{ "id":"/axapi/v3/slb/common", "type":"object", "node-type":"scalar", "title":"common", "partition-visibility":"shared", "auto-created-object":1, "description":"SLB related commands", "properties":{ "port-scan-detection":{ "type":"string", "format":"enum", "default":"disable", "partition-visibility":"shared", "description":"'enable': Enable port scan detection; 'disable': Disable port scan detection(default); ", "enum":[ "enable", "disable" ], "optional":true }, "ping-sweep-detection":{ "type":"string", "format":"enum", "default":"disable", "partition-visibility":"shared", "description":"'enable': Enable ping sweep detection; 'disable': Disable ping sweep detection(default); ", "enum":[ "enable", "disable" ], "optional":true }, "extended-stats":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable global slb extended statistics", "optional":true }, "stats-data-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Disable global slb data statistics", "optional":true }, "graceful-shutdown-enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable graceful shutdown", "optional":true }, "graceful-shutdown":{ "type":"number", "format":"number", "minimum":1, "maximum":65535, "partition-visibility":"shared", "description":"1-65535, in unit of seconds", "optional":true }, "entity":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'server': Graceful shutdown server/port only; 'virtual-server': Graceful shutdown virtual server/port only; ", "enum":[ "server", "virtual-server" ], "optional":true }, "after-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Graceful shutdown after disable server/port and/or virtual server/port", "optional":true }, "rate-limit-logging":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Configure rate limit logging", "optional":true }, "max-local-rate":{ "type":"number", "format":"number", "minimum":1, "maximum":100, "default":32, "partition-visibility":"shared", "description":"Set maximum local rate", "optional":true }, "max-remote-rate":{ "type":"number", "format":"number", "minimum":1, "maximum":1000000, "default":15000, "partition-visibility":"shared", "description":"Set maximum remote rate", "optional":true }, "exclude-destination":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'local': Maximum local rate; 'remote': Maximum remote rate; (Maximum rates)", "enum":[ "local", "remote" ], "optional":true }, "auto-translate-port":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Auto Translate Port range", "optional":true }, "range":{ "type":"number", "format":"number", "minimum":1, "maximum":3, "partition-visibility":"shared", "description":"auto translate port range", "optional":true }, "range-start":{ "type":"number", "format":"number", "minimum":0, "maximum":65535, "partition-visibility":"shared", "description":"port range start", "optional":true }, "range-end":{ "type":"number", "format":"number", "minimum":0, "maximum":65535, "partition-visibility":"shared", "description":"port range end", "optional":true }, "use-default-sess-count":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Use default session count", "optional":true }, "per-thr-percent":{ "type":"number", "format":"number", "minimum":1, "maximum":100, "partition-visibility":"shared", "description":"Percentage of default session count to use for per thread session table size", "optional":true }, "dsr-health-check-enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable dsr-health-check (direct server return health check)", "optional":true }, "one-server-conn-hm-rate":{ "type":"number", "format":"number", "minimum":1, "maximum":60, "partition-visibility":"shared", "description":"One Server Conn Health Check Rate", "optional":true }, "aflex-table-entry-aging-interval":{ "type":"number", "format":"number", "minimum":1, "maximum":3600, "default":1, "partition-visibility":"shared", "description":"aFleX table entry aging interval in second", "optional":true }, "override-port":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable override port in DSR health check mode", "optional":true }, "health-check-to-all-vip":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "optional":true }, "reset-stale-session":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Send reset if session in delete queue receives a SYN packet", "optional":true }, "dns-negative-cache-enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable DNS negative cache", "optional":true }, "dns-cache-enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable DNS cache", "optional":true }, "dns-persistent-cache-enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable persistent DNS cache", "optional":true }, "max-persistent-cache":{ "type":"number", "format":"number", "platform-specific-range":1, "platform-specific-default":1, "partition-visibility":"shared", "description":"Define maximum persistent cache (Maximum persistent cache entry)", "optional":true }, "dns-persistent-cache-ttl-threshold":{ "type":"number", "format":"number", "minimum":0, "maximum":10000000, "default":0, "partition-visibility":"shared", "description":"Only save DNS cache with longer TTL (0-10000000 seconds, default is 0 second)", "optional":true }, "dns-persistent-cache-hit-threshold":{ "type":"number", "format":"number", "minimum":0, "maximum":10000000, "default":0, "partition-visibility":"shared", "description":"Only save DNS cache with larger hit count (0-10000000, default is 0)", "optional":true }, "dns-cache-ttl-adjustment-enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable DNS cache response ttl adjustment", "optional":true }, "response-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'single-answer': Only cache DNS response with single answer; 'round-robin': Round robin; ", "enum":[ "single-answer", "round-robin" ], "optional":true }, "ttl-threshold":{ "type":"number", "format":"number", "minimum":1, "maximum":10000000, "partition-visibility":"shared", "description":"Only cache DNS response with longer TTL", "optional":true }, "dns-cache-aging-weight":{ "type":"number", "format":"number", "minimum":1, "maximum":7, "default":1, "partition-visibility":"shared", "description":"Set DNS cache entry weight, default is 1", "optional":true }, "dns-cache-age":{ "type":"number", "format":"number", "minimum":1, "maximum":1000000, "default":300, "partition-visibility":"shared", "description":"Set DNS cache entry age, default is 300 seconds (1-1000000 seconds, default is 300 seconds)", "optional":true }, "dns-cache-age-min-threshold":{ "type":"number", "format":"number", "minimum":0, "maximum":1000000, "default":0, "partition-visibility":"shared", "description":"Set DNS cache entry age minimum threshold, default is 0 seconds (1-1000000 seconds, default is 0 seconds)", "optional":true }, "compress-block-size":{ "type":"number", "format":"number", "minimum":6000, "maximum":131008, "partition-visibility":"shared", "description":"Set compression block size (Compression block size in bytes)", "optional":true }, "dns-cache-entry-size":{ "type":"number", "format":"number", "minimum":1, "maximum":4096, "default":256, "partition-visibility":"shared", "description":"Set DNS cache entry size, default is 256 bytes (1-4096 bytes, default is 256 bytes)", "optional":true }, "dns-cache-sync":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable DNS cache HA sync", "optional":true }, "dns-cache-sync-ttl-threshold":{ "type":"number", "format":"number", "minimum":0, "maximum":10000000, "default":0, "partition-visibility":"shared", "description":"Only sync DNS cache with longer TTL (0-10000000 seconds, default is 0 second)", "optional":true }, "dns-cache-sync-entry-size":{ "type":"number", "format":"number", "minimum":1, "maximum":4096, "default":256, "partition-visibility":"shared", "description":"Only sync DNS cache with smaller size (1-4096 bytes, default is 256 bytes)", "optional":true }, "dns-vip-stateless":{ "type":"number", "format":"flag", "plat-neg-list":["non-fpga,soft-ax", "soft-ax"], "default":0, "partition-visibility":"shared", "description":"Enable DNS VIP stateless mode", "optional":true }, "honor-server-response-ttl":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Honor the server reponse TTL", "optional":true }, "recursive-ns-cache":{ "type":"string", "format":"enum", "default":"honor-packet-ttl", "partition-visibility":"shared", "description":"'honor-packet-ttl': Honor the lowest TTL among NS records in the server response; 'honor-age-config': Honor the ttl/age settings based on acos dns cache configuration; ", "enum":[ "honor-packet-ttl", "honor-age-config" ], "optional":true }, "buff-thresh":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Set buffer threshold", "optional":true }, "buff-thresh-hw-buff":{ "type":"number", "format":"number", "minimum":1, "maximum":2147483647, "partition-visibility":"shared", "description":"Set hardware buffer threshold", "optional":true }, "buff-thresh-relieve-thresh":{ "type":"number", "format":"number", "minimum":0, "maximum":2147483647, "partition-visibility":"shared", "description":"Relieve threshold", "optional":true }, "buff-thresh-sys-buff-low":{ "type":"number", "format":"number", "minimum":0, "maximum":2147483647, "partition-visibility":"shared", "description":"Set low water mark of system buffer", "optional":true }, "buff-thresh-sys-buff-high":{ "type":"number", "format":"number", "minimum":0, "maximum":2147483647, "partition-visibility":"shared", "description":"Set high water mark of system buffer", "optional":true }, "max-buff-queued-per-conn":{ "type":"number", "format":"number", "minimum":128, "maximum":4096, "default":1000, "partition-visibility":"shared", "description":"Set per connection buffer threshold (Buffer value range 128-4096)", "optional":true }, "pkt-rate-for-reset-unknown-conn":{ "type":"number", "format":"number", "minimum":1, "maximum":1048575, "partition-visibility":"shared", "optional":true }, "log-for-reset-unknown-conn":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Log when rate exceed", "optional":true }, "gateway-health-check":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable gateway health check", "optional":true }, "interval":{ "type":"number", "format":"number", "minimum":1, "maximum":180, "default":5, "partition-visibility":"shared", "description":"Specify the healthcheck interval, default is 5 seconds (Interval Value, in seconds (default 5))", "optional":true }, "timeout":{ "type":"number", "format":"number", "minimum":1, "maximum":360, "default":15, "partition-visibility":"shared", "description":"Specify the healthcheck timeout value, default is 15 seconds (Timeout Value, in seconds (default 15))", "optional":true }, "msl-time":{ "type":"number", "format":"number", "minimum":1, "maximum":39, "default":2, "partition-visibility":"shared", "description":"Configure maximum session life, default is 2 seconds (1-39 seconds, default is 2 seconds)", "optional":true }, "fast-path-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Disable fast path in SLB processing", "optional":true }, "odd-even-nat-enable":{ "type":"number", "format":"flag", "plat-pos-list":["chassis"], "default":0, "partition-visibility":"shared", "description":"Enable odd even nat pool allocation in dual blade systems", "optional":true }, "http-fast-enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable Http Fast in SLB processing", "optional":true }, "l2l3-trunk-lb-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Disable L2/L3 trunk LB", "optional":true }, "snat-gwy-for-l3":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Use source NAT gateway for L3 traffic for transparent mode", "optional":true }, "allow-in-gateway-mode":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Use source NAT gateway for L3 traffic for gateway mode", "optional":true }, "disable-server-auto-reselect":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Disable auto reselection of server", "optional":true }, "enable-l7-req-acct":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable L7 request accounting", "optional":true }, "enable-ddos":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable DDoS protection", "optional":true }, "disable-adaptive-resource-check":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Disable adaptive resource check based on buffer usage", "optional":true }, "ddos-pkt-size-thresh":{ "type":"number", "format":"number", "minimum":1, "maximum":256, "default":64, "partition-visibility":"shared", "description":"Set data packet size threshold for DDOS, default is 64 bytes", "optional":true }, "ddos-pkt-count-thresh":{ "type":"number", "format":"number", "minimum":1, "maximum":256, "default":100, "partition-visibility":"shared", "description":"Set packet count threshold for DDOS, default is 100", "optional":true }, "snat-on-vip":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable source NAT traffic against VIP", "optional":true }, "low-latency":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable low latency mode", "optional":true }, "mss-table":{ "type":"number", "format":"number", "minimum":128, "maximum":750, "default":536, "partition-visibility":"shared", "description":"Set MSS table (128-750, default is 536)", "optional":true }, "resolve-port-conflict":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable client port service port conflicts", "optional":true }, "no-auto-up-on-aflex":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Don't automatically mark vport up when aFleX is bound", "optional":true }, "hw-compression":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Use hardware compression", "optional":true }, "hw-syn-rr":{ "type":"number", "format":"number", "minimum":1, "maximum":500000, "partition-visibility":"shared", "description":"Configure hardware SYN round robin (range 1-500000)", "optional":true }, "max-http-header-count":{ "type":"number", "format":"number", "minimum":90, "maximum":255, "default":90, "partition-visibility":"shared", "description":"Set maximum number of HTTP headers allowed", "optional":true }, "scale-out":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable SLB scale out", "optional":true }, "scale-out-traffic-map":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Set SLB scaleout traffic-map", "optional":true }, "show-slb-server-legacy-cmd":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable show slb server legacy command", "optional":true }, "show-slb-service-group-legacy-cmd":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable show slb service-group legacy command", "optional":true }, "show-slb-virtual-server-legacy-cmd":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable show slb virtual-server legacy command", "optional":true }, "traffic-map-type":{ "type":"string", "format":"enum", "default":"vport", "partition-visibility":"shared", "description":"'vport': traffic-map per vport; 'global': global traffic-map; ", "enum":[ "vport", "global" ], "optional":true }, "sort-res":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable SLB sorting of resource names", "optional":true }, "use-mss-tab":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Use MSS based on internal table for SLB processing", "optional":true }, "auto-nat-no-ip-refresh":{ "type":"string", "format":"enum", "default":"enable", "partition-visibility":"shared", "description":"'enable': enable; 'disable': disable; ", "enum":[ "enable", "disable" ], "optional":true }, "ddos-protection":{ "type":"object", "properties":{ "ipd-enable-toggle":{ "type":"string", "format":"enum", "default":"disable", "partition-visibility":"shared", "description":"'enable': Enable SLB DDoS protection; 'disable': Disable SLB DDoS protection (default); ", "enum":[ "enable", "disable" ] }, "logging":{ "type":"object", "properties":{ "ipd-logging-toggle":{ "type":"string", "format":"enum", "default":"enable", "partition-visibility":"shared", "description":"'enable': Enable SLB DDoS protection logging (default); 'disable': Disable SLB DDoS protection logging; ", "enum":[ "enable", "disable" ] } } }, "packets-per-second":{ "type":"object", "properties":{ "ipd-tcp":{ "type":"number", "format":"number", "minimum":0, "maximum":65535, "default":200, "partition-visibility":"shared", "description":"Configure packets-per-second threshold per TCP port (default: 200)" }, "ipd-udp":{ "type":"number", "format":"number", "minimum":0, "maximum":65535, "default":200, "partition-visibility":"shared", "description":"Configure packets-per-second threshold per UDP port (default: 200)" } } } } }, "ssli-sni-hash-enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable SSLi SNI hash table", "optional":true }, "clientside-ip":{ "type":"string", "format":"ipv4-address", "partition-visibility":"shared", "description":"Clientside IP address", "optional":true }, "clientside-ipv6":{ "type":"string", "format":"ipv6-address", "partition-visibility":"shared", "description":"Clientside IPv6 address", "optional":true }, "serverside-ip":{ "type":"string", "format":"ipv4-address", "partition-visibility":"shared", "description":"Serverside IP address", "optional":true }, "serverside-ipv6":{ "type":"string", "format":"ipv6-address", "partition-visibility":"shared", "description":"Serverside IPv6 address", "optional":true }, "port":{ "type":"number", "format":"number", "minimum":1, "maximum":65535, "partition-visibility":"shared", "description":"Serverside port number for SNI transmission", "optional":true }, "ssli-cert-not-ready-inspect-timeout":{ "type":"number", "format":"number", "minimum":0, "maximum":2147483647, "default":10, "partition-visibility":"shared", "description":"SSLI asynchronized connection timeout, default is 10 seconds (seconds, set to 0 for never timeout)", "optional":true }, "ssli-cert-not-ready-inspect-limit":{ "type":"number", "format":"number", "minimum":0, "maximum":2147483647, "default":2000, "partition-visibility":"shared", "description":"SSLI asynchronized connection max number, default is 2000 (set to 0 for unlimited size)", "optional":true }, "ssli-silent-termination-enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Terminate the SSLi sessions silently without sending RST/FIN packet", "optional":true }, "software":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not-list":[ "software-tls13", "QAT", "N5-new", "N5-old", "software-tls13-offload" ], "description":"Software", "optional":true }, "software-tls13":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not-list":[ "software", "QAT", "N5-new", "N5-old", "software-tls13-offload" ], "description":"Software TLS1.3", "optional":true }, "QAT":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not-list":[ "software", "software-tls13", "N5-new", "N5-old", "software-tls13-offload" ], "description":"HW assisted QAT SSL module", "optional":true }, "N5-new":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not-list":[ "software", "software-tls13", "QAT", "N5-old", "software-tls13-offload" ], "description":"HW assisted N5 SSL module with TLS 1.3 and TLS 1.2 support using OpenSSL 1.1.1", "optional":true }, "N5-old":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not-list":[ "software", "software-tls13", "QAT", "N5-new", "software-tls13-offload" ], "description":"HW assisted N5 SSL module with TLS 1.2 support using OpenSSL 0.9.7", "optional":true }, "software-tls13-offload":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not-list":[ "software", "software-tls13", "QAT", "N5-new", "N5-old" ], "description":"Software TLS1.3 with CPU Offload Support", "optional":true }, "ssl-n5-delay-tx-enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable delay transmission for N5-new", "optional":true }, "ssl-ratelimit-cfg":{ "type":"object", "properties":{ "disable-rate":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not-list":[ "tls12-rate", "tls13-rate" ], "description":"Disable HW SSL Rate limit for N5-new" }, "tls12-rate":{ "type":"number", "format":"number", "minimum":1, "maximum":1000, "default":120, "partition-visibility":"shared", "not":"disable-rate", "description":"Enabling Rateliming for TLS1.2 HW requests per chip in 1K - default 120" }, "tls13-rate":{ "type":"number", "format":"number", "minimum":1, "maximum":200, "default":72, "partition-visibility":"shared", "not":"disable-rate", "description":"Enabling Rateliming for TLS1.3 HW requests per chip in 1K - default 72" } } }, "ssl-module-usage-enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable SSL module usage calculations for QAT", "optional":true }, "substitute-source-mac":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Substitute Source MAC Address to that of the outgoing interface", "optional":true }, "drop-icmp-to-vip-when-vip-down":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Drop ICMP to VIP when VIP down", "optional":true }, "player-id-check-enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable the Player id check", "optional":true }, "stateless-sg-multi-binding":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable stateless service groups to be assigned to multiple L2/L3 DSR VIPs", "optional":true }, "ecmp-hash":{ "type":"string", "format":"enum", "default":"system-default", "partition-visibility":"shared", "description":"'system-default': Use system default ecmp hashing algorithm; 'connection-based': Use connection information for hashing; ", "enum":[ "system-default", "connection-based" ], "optional":true }, "vport-global":{ "type":"number", "format":"number", "minimum":0, "maximum":512, "partition-visibility":"shared", "description":"Configure periodic showtech vport paging global limit", "optional":true }, "vport-l3v":{ "type":"number", "format":"number", "minimum":0, "maximum":128, "partition-visibility":"shared", "description":"Configure periodic showtech vport paging l3v limit", "optional":true }, "service-group-on-no-dest-nat-vports":{ "type":"string", "format":"enum", "default":"enforce-different", "partition-visibility":"shared", "description":"'allow-same': Allow the binding service-group on no-dest-nat virtual ports; 'enforce-different': Enforce that the same service-group can not be bound on different no-dest-nat virtual ports; ", "enum":[ "allow-same", "enforce-different" ], "optional":true }, "disable-port-masking":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Disable masking of ports for CPU hashing", "optional":true }, "snat-preserve":{ "type":"object", "properties":{ "range":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "port1":{ "type":"number", "format":"number", "minimum":1025, "maximum":65535, "default":1025, "partition-visibility":"shared", "description":"start port" }, "port2":{ "type":"number", "format":"number", "minimum":1025, "maximum":65535, "default":1025, "partition-visibility":"shared", "description":"end port which is greater than start" } } } ] } } }, "disable-persist-scoring":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Disable Persist Scoring", "optional":true }, "ipv4-offset":{ "type":"number", "format":"number", "minimum":0, "maximum":3, "default":0, "partition-visibility":"shared", "description":"IPv4 Octet Offset for Hash", "optional":true }, "ipv6-subnet":{ "type":"number", "format":"number", "minimum":0, "maximum":15, "default":0, "partition-visibility":"shared", "description":"IPv6 Octet Valid Subnet Length for Hash", "optional":true }, "pbslb-entry-age":{ "type":"number", "format":"number", "minimum":1, "maximum":127, "default":6, "partition-visibility":"shared", "description":"Set global pbslb entry age (minute)", "optional":true }, "pbslb-overflow-glid":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":1023, "partition-visibility":"shared", "$ref":"/axapi/v3/glid", "description":"Apply global limit id to overflow pbslb entry", "optional":true }, "pre-process-enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable NG-WAF pre-processing", "optional":true }, "cache-expire-time":{ "type":"number", "format":"number", "minimum":1, "maximum":480, "default":1, "partition-visibility":"shared", "description":"Cache expiration time, default is 1 minute", "optional":true }, "attack-resp-code":{ "type":"number", "format":"number", "minimum":400, "maximum":599, "default":410, "partition-visibility":"shared", "description":"Custom response code", "optional":true }, "monitor-mode-enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable NG-WAF monitor mode", "optional":true }, "custom-signal-clist":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/class-list", "description":"Provide custom signal names", "optional":true }, "custom-message":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":1023, "partition-visibility":"shared", "not":"custom-page", "description":"Block message", "optional":true }, "custom-page":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "not":"custom-message", "description":"Specify the custom webpage name", "optional":true }, "use-https-proxy":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"NG-WAF connects to Cloud through proxy server", "optional":true }, "ngwaf-proxy-ipv4":{ "type":"string", "format":"ipv4-address", "partition-visibility":"shared", "not":"ngwaf-proxy-ipv6", "description":"IPv4 address", "optional":true }, "ngwaf-proxy-ipv6":{ "type":"string", "format":"ipv6-address", "partition-visibility":"shared", "not":"ngwaf-proxy-ipv4", "description":"IPv6 address", "optional":true }, "ngwaf-proxy-port":{ "type":"number", "format":"number", "minimum":1, "maximum":65534, "partition-visibility":"shared", "description":"Port", "optional":true }, "use-mgmt-port":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Use management port to connect", "optional":true }, "multi-cpu":{ "type":"number", "format":"number", "minimum":0, "maximum":28, "default":0, "partition-visibility":"shared", "description":"Specific NGWAF CPU", "optional":true }, "enable-fast-path-rerouting":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable Fast-Path Rerouting", "optional":true }, "cancel-stream-loop-limit":{ "type":"number", "format":"number", "minimum":0, "maximum":50, "default":5, "partition-visibility":"shared", "description":"Set global cancel stream loop limit (cancel stream loop limit, default is 5)", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "cert-pinning":{ "type":"object", "$ref":"/axapi/v3/slb/common/cert-pinning", "properties":{ "ttl":{ "type":"number", "format":"number", "minimum":1, "maximum":1008, "default":144, "partition-visibility":"shared", "description":"The ttl of local cert pinning candidate list, multiple of 10 minutes, default is 144 (1440 minutes)" }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object" }, "candidate-list-feedback-opt-in":{ "type":"object", "$ref":"/axapi/v3/slb/common/cert-pinning/candidate-list-feedback-opt-in", "properties":{ "enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable the feedback function" }, "schedule":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"schedule the uploading time, default is daily 00:00" }, "weekly":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"daily", "description":"Every week" }, "week-day":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'Monday': Monday; 'Tuesday': Tuesday; 'Wednesday': Wednesday; 'Thursday': Thursday; 'Friday': Friday; 'Saturday': Saturday; 'Sunday': Sunday; ", "enum":[ "Monday", "Tuesday", "Wednesday", "Thursday", "Friday", "Saturday", "Sunday" ] }, "week-time":{ "type":"string", "format":"time-hhmm", "partition-visibility":"shared", "description":"Time of day to update (hh:mm) in 24 hour local time" }, "daily":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"weekly", "description":"Every day" }, "day-time":{ "type":"string", "format":"time-hhmm", "partition-visibility":"shared", "description":"Time of day to update (hh:mm) in 24 hour local time" }, "use-mgmt-port":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Use management port to connect" }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object" } } } } }, "aflex-table-entry-sync":{ "type":"object", "$ref":"/axapi/v3/slb/common/aflex-table-entry-sync", "properties":{ "aflex-table-entry-sync-enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable aflex table sync" }, "aflex-table-entry-sync-max-key-len":{ "type":"number", "format":"number", "minimum":0, "maximum":1000, "default":1000, "partition-visibility":"shared", "description":"aflex table entry max key length to sync" }, "aflex-table-entry-sync-max-value-len":{ "type":"number", "format":"number", "minimum":0, "maximum":1000, "default":1000, "partition-visibility":"shared", "description":"aflex table entry max value length to sync" }, "aflex-table-entry-sync-min-lifetime":{ "type":"number", "format":"number", "minimum":0, "maximum":65535, "default":0, "partition-visibility":"shared", "description":"aflex table entry minimum lifetime to sync" }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object" } } }, "quic":{ "type":"object", "$ref":"/axapi/v3/slb/common/quic", "properties":{ "cid-len":{ "type":"number", "format":"number", "minimum":4, "maximum":20, "default":4, "partition-visibility":"shared", "description":"Length of CID" }, "signature":{ "type":"string", "format":"string", "minLength":1, "maxLength":128, "partition-visibility":"shared", "description":"Set CID Signature" }, "signature-len":{ "type":"number", "format":"number", "minimum":1, "maximum":4, "default":3, "partition-visibility":"shared", "description":"Offset for CID Signature" }, "signature-offset":{ "type":"number", "format":"number", "minimum":0, "maximum":15, "default":4, "partition-visibility":"shared", "description":"Offset for CID Signature" }, "cpu-offset":{ "type":"number", "format":"number", "minimum":0, "maximum":15, "default":12, "partition-visibility":"shared", "description":"Offset for Encoded CPU" }, "quic-lb-offset":{ "type":"number", "format":"number", "minimum":0, "maximum":15, "default":8, "partition-visibility":"shared", "description":"Offset for QUIC-LB" }, "enable-hash":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable CID Hashing" }, "enable-signature":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable CID Signature Validation" }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object" } } }, "conn-rate-limit":{ "type":"object", "$ref":"/axapi/v3/slb/common/conn-rate-limit", "properties":{ "src-ip-list":{ "type":"array", "minItems":1, "items":{ "type":"src-ip" }, "uniqueItems":true, "$ref":"/axapi/v3/slb/common/conn-rate-limit/src-ip/{disable-ipv6-support}+{protocol}", "array":[ { "properties":{ "disable-ipv6-support":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "optional":false }, "protocol":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'tcp': Set TCP connection rate limit; 'udp': Set UDP packet rate limit; ", "enum":[ "tcp", "udp" ], "optional":false }, "limit":{ "type":"number", "format":"number", "minimum":1, "maximum":1000000, "partition-visibility":"shared", "description":"Set max connections per period", "optional":true }, "limit-period":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'100': 100 ms; '1000': 1000 ms; ", "enum":[ "100", "1000" ], "optional":true }, "shared":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Set threshold shared amongst all virtual ports", "optional":true }, "exceed-action":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Set action if threshold exceeded", "optional":true }, "log":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Send log if threshold exceeded", "optional":true }, "lock-out":{ "type":"number", "format":"number", "minimum":1, "maximum":3600, "partition-visibility":"shared", "description":"Set lockout period in seconds if threshold exceeded", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true } }, "required":[ "disable-ipv6-support", "protocol" ] } ] } } }, "dns-response-rate-limiting":{ "type":"object", "$ref":"/axapi/v3/slb/common/dns-response-rate-limiting", "properties":{ "max-table-entries":{ "type":"number", "format":"number", "minimum":1000, "maximum":4194304, "partition-visibility":"shared", "description":"Maximum number of entries allowed" }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object" } } } } }