-port 53tcp-flags 54
ftp 59ftp-virtual-service 84
Ggo-to 48group 48, 73, 85group-health-formula 59groups 60, 85
availability-threshold 58backup-groups 58backup-real-server 58direct-server-return 59
group-health-formula 59group-unit 60health-check 60load-balancing-method 62server-warm-up-time 64work-load-manager 29, 66
group-unit 60group-updates-interval 27
Hhealth-check 60, 73
always-up 58dns 59dnstcp 59ftp 59http 61imap 61interval 73ldap 61nntp 62ping 63pop3 63radius 63recovery-retries 75rtsp 64script 64sip 64smtp 65snmp 65ssl-hello 65tcp 66tftp 66wap 66wts 68
health-check-source 27unit 29
hostname 86http 61http-error-message 33http-header 34http-parsing-depth 86http-redirect 49http-virtual-service 87
add-x-forwarded-for 82connection-pooling 82hostname 86http-parsing-depth 86persistency 89
Iimap 61insert 87
efficient-memory-use 84inspect 88instance-unit 27internal-unit-range 20
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 159
interval 73
Lldap 61ldap-virtual-service 89
fast-load-balancing 84listening-ports 74load-balance 49
client-nat 44exclude-by-content 46group 48load-balancing-hash 49persistency 51select-by-content 53server-listening-port 53sync-connections 54
load-balancing-hash 49load-balancing-method 62log 50
Mmatch-content 50
content-strings 44first-request-only 47
max-connections 74ms-interfaces 78
unit 80
Nnat-address 78nat-address-range 78nntp 62no-cache-request 50no-connections-sync 28non-get-request 51no-regular-expression 34no-remote-trace 21
Ooffset 34operational commands
clear extensions adc connection-entry 116clear extensions adc connection-table 117clear extensions adc persistency-entry 117clear extensions adc persistency-table 118clear extensions adc statistics 111request extensions adc disable 135request extensions adc enable 135request extensions adc maintenance 130show extensions adc connection-table 113show extensions adc cpu 108show extensions adc dns 139show extensions adc filters 123, 124
show extensions adc ftp 140show extensions adc group 125show extensions adc http 142show extensions adc internal 127show extensions adc ldap 144show extensions adc license-info 109show extensions adc nat 110show extensions adc plain-virtual-service
145show extensions adc real-server 133show extensions adc rtsp 146show extensions adc sip 148show extensions adc ssl 150show extensions adc status 107show extensions adc string-statistics 121show extensions adc tftp 151show extensions adc virtual-server 137show extensions adc wap 152show extensions adc workload-manager 111show extensions adc wts 154
Pper-packet-load-balancing 51persistency 51, 89
persistency cookie 91persistency cookie 91
cookie-name 83persistent-timeout 91ping 63plain-virtual-service 92
fast-load-balancing 84protocol 93
pop3 63port 92protocol 52, 93
Rradius 63radius-authentication 93radius-legacy-ports 93real-servers 75
address 69allow-ldap-write 70avoid-http-strings 70backup-real-server 70buddy-servers 71client-nat 71connection-timeout 71content-strings 72description 72health-check 73listening-ports 74max-connections 74weight 76
recovery-retries 75request
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 160
extensions adc disable 135extensions adc enable 135extensions adc maintenance 130
request extensions adc disable 135request extensions adc enable 135request extensions adc maintenance 130request-with-cookie 52rewrite 94router-interface
client-facing 77router-interfaces 79
ms-interfaces 78server-facing 79
rtsp 64rtsp-virtual-service 94
Sscript 40, 64
tcp-commands 41udp-commands 41
select-by-content 52, 53, 95server-facing 79server-listening-port 53, 97server-warm-up-time 64service-timeout 98show
extensions adc connection-table 113extensions adc cpu 108extensions adc dns 139extensions adc filters 123, 124extensions adc ftp 140extensions adc group 125extensions adc http 142extensions adc internal 127extensions adc ldap 144extensions adc nat 110extensions adc plain-virtual-service 145extensions adc real-server 133extensions adc rtsp 146extensions adc sip 148extensions adc ssl 150extensions adc status 107extensions adc strings-statistics 121extensions adc tftp 151extensions adc virtual-server 137extensions adc wap 152extensions adc workload-manager 111extensions adc wts 154extensions adc-info 109
show extensions ad ldap 144show extensions adc connection-table 113show extensions adc cpu 108show extensions adc dns 139show extensions adc filters 123, 124show extensions adc ftp 140show extensions adc group 125show extensions adc http 142show extensions adc internal 127
show extensions adc license-info 109show extensions adc nat 110show extensions adc plain-virtual-service 145show extensions adc real-server 133show extensions adc rtsp 146show extensions adc sip 148show extensions adc ssl 150show extensions adc status 107show extensions adc strings-statistics 121show extensions adc tftp 151show extensions adc virtual-server 137show extensions adc wap 152show extensions adc workload-manager 111show extensions adc wtc 154sip 64sip-virtual-service 98smtp 65snmp 65source-address 53source-port 53source-port-in-hash 99ssl-hello 65ssl-virtual-service 99
fast-load-balancing 84persistency 89
string 34, 35binary-pattern 32text-pattern 35text-search 35
sync-connections 54, 100syn-protection 100
Ttcp 66tcp-close-timeout 28tcp-commands 41
cmd 39tcp-flags 54tcp-port 28term 54
connection-timeout 44destination-nat 45from 48load-balance 49per-packet-load-balancing 51then 55
text-pattern 35depth 33offset 34
text-search 35http-header 34no-regular-expression 34url-string 36
tftp 66tftp-virtual-service 101then 55
accept 44content-term 45
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 161
discard 46go-to 48
traceoptions 21file 19flag 20no-remote-trace 21
Uudp-commands 41
cmd 39unit 29, 80
family 26, 77url-string 36use-when-overflow 76
Vvirtual-server 102
address 82close-unknown-ports 82dns-virtual-service 83domain-name 84ftp-virtual-service 84http-virtual-service 87ldap-virtual-service 89plain-virtual-service 92rtsp-virtual-service 94sip-virtual-service 98ssl-virtual-service 99tftp-virtual-service 101wap-virtual-service 103wts-virtual-service 103
virtual-serversdescription 83
virtual-servicesper-packet-load-balancing 51
persistent-timeout 91port 92select-by-content 95server-listening-port 97service-timeout 98source-port-in-hash 99sync-connections 100syn-protection 100
Wwap 66
wsp 67wtls 67wtp 67
wap-virtual-service 103allow-write-servers 82groups 85persistency 89radius-authentication 93radius-legacy-ports 93
web-cache-redirection 55no-cache-request 50non-get-request 51request-with-cookie 52select-by-content 52
weight 76work-load-manager 29, 66workload-manager
address 25tcp-port 28
wsp 67wtls 67wtp 67wts 68wts-virtual-service 103
persistency 89
Document ID: RDWR-RSLB-V1.4R0.0_RG0711 162