a10_slb_l4
Synopsis
Configure L4
Parameters
Parameters |
Choices/Defaults |
Comment |
|
---|---|---|---|
state str/required |
[‘noop’, ‘present’, ‘absent’] |
State of the object to be created. |
|
ansible_host str/required |
Host for AXAPI authentication |
||
ansible_username str/required |
Username for AXAPI authentication |
||
ansible_password str/required |
Password for AXAPI authentication |
||
ansible_port int/required |
Port for AXAPI authentication |
||
a10_device_context_id int |
[‘1-8’] |
Device ID for aVCS configuration |
|
a10_partition str |
Destination/target partition for object/command |
||
uuid str |
uuid of the object |
||
sampling_enable list |
Field sampling_enable |
||
counters1 str |
‘all’= all; ‘intcp’= TCP received; ‘synreceived’= TCP SYN received; ‘tcp_fwd_last_ack’= L4 rcv fwd last ACK; ‘tcp_rev_last_ack’= L4 rcv rev last ACK; ‘tcp_rev_fin’= L4 rcv rev FIN; ‘tcp_fwd_fin’= L4 rcv fwd FIN; ‘tcp_fwd_ackfin’= L4 rcv fwd FIN|ACK; ‘inudp’= UDP received; ‘syncookiessent’= TCP SYN cookie snt; ‘syncookiessent_ts’= TCP SYN cookie snt ts; ‘syncookiessentfailed’= TCP SYN cookie snt fail; ‘outrst’= TCP out RST; ‘outrst_nosyn’= TCP out RST no SYN; ‘outrst_broker’= TCP out RST L4 proxy; ‘outrst_ack_attack’= TCP out RST ACK attack; ‘outrst_aflex’= TCP out RST aFleX; ‘outrst_stale_sess’= TCP out RST stale sess; ‘syn_stale_sess’= SYN stale sess drop; ‘outrst_tcpproxy’= TCP out RST TCP proxy; ‘svrselfail’= Server sel failure; ‘noroute’= IP out noroute; ‘snat_fail’= Source NAT failure; ‘snat_no_fwd_route’= Source NAT no fwd route; ‘snat_no_rev_route’= Source NAT no rev route; ‘snat_icmp_error_process’= Source NAT ICMP Process; ‘snat_icmp_no_match’= Source NAT ICMP No Match; ‘smart_nat_id_mismatch’= Auto NAT id mismatch; ‘syncookiescheckfailed’= TCP SYN cookie failed; ‘novport_drop’= NAT no session drops; ‘no_vport_drop’= vport not matching drops; ‘nosyn_drop’= No SYN pkt drops; ‘nosyn_drop_fin’= No SYN pkt drops - FIN; ‘nosyn_drop_rst’= No SYN pkt drops - RST; ‘nosyn_drop_ack’= No SYN pkt drops - ACK; ‘connlimit_drop’= Conn Limit drops; ‘connlimit_reset’= Conn Limit resets; ‘conn_rate_limit_drop’= Conn rate limit drops; ‘conn_rate_limit_reset’= Conn rate limit resets; ‘proxy_nosock_drop’= Proxy no sock drops; ‘drop_aflex’= aFleX drops; ‘sess_aged_out’= Session aged out; ‘tcp_sess_aged_out’= TCP Session aged out; ‘udp_sess_aged_out’= UDP Session aged out; ‘other_sess_aged_out’= Other Session aged out; ‘tcp_no_slb’= TCP no SLB; ‘udp_no_slb’= UDP no SLB; ‘throttle_syn’= SYN Throttle; ‘drop_gslb’= Drop GSLB; ‘inband_hm_retry’= Inband HM retry; ‘inband_hm_reassign’= Inband HM reassign; ‘auto_reassign’= Auto-reselect server; ‘fast_aging_set’= Fast aging set; ‘fast_aging_reset’= Fast aging reset; ‘dns_policy_drop’= DNS Policy Drop; ‘tcp_invalid_drop’= TCP invalid drop; ‘anomaly_out_seq’= Anomaly out of sequence; ‘anomaly_zero_win’= Anomaly zero window; ‘anomaly_bad_content’= Anomaly bad content; ‘anomaly_pbslb_drop’= Anomaly pbslb drop; ‘no_resourse_drop’= No resource drop; ‘reset_unknown_conn’= Reset unknown conn; ‘reset_l7_on_failover’= RST L7 on failover; ‘ignore_msl’= ignore msl; ‘l2_dsr’= L2 DSR received; ‘l3_dsr’= L3 DSR received; ‘port_preserve_attempt’= NAT Port Preserve Try; ‘port_preserve_succ’= NAT Port Preserve Succ; ‘tcpsyndata_drop’= TCP SYN With Data Drop; ‘tcpotherflags_drop’= TCP SYN Other Flags Drop; ‘bw_rate_limit_exceed’= BW-Limit Exceed drop; ‘bw_watermark_drop’= BW-Watermark drop; ‘l4_cps_exceed’= L4 CPS exceed drop; ‘nat_cps_exceed’= NAT CPS exceed drop; ‘l7_cps_exceed’= L7 CPS exceed drop; ‘ssl_cps_exceed’= SSL CPS exceed drop; ‘ssl_tpt_exceed’= SSL TPT exceed drop; ‘ssl_watermark_drop’= SSL TPT- Watermark drop; ‘concurrent_conn_exceed’= L3V Conn Limit Drop; ‘svr_syn_handshake_fail’= L4 server handshake fail; ‘stateless_conn_timeout’= L4 stateless Conn TO; ‘tcp_ax_rexmit_syn’= L4 AX re-xmit SYN; ‘tcp_syn_rcv_ack’= L4 rcv ACK on SYN; ‘tcp_syn_rcv_rst’= L4 rcv RST on SYN; ‘tcp_sess_noest_aged_out’= TCP no-Est Sess aged out; ‘tcp_sess_noest_csyn_rcv_aged_out’= no-Est CSYN rcv aged out; ‘tcp_sess_noest_ssyn_xmit_aged_out’= no-Est SSYN snt aged out; ‘tcp_rexmit_syn’= L4 rcv rexmit SYN; ‘tcp_rexmit_syn_delq’= L4 rcv rexmit SYN (delq); ‘tcp_rexmit_synack’= L4 rcv rexmit SYN|ACK; ‘tcp_rexmit_synack_delq’= L4 rcv rexmit SYN|ACK DQ; ‘tcp_fwd_fin_dup’= L4 rcv fwd FIN dup; ‘tcp_rev_fin_dup’= L4 rcv rev FIN dup; ‘tcp_rev_ackfin’= L4 rcv rev FIN|ACK; ‘tcp_fwd_rst’= L4 rcv fwd RST; ‘tcp_rev_rst’= L4 rcv rev RST; ‘udp_req_oneplus_no_resp’= L4 UDP reqs no rsp; ‘udp_req_one_oneplus_resp’= L4 UDP req rsps; ‘udp_req_resp_notmatch’= L4 UDP req/rsp not match; ‘udp_req_more_resp’= L4 UDP req greater than rsps; ‘udp_resp_more_req’= L4 UDP rsps greater than reqs; ‘udp_req_oneplus’= L4 UDP reqs; ‘udp_resp_oneplus’= L4 UDP rsps; ‘out_seq_ack_drop’= Out of sequence ACK drop; ‘tcp_est’= L4 TCP Established; ‘synattack’= L4 SYN attack; ‘syn_rate’= TCP SYN rate per sec; ‘syncookie_buff_drop’= TCP SYN cookie buff drop; ‘syncookie_buff_queue’= TCP SYN cookie buff queue; ‘skip_insert_client_ip’= Skip Insert-client-ip; ‘synreceived_hw’= TCP SYN (HW SYN cookie); ‘dns_id_switch’= DNS query id switch; ‘server_down_del’= Server Down Del switch; ‘dnssec_switch’= DNSSEC SG switch; ‘rate_drop_reset_unkn’= Rate Drop reset; ‘tcp_connections_closed’= TCP Connections Closed; ‘gtp_c_invalid_port’= Invalid Packet Received on GTP VIP; ‘gtp_c_invalid_header’= Invalid Header Received on GTP VIP; ‘gtp_c_invalid_message’= Non Create Session/PDP Context Request/Response Received on GTP VIP; ‘reselect_svrselfail’= Server reselect failure; ‘snat_port_overload_fail’= Snat port overload fail; ‘snat_force_preserve_alloc’= Snat port preserve allocated; ‘snat_force_preserve_free’= Snat port preserve freed; ‘proxy_header_insert’= PROXY protocol header inserted; ‘proxy_header_rexmit’= PROXY protocol header retransmitted; ‘proxy_prot_error’= PROXY protocol error; ‘proxy_prot_drop’= PROXY protocol drop; ‘slb_gtp_proxy_pkt_rcv_rr’= SLB GTP proxy packet received on RR; ‘slb_gtp_proxy_smp_match’= SLB GTP proxy helper session found; ‘slb_gtp_proxy_smp_no_match’= SLB GTP proxy helper session not found; ‘slb_gtp_proxy_c_process_local_rr’= SLB GTP proxy messageprocessed locally on RR; ‘slb_gtp_proxy_smp_creation_failed’= SLB GTP proxy helper session creation failed; ‘slb_gtp_proxy_smp_created’= SLB GTP proxy helper session created; ‘slb_gtp_proxy_smp_free_not_found’= SLB GTP proxy session helper not found during cleanup; ‘slb_gtp_proxy_smp_freed’= SLB GTP proxy session helper freed; ‘slb_gtp_proxy_retx_requests’= SLB GTP proxy retx requests; ‘pbslb_entry_limit_exceed’= pbslb entry limit Exceed; ‘fast_path_reroute’= Fast Path Reroute; ‘fast_path_l2_reroute’= Fast Path L2 Reroute; |
||
oper dict |
Field oper |
||
l4_cpu_list list |
Field l4_cpu_list |
||
cpu_count int |
Field cpu_count |
||
stats dict |
Field stats |
||
intcp str |
TCP received |
||
synreceived str |
TCP SYN received |
||
tcp_fwd_last_ack str |
L4 rcv fwd last ACK |
||
tcp_rev_last_ack str |
L4 rcv rev last ACK |
||
tcp_rev_fin str |
L4 rcv rev FIN |
||
tcp_fwd_fin str |
L4 rcv fwd FIN |
||
tcp_fwd_ackfin str |
L4 rcv fwd FIN|ACK |
||
inudp str |
UDP received |
||
syncookiessent str |
TCP SYN cookie snt |
||
syncookiessent_ts str |
TCP SYN cookie snt ts |
||
syncookiessentfailed str |
TCP SYN cookie snt fail |
||
outrst str |
TCP out RST |
||
outrst_nosyn str |
TCP out RST no SYN |
||
outrst_broker str |
TCP out RST L4 proxy |
||
outrst_ack_attack str |
TCP out RST ACK attack |
||
outrst_aflex str |
TCP out RST aFleX |
||
outrst_stale_sess str |
TCP out RST stale sess |
||
syn_stale_sess str |
SYN stale sess drop |
||
outrst_tcpproxy str |
TCP out RST TCP proxy |
||
svrselfail str |
Server sel failure |
||
noroute str |
IP out noroute |
||
snat_fail str |
Source NAT failure |
||
snat_no_fwd_route str |
Source NAT no fwd route |
||
snat_no_rev_route str |
Source NAT no rev route |
||
snat_icmp_error_process str |
Source NAT ICMP Process |
||
snat_icmp_no_match str |
Source NAT ICMP No Match |
||
smart_nat_id_mismatch str |
Auto NAT id mismatch |
||
syncookiescheckfailed str |
TCP SYN cookie failed |
||
novport_drop str |
NAT no session drops |
||
no_vport_drop str |
vport not matching drops |
||
nosyn_drop str |
No SYN pkt drops |
||
nosyn_drop_fin str |
No SYN pkt drops - FIN |
||
nosyn_drop_rst str |
No SYN pkt drops - RST |
||
nosyn_drop_ack str |
No SYN pkt drops - ACK |
||
connlimit_drop str |
Conn Limit drops |
||
connlimit_reset str |
Conn Limit resets |
||
conn_rate_limit_drop str |
Conn rate limit drops |
||
conn_rate_limit_reset str |
Conn rate limit resets |
||
proxy_nosock_drop str |
Proxy no sock drops |
||
drop_aflex str |
aFleX drops |
||
sess_aged_out str |
Session aged out |
||
tcp_sess_aged_out str |
TCP Session aged out |
||
udp_sess_aged_out str |
UDP Session aged out |
||
other_sess_aged_out str |
Other Session aged out |
||
tcp_no_slb str |
TCP no SLB |
||
udp_no_slb str |
UDP no SLB |
||
throttle_syn str |
SYN Throttle |
||
drop_gslb str |
Drop GSLB |
||
inband_hm_retry str |
Inband HM retry |
||
inband_hm_reassign str |
Inband HM reassign |
||
auto_reassign str |
Auto-reselect server |
||
fast_aging_set str |
Fast aging set |
||
fast_aging_reset str |
Fast aging reset |
||
dns_policy_drop str |
DNS Policy Drop |
||
tcp_invalid_drop str |
TCP invalid drop |
||
anomaly_out_seq str |
Anomaly out of sequence |
||
anomaly_zero_win str |
Anomaly zero window |
||
anomaly_bad_content str |
Anomaly bad content |
||
anomaly_pbslb_drop str |
Anomaly pbslb drop |
||
no_resourse_drop str |
No resource drop |
||
reset_unknown_conn str |
Reset unknown conn |
||
reset_l7_on_failover str |
RST L7 on failover |
||
ignore_msl str |
ignore msl |
||
l2_dsr str |
L2 DSR received |
||
l3_dsr str |
L3 DSR received |
||
port_preserve_attempt str |
NAT Port Preserve Try |
||
port_preserve_succ str |
NAT Port Preserve Succ |
||
tcpsyndata_drop str |
TCP SYN With Data Drop |
||
tcpotherflags_drop str |
TCP SYN Other Flags Drop |
||
bw_rate_limit_exceed str |
BW-Limit Exceed drop |
||
bw_watermark_drop str |
BW-Watermark drop |
||
l4_cps_exceed str |
L4 CPS exceed drop |
||
nat_cps_exceed str |
NAT CPS exceed drop |
||
l7_cps_exceed str |
L7 CPS exceed drop |
||
ssl_cps_exceed str |
SSL CPS exceed drop |
||
ssl_tpt_exceed str |
SSL TPT exceed drop |
||
ssl_watermark_drop str |
SSL TPT-Watermark drop |
||
concurrent_conn_exceed str |
L3V Conn Limit Drop |
||
svr_syn_handshake_fail str |
L4 server handshake fail |
||
stateless_conn_timeout str |
L4 stateless Conn TO |
||
tcp_ax_rexmit_syn str |
L4 AX re-xmit SYN |
||
tcp_syn_rcv_ack str |
L4 rcv ACK on SYN |
||
tcp_syn_rcv_rst str |
L4 rcv RST on SYN |
||
tcp_sess_noest_aged_out str |
TCP no-Est Sess aged out |
||
tcp_sess_noest_csyn_rcv_aged_out str |
no-Est CSYN rcv aged out |
||
tcp_sess_noest_ssyn_xmit_aged_out str |
no-Est SSYN snt aged out |
||
tcp_rexmit_syn str |
L4 rcv rexmit SYN |
||
tcp_rexmit_syn_delq str |
L4 rcv rexmit SYN (delq) |
||
tcp_rexmit_synack str |
L4 rcv rexmit SYN|ACK |
||
tcp_rexmit_synack_delq str |
L4 rcv rexmit SYN|ACK DQ |
||
tcp_fwd_fin_dup str |
L4 rcv fwd FIN dup |
||
tcp_rev_fin_dup str |
L4 rcv rev FIN dup |
||
tcp_rev_ackfin str |
L4 rcv rev FIN|ACK |
||
tcp_fwd_rst str |
L4 rcv fwd RST |
||
tcp_rev_rst str |
L4 rcv rev RST |
||
udp_req_oneplus_no_resp str |
L4 UDP reqs no rsp |
||
udp_req_one_oneplus_resp str |
L4 UDP req rsps |
||
udp_req_resp_notmatch str |
L4 UDP req/rsp not match |
||
udp_req_more_resp str |
L4 UDP req greater than rsps |
||
udp_resp_more_req str |
L4 UDP rsps greater than reqs |
||
udp_req_oneplus str |
L4 UDP reqs |
||
udp_resp_oneplus str |
L4 UDP rsps |
||
out_seq_ack_drop str |
Out of sequence ACK drop |
||
tcp_est str |
L4 TCP Established |
||
synattack str |
L4 SYN attack |
||
syn_rate str |
TCP SYN rate per sec |
||
syncookie_buff_drop str |
TCP SYN cookie buff drop |
||
syncookie_buff_queue str |
TCP SYN cookie buff queue |
||
skip_insert_client_ip str |
Skip Insert-client-ip |
||
synreceived_hw str |
TCP SYN (HW SYN cookie) |
||
dns_id_switch str |
DNS query id switch |
||
server_down_del str |
Server Down Del switch |
||
dnssec_switch str |
DNSSEC SG switch |
||
rate_drop_reset_unkn str |
Rate Drop reset |
||
tcp_connections_closed str |
TCP Connections Closed |
||
gtp_c_invalid_port str |
Invalid Packet Received on GTP VIP |
||
gtp_c_invalid_header str |
Invalid Header Received on GTP VIP |
||
gtp_c_invalid_message str |
Non Create Session/PDP Context Request/Response Received on GTP VIP |
||
reselect_svrselfail str |
Server reselect failure |
||
snat_port_overload_fail str |
Snat port overload fail |
||
snat_force_preserve_alloc str |
Snat port preserve allocated |
||
snat_force_preserve_free str |
Snat port preserve freed |
||
proxy_header_insert str |
PROXY protocol header inserted |
||
proxy_header_rexmit str |
PROXY protocol header retransmitted |
||
proxy_prot_error str |
PROXY protocol error |
||
proxy_prot_drop str |
PROXY protocol drop |
||
slb_gtp_proxy_smp_match str |
SLB GTP proxy helper session found |
||
slb_gtp_proxy_smp_no_match str |
SLB GTP proxy helper session not found |
||
slb_gtp_proxy_c_process_local_rr str |
SLB GTP proxy messageprocessed locally on RR |
||
slb_gtp_proxy_smp_creation_failed str |
SLB GTP proxy helper session creation failed |
||
slb_gtp_proxy_smp_created str |
SLB GTP proxy helper session created |
||
slb_gtp_proxy_smp_free_not_found str |
SLB GTP proxy session helper not found during cleanup |
||
slb_gtp_proxy_smp_freed str |
SLB GTP proxy session helper freed |
||
slb_gtp_proxy_retx_requests str |
SLB GTP proxy retx requests |
||
pbslb_entry_limit_exceed str |
pbslb entry limit Exceed |
||
fast_path_reroute str |
Fast Path Reroute |
||
fast_path_l2_reroute str |
Fast Path L2 Reroute |
Examples
Return Values
- modified_values (changed, dict, )
Values modified (or potential changes if using check_mode) as a result of task operation
- axapi_calls (always, list, )
Sequential list of AXAPI calls made by the task
- endpoint (, str, [‘/axapi/v3/slb/virtual_server’, ‘/axapi/v3/file/ssl-cert’])
The AXAPI endpoint being accessed.
- http_method (, str, [‘POST’, ‘GET’])
HTTP method being used by the primary task to interact with the AXAPI endpoint.
- request_body (, complex, )
Params used to query the AXAPI
- response_body (, complex, )
Response from the AXAPI
Status
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by community.