a10_system

Synopsis

Configure System Parameters

Parameters

Parameters

Choices/Defaults

Comment

state

str/required

[‘noop’, ‘present’, ‘absent’]

State of the object to be created.

ansible_host

str/required

Host for AXAPI authentication

ansible_username

str/required

Username for AXAPI authentication

ansible_password

str/required

Password for AXAPI authentication

ansible_port

int/required

Port for AXAPI authentication

a10_device_context_id

int

[‘1-8’]

Device ID for aVCS configuration

a10_partition

str

Destination/target partition for object/command

anomaly_log

bool

log system anomalies

attack_log

bool

log attack anomalies

ddos_attack

bool

System DDoS Attack

ddos_log

bool

log DDoS attack anomalies

sockstress_disable

bool

Disable sockstress protection

promiscuous_mode

bool

Run in promiscous mode settings

module_ctrl_cpu

str

‘high’= high cpu usage; ‘low’= low cpu usage; ‘medium’= medium cpu usage;

rfc_ipfix_ie_spec

str

‘enable’= Use RFC-defined IPFIX information element lengths; ‘disable’= Use non-standard IPFIX information element lengths;

src_ip_hash_enable

bool

Enable source ip hash

class_list_hitcount_enable

bool

Enable class list hit count

geo_db_hitcount_enable

bool

Enable Geolocation database hit count

domain_list_hitcount_enable

bool

Enable class list hit count

dynamic_service_dns_socket_pool

bool

Enable socket pool for dynamic-service DNS

ipv6_prefix_length

int

Length of IPv6 prefix used to determine the user-group and the PU, by default 128

drop_linux_closed_port_syn

str

‘enable’= enable (default); ‘disable’= disable;

uuid

str

uuid of the object

timeout_value

dict

Field timeout_value

ftp

int

set timeout to stop ftp transfer in seconds, 0 is no limit

scp

int

set timeout to stop scp transfer in seconds, 0 is no limit

sftp

int

set timeout to stop sftp transfer in seconds, 0 is no limit

tftp

int

set timeout to stop tftp transfer in seconds, 0 is no limit

http

int

set timeout to stop http transfer in seconds, 0 is no limit

https

int

set timeout to stop https transfer in seconds, 0 is no limit

uuid

str

uuid of the object

bandwidth

dict

Field bandwidth

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

counter_lib_accounting

dict

Field counter_lib_accounting

uuid

str

uuid of the object

control_cpu

dict

Field control_cpu

uuid

str

uuid of the object

data_cpu

dict

Field data_cpu

uuid

str

uuid of the object

mgmt_port

dict

Field mgmt_port

port_index

int

port index to be configured (Specify port index)

mac_address

str

mac-address to be configured as mgmt port

pci_address

str

pci-address to be configured as mgmt port

shared_poll_mode

dict

Field shared_poll_mode

enable

bool

Enable shared poll mode

disable

bool

Disable shared poll mode

probe_network_devices

dict

Field probe_network_devices

asic_mmu_fail_safe

dict

Field asic_mmu_fail_safe

recovery_threshold

int

ASIC Fail-safe recovery threshold in Errors (Units of 1 Errors (default 2))

monitor_interval

int

ASIC Fail-safe monitoring intervals in Seconds (Units of 1 Seconds (default 60))

monitor_disable

bool

Enable Fail-safe software error monitoring and act on it

reboot_disable

bool

Disable system reboot if system encounters mmu error

inject_error

bool

Inject MMU SER/Parity errors

test_pattern_type

str

‘all-zeros’= Inject all bits 0s in a byte; ‘all-ones’= Inject all bits 1s in a byte; ‘lcb’= Logical checker board; ‘inverse-lcb’= Inverse Logical checker board;

uuid

str

uuid of the object

management_interface_mode

dict

Field management_interface_mode

dedicated

bool

Set management interface in dedicated mode

non_dedicated

bool

Set management interface in non-dedicated mode

set_tcp_syn_per_sec

dict

Field set_tcp_syn_per_sec

tcp_syn_value

int

Configure Tcp SYN’s per sec, default 70

uuid

str

uuid of the object

add_port

dict

Field add_port

port_index

int

port index to be configured (Specify port index)

del_port

dict

Field del_port

port_index

int

port index to be configured (Specify port index)

modify_port

dict

Field modify_port

port_index

int

port index to be configured (Specify port index)

port_number

int

port number to be configured (Specify port number)

tls_1_3_mgmt

dict

Field tls_1_3_mgmt

enable

bool

Enable TLS 1.3 support on ACOS management plane

uuid

str

uuid of the object

multi_queue_support

dict

Field multi_queue_support

enable

bool

Enable Multi-Queue-Support

cpu_packet_prio_support

dict

Field cpu_packet_prio_support

enable

bool

Enable CPU packet prioritization Support

disable

bool

Disable CPU packet prioritization Support

add_cpu_core

dict

Field add_cpu_core

core_index

int

core index to be added (Specify core index)

delete_cpu_core

dict

Field delete_cpu_core

core_index

int

core index to be deleted (Specify core index)

cpu_hyper_thread

dict

Field cpu_hyper_thread

enable

bool

Enable CPU Hyperthreading

disable

bool

Disable CPU Hyperthreading

io_cpu

dict

Field io_cpu

max_cores

int

max number of IO cores (Specify number of cores)

link_monitor

dict

Field link_monitor

enable

bool

Enable Link Monitoring

disable

bool

Disable Link Monitoring

lro

dict

Field lro

enable

bool

Enable Large Receive Offload

disable

bool

Disable Large Receive Offload

tso

dict

Field tso

enable

bool

Enable TCP Segmentation Offload

disable

bool

Disable TCP Segmentation Offload

port_list

dict

Field port_list

uuid

str

uuid of the object

port_info

dict

Field port_info

uuid

str

uuid of the object

inuse_port_list

dict

Field inuse_port_list

uuid

str

uuid of the object

cpu_list

dict

Field cpu_list

uuid

str

uuid of the object

cpu_map

dict

Field cpu_map

uuid

str

uuid of the object

inuse_cpu_list

dict

Field inuse_cpu_list

uuid

str

uuid of the object

set_rxtx_desc_size

dict

Field set_rxtx_desc_size

port_index

int

port index to be configured (Specify port index)

rxd_size

int

Set new rx-descriptor size

txd_size

int

Set new tx-descriptor size

set_rxtx_queue

dict

Field set_rxtx_queue

port_index

int

port index to be configured (Specify port index)

rxq_size

int

Set number of new rx queues

txq_size

int

Set number of new tx queues

template

dict

Field template

template_policy

str

Apply policy template to the whole system (Policy template name)

uuid

str

uuid of the object

template_bind

dict

Field template_bind

monitor_list

list

Field monitor_list

mon_template

dict

Field mon_template

monitor_list

list

Field monitor_list

link_block_as_down

dict

Field link_block_as_down

link_down_on_restart

dict

Field link_down_on_restart

memory

dict

Field memory

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

resource_usage

dict

Field resource_usage

ssl_context_memory

int

Total SSL context memory needed in units of MB. Will be rounded to closest multiple of 2MB

ssl_dma_memory

int

Total SSL DMA memory needed in units of MB. Will be rounded to closest multiple of 2MB

nat_pool_addr_count

int

Total configurable NAT Pool addresses in the System

l4_session_count

int

Total Sessions in the System

auth_portal_html_file_size

int

Specify maximum html file size for each html page in auth portal (in KB)

auth_portal_image_file_size

int

Specify maximum image file size for default portal (in KB)

max_aflex_file_size

int

Set maximum aFleX file size (Maximum file size in KBytes, default is 32K)

aflex_table_entry_count

int

Total aFleX table entry in the system (Total aFlex entry in the system)

class_list_ipv6_addr_count

int

Total IPv6 addresses for class-list

class_list_ac_entry_count

int

Total entries for AC class-list

class_list_entry_count

int

Total entries for class-list

max_aflex_authz_collection_number

int

Specify the maximum number of collections supported by aFleX authorization

radius_table_size

int

Total configurable CGNV6 RADIUS Table entries

authz_policy_number

int

Specify the maximum number of authorization policies

ipsec_sa_number

int

Specify the maximum number of IPsec SA

ram_cache_memory_limit

int

Specify the maximum memory used by ram cache

waf_template_count

int

Total configurable WAF Templates in the System

auth_session_count

int

Total auth sessions in the system

uuid

str

uuid of the object

visibility

dict

Field visibility

link_capability

dict

Field link_capability

enable

bool

Enable/Disable link capabilities

uuid

str

uuid of the object

resource_accounting

dict

Field resource_accounting

uuid

str

uuid of the object

template_list

list

Field template_list

trunk

dict

Field trunk

load_balance

dict

Field load_balance

ports

dict

Field ports

link_detection_interval

int

Link detection interval in msecs

uuid

str

uuid of the object

table_integrity

dict

Field table_integrity

table

str

‘all’= All tables;

audit_action

str

‘enable’= Enable table integrity audit; ‘disable’= Disable table integrity audit;

auto_sync_action

str

‘enable’= Enable auto-sync; ‘disable’= Disable auto-sync;

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

ipsec

dict

Field ipsec

packet_round_robin

bool

Enable packet round robin for IPsec packets

crypto_core

int

Crypto cores assigned for IPsec processing

crypto_mem

int

Crypto memory percentage assigned for IPsec processing (rounded to increments of 10)

uuid

str

uuid of the object

fpga_decrypt

dict

Field fpga_decrypt

spe_profile

dict

Field spe_profile

action

str

‘ipv4-only’= Enable IPv4 HW forward entries only; ‘ipv6-only’= Enable IPv6 HW forward entries only; ‘ipv4-ipv6’= Enable Both IPv4/IPv6 HW forward entries (shared);

spe_status

dict

Field spe_status

uuid

str

uuid of the object

ssl_status

dict

Field ssl_status

uuid

str

uuid of the object

deep_hrxq

dict

Field deep_hrxq

enable

bool

Field enable

hrxq_num_chunks

str

‘2048’= Set FPGA Deep HRXQ depth as 2048 per CPU; ‘1024’= Set FPGA Deep HRXQ depth as 1024 per CPU; ‘512’= Set FPGA Deep HRXQ depth as 512 per CPU;

hrxq_status

dict

Field hrxq_status

uuid

str

uuid of the object

cpu_load_sharing

dict

Field cpu_load_sharing

disable

bool

Disable CPU load sharing in overload situations

packets_per_second

dict

Field packets_per_second

cpu_usage

dict

Field cpu_usage

tcp

bool

Disallow redistribution of new TCP sessions

udp

bool

Disallow redistribution of new UDP sessions

uuid

str

uuid of the object

per_vlan_limit

dict

Field per_vlan_limit

bcast

int

broadcast packets (per second limit)

ipmcast

int

IP multicast packets (per second limit)

mcast

int

multicast packets (per second limit)

unknown_ucast

int

unknown unicast packets (per second limit)

uuid

str

uuid of the object

all_vlan_limit

dict

Field all_vlan_limit

bcast

int

broadcast packets (per second limit)

ipmcast

int

IP multicast packets (per second limit)

mcast

int

multicast packets (per second limit)

unknown_ucast

int

unknown unicast packets (per second limit)

uuid

str

uuid of the object

ve_mac_scheme

dict

Field ve_mac_scheme

ve_mac_scheme_val

str

‘hash-based’= Hash-based using the VE number; ‘round-robin’= Round Robin scheme; ‘system-mac’= Use system MAC address;

uuid

str

uuid of the object

session_reclaim_limit

dict

Field session_reclaim_limit

nscan_limit

int

smp session scan limit (number of smp sessions per scan)

scan_freq

int

smp session scan frequency (scan per second)

uuid

str

uuid of the object

ssl_scv

dict

Field ssl_scv

enable

bool

Enable server certificate validation for all SSL connections

uuid

str

uuid of the object

ssl_scv_verify_host

dict

Field ssl_scv_verify_host

disable

bool

Disable verify host during SCV

uuid

str

uuid of the object

ssl_scv_verify_crl_sign

dict

Field ssl_scv_verify_crl_sign

enable

bool

Enable verify CRL signature during SCV

uuid

str

uuid of the object

ssl_set_compatible_cipher

dict

Field ssl_set_compatible_cipher

disable

bool

Disable setting common cipher suite in management plane

uuid

str

uuid of the object

hardware

dict

Field hardware

uuid

str

uuid of the object

platformtype

dict

Field platformtype

uuid

str

uuid of the object

reboot

dict

Field reboot

uuid

str

uuid of the object

shutdown

dict

Field shutdown

uuid

str

uuid of the object

environment

dict

Field environment

uuid

str

uuid of the object

hardware_forward

dict

Field hardware_forward

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

slb

dict

Field slb

throughput

dict

Field throughput

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

ipmi

dict

Field ipmi

reset

bool

Reset IPMI Controller

ip

dict

Field ip

ipsrc

dict

Field ipsrc

user

dict

Field user

tool

dict

Field tool

queuing_buffer

dict

Field queuing_buffer

enable

bool

Enable/Disable micro-burst traffic support

uuid

str

uuid of the object

high_memory_l4_session

dict

Field high_memory_l4_session

enable

bool

Enable/Disable high memory l4 session support

uuid

str

uuid of the object

trunk_hw_hash

dict

Field trunk_hw_hash

mode

int

Set HW hash mode, default is 6 (1=dst-mac 2=src-mac 3=src-dst-mac 4=src-ip 5=dst-ip 6=rtag6 7=rtag7)

uuid

str

uuid of the object

trunk_xaui_hw_hash

dict

Field trunk_xaui_hw_hash

mode

int

Set HW hash mode, default is 6 (1=dst-mac 2=src-mac 3=src-dst-mac 4=src-ip 5=dst-ip 6=rtag6 7=rtag7)

uuid

str

uuid of the object

upgrade_status

dict

Field upgrade_status

uuid

str

uuid of the object

guest_file

dict

Field guest_file

uuid

str

uuid of the object

cm_update_file_name_ref

dict

Field cm_update_file_name_ref

source_name

str

bind source name

dest_name

str

bind dest name

id

int

Specify unique Partition id

core

dict

Field core

uuid

str

uuid of the object

apps_global

dict

Field apps_global

log_session_on_established

bool

Send TCP session creation log on completion of 3-way handshake

msl_time

int

Configure maximum session life, default is 2 seconds (1-39 seconds, default is 2 seconds)

timer_wheel_walk_limit

int

Set timer wheel walk limit (0-1024, 0 is unlimited, default is 100)

sessions_threshold

int

Set threshold for total sessions across the system (Enter threshold number)

cps_threshold

int

Set threshold for the total Connections Per Second across the system (Enter threshold number)

uuid

str

uuid of the object

shell_privileges

dict

Field shell_privileges

enable_shell_privileges

bool

enable the shell privileges for a given customer

uuid

str

uuid of the object

cosq_stats

dict

Field cosq_stats

uuid

str

uuid of the object

cosq_show

dict

Field cosq_show

uuid

str

uuid of the object

shm_logging

dict

Field shm_logging

enable

bool

Enable shared memory based logging

uuid

str

uuid of the object

fw

dict

Field fw

application_mempool

bool

Enable application memory pool

application_flow

int

Number of flows

basic_dpi_enable

bool

Enable basic dpi

uuid

str

uuid of the object

password_policy

dict

Field password_policy

complexity

str

‘Strict’= Strict= Min length=8, Min Lower Case=2, Min Upper Case=2, Min Numbers=2, Min Special Character=1, CHANGE Min 8 Characters; ‘Medium’= Medium= Min length=6, Min Lower Case=2, Min Upper Case=2, Min Numbers=1, Min Special Character=1, CHANGE Min 6 Characters; ‘Simple’= Simple= Min length=4, Min Lower Case=1, Min Upper Case=1, Min Numbers=1, Min Special Character=0, CHANGE Min 4 Characters;

aging

str

‘Strict’= Strict= Max Age-60 Days; ‘Medium’= Medium= Max Age- 90 Days; ‘Simple’= Simple= Max Age-120 Days;

history

str

‘Strict’= Strict= Does not allow upto 5 old passwords; ‘Medium’= Medium= Does not allow upto 4 old passwords; ‘Simple’= Simple= Does not allow upto 3 old passwords;

min_pswd_len

int

Configure custom password length

uuid

str

uuid of the object

radius

dict

Field radius

server

dict

Field server

geoloc_list_list

list

Field geoloc_list_list

name

str

Specify name of Geolocation list

shared

bool

Enable sharing with other partitions

include_geoloc_name_list

list

Field include_geoloc_name_list

exclude_geoloc_name_list

list

Field exclude_geoloc_name_list

uuid

str

uuid of the object

user_tag

str

Customized tag

sampling_enable

list

Field sampling_enable

geoloc_name_helper

dict

Field geoloc_name_helper

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

geolocation_file

dict

Field geolocation_file

uuid

str

uuid of the object

error_info

dict

Field error_info

geoloc

dict

Field geoloc

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

geo_location

dict

Field geo_location

geo_location_iana

bool

Load built-in IANA Database

geo_location_geolite2_city

bool

Load built-in Maxmind GeoLite2-City database. Database available from http=//www.maxmind.com

geolite2_city_include_ipv6

bool

Include IPv6 address

geo_location_geolite2_country

bool

Load built-in Maxmind GeoLite2-Country database. Database available from http=//www.maxmind.com

geolite2_country_include_ipv6

bool

Include IPv6 address

geoloc_load_file_list

list

Field geoloc_load_file_list

uuid

str

uuid of the object

entry_list

list

Field entry_list

tcp_syn_per_sec

dict

Field tcp_syn_per_sec

uuid

str

uuid of the object

asic_debug_dump

dict

Field asic_debug_dump

enable

bool

Enable/Disable L2L3 ASIC traffic discard/drop events and Dump debug information

uuid

str

uuid of the object

ip_threat_list

dict

Field ip_threat_list

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

ipv4_source_list

dict

Field ipv4_source_list

ipv4_dest_list

dict

Field ipv4_dest_list

ipv6_source_list

dict

Field ipv6_source_list

ipv6_dest_list

dict

Field ipv6_dest_list

ipv4_internet_host_list

dict

Field ipv4_internet_host_list

ipv6_internet_host_list

dict

Field ipv6_internet_host_list

fpga_drop

dict

Field fpga_drop

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

dpdk_stats

dict

Field dpdk_stats

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

fpga_core_crc

dict

Field fpga_core_crc

monitor_disable

bool

Disable FPGA Core CRC error monitoring and act on it

reboot_enable

bool

Enable system reboot if system encounters FPGA Core CRC error

uuid

str

uuid of the object

mfa_management

dict

Field mfa_management

enable

bool

Enable 2FA for management plane

uuid

str

uuid of the object

mfa_validation_type

dict

Field mfa_validation_type

ca_cert

str

Configure CA Certificate

uuid

str

uuid of the object

mfa_cert_store

dict

Field mfa_cert_store

cert_host

str

Configure certificate store host

protocol

str

‘tftp’= Use tftp for connection; ‘ftp’= Use ftp for connection; ‘scp’= Use scp for connection; ‘http’= Use http for connection; ‘https’= Use https for connection; ‘sftp’= Use sftp for connection;

cert_store_path

str

Configure certificate store path

username

str

Certificate store host username

passwd_string

str

Certificate store host password

encrypted

str

Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)

uuid

str

uuid of the object

mfa_auth

dict

Field mfa_auth

username

str

Username for MFA validation

second_factor

str

Input second factor paramter

q_in_q

dict

Field q_in_q

inner_tpid

str

TPID for inner VLAN (Inner TPID, 16 bit hex value, default is 8100)

outer_tpid

str

TPID for outer VLAN (Outer TPID, 16 bit hex value, default is 8100)

enable_all_ports

bool

Enable 802.1QinQ on all physical ports

uuid

str

uuid of the object

xaui_dlb_mode

dict

Field xaui_dlb_mode

enable

bool

Enable/Disable Dynamic Load Balancing traffic distribution support

uuid

str

uuid of the object

glid

dict

Field glid

glid_id

int

Apply limits to the whole system

non_shared

bool

Apply global limit ID to the whole system at per data cpu level (default disabled)

uuid

str

uuid of the object

psu_info

dict

Field psu_info

uuid

str

uuid of the object

gui_image_list

dict

Field gui_image_list

uuid

str

uuid of the object

syslog_time_msec

dict

Field syslog_time_msec

enable_flag

bool

Field enable_flag

ipmi_service

dict

Field ipmi_service

disable

bool

Disable IPMI on platform

uuid

str

uuid of the object

app_performance

dict

Field app_performance

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

ssl_req_q

dict

Field ssl_req_q

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

cli_monitor_interval

dict

Field cli_monitor_interval

interval

int

one interval is 300ms (0 = disable)

uuid

str

uuid of the object

nsm_a10lb

dict

Field nsm_a10lb

kill

bool

NSM will terminate a10lb if no response received

uuid

str

uuid of the object

tcp

dict

Field tcp

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

rate_limit_reset_unknown_conn

dict

Field rate_limit_reset_unknown_conn

icmp

dict

Field icmp

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

icmp6

dict

Field icmp6

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

ip_stats

dict

Field ip_stats

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

ip6_stats

dict

Field ip6_stats

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

domain_list_info

dict

Field domain_list_info

uuid

str

uuid of the object

ip_dns_cache

dict

Field ip_dns_cache

uuid

str

uuid of the object

bfd

dict

Field bfd

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

icmp_rate

dict

Field icmp_rate

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

dns

dict

Field dns

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

recursive_nameserver

dict

Field recursive_nameserver

dns_cache

dict

Field dns_cache

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

session

dict

Field session

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

ndisc_ra

dict

Field ndisc_ra

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

tcp_stats

dict

Field tcp_stats

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

telemetry_log

dict

Field telemetry_log

top_k_source_list

dict

Field top_k_source_list

top_k_app_svc_list

dict

Field top_k_app_svc_list

device_status

dict

Field device_status

environment

dict

Field environment

partition_metrics

dict

Field partition_metrics

pbslb

dict

Field pbslb

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

Examples


Return Values

modified_values (changed, dict, )

Values modified (or potential changes if using check_mode) as a result of task operation

axapi_calls (always, list, )

Sequential list of AXAPI calls made by the task

endpoint (, str, [‘/axapi/v3/slb/virtual_server’, ‘/axapi/v3/file/ssl-cert’])

The AXAPI endpoint being accessed.

http_method (, str, [‘POST’, ‘GET’])

HTTP method being used by the primary task to interact with the AXAPI endpoint.

request_body (, complex, )

Params used to query the AXAPI

response_body (, complex, )

Response from the AXAPI

Status

  • This module is not guaranteed to have a backwards compatible interface. [preview]

  • This module is maintained by community.

Authors

  • A10 Networks