F5-LTM配置参数说明(2积分)

F5 LTM

F5 LTM 配置参数说明

Local Traffic

virtual servers

Standard

General PropertiesName：

Type：Host or NetworkAddress：Mask：

Service portState

configuration

Type(standard)Protocol(tcp)

Protocol profile(client)Protocol profile(server)Oneconnect profileHTTP profileFTP profile

SSL Profile (Client)SSL Profile (Server)Authentication ProfilesStream Profile

Statistics ProfileVLAN Traffic

Connection Limit

Connection MirroringAddress TranslationPort TranslationSNAT pool

Clone Pool (Client)Clone Pool (Server)Last Hop PoolType(standard)Protocol（udp)

Protocol profile(Client)Protocol profile(server)Statistics profileVLAN Traffic

Connection Limit

Connection MirroringAddress TranslationPort TranslationSNAT pool

Clone Pool (Client)Clone Pool (Server)Last Hop Pool

基本的VS类型。

F5 LTM

Forwarding layer2

Type(forwarding layer2)

该VS类型可应用在对二层地址的Protocol

Protocol profile(Client)Statistics ProfileVLAN Traffic

Connection Limit

Connection MirroringSNAT pool

Clone Pool (Client)Clone Pool (Server)Last Hop Pool

Forwarding IPType(forwarding IP)该VS类型应用在直接转发IP数据Protocol

Protocol profile(Client)Statistics ProfileVLAN Traffic

Connection Limit

Connection MirroringSNAT pool

Clone Pool (Client)Clone Pool (Server)Last Hop Pool

Performance HTTPType(performance HTTP)该VS类型结合Fast HTTP profiProtocol

Protocol profile(Client)Statistics ProfileVLAN Traffic

Connection Limit

Connection MirroringClone Pool (Client)Clone Pool (Server)Last Hop Pool

Performance layer4Type(performance layer4)该VS类型结合Fast L4 profileProtocol

Protocol profile(Client)Statistics profileVLAN Traffic

Connection Limit

Connection MirroringAddress TranslationPort TranslationSNAT pool

Clone Pool (Client)Clone Pool (Server)Last Hop Pool

Performance rejectType(performance reject)该vs类型将拒绝到该vs的所有流Protocol

F5 LTM

Service-http

service-ftp

persist-cookie

Statistics ProfileVLAN Traffic

General PropertiesName：

Parent ProfileSetting

Fallback HostHeader InsertHeader Erase

Response Chunking

OneConnect TransformationsRedirect RewriteMaximum Header SizePipelining

Insert XForwarded ForLWS Maximum ColumnsLWS SeparatorMaximum RequestsCompression

Compression

URI CompressionURI List

Content CompressionContent List

Preferred Method

Minimum Content LengthCompression Buffer Sizegzip Compression Levelgzip Memory Levelgzip Window SizeVary Header

HTTP/1.0 RequestsKeep Accept EncodingCPU Saver

CPU Saver High ThresholdCPU Saver Low ThresholdGeneral PropertiesName：

Parent Profilesettings

Translate ExtendedData Port

General PropertiesName:

Persistence type-cookieParent Profile

Profiles

F5 LTM

configuration

cookie method-http cookie insertcookie name:

Expiration: Session Cookiecookie method-cookie hashcookie name:Hash offsetHash LengthTimeout

Mirror PersistenceMatch Across Services

Match Across Virtual ServeMatch Across Pools

cookie method-http cookie passiveCookie Name:

cookie method-http cookie rewriteCookie Name

Expiration: Session Cookie

persist-destination addressGeneral Properties

Name:

Persistence type-destinatiParent Profileconfiguration

Mirror PersistenceMatch Across Services

Match Across Virtual ServeMatch Across PoolsMaskTimeout

General PropertiesName:

Persistence type-hashParent Profileconfiguration

Mirror PersistenceMatch Across Services

Match Across Virtual ServeMatch Across PoolsiRuleTimeout

persist-microsoft remote deGeneral Properties

Name:

Persistence type-microsoftParent Profileconfiguration

Mirror PersistenceMatch Across Services

persist-hash

F5 LTM

persist-sip

persist-source_addr

persist-ssl

persist-universal

Match Across Virtual ServeMatch Across PoolsTimeout

Has Session DirectoryGeneral PropertiesName:

Persistence type-sipParent Profileconfiguration

Mirror PersistenceMatch Across Services

Match Across Virtual ServeMatch Across PoolsTimeout

General Properties

Name:

Persistence type-source_adParent Profileconfiguration

Mirror PersistenceMatch Across Services

Match Across Virtual ServeMatch Across PoolsTimeoutMask

proxy mappingGeneral PropertiesName:

Persistence type-sslParent Profileconfiguration

Mirror PersistenceMatch Across Services

Match Across Virtual ServeMatch Across PoolsTimeout

General Properties

Name:

Persistence type-universalParent Profileconfiguration

Mirror PersistenceMatch Across Services

Match Across Virtual ServeMatch Across PoolsiRuleTimeout

F5 LTM

protocol-fastL4protocol-fasthttp

General PropertiesName:

Parent Profilesettings

Reset on Timeout

Reassemble IP FragmentsIdle Timeout

TCP Handshake Timeout

Maximum Segment Size OverrPVA AccelerationIP ToS to ClientIP ToS to ServerLink QoS to ClientLink QoS to ServerTCP Timestamp ModeTCP Window Scale Mode

Generate Internal SequenceStrip Sack OKRTT from ClientRTT from ServerLoose InitiationLoose Close

TCP Close TimeoutGeneral PropertiesName:

Parent ProfileSettings

Reset on TimeoutIdle Timeout

Maximum Segment Size OverrClient Close TimeoutServer Close TimeoutUnclean Shutdown

Force HTTP 1.0 ResponseOneConnect

Maximum Pool SizeMinimum Pool SizeRamp-Up IncrementMaximum Reuse

Idle Timeout OverrideReplenishHTTP

Parse Requests

Maximum Header SizeMaximum Requests

Insert XForwarded ForHeader Insert

F5 LTM

protocol-tcpSSL-clientssl

General PropertiesName:

Parent ProfileSettings

Reset On TimeoutTime Wait Recycle

Proxy Maximum SegmentProxy OptionsProxy Buffer LowProxy Buffer HighIdle TimeoutTime WaitFin WaitClose WaitSend BufferReceive Window

Keep Alive Interval

Maximum Syn RetransmissionMaximum Segment RetransmisIP ToSLink QoS

Selective ACKs

Extended Congestion NotifiExtensions for High PerforLimited Transmit RecoverySlow Start

Deferred AcceptBandwidth DelayNagle’s AlgorithmAcknowledge on PushMD5 Signature

MD5 Signature PassphraseGeneral PropertiesName:

Parent ProfileSettings

Idle TimeoutIP ToSLink QoSDatagram LB

General PropertiesName:

Parent ProfileconfigurationCertificateKey

Pass Phrase

F5 LTM

SSL-serverssl

Confirm Pass PhraseChain

Trusted Certificate AuthorCiphersOptions

ModSSL MethodsCache SizeCache TimeoutAlert Timeout

Handshake TimeoutRenegotiate PeriodRenegotiate Size

Renegotiate Max Record DelUnclean ShutdownStrict Resume

Non-SSL ConnectionsClient AuthenticationClient CertificateFrequency

Certificate Chain TraversaAdvertised Certificate AutCertificate Revocation LisGeneral PropertiesName:

Parent Profileconfiguration

CertificateKey

Pass Phrase

Confirm Pass PhraseChain

Trusted Certificate AuthorCiphersOptions

ModSSL MethodsCache SizeCache TimeoutAlert Timeout

Handshake TimeoutRenegotiate PeriodRenegotiate SizeUnclean ShutdownStrict Resume

Server AuthenticationServer CertificateFrequency

Certificate Chain Traversa

F5 LTM

Authenticate Name

Certificate Revocation Lis

Authentication-profilesGeneral Properties

Name:Type

Parent ProfileConfiguration

Mode

ConfigurationRule

Idle Timeout

Authentication-configuratioGeneral Properties

Name:

Type

Configuration

Hosts

Search Type-userUser Base DNUser KeyCache SizeSecureAdmin DN

Admin Password

Confirm Admin PasswordGroup Base DNGroup Key

Group Member KeyValid GroupsRole KeyValid Roles

Search Type-certificate mapUser Base DNUser Key

Certificate Map Base DNCertificate Map Key

Use Serial Certificate MapCache SizeCache TimeoutSecureAdmin DN

Admin Password

Confirm Admin PasswordGroup Base DNGroup Key

Group Member KeyValid GroupsRole Key

F5 LTM

iRule

Pool

Other-oneconnect

Other-statistics

Other-stream

Valid Roles

Search Type-certificateUser Base DNUser Key

Object ClassCache SizeCache TimeoutSecureAdmin DN

Admin Password

Confirm Admin PasswordGroup Base DNGroup Key

Group Member KeyValid GroupsRole KeyGeneral PropertiesName:

Parent ProfileSettings

Source MaskMaximum SizeMaximum AgeMaximum Reuse

Idle Timeout OverrideGeneral PropertiesName:

Paren ProfileSettings

Field 1Field 2Field 3 …Field 32

General PropertiesName:

Paren ProfileSettingsSourceTarget

PropertiesName

Definition

ConfigurationName

F5 LTM

Node

Monitor

Health Monitors

Availability RequirementAllow SNATAllow NAT

Action On Service DownSlow Ramp TimeIP ToS to ClienIP ToS to ServerLink QoS to ClientLink QoS to ServerResources

Load Balancing Method

Priority Group ActivationNew Members-address

New Members-service port

General PropertiesAddressName

Configuration

Health MonitorsSelect Monitors

Availability RequirementRatio

Connection Limit

Gateway ICMP

General Properties利用ICMP（ping）检查node状态Name

Type

Import SettingsConfigurationIntervalTimeout

TransparentAlias Address

Alias Service PortICMP

General Properties利用ICMP（ping）检查node状态Name

Type

Import SettingsConfigurationIntervalTimeout

TransparentAlias AddressTCP_echo

General Properties

利用TCP三次握手进行健康性检Name

F5 LTM

Type

Import SettingsConfigurationIntervalTimeout

TransparentAlias AddressGeneral PropertiesType

Import SettingsConfigurationIntervalTimeout

Send StringReceive StringUser NamePasswordReverse

TransparentAlias Address

Alias Service PortGeneral PropertiesType

Import SettingsConfigurationIntervalTimeout

Send StringReceive StringCipher ListUser NamePassword

Compatibility

Client CertificateReverse

Alias Address

Alias Service PortGeneral PropertiesType

Import SettingsConfigurationIntervalTimeoutUser Name

HTTP

验证HTTP 服务健康性，主要通Name

HTTPs

验证HTTPs服务的健康性，主要Name

FTP

验证FTP服务的健康性，通过doName

F5 LTM

TCP

Password

Path / FilenameMode

Alias Address

Alias Service PortDebug

General PropertiesType

Import SettingsConfigurationIntervalTimeout

Send StringReceive StringReverse

TransparentAlias Address

Alias Service PortGeneral PropertiesType

Import SettingsConfigurationIntervalTimeout

Alias Address

Alias Service PortGeneral PropertiesType

Import SettingsConfigurationIntervalTimeout

Send StringSend PacketsTimeout PacketsAlias Address

Alias Service PortGeneral PropertiesType

Import SettingsConfigurationIntervalTimeout

利用TCP三次握手进行健康性检Name

TCP Half Open

利用TCP三次握手进行健康性检Name

UDP

利用UDP进行健康性检查，发送Name

External

利用external类型的monitor创Name

F5 LTM

POP3

External ProgramArgumentsVariables

Alias Address

Alias Service PortGeneral PropertiesType

Import SettingsConfigurationIntervalTimeoutUser NamePassword

Alias Address

Alias Service PortDebug

General PropertiesType

Import SettingsConfigurationIntervalTimeoutDomain

Alias Address

Alias Service PortDebug

General PropertiesType

Import SettingsConfigurationIntervalTimeout

Send StringReceive StringUser NamePasswordDatabaseReceive RowReceive ColumnCount

Alias Address

Alias Service PortGeneral Properties

利用该monitor类型对POP3邮件Name

SMTP

利用该monitor类型对SMTP邮件Name

MSSQL

利用该monitor类型对微软SQL Name

Oracle

利用该monitor类型对Oracle 数Name

F5 LTM

Type

Import SettingsConfigurationIntervalTimeout

Send StringReceive StringUser NamePasswordDatabaseReceive RowReceive ColumnCount

Alias Address

Alias Service PortDebugDebug

General PropertiesType

Import SettingsConfigurationIntervalTimeoutUser NamePasswordFolder

Alias Address

Alias Service PortDebug

General PropertiesType

Import SettingsConfiguration

IntervalTimeoutUser NamePasswordBaseFilterSecurity

Mandatory AttributesAlias Address

Alias Service PortDebug

General Properties

IMAP

对IMAP流量进行健康性检查，当Name

LDAP

利用该monitor类型对LDAP serName

NNTP

F5 LTM

利用该monitor类型对网络新闻Name

Type

Import SettingsConfigurationIntervalTimeoutUser NamePasswordNewsgroup

Alias Address

Alias Service PortGeneral PropertiesType

Import SettingsConfigurationIntervalTimeoutUser NamePasswordSecret

NAS IP AddressAlias Address

Alias Service PortDebug

General PropertiesType

Import SettingsConfigurationIntervalTimeoutMethodCommandMetricsAgent

Alias Address

Alias Service PortGeneral PropertiesType

Import SettingsConfigurationIntervalTimeoutFile Name

Alias Address

RADIUS

利用该monitor类型对RADIUS服Name

Real Server

利用该monitor类型对pool\pooName

Scripted

利用该monitor类型创建简单的Name

F5 LTM

SIP

Alias Service PortDebug

General PropertiesType

Import SettingsConfiguration

IntervalTimeoutMode

Additional Accepted StatusAlias Address

Alias Service PortDebug

General PropertiesType

Import SettingsConfigurationIntervalTimeoutCommunityVersionAgent Type

CPU CoefficientCPU Threshold

Memory CoefficientMemory ThresholdDisk CoefficientDisk ThresholdVariables

Alias Address

Alias Service PortGeneral PropertiesType

Import SettingsConfigurationIntervalTimeoutCommunityVersionVariables

Alias Address

Alias Service PortGeneral Properties

利用该monitor类型对SIP呼叫IName

SNMP DCA

利用该monitor类型对运行SNMPName

SNMP DCA Base

利用该monitor类型对运行SNMPName

SOAP

利用该monitor类型测试基于SOName

F5 LTM

Type

Import SettingsConfigurationIntervalTimeoutUser NamePasswordProtocolURL PathNamespaceMethod

Parameter NameParameter TypeParameter ValueReturn TypeReturn ValueExpect FaultAlias Address

Alias Service PortGeneral PropertiesType

Import SettingsConfigurationIntervalTimeout

Send StringReceive StringSecret

Accounting NodeAccounting PortServer IDCall IDSession ID

Framed AddressAlias Address

Alias Service PortDebug

General PropertiesType

Import SettingsConfigurationIntervalTimeoutUser NamePassword

WAP

利用该monitor类型监视WAP服务Name

WMI

利用该monitor类型检查运行WMName

F5 LTM

Network

SNATs

Interface

SNAT List

SNAT Pool List

SNAT Translation List

NAT List

interface list

interface mirroring

MethodURL

CommandMetricsAgentPost

Alias Address

Alias Service Port

General PropertiesName

Configuration

TranslationOrigin

Address list-addressAddress list-maskVLAN Traffic

General PropertiesName

Configuration

member list-addressGeneral PropertiesIP AddressState

ConfigurationARP

Connection LimitTCP Idle TimeoutUDP Idle TimeoutIP Idle TimeoutGeneral PropertiesNAT AddressOrigin AddressState

ConfigurationARP

VLAN Traffic

Interfacestatusname

MAC AddressMedia SpeedVLAN CountTrunk

Configuration

F5 LTM

Route

Self IPs

Packet Filters

Spanning Tree

General

Rule

Interface Mirroring StateDestination InterfaceMirrored Interfaces

Propertiestype

DestinationNetmaskResource

ConfigurationIP AddressNetmaskVLAN

Port LockdownFloating IPUnit ID

Properties

Packet Filtering

Unhandled Packet ActionOptions-Filter establishedOptions-Send ICMP error onExemptions

Protocols-Always accept ARProtocols-Always accept imMAC AddressesIP AddressesVLANs

ConfigurationNameOrderAction

Apply to VLANLogging

Filter Expression

Filter Expression MethodProtocols

Source Hosts and NetworksDestination Hosts and NetwDestination Port

Propertiesmod

Hello timeMaximum AgeForward Delay

F5 LTM

Trunks

VLAN

VLAN List

ARP

Static List

Options

System

General Properties

Device-General

Device-NTPDevice-DNS

Trasmit Hold Count

Configuration

Name

InterfaceLACP

Link Selection Policy

General PropertiesNameTag

Resources

Interface-untaggedInterface-taggedConfigurationSource CheckMTU

MAC MasqueradeFail-safe

Fail-safe TimeoutAction

ConfigurationIP AddressMAC AddressProperties

Dynamic Timeout

Maximum Dynamic EntriesRequest RetriesReciprocal Update

Properties

Host NameVersionCPU CountActive CPUsCPU ModeNework BootQuiet Boot

Display LCD System MenuMemory Restart PercentPropertiesAddressProperties

DNS Lookup Server List-addBIND Forwarder Server List

本文来源：https://www.bwwdw.com/article/6al4.html