Java API

 Download PDF File
8.0

Table of Contents

1Introduction

1.1Document Purpose

1.2Intended Audience

2Java API

2.1Prerequisites

2.2Commands with Multiple Optional Parameters

2.3Example

2.4Logger Framework

3Constructor

3.1LoadMasterAPI

4LoadMasterAPI Methods

4.1Home Screen Information

4.1.1ShowLoadMasterVersion

4.1.2LicenseInfo

4.2Initial Configuration

4.2.1ReadEULA

4.2.2AcceptEULA

4.2.3AcceptEULA2

4.2.4AlsiLicense

4.2.5SetInitialPasswd

4.3Virtual Services

4.3.1Virtual Service Control

4.3.2Show a Real Server

4.3.3Manage SSO Domains

4.3.4WAF Settings

4.4Global Balancing (GEO)

4.4.1Manage FQDNs

4.4.2Manage Clusters

4.4.3Miscellaneous Params

4.4.4IP Range Selection Criteria

4.4.5Enable/Disable GEO

4.5Statistics

4.5.1ShowStats

4.6Real Servers

4.6.1EnableRealServer

4.6.2DisableRealServer

4.7Rules and Checking

4.7.1Content Rules

4.7.2Check Parameters

4.8Certificates

4.8.1SSL Certificates

4.8.2Intermediate Certs

4.8.3Backup/Restore Certs

4.8.4HSM Configuration

4.9Interfaces

4.9.1AddVlan

4.9.2DeleteVlan

4.9.3AddAdditionalAddressToInterface

4.9.4DeleteAdditionalAddressToInterface

4.9.5CreateBond

4.9.6UnBond

4.9.7AddBond

4.9.8DeleteBond

4.9.9ModIface (recommended method)

4.9.10ModIface (Alternative Method)

4.9.11ShowIface

4.9.12AddVxlan

4.10Web Application Firewall (WAF)

4.10.1WafSetOperation

4.10.2WafSetAuditMode

4.11Route Management

4.11.1Default Gateway

4.11.2Additional Routes

4.11.3VPN Management

4.12Cluster Control

4.13System Administration

4.13.1User Management

4.13.2Update License

4.13.3System Reboot

4.13.4Update Software

4.13.5Backup/Restore

4.13.6Date/Time

4.14Logging Options

4.14.1Debug Options

4.14.2SNMP Options

4.14.3SDN Log Files

4.15Miscellaneous Options

4.15.1WUI Settings

4.15.2Remote Access

4.15.3Network Options

4.15.4AFE Configuration

4.15.5HA Parameters

4.15.6Azure HA Parameters

4.15.7AWS HA Parameters

4.15.8SDN Configuration

4.16Sundry Commands

4.16.1CheckConnection

4.16.2SetParameter (string)

4.16.3SetParameter (integer)

4.16.4SetParameter (boolean)

4.16.5GetParameter

4.16.6setLoadMasterAddress

4.16.7SetAPIPort

4.16.8customApiCall

4.16.9ShowAccessKey

5Response Methods

5.1getStatusCode

5.2getCode

5.3getParsedXMLMap

References

Document History

 

1Introduction

KEMP Technologies products optimize web and application infrastructure as defined by high-availability, high-performance, flexible scalability, security and ease of management. They minimize the total cost-of-ownership for web infrastructure, while enabling flexible and comprehensive deployment options.

1.1Document Purpose

This document describes the Java API interface to the KEMP LoadMaster. It describes in detail how to configure the various features of the LoadMaster using Java API commands.

This document is no longer updated. It is correct as of LoadMaster firmware version 7.1-30 and can be used as a reference. However, any changes to the Java API made after that time may not be reflected in this document. The internal help Javadoc which is provided with the KEMP Java API library can be referred to for an up-to-date list of commands.

1.2Intended Audience

This document is intended to help anyone who wishes to configure the KEMP LoadMaster using Java API commands.

2Java API

The Java API connects to the LoadMaster using the RESTful API interface. It sends HTTP commands using Java and gets an XML response which is then parsed.

2.1Prerequisites

Prerequisites are as follows:

  • An Integrated Development Environment (IDE) must be in place
  • The LoadMaster Java API .jar file must be downloaded from the KEMP Documentation webpage: http://kemptechnologies.com/documentation
  • The .jar file needs to be integrated into the IDE

2.2Commands with Multiple Optional Parameters

A number of the LoadMaster Java API commands have multiple optional parameters that can be set. In some of these commands, the following parameter will be available:

java.util.Map<java.lang.String,java.lang.String> parameters

For these commands, if needed, a HashMap object can be created to set multiple optional parameters at the same time.

An example code snippet which does this is below:

Map<String, String> map = new HashMap<>();

map.put("Nickname", "ExampleName");

map.put("CheckType", "http");

In the example above, Nickname and CheckType are parameter names and ExampleName and http are parameter values. Multiple parameters can be set by adding extra map.put commands on separate lines.

There are a number of legacy command examples in this document which show individual parameters, rather than the key value map. These legacy commands are now deprecated and will not be updated going forward. This means that any new parameters will not be available. All commands with multiple parameters can be set using the key value map option which is described above. This is the recommended way to set multiple parameters.

2.3Example

Below is an example of a simple Java program that uses the LoadMaster Java API.

package com.KEMP.documentation;

// Import the KEMP API Library

import com.KempTechnologies.*;

public class ExampleCommands {

// Initialise the connection parameters to the LoadMaster.

private static final String lmip = "10.89.75.60";

private static final String authCert = null;

private static final String userName= "bal";

private static final String pass = "1fourall";

 

// Call API constructor and pass to it the connection parameters

public static LoadMasterAPI lm = new LoadMasterAPI(lmip, authCert, userName, pass);

 

public static final String SUCCESS_CODE = "200";

 

public static void main(String[] args) {

String vsip = "10.89.75.70";

String vsport = "80";

String vsprot = "tcp";

 

// Add a simple VS to the LoadMaster

lm.AddVirtualService(vsip, vsport, vsprot);

// Map for optional parameters

Map<String, String> map = new HashMap<>();

map.put("Nickname", "VSname");

map.put("CheckType", "http");

 

// How to check if a command is successful

LoadMasterResponse lmResponse = lm.ModifyVirtualService(vsip, vsport, vsprot, true, null, false, 0);

if (lmResponse.getStatusCode().equals(SUCCESS_CODE))

{

System.out.println("Command has succeeded");

}

else {

System.out.println("Command has failed");

}

 

}

}

2.4Logger Framework

The Java library uses the Simple Logging Façade for Java (SLF4J) so it is possible to use a logger framework of your choice. To do this, add the particular binding of choice from www.slf4j.org to the project and the library will use whatever logger it is bound to.

3Constructor

3.1LoadMasterAPI

public LoadMasterAPI(java.lang.String loadMasterAddress,

java.lang.String authenticationCert,

java.lang.String username,

java.lang.String password)

The API constructor sets up the credentials needed to access the LoadMaster.

Parameters

loadMasterAddress - The IPv4 address of the LoadMaster, for example 10.154.11.80.

authenticationCert - The Authentication Certificate for the LoadMaster (can be null).

username - The username required to access the LoadMaster.

password - The password required to access the LoadMaster.

4LoadMasterAPI Methods

4.1Home Screen Information

Some information which is available in the LoadMaster WUI is also available via the API. Refer to the sub-sections below for further details.

4.1.1ShowLoadMasterVersion

public LoadMasterResponse ShowLoadMasterVersion()

Display the version number of the firmware currently installed on the LoadMaster

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.1.2LicenseInfo

public LoadMasterResponse LicenseInfo()

Display the license information of the LoadMaster.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.2Initial Configuration

Please note that the initial configuration API commands are currently unavailable on LoadMasters for AWS.

A number of steps are involved in initially deploying a LoadMaster, such as accepting the End User License Agreement (EULA) and licensing the unit. These initial configuration steps can either be performed via the WUI or the API. The API commands relating to initial configuration are listed in the sections below.

These commands should be run in sequential order

4.2.1ReadEULA

The magic cookie is used for security reasons - it limits the possibility of remote attacks. If a command requires the magic cookie (like some of the other ones in the sections below) does not get the correct magic string from the previous command, the command will fail.

public LoadMasterResponse readEULA()

The ReadEula command displays the EULA and a magic cookie.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.2.2AcceptEULA

public LoadMasterResponse acceptEULA(java.lang.String type, java.lang.String magic)

The AcceptEULA command is used to enter the magic cookie key returned by the readEula command and to set the type of license used, for example trial, permanent or free.

Parameters:

type - Type of LM.

The possible values for the type parameter are listed in the following table:

Value

Name in WUI

Description

Trial

 

Trial (Unrestricted)

 

Temporary license for users evaluating the KEMP LoadMaster

 

Perm

Perpetual

Purchased Permanent LoadMaster

Free

Free (Restricted)

Free LoadMaster

Table 4‑1: Valid Values for the LIcense Type Parameter

If running this command on a Virtual LoadMaster (VLM) which has been created in the Multi-Tenant LoadMaster product, the license type set here is irrelevant because the license type will be inherited from the Multi-Tenant LoadMaster. However, this command still needs to be run in order to get the magic string which is needed to run the next command (AcceptEula2).

magic - Magic cookie.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.2.3AcceptEULA2

public LoadMasterResponse acceptEULA2(java.lang.String magic,

java.lang.String accept)

The AcceptEULA2 command is used to accept or reject the terms of the EULA.

Parameters:

magic - Magic cookie.

accept - Specifies if the EULA is accepted or rejected (yes or no).

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.2.4AlsiLicense

This step must be performed before the LoadMaster password can be set.

public LoadMasterResponse alsiLicense(java.lang.String kempid,

java.lang.String kempidPassword)

throws Utils.InvalidApiParametersException

The AlsiLicense command is used to license the LoadMaster.

Parameters:

kempid - The KEMP ID originally used to license the LoadMaster. This is an email address provided by the licensee.

kempidPassword - The KEMP ID password.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.2.5SetInitialPasswd

public LoadMasterResponse setInitialPasswd(java.lang.String passwd)

The SetInitialPasswd command is use to set the password to be used once then the EULA has been accepted.

Parameters:

passwd - Password to be used once the EULA is accepted.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.3Virtual Services

4.3.1Virtual Service Control

The basic forms of the Virtual Services command are covered in the following sections. Virtual Services are addressed using the IP address.

4.3.1.1ListVirtualServices

public LoadMasterResponse ListVirtualServices()

List all Virtual Services present on the LoadMaster.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.3.1.2Add a Virtual Service

1

2

3

4

4.1

4.2

4.3

4.3.1

4.3.1.1

4.3.1.2

4.3.1.2.1AddVirtualService (recommended method)

public LoadMasterResponse AddVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

java.util.Map<java.lang.String,java.lang.String> parameters)

throws Utils.InvalidApiParametersException

Add a new Virtual Service.

Parameters:

vs - The IP address for this Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

parameters - A key value Map for setting optional parameters

Example code snippet of the AddVirtualService command using only required parameters:

LoadMasterAPI lm = new LoadMasterAPI("10.10.10.10", null, "bal", "1fourall");

LoadMasterResponse lr = lm.AddVirtualService("10.10.10.10", "80", "tcp");

lr.print();

Example code snippet of the AddVirtualservice command using optional parameters:

Map<String, String> map = new HashMap<>();

map.put("Nickname", "VSname");

map.put("CheckType", "http");

LoadMasterAPI lm = new LoadMasterAPI("10.10.10.10", null, "bal", "1fourall");

LoadMasterResponse lr = lm.AddVirtualService("10.10.10.12", "80", "tcp", map);

lr.print();

The optional parameters are listed and described in the table below:

Name

Type

Default

Range

Description

Adaptive

S

(Read only)

<unset>

 

This parameter is read only and will only be displayed when the Scheduling Method is set to resource based (adaptive)

AddVia

I

 

0 = Legacy Operation

1 = X-Forwarded-For

2 = None

3 = X-Client-Side

4 = X-Client-Side (No Via)

5 = X-Forwarded-For (No Via)

6 = Via Only

ThThis corresponds to the Add HTTP Headers field in the WUI. Select which headers are to be added to HTTP requests. X-ClientSide and X-Forwarded-For are only added to non-transparent connections.

Cache

B

N

0 = Caching disabled

1 = Caching enabled

Enable or disable the caching of URLs.

CertFile

S

<unset>

 

The Identifier for any installed certificate.

CheckType

S

<tcp>

Default dependent on Virtual Service port. The list of values is:

icmp

https

http

tcp

smtp

nntp

ftp

telnet

pop3

imap

rdp

bdata

none

Specify which protocol is to be used to check the health of the Real Server.

CheckHost

A

<unset>

 

The CheckUse1.1 parameter must be enabled in order to set the CheckHost value. When using HTTP/1.1 checking, the Real Servers require a Hostname be supplied in each request. If no value is set then this value is the IP address of the Virtual Service.

 

CheckPattern

S

<unset>

 

When the CheckType is set to http or https: This corresponds to the Reply 200 Pattern in the WUI. This parameter only applies when the HTTP Method is set to GET or POST.

 

When the CheckType is set to bdata: Specify the hexadecimal string which will be searched for in the response.

CheckUrl

S

<unset>

 

When the CheckType is set to http or https: By default, the health checker tries to access the URL / to determine if the machine is available. A different URL can be set in the CheckUrl parameter.

 

When the CheckType is set to bdata:

Specify a hexadecimal string to send to the Real Server.

Ciphers

S

Default assignment

All supported ciphers

Multiple ciphers can be added by adding a colon between each cipher.

Note: The assigned ciphers list will be overwritten when ciphers are added in this way. Ensure to include all ciphers that you want to be assigned.

For the list of ciphers which are assigned by default, and for a list of supported ciphers, refer to the SSL Accelerated Services, Feature Description.

MatchLen

S

0

0-8000

This parameter is only relevant when the CheckType is set to bdata. Specify the number of bytes to find the CheckPattern within.

CheckUse1.1

B

N

0 - Disabled

1 - Enabled

By default the health checker uses HTTP/1.0 when checking the Real Server status. Enabling this option means that HTTP/1.1 will be used, which is more efficient.

CheckPort

I

<unset>

3-65530

The port to be checked. If a port is not specified, the Real Server port is used.

ClientCert

I

0

0-6

By default (0 - No Certificates required), the LoadMaster will accept HTTPS requests from any client. Setting the ClientCert parameter to any of the other values below will require all clients to present a valid client certificate. In addition, the LoadMaster can also pass information about the certificate to the application. This option should not be changed from the default of No Client Certificates required. Only change this option if you are sure that all clients that access this service have valid client certificates.

0 = No client certificates required

1 = Client certificates required

2 = Client certificates and add headers

3 = Client Certificates and pass DER through as SSL-CLIENT-CERT

4 = Client Certificates and pass DER through as X-CLIENT-CERT

5 = Client Certificates and pass DER through as SSL-CLIENT-CERT

6 = Client Certificates and pass PEM through as X-CLIENT-CERT

Compress

B

N

0 – Disabled

1 - Enabled

When this is enabled, files sent from the LoadMaster are compressed with Gzip.

Cookie

S

<unset>

 

This parameter is only relevant when the persistence mode is set to cookie, active-cookie, cookie-src or active-cook-src. Enter the name of the cookie to be checked.

CachePercent

I

0

0-100

This parameter is only relevant if caching is enabled. Specify the maximum percentage of cache space that is to be permitted for this Virtual Service.

DefaultGW

A

<unset>

 

Specify the Virtual Service-specific default gateway to be used and to send responses back to clients. If this is not set, the global default gateway will be used.

Enable

B

Y

0 - Disabled

1 - Enabled

Activate or deactivate the Virtual Service

ErrorCode

I

0

200-505

If no Real Servers are available, the LoadMaster can terminate the connection with a HTTP error code. Specify the error code number in this parameter.

To unset the error code, set the parameter to an empty string.

ErrorUrl

S

<unset>

 

When no Real Servers are available and an error response is sent back to the client, a redirect URL can also be specified.

PortFollow

I

<unset>

0 and 3-65530

Note: This parameter was depreciated as of 7.1-24. For LoadMasters with version 7.1-24 or higher, use the FollowVSID parameter to set port following.

Specify the ID of the Virtual Service to follow. Setting this value to 0 disables port following. 1 and 2 are not valid values so ensure that the Virtual Service that you want to follow has a value between 3 and 65530.

FollowVSID

I

<unset>

 

Specify the ID of the Virtual Service to be followed.

ForceL7

B

Y (if not UDP)

0 - Disabled

1 - Enabled

Enabling this option will force the Virtual Service to run at Layer 7 and not Layer 4. This may be needed for various reasons, one of which is that only Layer 7 services can be non-transparent.

Idletime

I

0

0-86400

Specifies the length of time (in seconds) that a connection may remain idle before it is closed. The range for this parameter is 0 to 86400. 0 means indefinitely.

Intercept

B

0

0 – Disabled

1 – Enabled

Enable/disable the Web Application Firewall (WAF) for this Virtual Service.

InterceptOpts

S

<unset>

 

With this parameter, specify most of the fields in the WAF Options section of the Virtual Service modify screen in the LoadMaster WUI. For more information, refer to Section 4.3.1.2.16.

LocalBindAddrs

A

<unset>

A space separated list of IP addresses

This corresponds to the Alternate Source Address in the WUI. Allow connections scaling over 64K Connections needs to be enabled in L7 Configuration for this feature to work.

MultiConnect

B

0

0 - Disabled

1 - Enabled

Enabling this option permits the LoadMaster to manage connection handling between the LoadMaster and the Real Servers. Requests from multiple clients will be sent over the same TCP connection.

Multiplexing only works for simple HTTP GET operations. This parameter cannot be enabled in certain situations, for example if WAF, ESP or SSL Acceleration is enabled.

VStype

S

<port dependent>

gen

http

http2

ts

tls

log

 

Specifies the type of service that is being load balanced. Valid values are:

gen - Generic

http - HTTP/HTTPS

http2 - HTTP/2

ts - Remote Terminal

tls – STARTTLS protocols

log – Log Insight

 

NickName

S

<unset>

 

Specifies the "friendly" name of the service.

In addition to the usual alphanumeric characters, the following ‘special’ characters can be used as part of the Service Name:

. @ - _

However, there must be at least one alphanumeric character before the special characters.

NRequestRules

I (Read only)

<unset>

 

This displays the number of HTTP Header Modification request rules

NResponseRules

I (Read only)

<unset>

 

This displays the number of HTTP Header Modification response rules

NumberOfRSs

I (Read only)

<unset>

 

This displays the number of Real Servers that are assigned to the Virtual Service.

NRules

I (Read only)

<unset>

 

This displays the number of rules assigned to a Real Server when content switching is enabled.

Persist

S

none

The list of relevant persist values are:

ssl

cookie

active-cookie

cookie-src

active-cook-src

cookie-hash

cookie-hash-src

url

query-hash

host

header

super

super-src

src

rdp

rdp-src

rdp-sb

rdp-sb-src

Specify the type of persistence (stickiness) to be used for this Virtual Service.

VSPort

I

<unset>

3-65530

The port for the Virtual Service.

Protocol

S

<unset>

udp, tcp

The protocol to be used for the Virtual Service.

PersistTimeout

I

0

0-86400

The length of time (in seconds) after the last connection that the LoadMaster will remember the persistence information.

QueryTag

S

<unset>

 

This is the query tag to be matched if the Persist type is set to query-hash.

RequestRules

List (Read only)

   

The list of request rules that are assigned to the Virtual Service.

ResponseRules

List (Read only)

   

The list of response rules that are assigned to the Virtual Service.

SSLReencrypt

B

N

0 – Disabled

1 - Enabled

This parameter is only relevant if SSL Acceleration is enabled.

When this option is enabled, the SSL data stream is re-encrypted before sending to the Real Server.

SSLReverse

B

N

0 – Disabled

1 - Enabled

The data from the LoadMaster to the Real Server is re-encrypted.

SSLRewrite

S

<unset>

<unset>, http, https

When the Real Server rejects a request with a HTTP redirect, the requesting Location URL may need to be converted to specify HTTPS instead of HTTP (and vice versa).

ReverseSNIHostname

S

<unset>

 

If this option is enabled, always require the host name be sent in the TLS client hello message. If it is not sent the connection will be dropped.

RuleList

List(Read only)

   

A list of content rules assigned to Real Servers.

Schedule

S

rr

rr

wrr

lc

wlc

fixed

adaptive

sh

dl

sdn-adaptive

Specify the type of scheduling of new connections to Real Servers that is to be performed. The value values are spelled out below:

rr = round robin

wrr = weighted round robin

lc = least connection

wlc = weighted least connection

fixed = fixed weighting

adaptive = resource based (adaptive)

sh = source IP hash

dl = weighted

response time

sdn-adaptive = resource based (SDN adaptive)

ServerInit

I

0

0-6

0 = Normal Protocols

1 = SMTP

2 = SSH

3 = Other Server Initiating

4 = IMAP4

5 = MySQL

6 = POP3

SSLAcceleration

B

N

0 - Disabled

1 - Enabled

Enable SSL handling on this Virtual Service.

StandbyAddr

A

<unset>

 

Specify the IP address of the “Sorry” server that is to be used when no other Real Servers are available. This server will not be health checked and is assumed to be always available.

StandbyPort

I

<unset>

 

Specify the port of the “Sorry” server.

Transparent

B

Y

0 – Disabled

1- Enabled

When using Layer 7, when this is enabled the connection arriving at the Real Server appears to come directly from the client. Alternatively, the connection can be non-transparent which means that the connections at the Real Server appear to come from the LoadMaster.

UseforSnat

B

N

0 – Disabled

1 – Enabled

By default, when the LoadMaster is being used to NAT Real Servers, the source IP address used on the Internet is that of the LoadMaster.

Enabling this option allows the Real Servers configured to use the Virtual Service as the source IP address instead.

If the Real Servers are configured on more than one Virtual Service which has this option set, only connections to destination port 80 will use this Virtual Service as the source IP address.

CheckUseGet

B

HEAD

 

When accessing the healthcheck URL, the system can use the HEAD, the GET or the POST method. This can be specified by setting this parameter.

Verify

I

0

0-7 (bitmask)

Refer to Section 4.3.1.2.1.1for further information on the Verify parameter.

VSAddress

A

Address

 

The IPv4 or IPv6 address of the Virtual Service.

ExtraHdrKey

S

<unset>

 

Specify the key for the extra header to be inserted into every request sent to the Real Servers.

ExtraHdrValue

S

<unset>

 

Specify the value for the extra header to be inserted into every request sent to the Real Servers.

AllowedHosts

S

<unset>

 

This parameter is only relevant when ESP is enabled. Specify all the virtual hosts that can be accessed via this Virtual Service.

AllowedDirectories

S

<unset>

 

This parameter is only relevant when ESP is enabled. Specify all the virtual directories that can be accessed via this Virtual Service.

Domain

S

<unset>

 

The Single Sign On (SSO) domain in which this Virtual Service will operate.

Logoff

S

<unset>

 

This parameter is only relevant when ESP is enabled and when the Client Authentication Mode is set to Form Based. Specify the string that the LoadMaster should use to detect a logout event.

If the URL to be matched contains sub-directories before the specified string, the logoff string will not be matched. Therefore the LoadMaster will not log the user off.

 

 

ESPLogs

I

7

Integer 0-7

 

Enable ESP logging. Valid values are below:

0 = Logging off

1 = User Access

2 = Security

3 = User Access and Security

4 = Connection

5 = User Access and Connection

6 = Security and connection

7 = User Access, Security and Connection

Note: The only valid values for SMTP services are 0 and 4. For SMTP services, security issues are always logged. Nothing is logged for user access because there are no logins.

SMTPAllowedDomains

S

<unset>

 

Specify all the permitted domains that are allowed to be received by this Virtual Service.

EspEnabled

B

N

0 - Disabled

1 - Enabled

Enable or disable the Edge Security Pack (ESP) features.

InputAuthMode

I

0

0-4

 

Client Authentication mode.

0 = Delegate to Server

1 = Basic Authentication

2 = Form Based

3 = Future use

4 = Future use

OutputAuthMode

I

Dependant on InputAuthMode value

0-2

 

Server Authentication mode.

0 = None

1 = Basic Authentication

2 = KCD

OutConf

S

<unset>

 

Enter the name of the outbound SSO domain

StartTLSMode

I

 

0-6

 

0 = HTTP/HTTPS (the Service Type needs to be set to HTTP/HTTPS for this to work)

The Virtual Service Type must be set to STARTTLS for the remaining values to be set:

1 = SMTP (STARTTLS if requested)

2 = SMTP (STARTTLS always)

3 = FTP

4 = IMAP

6 = POP3

ExtraPorts

I

<unset>

3-65530

Specify extra ports that the Virtual Service will listen to.

AltAddress

A

<unset>

IP address

Specify the alternate address for this Virtual Service.

AddVia

I

 

0-6

 

Specify which headers to be added to HTTP requests. X-ClientSide and X-Forwarded-For are only added to non-transparent connections.

0 = Legacy Operation(X-Forwarded-For)

1 = X-Forwarded-For (+ Via)

2 = None

3 = X-ClientSide (+ Via)

4 = X-ClientSide (No Via)

5 = X-Forwarded-For (No Via)

6 = Via Only

SingleSignOnDir

S

<unset>

 

This parameter relates to the SSO Image Set drop-down in the ESP Options section of the modify Virtual Service screen. Specify the name of the image set to be used for the login screen. If no image set is specified, the default Exchange image set will be used

MasterVS

I (Read Only)

<unset>

0 – Not a parent Virtual Service

1 – Is a parent Virtual Service

Signifies whether or not the Virtual Service is a parent Virtual Service (i.e. if it has one or more SubVSs).

CreateSubVS

 

<unset>

 

This parameter can be used to create a SubVS within a Virtual Service. This parameter has no value (entering createsubvs= will create a SubVS).

SubVS

I (Read Only)

   

This parameter displays details of any SubVSes which exist in the Virtual Service.

Non-local

B

0- Disabled

0 – Disabled

1 – Enabled

By default only Real Servers on local networks can be assigned to a Virtual Service. Enabling this option will allow a non-local Real Server to be assigned to the Virtual Service.

This option will only be available if NonLocalRShas been enabled and the Transparent option has been disabled on the relevant Virtual Service.

AllowedGroups

S

<unset>

 

Specify the groups that are allowed to access this Virtual Service.

includeNestedGroups

B

0 – Disabled

0 – Disabled

1 – Enabled

This parameter relates to the AllowedGroups parameter. Enable this option to include nested groups in the authentication attempt. If this option is disabled, only users in the top-level group will be granted access. If this option is enabled, users in both the top-level and first sub-level group will be granted access

OCSPVerify

B

0 – Disabled

0 – Disabled

1 – Enabled

Verify (via Online Certificate Status Protocol (OCSP)) that the client certificate is valid.

 

TLSType

B

Disabled if SSL Acceleration is not enabled.

Enabled when SSL Acceleration is enabled.

0 - Disabled

1 - Enabled

If this is selected, support for SSLv3 is disabled and only TLS1.x protocols are supported.

 

CheckPostData

S

<unset>

Supports up to 2047 characters

This parameter is only relevant if the HTTP Method is set to POST. When using the POST method, up to 2047 characters of POST data can be sent to the server.

PreProcPrecedence

S

<unset>

 

This parameter should be used in conjunction with PreProcPrecedencePos. This parameter is used to specify the name of the existing rule whose position you wish to change.

This parameter relates to the Content Matching Rules only.

PreProcPrecedencePos

Int16

<unset>

 

This parameter, in conjunction with the PreProcPrecedence parameter, is used to change the position of the rule in a sequence of rules. For example a position of 2 means the rule will be checked second.

This parameter relates to the Content Matching Rules only.

RequestPrecedence

S

<unset>

 

This parameter should be used in conjunction with RequestPrecedencePos. This parameter is used to specify the name of the existing request rule whose position you wish to change.

This parameter relates to the following rule types:

Content Matching

Add Header

Delete Header

Replace Header

Modify URL

RequestPrecedencePos

Int16

<unset>

 

This parameter, in conjunction with the RequestPrecedence parameter, is used to change the position of the rule in a sequence of rules. For example a position of 2 means the rule will be checked second.

ResponsePrecedence

S

<unset>

 

This parameter should be used in conjunction with ResponsePrecedencePos. This parameter is used to specify the name of the existing response rule whose position you wish to change.

This parameter relates to the following rule types:

Content Matching

Add Header

Delete Header

Replace Header

ResponsePrecedencePos

Int16

<unset>

 

This parameter, in conjunction with the ResponsePrecedence parameter, is used to change the position of the rule in a sequence of rules. For example, a position of 2 means the rule will be checked second.

RSRulePrecedence

String

<unset>

 

This parameter should be used in conjunction with RSRulePrecedencePos. This parameter is used to specify the name of the existing rule whose position you wish to change.

RSRulePrecedencePos

Int16

   

This parameter, in conjunction with the RSRulePrecedence parameter, is used to change the position of the rule in a sequence of rules. For example, a position of 2 means the rule will be checked second.

ExcludedDomains

     

Any virtual directories specified within this field will not be pre-authorized on this Virtual Service and will be passed directly to the relevant Real Servers. Multiple excluded domains can be specified by using a space-separated list.

AllowedGroups

S

<unset>

 

Specify all the virtual groups that can be accessed via this Virtual Service.

 

AltDomains

S

<unset>

 

Specify alternative domains to be assigned to a Virtual Service when configuring multi-domain authentication. To specify multiple alternative domains use a space separated list.

EnhancedHealthchecks

B

0 – Disabled

0 – Disabled

1 – Enabled

Enabling the EnhancedHealthchecks parameter provides an additional health check parameter – RsMinimum. If the EnhancedHealthchecks parameter is disabled, the Virtual Service will be considered available if at least one Real Server is available. If the EnhancedHealthchecks parameter is enabled, you can specify the minimum number of Real Servers which should be available in order to consider the Virtual Service to be available.

RsMinimum

I

1

1 to the number of Real Servers configured

This parameter can only be set using the modvs command if the EnhancedHealthchecks parameter is enabled. Specify the minimum number of Real Servers required to be available for the Virtual Service to be considered up. If less than the minimum amount of Real Servers are available, a critical log is generated. If some Real Servers are down but it has not reached the minimum amount specified, a warning is logged. If the email options are configured, an email will be sent to the relevant recipients.

When retrieving the value of this parameter – 0 is the default value if there are no Real Servers or 1 Real Server in the Virtual Service. However, 1 is always the minimum in reality.

               

Table 4‑2: Virtual Service Parameters

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.1.2.1.1Verify Parameter

The Verify parameter is a bitmask. The valid values of the Verify parameter are as follows:

  • Bit 0: set this to 1 to enable detection intrusion

Bit 0 needs to be set to 1 in order to use the other two bits.

  • Bit 1 determines whether to reject or drop a connection. Setting it to 1 will drop the connection.
  • Bit 2 determines whether to give just warnings on bad requests or also on malicious (but not invalid) requests.

The following table lists the valid integers and the values they set the fields to when used:

Integer

Detect Malicious Requests

Intrusion Handling

Warnings Checkbox

0

Disabled

N/A

N/A

1

Enabled

Drop Connection

Unchecked

2

Enabled

Send Reject

Unchecked

3

Enabled

Send Reject

Unchecked

4

Enabled

Drop Connection

Checked

5

Enabled

Drop Connection

Checked

6

Enabled

Send Reject

Checked

7

Enabled

Send Reject

Checked

Table 4‑3: Verify Parameter Integers

4.3.1.2.2AddVirtualService (alternative method)

public LoadMasterResponse AddVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt)

Creates a new Virtual Service on the LoadMaster.

Parameters:

vs - The IP address for this virtual service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.2.3AddVirtualService (from a template)

public LoadMasterResponse AddVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

java.lang.String template)

Creates a new Virtual Service on the LoadMaster from a template.

Parameters:

vs - The IP address for this virtual service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

template - Enter the name of the template to be used to configure this Virtual Service.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

4.3.1.2.4AddVirtualService (with basic settings)

public LoadMasterResponse AddVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

int[] extraPorts,

boolean useForSnat,

boolean transparent,

java.lang.String schedule,

java.lang.String persist,

int persistTimeout,

java.lang.String cookieName,

int idletime)

Parameters:

vs - The IP address for this virtual service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

extraPorts - The list of extra ports the Virtual Service will listen to (range: 3-65530).

useForSnat - SNAT is an acronym for Server Network Address Translation. By default, when the LoadMaster is being used for the Network Address Translation (NAT) of Real Servers, the source IP address used on the Internet is that of the LoadMaster. This parameter can be used to allow the Real Server configured on this Virtual Service to use the Virtual Service as the source IP address instead.

0 – SNAT disabled

1 – SNAT enabled

transparent - When using L7, a connection can be transparent, i.e. the connection arriving at the Real Server appears to come directly from the client, or it can be non-transparent, where the connections at the Real Server appears to come from the LoadMaster. This may be needed in some configurations.

0 – Transparency disabled

1 – Transparency enabled

schedule - Specifies the method the load balancer will use to select a Real Server. Valid options are rr (Round Robin), wrr (Weighted Round Robin), lc (Least Connections), wlc (Weighted Least Connections), fixed, adaptive (Resource Based), and sh (Source IP Hash).

persist - Specifies the time (in seconds) a client should be persisted to a Real Server.

Values are:

ssl

cookie

active-cookie

cookie-src

active-cookie-src

cookie-hash

url

query-hash

host

header

super

super-src

src

rdp

rdp-src

rdp-sb

rdp-sb-drc

persistTimeout - Specifies the time (in seconds) that a client should be persisted to a Real Server.

The range for this parameter is 0 to 86400.

cookieName - Specifies the cookie that should be set on the HTTP stream, for example EBS-Cookie.

idletime - Specifies the length of time (in seconds) that a connection may remain idle before it is closed. The range for this parameter is 0 to 86400. 0 means indefinitely.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.2.5AddVirtualService (with Advanced Options)

public LoadMasterResponse AddVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

int addVia,

java.lang.String defaultGateway,

int errorCode,

java.lang.String errorUrl,

java.lang.String extraHeaderKey,

java.lang.String extraHeaderValue)

Creates a new Virtual Service on the LoadMaster. (Advanced Options)

Parameters:

vs - The IP address for this Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

addVia - Specifies which headers should be added to the HTTP stream. The parameter takes the following arguments:

Range

Value

0

Legacy Operation

1

X-Forwarded-For

2

None

3

X-Client-Side

4

X-Client-Side (No Via)

5

X-Forward-For(No Via)

6

Via Only

Table 4‑4: AddVia range

defaultGateway – Specifies the IP address of the gateway that should be used to return traffic to clients.

errorCode – Specifies the error code to return to clients if no Real Server are available. Range: 200 - 505

errorUrl – Specifies the redirected URL if there are no Real Servers available - Sorry page.

extraHeaderKey – This parameter corresponds to the first text box in the Add Header to Request field in the WUI. Specify the key for the extra header that is to be inserted into every request sent to the Real Servers.

extraHeaderValue - This parameter corresponds to the second text box in the Add Header to Request field in the WUI. Specify the value for the extra header that is to be inserted into every request which is sent to the Real Servers.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.2.6AddVirtualService (with ESP enabled)

public LoadMasterResponse AddVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

boolean enableEsp)

Creates a new Virtual Service on the LoadMaster. (ESP Options)

Parameters:

vs - The IP address of the Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

enableEsp – Use this paramaeter to enable or disable the Edge Security Pack (ESP).

0 - Disabled

1 - Enabled

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.2.7AddVirtualService (with a Real Server)

public LoadMasterResponse AddVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

int checkPort,

java.lang.String checkUrl,

java.lang.String checkType,

java.lang.String checkHeaders)

Creates a new Virtual Service on the LoadMaster. (RealServer Check Options)

Parameters:

vs - The IP address for this virtual service.

vsPort -Specifies the port on which this Virtual Service accepts connections (range: 3-65530). vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

checkPort - Specifies the port to use for communication to check the service.

checkUrl – This parameter is only relevant when the CheckType is set to bdata. Specify a hexadecimal string to send to the Real Server.

checkType – Specifies the method to check if the service is available. The possible values are:

tcp

icmp

https

http

smtp

nntp

ftp

telnet

pop3

imap

rdp

bdata

none

checkHeaders -The key for the Custom Header which to be part of the healthcheck request.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.2.8AddVirtualService (with SSL on)

public LoadMasterResponse AddVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

boolean enableSSL,

java.lang.String sslRewrite,

boolean sslReencrypt,

int clientCert)

Creates a new Virtual Service on the LoadMaster and configures various SSL options.

Parameters:

vs - The IP address for this virtual service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

enableSSL–Enable SSL handling on this Virtual Service.

sslRewrite – When the Real Server rejects a request with a HTTP redirect, the requesting Location URL may need to be converted to specify HTTPS instead of HTTP (and vice versa)

Values are:

http

https

sslReencrypt – Reencrypt the SSl data stream before sending to the Real Server.

clientCert - Specifies the client certificate to use for connection when checking the service.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.3Modify a Virtual Service
4.3.1.2.9ModifyVirtualService (recommended method)

public LoadMasterResponse ModifyVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

java.util.Map<java.lang.String,java.lang.String> parameters)

throws Utils.InvalidApiParametersException

Modify an existing Virtual Service on the LoadMaster.

Parameters:

vs - The IP address for this virtual service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

parameters - Extra optional parameters. These are the same optional parameters that are listed in the table in Section 4.3.1.2.1.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.1.2.10ModifyVirtualService (modify Standard Options)

public LoadMasterResponse ModifyVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

int[] extraPorts,

boolean useForSnat,

boolean transparent,

java.lang.String schedule,

java.lang.String persist,

int persistTimeout,

java.lang.String cookieName,

int idletime)

Modify an existing Virtual Service on the LoadMaster (Standard Options).

Parameters:

vs - The IP address for this virtual service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

extraPorts – The list of extra ports that the Virtual Service will listen to. Range: 3-65530

useForSnat – SNAT is an acronym for Server Network Address Translation. By default, when the LoadMaster is being used for the Network Address Translation (NAT) of Real Servers, the source IP address used on the Internet is that of the LoadMaster. This parameter can be used to allow the Real Server configured on this Virtual Service to use the Virtual Service as the source IP address instead.

0 – SNAT disabled

1 – SNAT enabled

transparent - When using L7, a connection can be transparent, i.e. the connection arriving at the Real Server appears to come directly from the client, or it can be non-transparent, where the connections at the Real Server appears to come from the LoadMaster. This may be needed in some configurations.

0 – Transparency disabled

1 – Transparency enabled

schedule – Specifies the method the load balancer will use to select a Real Server. Valid options are rr (Round Robin), wrr (Weighted Round Robin), lc (Least Connections), wlc (Weighted Least Connections), fixed, adaptive (Resource Based), and sh (Source IP Hash).

persist – Specifies the time (in seconds) a client should be persisted to a Real Server.

Values are:

ssl

cookie

active-cookie

cookie-src

active-cookie-src

cookie-hash

url

query-hash

host

header

super

super-src

src

rdp

rdp-src

rdp-sb

rdp-sb-drc

persistTimeout – Specifies the time (in seconds) that a client should be persisted to a Real Server.

cookieName–Specifies the cookie that should be set on the HTTP stream.

idletime - Specifies the length of time (in seconds) that a connection may remain idle before it is closed.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.2.11ModifyVirtualService (change Advanced Options)

public LoadMasterResponse ModifyVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

int addVia,

java.lang.String defaultGateway,

int errorCode,

java.lang.String errorUrl,

java.lang.String extraHeaderKey,

java.lang.String extraHeaderValue)

Modify an existing Virtual Service on the LoadMaster. (Advanced Options)

Parameters:

vs - The IP address for this virtual service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). vsProt - - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

addVia – Specifies which headers should be added to the HTTP stream. The parameter takes the following arguments:

0 - Legacy Operation1 - X-Forwarded-For2 - None3 - X-Client-Side4 - X-Client-Side No Via5 - X-Forwarded-For No Via6 - Via Only

defaultGateway – Specifies the gateway that should be used to return traffic to clients.

errorCode – Specifies the error code to return to clients if no Real Servers are available. Range: 200 - 505

errorUrl – Specifies the redirected URL if there are no Real Servers available - Sorry page.

extraHeaderKey – Specifies the redirected URL if there are no Real Servers available - Sorry page.

extraHeaderValue - This parameter corresponds to the second text box in the Add Header to Request field in the WUI. Specify the value for the extra header that is to be inserted into every request which is sent to the Real Servers.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.2.12ModifyVirtualService (modify ESP Options)

public LoadMasterResponse ModifyVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

int espLogs,

java.lang.String[] allowedHosts,

java.lang.String[] allowedDirectories,

java.lang.String[] excludedDomains,

java.lang.String[] allowedGroups

java.lang.String[] altDomains

int inputAuthMode,

int outputAuthMode)

Modify an existing Virtual Service on the LoadMaster. (ESP Options)

Parameters:

vs - The IP address for this virtual service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

espLogs – This parameter accepts the following arguments:

0 - No logging1 - User Access2 - Security3 - User Access AND Security4 - Connection5 - User Access AND Connection6 - Security AND Connection7 - User Access AND Security AND Connection

By default, this parameter is set to 7 for regular (non-SMTP) Virtual Services. For SMTP Virtual Services the default is 4. The only valid values for SMTP services are 0 and 4. For SMTP services, security issues are always logged. Nothing is logged for user access because there are no logins.

allowedHosts – Specify all of the Virtual Hosts that can be accessed via this Virtual Service. Multiple Virtual Hosts can be specified by using a space-separated list.

allowedDirectories – Specify all the virtual directories that can be accessed via this Virtual Service. Multiple virtual directories can be specified by using a space-separated list.

excludedDomains – Any virtual directories specified within this field will not be pre-authorized on this Virtual Service and will be passed directly to the relevant Real Servers. Multiple excluded domains can be specified by using a space-separated list.

allowedGroups - Specify all the virtual groups that can be accessed via this Virtual Service.

altDomains – Specify alternative domains to be assigned to a Virtual Service when configuring multi-domain authentication. To specify multiple alternative domains use a space separated list.

inputAuthMode – This parameter controls client authentication. This parameter accepts the following arguments:

0 - Delegate to Server1 - Basic2 - Form-Based Authentication

outputAuthMode – This parameter controls server authentication. This parameter accepts the following arguments:

0 - None1 - Basic

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.2.13ModifyVirtualService (modify Real Server check options)

public LoadMasterResponse ModifyVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

int checkPort,

java.lang.String checkUrl,

java.lang.String checkType,

java.lang.String checkHeaders)

Modify an existing Virtual Service on the LoadMaster and configure various Real Server health checking options.

Parameters:

vs - The IP address for this virtual service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

checkPort – Specifies the port to use for communication to check the service.

checkUrl – When the CheckType is set to http or https: By default, the health checker tries to access the URL / to determine if the machine is available. A different URL can be set in the CheckUrl parameter.

When the CheckType is set to bdata:

Specify a hexadecimal string to send to the Real Server.

checkType – Specifies the method to check if the service is available. Default dependent on Virtual Service port. The list of allowed values is:

icmp

https

http

tcp

smtp

nntp

ftp

telnet

pop3

imap

rdp

bdata

none

checkHeaders – The key for the Custom Header which to be part of the healthcheck request.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.2.14ModifyVirtualService (modify SSL options)

public LoadMasterResponse ModifyVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

boolean enableSSL,

java.lang.String sslRewrite,

boolean sslReencrypt,

int clientCert)

Modify an existing Virtual Service on the LoadMaster and configure various SSL options.

Parameters:

vs - The IP address for this Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

enableSSL -Enable SSL handling on this Virtual Service.

0 - Disable

1 - Enable

sslRewrite – When the Real Server rejects a request with a HTTP redirect, the requesting Location URL may need to be converted to specify HTTPS instead of HTTP (and vice versa).

Values are:

http

https

sslReencrypt –Reencrypt the SSl data stream before sending to the Real Server.

clientCert – Specifies the client certificate to use for connection when checking the service. Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.2.15ModifyVirtualService (modify Application Firewall Pack (AFP) options)

public LoadMasterResponse ModifyVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

boolean intercept,

java.lang.String interceptOpts,

java.lang.String interceptRules,

int alertThreshold)

Modify an existing Virtual Service on the LoadMaster. (WAF Options)

Parameters:

vs - The IP address for this Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

intercept - Enable or disable the Application Firewall Pack (AFP) for this Virtual Service.

0 - Disable

1 - Enable

interceptOpts - This is a special parameter that allows multiple Application Firewall Pack (AFP) options to be set. For more information, refer to Section 4.3.1.2.16.

interceptRules - The interceptRules parameter assigns WAF rules to a Virtual Service. However, using the interceptRules parameter will overwrite any previously assigned rules. Therefore, we recommend using the VSAddWafRule command as that command appends any rules added to the existing list of assigned rules. For more details regarding the VSAddWafRule command, see Section 4.3.4.19.

alertThreshold - The number of incidents that can occur in one hour before an alert is sent. Setting this to 0 disables alerting.

Range: 0-100000

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

4.3.1.2.16AFP InterceptOpts Parameter

The AFP InterceptOpts parameter is a special parameter – it can be used to set the value for multiple fields, rather than just one field as with most other parameters. The InterceptOpts parameter allows the specification of most of the fields in the WAF Options section of the Virtual Service modify screen in the LoadMaster WUI.

When the Intercept parameter is set to 0, WAF is disabled but the InterceptOpts values can be set. To enable WAF, set the Intercept parameter to 1.

The names of the specific WUI fields that the InterceptOpts parameter is related to, are listed in the table below.

One or more field values can be set in one command. Multiple values can be set in the one command by separating the values with a semi-colon, for example:

InterceptOpts=opnormal;auditnone;reqdataenable;resdataenable;jsondisable;xmldisable

The previous code sets the following parameters to the following values:

Name

Related WUI Option

Additional Information

Auditnone

Audit mode

Set the Audit mode to No Audit. No data is logged.

reqdataenable

Inspect HTML POST Request Content

Enable the Inspect HTML POST Request Content option

resdataenable

Inspect HTML POST Request Content

Enable the Inspect HTML POST Request Content option

jsondisable

Disable JSON Parser

Disable the JSON parser.

This option is only relevant if the Inspect HTML POST Request Content option is enabled.

xmldisable

Disable XML Parser

Disable the XML parser.

This option is only relevant if the Inspect HTML POST Request Content option is enabled.

Table 4‑5: InterceptOpts parameter values

The following table outlines what each of the values mean.

The values that are related to the same WUI option are mutually exclusive. For example, you cannot set Basic Operation to both opnormal and opblock.

Value

Related WUI Option

Default

Meaning

opnormal

Default Operation

Audit Only

Set the Basic Operation to Audit Only

opblock

Default Operation

Audit Only

Set the Basic Operation to Block Mode

auditnone

Audit mode

No Audit

Set the Audit mode to No Audit. No data is logged.

auditrelevant

Audit mode

No Audit

Set the Audit mode to Audit Relevant. Logs data which is of a warning level and higher.

auditall

Audit mode

No Audit

Set the Audit mode to Audit All. Logs all data through the Virtual Service.

The Audit All option is not recommended for use in normal operation. Audit All should only be used when troubleshooting a specific problem.

reqdataenable

Inspect HTML POST Request Content

Disabled

Enable the Inspect HTML POST Request Content option

reqdatadisable

Inspect HTML POST Request Content

Disabled

Disable the Inspect HTML POST Request Content option

resdataenable

Process Response Data

Disabled

Enable the Inspect HTML POST Request Content option

resdatadisable

Process Response Data

Disabled

Disable the Inspect HTML POST Request Content option

jsondisable

Disable JSON Parser

Disabled

Disable the JSON parser.

This option is only relevant if the Inspect HTML POST Request Content option is enabled.

jsonenable

Disable JSON Parser

Disabled

Enable the JSON parser.

This option is only relevant if the Inspect HTML POST Request Content option is enabled.

xmldisable

Disable XML Parser

Disabled

Disable the XML parser.

This option is only relevant if the Inspect HTML POST Request Content option is enabled.

xmlenable

Disable XML Parser

Disabled

Enable the XML parser.

This option is only relevant if the Inspect HTML POST Request Content option is enabled.

Table 4‑6: InterceptOpts parameter values

4.3.1.4Modify a Sub-Virtual Service

4.3.1.3

4.3.1.4

4.3.1.4.1ModifySubVirtualService (recommended method)

public LoadMasterResponse ModifySubVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

java.util.Map<java.lang.String,java.lang.String> parameters)

throws Utils.InvalidApiParametersException

Modify an existing SubVS on the LoadMaster.

Parameters:

vs - The IP address for this Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

parameters - Extra optional parameters; most of the parameters in SubVSs are the same as the ones used for a normal (parent) Virtual Service. Please refer to the table in Section 4.3.1.2.1 for a list of Virtual Service parameters. If you try to set a parameter that is not available in a SubVS, an error message will be returned.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.1.4.2ModifySubVirtualService (modify Standard Options)

public LoadMasterResponse ModifySubVirtualService(java.lang.String vsID,

java.lang.String vsPort,

java.lang.String vsProt,

int[] extraPorts,

boolean useForSnat,

boolean transparent,

java.lang.String schedule,

java.lang.String persist,

int persistTimeout,

java.lang.String cookieName,

int idletime)

Modify an existing SubVS, configuring Standard Options, on the LoadMaster

Parameters:

vsID - The index or the address of the Virtual Service.

vsport - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). If vsID is set to the index, set this to null.

vsprot - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp"). If the vsID parameter is set to the index, set the vsprot to null.

extraPorts – The list of extra ports that the Virtual Service will listen to. Range: 3-65530

useForSnat – SNAT is an acronym for Server Network Address Translation. By default, when the LoadMaster is being used for the Network Address Translation (NAT) of Real Servers, the source IP address used on the Internet is that of the LoadMaster. This parameter can be used to allow the Real Server configured on this Virtual Service to use the Virtual Service as the source IP address instead.

transparent – When using L7, a connection can be transparent, i.e. the connection arriving at the Real Server appears to come directly from the client, or it can be non-transparent, where the connections at the Real Server appears to come from the LoadMaster. This may be needed in some configurations.

0 – Transparency disabled

1 – Transparency enabled

schedule – Specifies the method the load balancer will use to select a Real Server. Valid options are rr (Round Robin), wrr (Weighted Round Robin), lc (Least Connections), wlc (Weighted Least Connections), fixed (Fixed Weighting), adaptive (Resource Based), and sh (Source IP Hash).

persist – Specifies the time (in seconds) a client should be persisted to a Real Server.

Values are:

ssl

cookie

active-cookie

cookie-src

active-cookie-src

cookie-hash

url

query-hash

host

header

super

super-src

src

rdp

rdp-src

rdp-sb

rdp-sb-drc

persistTimeout – Specifies the time (in seconds) that a client should be persisted to a Real Server.

cookieName –Specifies the cookie that should be set on the HTTP stream.

idletime – Specifies the length of time (in seconds) that a connection may remain idle before it is closed.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.4.3ModifySubVirtualService (more settings)

public LoadMasterResponse ModifySubVirtualService(java.lang.String vsID,

java.lang.String vsPort,

java.lang.String vsProt,

int addVia,

java.lang.String defaultGateway,

int errorCode,

java.lang.String errorUrl,

java.lang.String extraHeaderKey,

java.lang.String extraHeaderValue)

Modify an existing Sub Virtual Service, configuring additional settings, on the LoadMaster

Parameters:

vsID - The index or the address of the Virtual Service.

vsport - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). If vsID is set to the index, set this to null.

vsprot - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp"). If the vsID parameter is set to the index, set the vsprot parameter to null.

addVia – Specifies which headers should be added to the HTTP stream. The parameter takes the following arguments:

0 - Legacy Operation1 - X-Forwarded-For2 - None3 - X-Client-Side4 - X-Client-Side No Via5 - X-Forwarded-For No Via6 - Via Only

defaultGateway – Specifies the gateway that should be used to return traffic to clients.

errorCode – Specifies the error code to return to clients if no Real Servers are available. Range: 200 - 505

errorUrl – Specifies the redirected URL if there are no Real Servers available - Sorry page.

extraHeaderKey – Specifies the redirected URL if there are no Real Servers available - Sorry page.

extraHeaderValue – This parameter corresponds to the second text box in the Add Header to Request field in the WUI. Specify the value for the extra header that is to be inserted into every request which is sent to the Real Servers.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.4.4ModifySubVirtualService (modify ESP Options)

public LoadMasterResponse ModifySubVirtualService(java.lang.String vsID,

java.lang.String vsPort,

java.lang.String vsProt,

int espLogs,

java.lang.String[] allowedHosts,

java.lang.String[] allowedDirectories,

java.lang.String[] excludedDomains,

java.lang.String[] allowedGroups,

java.lang.String[] altDomains,

int inputAuthMode,

int outputAuthMode)

Modify an existing SubVS by modifying ESP options on the LoadMaster.

Parameters:

vsID - The index or the address of the virtual service.

vsport - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). If vsID is set to the index, set this to null.

vsprot - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp"). If the vsID parameter is set to the index, set the vsprot parameter to null.

espLogs – This parameter accepts the following arguments:

0 - No logging1 - User Access2 - Security3 - User Access AND Security4 - Connection5 - User Access AND Connection6 - Security AND Connection7 - User Access AND Security AND Connection

The only valid values for SMTP services are 0 and 4. For SMTP services, security issues are always logged. Nothing is logged for user access because there are no logins.

allowedHosts – Specify all of the Virtual Hosts that can be accessed via this Virtual Service. allowedDirectories – Specify all the virtual directories that can be accessed via this Virtual Service.

excludedDomains – Any virtual directories specified within this field will not be pre-authorized on this Virtual Service and will be passed directly to the relevant Real Servers. Multiple excluded domains can be specified by using a space-separated list.

altDomains – Specify alternative domains to be assigned to a Virtual Service when configuring multi-domain authentication. To specify multiple alternative domains use a space separated list.

inputAuthMode – This parameter controls client authentication. This parameter accepts the following arguments:

0 - Delegate to Server1 - Basic2 - Form-Based Authentication

outputAuthMode – This parameter controls server authentication. This parameter accepts the following arguments:0 - None1 – Basic

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.4.5ModifySubVirtualService (modify health check options)

public LoadMasterResponse ModifySubVirtualService(java.lang.String vsID,

java.lang.String vsPort,

java.lang.String vsProt,

int checkPort,

java.lang.String checkUrl,

java.lang.String checkType,

java.lang.String checkHeaders)

Modify the health check options of an existing SubVS on the LoadMaster.

Parameters:

vsID - Can be the index or the address of the virtual service.

vsport - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). If vsID is set to the index, set this to null.

vsprot - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

checkPort – Specifies the port to use for communication to check the service.

checkUrl – When the CheckType is set to http or https: By default, the health checker tries to access the URL / to determine if the machine is available. A different URL can be set in the CheckUrl parameter.

checkType – Specifies the method to check if the service is available.

checkHeaders – The key for the Custom Header which to be part of the healthcheck request.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.4.6ModifySubVirtualService (modify SSL options)

public LoadMasterResponse ModifySubVirtualService(java.lang.String vsID,

java.lang.String vsPort,

java.lang.String vsProt,

boolean enableSSL,

java.lang.String sslRewrite,

boolean sslReencrypt,

int clientCert)

Modify the SSL options of an existing SubVS on the LoadMaster

Parameters:

vsID - Can be the index or the address of the Virtual Service.

vsport - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). If vsID is set to the index, set this to null.

vsprot - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp"). If the vsID parameter is set to the index, set this to null.

enableSSL – Enable SSL handling on this Virtual Service.

sslRewrite – When the Real Server rejects a request with a HTTP redirect, the requesting Location URL may need to be converted to specify HTTPS instead of HTTP (and vice versa)

Values are:

http

https

sslReencrypt –Reencrypt the SSl data stream before sending to the Real Server.

clientCert – Specifies the client certificate to use for connection when checking the service.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.5DeleteVirtualService

public LoadMasterResponse DeleteVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt)

Delete an existing Virtual Service from the LoadMaster.

Virtual Services with SubVSs associated cannot be deleted. Before deleting a Virtual Service, please remove any SubVSs that are assigned to it. For more information see section 4.1.1.6 DeleteSubVirtualService.

Parameters:

vs - The IP address for this virtual service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.6DeleteSubVirtualService

public LoadMasterResponse DeleteSubVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

java.lang.String subVsRsIndex)

Delete an existing SubVS from the LoadMaster.

Parameters:

vs - The IP address for this virtual service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

subVsRsIndex - Index of the Real Server hosted on the SubVS. To find the the index of the Real Server, run the ListVirtualServices command, or alternatively, check the SubVS properties screen in the WUI, which displays Real Server IDs in the Id column of the Real Servers section. See Section 4.3.1.1 for further details on the ListVirtual Services commmand.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

4.3.1.7EnableSSLAcceleration

public LoadMasterResponse EnableSSLAcceleration(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

boolean enableSSL)

Toggles SSL Acceleration on a Virtual Serivce to enabled or disabled

Parameters:

vs - The IP address for this virtual service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

enableSSL -Enable SSL handling on this Virtual Service.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

4.3.1.8EnableEsp

public LoadMasterResponse EnableEsp(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

boolean enableESP)

Enables the ESP feature on the specified Virtual Service.

Parameters:

vs - The IP address for this Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

enableESP - Specifies whether ESP should be enabled or disabled:

0 - Disabled

1 - Enabled

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.9EnableSSLReencrypt

public LoadMasterResponse EnableSSLReencrypt(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

boolean enableReencrypt)

Toggles SSL Reencryption on a Virtual Serivce to enabled or disabled

Parameters:

vs - The IP address for this Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

enableReencrypt - This parameter is only relevant if SSL Acceleration is enabled.

When this option is enabled, the SSL data stream is re-encrypted before sending to the Real Server.

0 - Disabled

1 - Enabled

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.10AddSubVirtualService

public LoadMasterResponse AddSubVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt)

Creates a new SubVS on the LoadMaster.

Parameters:

vs - The IP address for this virtual service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.11Add a Real Server to a Virtual Service

4.3.1.5

4.3.1.6

4.3.1.7

4.3.1.8

4.3.1.9

4.3.1.10

4.3.1.11

4.3.1.11.1AddRealServerToVirtualService (recommended method)

public LoadMasterResponse AddRealServerToVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

java.lang.String realServerIp,

java.lang.String realServerPort,

java.util.Map<java.lang.String,java.lang.String> parameters)

throws Utils.InvalidApiParametersException

Add a Real Server to an existing Virtual Service on the LoadMaster.

Parameters:

vs - The IP address for this virtual service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

realServerIp - The IP address, Real Server index (ID) or service name of the Real Server

realServerPort - The port on which the Real Server accepts connections for this service.

parameters - Extra optional parameters:

Name

Type

Default

Range

Additional Information

weight

I

1000

1-65535

When using weighted round robin scheduling, the weight of a Real Server is used to indicate what relative proportion of traffic should be sent to the server. Servers with higher values will receive more traffic.

newport

I

<unset>

3-65535 (change the Port of the Real Server)

The port on the Real Server that is to be used.

forward

S

nat

nat, route

The type of forwarding method used. The default method is NAT. Direct server return can only be used with Layer 4 services.

enable

B

1

0 - Disabled

1 - Enabled

Enable or disable the Real Server.

limit

I

0

0-100000

The maximum number of open connections that cen be sent to a Real Server before it is taken out of rotation.

non_local

B

0

0 - Disabled

1 - Enabled

By default only Real Servers on local networks can be assigned to a Virtual Service. Enabling this option will allow a non-local Real Server to be assigned to the Virtual Service.

This option will only be available if nonlocalrs has been enabled and the Transparent option has been disabled on the relevant Virtual Service.

critical

B

0

0 - Disabled

1 - Enabled

Enabling this parameter indicates that the Real Server is required for the Virtual Service to be considered available. The Virtual Service will be marked as down if the Real Server has failed or is disabled.

Table 4‑7 : Extra optional parameters

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.1.11.2AddRealServerToVirtualService (alternative method)

public LoadMasterResponse AddRealServerToVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

java.lang.String realServerIp,

java.lang.String realServerPort)

Add a Real Server to an existing Virtual Service on the LoadMaster.

Parameters:

vs - The IP address for this virtual service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

realServerIp - The IP address, RS index or service name of the Real Server.

realServerPort - The port on which the Real Server accepts connections for this service.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.11.3AddRealServerToVirtualService (additional settings)

public LoadMasterResponse AddRealServerToVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

java.lang.String realServerIp,

java.lang.String realServerPort,

int weight,

java.lang.String forward,

boolean enable,

int connectionLimit)

Add a Real Server to an existing Virtual Service on the LoadMaster.

Parameters:

vs - The IP address for this virtual service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

realServerIp - The IP address or Real Server index (ID) of the Real Server.

realServerPort - The port on which the Real Server accepts connections for this service.

weight - Specifies the weighting for preferred Real Server. (Range 1-65535).

forward - Specifies if the service should handle connections to the server by Network Address Translation (NAT) or direct route. Parameter accepts "nat" or "route".

enable - Enable/disable automatic commercial rule file downloads.

0 - Disable

1 - Enable

connectionLimit - The maximum number of open connections which can be sent to a Real Server before it is taken out of rotation. (Range 0-100000).

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.12AddRealServerToSubVirtualService (recommended method)

public LoadMasterResponse AddRealServerToSubVirtualService(int subVsIndex,

java.lang.String realServerIp,

java.lang.String realServerPort,

java.util.Map<java.lang.String,java.lang.String> parameters)

throws Utils.InvalidApiParametersException

Add a Real Server to an existing Virtual Service on the LoadMaster.

Parameters:

Figure 4‑1: SubVS ID

subVsIndex – This is the index of the SubVS. To find the SubVS index value run the ListVirtualServices command which is shown in Section 4.3.1.1, or alternatively, check the SubVS properties screen of the WUI which displays SubVS Id. For example, in the screenshot above, the SubVS ID is 2.

realServerIp - The Real Server to which this virtual service connects to realServerPort - The port on which the Real Server accepts connections for this service.

parameters - Extra optional parameters. For a list of these optional parameters, refer to the table in Section 4.3.1.5.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.1.13AddRealServerToSubVirtualService (Mandatory Options)

public LoadMasterResponse AddRealServerToSubVirtualService(int subVsIndex,

java.lang.String realServerIp,

java.lang.String realServerPort)

Add a Real Server to an existing Virtual Service on the LoadMaster.

Parameters:

Figure 4‑2: SubVS ID

subVsIndex – This is the index of the SubVS. To find the SubVS index value run the ListVirtualServices command which is shown in Section 4.3.1.1, or alternatively, check the SubVS properties screen of the WUI which displays SubVS Id. For example, in the screenshot above, the SubVS ID is 2.

realServerIp - The IP address, Real Server index (ID) or service name of the Real Server.

realServerPort - The port on which the Real Server accepts connections for this service.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.14ModifyRealServerOnVirtualService (recommended method)

public LoadMasterResponse ModRealServerOnVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

java.lang.String realServerIp,

java.lang.String realServerPort,

java.util.Map<java.lang.String,java.lang.String> parameters)

throws Utils.InvalidApiParametersException

Add a Real Server to an existing Virtual Service on the LoadMaster.

Parameters:

vs - The IP address for this virtual service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

realServerIp - The IP address, RS index or service name of the Real Server

realServerPort - The port on which the Real Server accepts connections for this service.

parameters - Extra optional parameters. For a list of these parameters, refer to the table in Section 4.3.1.5.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.1.15ModifyRealServerOnVirtualService (Alternative Method)

public LoadMasterResponse ModifyRealServerOnVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

java.lang.String realServerIp,

java.lang.String realServerPort,

int weight,

int newport,

java.lang.String forward,

boolean enable,

int connectionLimit)

Modify an existing Real Server on a Virtual Service.

Parameters:

vs - The IP address for this Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

realServerIp - The IP address, Real Server index (ID) or service name of the Real Server to be modified.

The IP address (which can be specified using the realServerIp parameter) can be in either IPv4 or IPv6 format:

realServerPort - The port on which the Real server accepts connections for this service.

weight - Specifies the weighting for preferred Real Server. (Range 1-65535).

newport - Specifies the new port that should be used for communication to the Real Server. (Range 3-65535).

forward - Specifies if the service should handle connections to the server by Network Address Translation (NAT) or direct route. Parameter accepts "nat" or "route".

enableRealServer – Use this parameter to enable or disable a Real Server.

True - Enable

False - Disable

connectionLimit -The maximum number of open connections which can be sent to a Real Server before it is taken out of rotation. (Range 0-100000).

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.16ModifyRealServerOnSubVirtualService (recommended method)

public LoadMasterResponse ModRealServerOnSubVirtualService(int subVsIndex,

java.lang.String realServerIp,

java.lang.String realServerPort,

java.util.Map<java.lang.String,java.lang.String> parameters)

throws Utils.InvalidApiParametersException

Add a Real Server to an existing Virtual Service on the LoadMaster.

Parameters:

Figure 4‑3: SubVS ID

subVsIndex – This is the index of the SubVS. To find the SubVS index value run the ListVirtualServices command which is shown in Section 4.3.1.1, or alternatively, check the SubVS properties screen of the WUI which displays SubVS Id. For example, in the screenshot above, the SubVS ID is 2.

realServerIp - The IP address, Real Server index (ID) or service name of the Real Server.

The IP address (which can be specified using the realServerIp parameter) can be in either IPv4 or IPv6 format:

realServerPort - The port on which the Real Server accepts connections for this service.parameters - Extra optional parameters. For a list of these parameters, refer to the table in Section 4.3.1.5.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.1.17DeleteRealServerFromVirtualService

public LoadMasterResponse DeleteRealServerFromVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

java.lang.String realServerIp,

java.lang.String realServerPort)

Delete an existing Real Server from a Virtual Service on the LoadMaster.

Parameters:

vs - The IP address for this Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

realServerIp - The IP address, Real Server index (ID) or service name of the Real Server.

realServerPort - The port on which the Real Server accepts connections for this service.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.18AddRealServerRule

public LoadMasterResponse AddRealServerRule(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

java.lang.String realServerIp,

java.lang.String realServerPort,

java.lang.String ruleName)

Assign an existing rule to an existing Real Server on the LoadMaster.

Parameters:

vs - The IP address for this Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

realServerIp - The IP address, RS index or service name of the Real Server the rule will be added to.

realServerPort - The port on which the Real Server accepts connections for this service.

ruleName - The name of the rule to assign to the Real Server.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.19AddRealServerRule (alternative method)

public LoadMasterResponse AddRealServerRule(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

int realServerIndex,

java.lang.String ruleName)

Assign an existing rule to an existing Real Server on the LoadMaster.

Parameters:

vs - The IP address for this virtual service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

realServerIndex - The index of the Real Server the rule will be added to.

ruleName - The name of the rule that should be applied to the Virtual Service.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.20DeleteRealServerRule

public LoadMasterResponse DeleteRealServerRule(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

java.lang.String realServerIp,

java.lang.String realServerPort,

java.lang.String ruleName)

Unassigns a rule assigned to a Real Server.

Parameters:

vs - The IP address for this Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

realServerIp - The IP address, Real Server index (ID) or service name of the Real Server the rule will be unassigned from.

realServerPort - The port on which the Real Server accepts connections for this service. ruleName - The name of the rule that should be applied to the Virtual Service.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.21Certificates

4.3.1.12

4.3.1.13

4.3.1.14

4.3.1.15

4.3.1.16

4.3.1.17

4.3.1.18

4.3.1.19

4.3.1.20

4.3.1.21

4.3.1.21.1AddCertificateToVs

public LoadMasterResponse AddCertificateToVs(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

java.lang.String certificateName)

Assign a previously uploaded Certificate to a Virtual Service on the LoadMaster.

Parameters:

vs - The IP address for this Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

certificateName - The name of the certificate to be assigned to the Virtual Service.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.21.2DeleteCertificateFromVs

public LoadMasterResponse DeleteCertificateFromVs(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt)

Unassign a Certificate from a Virtual Service on the LoadMaster.

Parameters:

vs - The IP address for this Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

4.3.1.22Rules

4.3.1.22

4.3.1.22.1

4.3.1.22.2

4.3.1.22.3AddRequestRuleToVs

public LoadMasterResponse AddRequestRuleToVs(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

java.lang.String ruleName)

Assign a Request Rule to an existing Virtual Service on the LoadMaster.

Parameters:

vs – The IP address for this Virtual Service.

vsPort – Specifies the port on which this Virtual Service accepts connections (range: 3-65530). vsProt – Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

ruleName–The name of the rule that should be applied to the Virtual Service.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.22.4DeleteRequestRuleFromVs

public LoadMasterResponse DeleteRequestRuleFromVs(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

java.lang.String ruleName)

Unassign a Request Rule from a Virtual Service on the LoadMaster.

Parameters:

vs - The IP address for this Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

ruleName -The name of the rule that should be applied to the Virtual Service.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.22.5AddPreRuleToVs

public LoadMasterResponse AddPreRuleToVs(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

java.lang.String ruleName)

Assign a Pre Rule to an existing Virtual Service on the LoadMaster.

Parameters:

vs - The IP address for this Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

ruleName -The name of the rule that should be applied to the Virtual Service.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.22.6DeletePreRuleFromVs

public LoadMasterResponse DeletePreRuleFromVs(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

java.lang.String ruleName)

Unassign a Pre Rule from a Virtual Service on the LoadMaster.

Parameters:

vs - The IP address for this Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

ruleName - The name of the rule that should be applied to the Virtual Service.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.22.7AddResponseRuleToVs

public LoadMasterResponse AddResponseRuleToVs(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

java.lang.String ruleName)

Assign a Response Rule to an existing Virtual Service on the LoadMaster.

Parameters:

vs - The IP address for this Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

ruleName - The name of the Response Rule to be assigned to the Virtual Service.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.22.8DeleteResponseRuleFromVs

public LoadMasterResponse DeleteResponseRuleFromVs(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

java.lang.String ruleName)

Unassign a Response Rule from a Virtual Service on the LoadMaster.

 

Parameters:

vs - The IP address for this Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

ruleName -The name of the rule that should be applied to the Virtual Service.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.23ShowVirtualService

public LoadMasterResponse ShowVirtualService(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt)

Display a Virtual Service.

Parameters:

vs - The IP address for this Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.1.24ListTemplates

public LoadMasterResponse ListTemplates()

List templates on the LoadMaster.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

4.3.1.25UploadTemplate

public LoadMasterResponse UploadTemplate(java.lang.String path)

Upload a template file to the LoadMaster.

Parameters:

path - The path to the template location followed by a backslash and the filename of the template.tmpl.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

4.3.1.26DeleteTemplate

public LoadMasterResponse DeleteTemplate(java.lang.String name)

Delete template from the LoadMaster.

Parameters:

name - The name of the template as it appears in the Name column in the LoadMaster.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

4.3.2Show a Real Server

4.3.2.1ShowRealServer

public LoadMasterResponse ShowRealServer(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

java.lang.String realServerIp,

java.lang.String realServerPort)

Display a Real Server on a Virtual Service.

Parameters:

vs - The IP address for this virtual service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

realServerIp - The IP address of the Real Server to be modified.

realServerPort - The port on which the Real Server accepts connections for this service.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.2.2ShowRealServer (alternative method)

public LoadMasterResponse ShowRealServer(java.lang.String vs,

java.lang.String vsPort,

java.lang.String vsProt,

int realServerIndex)

Display a Real Server on a Virtual Service.

Parameters:

vs - The IP address for this virtual service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530). vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

realServerIndex - The RS index of the Real Server to be modified.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.3Manage SSO Domains

4.3.3.1AddSSODomain

public LoadMasterResponse AddSSODomain(java.lang.String domainIdentifier)

Add a new Single Sign On Domain to the LoadMaster.

Parameters:

domainIdentifier - Specifies the name of the SSO domain LoadMaster entry to be modified.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.3.2ModSSODomain

public LoadMasterResponse ModSSODomain(java.lang.String domainIdentifier,

java.lang.String ldapProtocol,

java.lang.String ldapServers)

Modify an existing Single Sign On Domain on the LoadMaster.

Parameters:

domainIdentifier - Specifies the name of the SSO domain LoadMaster entry to be modified.

ldapProtocol - (optional) The transport protocol used to communicate with the LDAP server. Values are: 'unencrypted', 'ldaps' and 'starttls'

ldapServers - (optional) Specifies the LDAP server to use for authentication. A space separated list of LDAP servers e.g. "192.168.11.142 192.168.11.143 192.168.11.144"

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.3.3ModSSODomain (recommended method)

public LoadMasterResponse ModSSODomain(java.lang.String domainIdentifier,

java.lang.String authType,

java.lang.String Servers,

java.util.Map<java.lang.String,java.lang.Object> parameters)

Modify an existing Single Sign On Domain on the LoadMaster.

Parameters:

domainIdentifier - Specifies the name of the SSO domain LoadMaster entry to be modified.

authType - Specify the transport protocol used to communicate with the authentication server. Possible values are:

LDAP-Unencrypted

LDAP-StartTLS

LDAP-LDAPS

RADIUS

RSA-SECURID

Certificate

KCD

RADIUS%20and%20LDAP-Unencrypted

RADIUS%20and%20LDAP-StartTLS

RADIUS%20and%20LDAP-LDAPS

Servers - (optional) A space separated list of Authentication servers e.g. "192.168.11.142 192.168.11.143 192.168.11.144"

parameters - A map with [key,value] pairs for the remainig parameters. The parameters are listed and described below.

Name

Type

Default

Range

Additional Information

auth_type

S

“LDAP-StartTLS”

LDAP-Unencrypted

LDAP-StartTLS

LDAP-LDAPS

RADIUS

RSA-SECURID

KCD

Certificates

RADIUS%20and%20LDAP-Unencrypted

RADIUS%20and%20LDAP-StartTLS

RADIUS%20and%20LDAP-LDAPS

Specify the transport protocol used to communicate with the authentication server.

radius_shared_secret

S (masked)

<unset>

 

The shared secret to be used between the radius server and the LoadMaster.

logon_fmt

S

“Principalname”

“not%20specified”

“Principalname”

“Username”

Specify the logon string format used to authenticate to the server.

The Username value is not available if the auth_type is set to RADIUS or a RADIUS and LDAP protocol.

logonfmt2

S

“Principalname”

“Not%20specified”

“Principalname”

“Username”

Specify the logon string format used to authenticate to the server.

logon_domain

S

<unset>

 

This parameter corresponds with the Domain/Realm field in the WUI. The login domain to be used. This is also used with logon format to construct the normalized user name, for example:

Principalname: <username>@<domain>

Username:

<domain>\<username>

max_failed_auths

I

0

0-999

The maximum number of failed login attempts before the user is locked out.

0 – Never lock out.

sess_tout_idle_pub

I

900

60-86400

The session idle timeout value in seconds. This value is used in a public environment.

sess_tout_duration_pub

I

1800

60-86400

The maximum duration timeout value for the session in seconds. This value is used in a public environment.

sess_tout_idle_priv

I

900

60-86400

The session idle timeout value in seconds. This value is used in a private environment.

sess_tout_duration_priv

I

2800

60-86400

The maximum duration timeout value for the session in seconds. This value is used in a private environment.

sess_tout_type

S

“idle time”

“idle time”

“max duration”

Specify the type of session timeout to be used.

testuser

S

<unset>

 

The username that will be used to check the authentication server(s).

testpass

S (masked)

<unset>

 

The password of the user that will be used to check the authentication server(s).

reset_fail_tout

I

60

60-86400

The number of seconds that must elapse before the Failed Login Attempts counter is reset to 0. This value must be less than the unblock_tout

unblock_tout

I

1800

60-86400

The timeout value (in seconds) before a blocked account is automatically unblocked. This must be greater than the reset_fail_tout value.

server

S

<unset>

 

The address(s) of the server(s) that are to be used to validate this domain.

server2

A

<unset>

Valid IP address

When using dual factor authentication, use the server parameter to set the address of theRADIUS server(s) and use the server2 parameter to set the address of the LDAP server(s).

kerberos_domain

S

<unset>

 

The Kerberos Realm

kerberos_kdc

S

<unset>

 

The Kerberos Key Distribution Center

kcd_username

S

<unset>

 

The kcd_username should not contain double or single quotes.

kcd_password

S

<unset>

 

The kcd_password should not contain double or single quotes.

ldap_admin

S

<unset>

 

This, along with the ldap_password,is used to log in to the database to check if the user from the certificate exists.

ldap_password

S

<unset>

 

This, along with the ldap_admin, is used to log in to the database to check if the user from the certificate exists.

cert_check_asi

B

0 - Disabled

0 – Disabled

1 – Enabled

This option is only available when the Authentication Protocol is set to Certificates. When this option is enabled - in addition to checking the validity of the client certificate, the client certificate will also be checked against the altSecurityIdentities (ASI) attribute of the user on the Active Directory.

server_side

B

Y – Outbound KCD SSO domain

Y = Outbound KCD SSO domain

N = Inbound configuration

Specify whether the configuration is inbound or outbound.

logon_transcode

B

0 - Disabled

0 – Disabled

1 – Enabled

Enable or disable the transcode of logon credentials from ISO-8859-1 to UTF-8 when required.

 

Table 4‑8: ModSSODomain parameters

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

4.3.3.4UploadRSAConfigurationFile

public LoadMasterResponse UploadRSAConfigurationFile(java.lang.String file)

throws Utils.InvalidApiParametersException

Upload the RSA Authentication Manager Configuration File to the LoadMaster

Parameters:

file - The absolute path to the file in the format <PathToFile>/<Filename>.extension

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.3.5UploadRSANodeSecretAndPassword

public LoadMasterResponse UploadRSANodeSecretAndPassword(java.lang.String file,

java.lang.String nsPassword)

throws Utils.InvalidApiParametersException

Upload the RSA Node Secret Configuration File and Password for decryption to the LoadMaster

Parameters:

file - The absolute path to the RSA Node Secret Configuration file

nsPassword - The password to be used for Decryption

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.3.6DeleteSSODomain

public LoadMasterResponse DeleteSSODomain(java.lang.String domainIdentifier)

Delete an existing Single Sign On Domain from the LoadMaster.

Parameters:

domainIdentifier - Specifies the name of the SSO domain LoadMaster entry to be modified

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.3.3.7 ShowSSODomain

public LoadMasterResponse ShowSSODomain(java.lang.String domainIdentifier)

Shows an existing Single Sign On Domain from the LoadMaster.

Parameters:

domainIdentifier -Specifies the name of the SSO domain LoadMaster entry to be modified

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

4.3.3.8ShowSSODomainLockedUsers

public LoadMasterResponse ShowSSODomainLockedUsers(java.lang.String domainIdentifier)

Shows the locked-out users for the specified Single Sign On Domain from the LoadMaster.

Parameters:

domainIdentifier -Specifies the name of the SSO domain LoadMaster entry to be modified[optional]

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

4.3.3.9UnlockSSODomainUsers

public LoadMasterResponse UnlockSSODomainUsers(java.lang.String domainIdentifier,

java.lang.String users)

Unlocks the specified Users for the specified Single Sign On Domain from the LoadMaster.

Parameters:

domainIdentifier - Specifies the name of the SSO domain LoadMaster entry to be modified

LoadMasterusers -The username of the user to be unblocked. If there is more than one user, use a space-separated list of users.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

4.3.4WAF Settings

4.3.4.1GetWafSettings

public LoadMasterResponse GetWafSettings()

throws Utils.InvalidApiParametersException

Display the WAF parameters.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.4.2DisableWafRemoteLogging

public LoadMasterResponse DisableWafRemoteLogging()

throws Utils.InvalidApiParametersException

Disable the WAF remote logging feature.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.4.3EnableWafRemoteLogging

public LoadMasterResponse EnableWafRemoteLogging(java.lang.String remoteURI,

java.lang.String uname,

java.lang.String passwd)

throws Utils.InvalidApiParametersException

Enable the WAF remote logging feature.

Parameters:

remoteURI - The remote server console URI.

uname - The remote username.

passwd - The remote password.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.4.4SetWafAutoUpdate

public LoadMasterResponse SetWafAutoUpdate(int enable)

throws Utils.InvalidApiParametersException

Set WAF auto download of rules feature.

Parameters:

enable - Enable/disable automatic commercial rule file downloads.

0 - Disable

1 – Enable

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.4.5EnableWafAutoInstall

public LoadMasterResponse EnableWafAutoInstall(java.lang.String enable)

throws Utils.InvalidApiParametersException

Set WAF auto install of rules feature.

Parameters:

enable - Enable/disable automatic commercial rule file downloads.

0 - Disable

1 - Enable

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.4.6SetWafInstallTime

public LoadMasterResponse SetWafInstallTime(int hour)

throws Utils.InvalidApiParametersException

Set WAF auto install time.

Parameters:

hour - Specify the hour (24-hour clock format) at which to perform the automatic commercial rule file update installation.

Range: 0-23

For example; 13 is 1pm.

Minutes cannot be specified.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.4.7WafDoDownload

public LoadMasterResponse WafDoDownload()

throws Utils.InvalidApiParametersException

Download the commercial WAF rules now.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.4.8GetWafChangeLog

public LoadMasterResponse GetWafChangeLog(java.lang.String saveFilePath)

throws Utils.InvalidApiParametersException

Get WAF change log.

Parameters: saveFilePath - The path to download the change log file to, followed by the filename and extension, in the format <Path\Filename.Extension> for example C:\WAFLogs\ExampleFileName.log.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.4.9AddWafCustomRule

public LoadMasterResponse AddWafCustomRule(java.lang.String rule,

java.lang.String fileName)

throws Utils.InvalidApiParametersException

Add WAF custom rule.

Parameters:

fileName - The desired rule name to be displayed on the WUI. This is only relevant for individual rule files.

Returns:

A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.4.10DelWafCustomrule

public LoadMasterResponse DelWafCustomrule(java.lang.String filename)

throws Utils.InvalidApiParametersException

Delete WAF custom rule.

Parameters:

filename - The desired rule name to be displayed on the WUI. This is only relevant for individual rule files.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.4.11DownloadWafCustomrule

public LoadMasterResponse DownLoadWafCustomrule(java.lang.String path,

java.lang.String filename)

throws Utils.InvalidApiParametersException

Download WAF custom rule.

Parameters:

path - Path to WAF custom rule

filename - The desired rule name to be displayed on the WUI. This is only relevant for individual rule files.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.4.12AddWafCustomData

public LoadMasterResponse AddWafCustomData(java.lang.String data,

java.lang.String fileName)

throws Utils.InvalidApiParametersException

Add WAF custom rule data.

Parameters:

fileName - The desired rule name to be displayed on the WUI. This is only relevant for individual rule files.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.4.13DelWafCustomData

public LoadMasterResponse DelWafCustomData(java.lang.String filename)

throws Utils.InvalidApiParametersException

Delete WAF custom data.

Parameters:

filename - The desired rule name to be displayed on the WUI. This is only relevant for individual rule files.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.4.14DownloadWafCustomData

public LoadMasterResponse DownLoadWafCustomData(java.lang.String path,

java.lang.String filename)

throws Utils.InvalidApiParametersException

Download WAF custom rule data.

Parameters:

path - Path to WAF custom rule.

filename - The desired rule name to be displayed on the WUI. This is only relevant for individual rule files.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.4.15ManInstallWafRules

public LoadMasterResponse ManInstallWafRules()

throws Utils.InvalidApiParametersException

Manuall Install WAF Rules.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.4.16ListWafAuditFiles

public LoadMasterResponse ListWafAuditFiles()

throws Utils.InvalidApiParametersException

This command returns a list of the WAF audit file names.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.4.17DownloadWafAuditLog

public LoadMasterResponse DownloadWafAuditLog(java.lang.String path,

java.lang.String file,

java.lang.String filter)

throws Utils.InvalidApiParametersException

Download WAF audit logs.

 

Parameters:

path - Path to where you want to download the AFP audit logs to. This must be in the format of <path\filename> with filename being the name that you want the downloaded log file to be called.

file - The WAF audit file to be downloaded, in the format <wafaudit>.<number>. To retrieve a list of the WAF audit files, run the listwafauditfiles command.

Only one filename should be specified per command.

filter – The filter string. This can be a regular expression.Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.4.18ListWafRules

public LoadMasterResponse ListWafRules()

throws Utils.InvalidApiParametersException

List WAF Rules.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.4.19VSAddWafRule

public LoadMasterResponse VSAddWafRule(java.lang.String vs,

java.lang.String port,

java.lang.String prot,

java.lang.String rule)

throws Utils.InvalidApiParametersException

Add WAF Rule to vs.

Parameters:

vs - The IP address of the relevant Virtual Service.port - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

prot - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").-

rule - The name of the WAF rule to be added.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.3.4.20VSRemoveWafRule

public LoadMasterResponse VSRemoveWafRule(java.lang.String vs,

java.lang.String port,

java.lang.String prot,

java.lang.String rule)

throws Utils.InvalidApiParametersException

Remove a WAF Rule from a Virtual Service.

Parameters:

vs - The IP address for this Virtual Service.

port - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

prot - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

rule - The name of the specific rule to be unassigned from the Virtual Service.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4Global Balancing (GEO)

4.4.1Manage FQDNs

4.4.1.1AddFQDN

public LoadMasterResponse AddFQDN(java.lang.String fqdn)

throws Utils.InvalidApiParametersException

Add a new FQDN.

Parameters:

fqdn - Specify the Fully Qualified Domain Name (FQDN).

Returns:

A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.1.2DeleteFQDN

public LoadMasterResponse DeleteFQDN(java.lang.String fqdn)

throws Utils.InvalidApiParametersException

Delete an existing FQDN.

Parameters:

fqdn - Name of the FQDN to be deleted.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.1.3ChangeCheckerAddr

public LoadMasterResponse ChangeCheckerAddr(java.lang.String fqdn,

java.lang.String ip,

java.lang.String checkerip,

int port)

throws Utils.InvalidApiParametersException

Set the address used to health check the IP address.

Parameters:

fqdn - The relevant FQDN.

ip - The relevant IP address that is mapped on the FQDN.

checkerip - The address used to health check the IP address.

port - The port used to healthcheck the IP address. The default value for this parameter is 80.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.1.4ListFQDNs

public LoadMasterResponse ListFQDNs()

throws Utils.InvalidApiParametersException

List the existing FQDNs.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.1.5ShowFQDN

public LoadMasterResponse ShowFQDN(java.lang.String fqdn)

throws Utils.InvalidApiParametersException

Display an existing FQDN.

Parameters:

fqdn - The name of the FQDN to be displayed.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.1.6ModifyFQDN

public LoadMasterResponse ModifyFQDN(java.lang.String fqdn,

java.util.Map<java.lang.String,java.lang.String> params)

throws Utils.InvalidApiParametersException

Modify an existing FQDN.

Parameters:

fqdn - The existing FQDN to add the map to.

params - Extra optional parameters. These parameters are listed and described in the table below:

Name

Type

Default

Range

Additional Information

SelectionCriteria

S

“rr”

rr = round robin

wrr = weighted round robin

fw = fixed weighting

rsr = Real Server load

prx = proximity

lb = location based

The selection criteria for addresses associated with the FQDN

FailTime

I

0

0-1440

If a failure delay is not set, normal health checking is performed. If set, this parameter defines the number of minutes to wait after a failure before finally disabling it. Once it is disabled, it will not normally be brought back into operation.

siterecoverymode

S

auto

auto – automatic

manual - manual

This parameter defines the Site Recovery Mode.

If this is set to automatic, upon site recovery the site is brought back into operation immediately.

If this is set to manual, once the site has failed, the site is disabled. Manual intervention is required to restore normal operation.

isolateips

B

1 – enabled

0 – Disabled

1 – Enabled

Enable/disable the isolation of public and private sites.

failover

B

0 – disabled

0 – Disabled

1 – Enabled

This parameter is only relevant if the SelectionCriteria is set to lb (Location Based).

Enable/disable FQDN failover.

Table 4‑9: ModifyFQDN parameters

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.1.7AddMap

public LoadMasterResponse AddMap(java.lang.String fqdn,

java.lang.String ip)

throws Utils.InvalidApiParametersException

Add a map.

Parameters:

fqdn - FQDN to add map to

ip - IP to map to FQDN

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.1.8AddMap (recommended method)

public LoadMasterResponse AddMap(java.lang.String fqdn,

java.lang.String ip,

java.util.Map<java.lang.String,java.lang.String> params)

throws Utils.InvalidApiParametersException

Add a map.

Parameters:

fqdn - FQDN to add map to

ip - IP to map to FQDN

params - A list of extra parameters. These parameters are listed and described in the table below.

Name

Type

Default

Range

Additional Information

Checker

 

S

“icmp”

none

icmp

tcp

Specify the type of checking to be done on this IP address.

Weight

I

1000

1-65535

Specify the weight associated with the IP address. The address with the highest weight is returned. This is only relevant if the Selection Criteria for the FQDN is set to Weighted Round Robin or Fixed Weighting.

Enable

B

Y – enabled

0 – Disabled

1 –Enabled

Enable or disable the IP address.

Cluster

I

<unset>

 

Specify the ID number of the cluster to associate with the IP address.

MapAddress

A

<unset>

 

This is only relevant when the Selection Criteria is set to Real Server Load, the Checker is set to Cluster Checks and the cluster is of type Remote LM or Local LM.

Enter a Virtual Service IP address to be mapped from the relevant LoadMaster.

MapPort

I

<unset>

 

This is only relevant when the Selection Criteria is set to Real Server Load, the Checker is set to Cluster Checks and the cluster is of type Remote LM or Local LM.

This parameter is used in conjunction with the MapAddress parameter to specify an IP address and port combination to be mapped.

If this parameter is not set, the health check will check all Virtual Services with the same IP address as the one selected. If one of them is in an “Up” status, the FQDN will show as “Up”. If a port is specified, the health check will only check against the health of that Virtual Service when checking the health of the FQDN.

Table 4‑10: AddMap parameters

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.1.9DeleteMap

public LoadMasterResponse DeleteMap(java.lang.String fqdn,

java.lang.String ip)

throws Utils.InvalidApiParametersException

Delete an existing map.

Parameters:

fqdn - FQDN to add map to

ip - IP to map to FQDN

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.1.10ModifyMap

public LoadMasterResponse ModifyMap(java.lang.String fqdn,

java.lang.String ip,

java.util.Map<java.lang.String,java.lang.String> params)

throws Utils.InvalidApiParametersException

Modify an existing map.

Parameters:

fqdn - FQDN to add map to

ip - IP to map to FQDN

params - Extra optional parameters. For a list of parameters, refer to the table in Section 4.4.1.8.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.1.11ChangeMapLocation

public LoadMasterResponse ChangeMapLocation(java.lang.String fqdn,

java.lang.String ip,

int latitude,

int longitude)

throws Utils.InvalidApiParametersException

Change the location of an existing map.

Parameters:

fqdn - FQDN to add the map to

ip - IP to map to the FQDN specified

latitude - The latitude of the location. This parameter accepts values from -324000 (which converts to 90 degrees south) to 324000 (which converts to 90 degrees north).

longitude - The longitude of the location. This parameter accepts values from -648000 (which converts to 180 degrees East) to 648000 which converts to 180 degrees West).

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.1.12AddCountry

public LoadMasterResponse AddCountry(java.lang.String fqdn,

java.lang.String ip,

java.lang.String countrycode,

java.lang.String iscontinent)

throws Utils.InvalidApiParametersException

Add a country.

Parameters:

fqdn - FQDN to add the map to.

ip - IP to map to FQDN.

countrycode - Two-letter country or continent code for the country/continent to be assigned.

The country code and continent codes used are the standard ISO codes.

iscontinent - Some country codes and continent codes are the same, for example AF could mean Africa or Afghanistan. You must specify in this parameter if the code is for a country or continent.

yes – The code is for a continent

no – The code is for a country

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.1.13RemoveCountry

public LoadMasterResponse RemoveCountry(java.lang.String fqdn,

java.lang.String ip,

java.lang.String countrycode,

java.lang.String iscontinent)

throws Utils.InvalidApiParametersException

Remove a country.

Parameters:

fqdn - The relevant FQDN

ip - IP to map to FQDN

countrycode - Two-letter country or continent code for the country/continent to be assigned.

The country code and continent codes used are the standard ISO codes.

iscontinent - Some country codes and continent codes are the same, for example AF could mean Africa or Afghanistan. You must specify in this parameter if the code is for a country or continent.

yes – The code is for a continent

no – The code is for a country

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.2Manage Clusters

4.4.2.1ListClusters

public LoadMasterResponse ListClusters()

throws Utils.InvalidApiParametersException

List the existing clusters.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.2.2ShowCluster

public LoadMasterResponse ShowCluster(java.lang.String ip)

throws Utils.InvalidApiParametersException

Display an existing cluster.

Parameters:

ip - IP of cluster

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.2.3AddCluster

public LoadMasterResponse AddCluster(java.lang.String ip,

java.lang.String name)

throws Utils.InvalidApiParametersException

Add a new cluster.

Parameters:

ip - IP of cluster

name - Unique name of cluster

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.2.4DeleteCluster

public LoadMasterResponse DeleteCluster(java.lang.String ip)

throws Utils.InvalidApiParametersException

Delete an existing cluster.

Parameters:

ip - IP address of the cluster.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.2.5ModifyCluster

public LoadMasterResponse ModifyCluster(java.lang.String ip,

java.util.Map<java.lang.String,java.lang.String> params)

throws Utils.InvalidApiParametersException

Modify an existing cluster.

Parameters:

ip - IP address of the cluster.

params - Extra optional parameters. A list of these parameters are listed below:

Name

Type

Default

Range

Additional Information

type

S

“Default”

default

remoteLM

localLM

Change the type of the cluster

name

S

   

Specify a name for the cluster

checker

S

“none”

none

tcp

icmp

Specify the method used to check the status of the cluster

checkerport

I

“0”

1-65530

Set the port used for checking the cluster. This parameter is only relevant if the checker is set to tcp.

enable

B

1 – enabled

0 - Disabled

1 - Enabled

Enable/disable the cluster

Table 4‑11: Modify Cluster parameters

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.2.6ClusterChangeLocation

public LoadMasterResponse ClusterChangeLocation(java.lang.String ip,

int latsecs,

int longsecs)

throws Utils.InvalidApiParametersException

Change the location of a cluster.

Parameters:

ip - IP address of the cluster.

latsecs - The latitude of the location.

longsecs - The longitude of the location.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.3Miscellaneous Params

4.4.3.1ListMiscParameters

public LoadMasterResponse ListMiscParameters()

throws Utils.InvalidApiParametersException

List the Miscellaneous Parameters settings.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.3.2ModifyMiscParameters

public LoadMasterResponse ModifyMiscParameters(java.util.Map<java.lang.String,java.lang.String> params)

throws Utils.InvalidApiParametersException

Modify the Miscellaneous Parameters.

Parameters:

params - Parameters to modify. These parameters are listed in the table below:

Name

Type

Default

Range

Additional Information

SourceOfAuthority

S

<unset>

 

Set the response set for Source of Authority requests.

namesrv

S

<unset>

 

Set the response sent for Name Server requests.

SOAEmail

S

<unset>

 

Set the response email string sent for Source of Authority requests.

TTL

I

<unset>

1-86400

Set the Time To Live (TTL) (in seconds) of the responses returned by the LoadMaster.

persist

I

0

0-86400

This corresponds with the Stickiness WUI field. This determines how long (in seconds) a specific response will be returned to a host.

CheckInterval

I

120

9-3600

Set how often (in seconds) that devices will be checked.

Note: The interval value must be greater than the ConnTimeout value multiplied by the RetryAttempts value (Interval > Timeout * Retry + 1). This is to ensure that the next health check does not start before the previous one completes. If the timeout or retry values are increased to a value that breaks this rule, the interval value will be automatically increased.

ConnTimeout

I

20

4-60

Set the timeout (in seconds) for the check request.

RetryAttempts

I

2

2-10

Set the number of times the check will be retried before the device is marked as failed.

Table 4‑12: ModifyMiscParameters parameters

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.3.3LocationDataUpdate

public LoadMasterResponse LocationDataUpdate(java.lang.String data)

throws Utils.InvalidApiParametersException

Update the GEO location data.

Parameters:

data - Specify the path to the location data file using the following format: <PathToLocationDataFile>/<LocationDataFilename>.<Extension>

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.4IP Range Selection Criteria

4.4.4.1ListIPs

public LoadMasterResponse ListIPs()

throws Utils.InvalidApiParametersException

List the existing IPs.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.4.2ShowIP

public LoadMasterResponse ShowIP(java.lang.String ip)

throws Utils.InvalidApiParametersException

Display details about an existing IP.

Parameters:

ip - IP address

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.4.3AddIP

public LoadMasterResponse AddIP(java.lang.String ip)

throws Utils.InvalidApiParametersException

Add a new IP range.

Parameters:

ip - IP address

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.4.4DeleteIP

public LoadMasterResponse DeleteIP(java.lang.String ip)

throws Utils.InvalidApiParametersException

Delete an existing IP range.

Parameters:

ip - IP address

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.4.5ModifyIPLocation

public LoadMasterResponse ModifyIPLocation(java.lang.String ip,

int latsecs,

int longsecs)

throws Utils.InvalidApiParametersException

Modify IP location.

Parameters:

ip - IP to modify

latsecs - The latitude of the location.

longsecs - The longitude of the location.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.4.6DeleteIPLocation

public LoadMasterResponse DeleteIPLocation(java.lang.String ip)

throws Utils.InvalidApiParametersException

Delete an existing IP location.

Parameters:

ip - IP Address

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.4.7AddIPCountry

public LoadMasterResponse AddIPCountry(java.lang.String ip,

java.lang.String countrycode)

throws Utils.InvalidApiParametersException

Add a country to an IP address.

Parameters:

ip - IP address

countrycode - Two-letter country or continent code for the country/continent to be assigned.

The country code and continent codes used are the standard ISO codes.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.4.8RemoveIPCountry

public LoadMasterResponse RemoveIPCountry(java.lang.String ip)

throws Utils.InvalidApiParametersException

Remove a country from an IP address.

Parameters:

ip - IP to remove

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.4.9AddCustomLocation

public LoadMasterResponse AddCustomLocation(java.lang.String location)

Add a custom location for GEO load balancing.

Parameters:

location – The name of the custom location to be added

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.4.10AddIPCountryCustom

public LoadMasterResponse AddIPCountryCustom(String ip, String customloc) throws InvalidApiParametersException

Assigns a custom location to an IP range.

Parameters:

customloc - The name of an existing custom location ip - The IP address to be updated

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.5Enable/Disable GEO

4.4.5.1EnableGEO

public LoadMasterResponse EnableGEO()

throws Utils.InvalidApiParametersException

Enable GEO.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.5.2DisableGEO

public LoadMasterResponse DisableGEO()

throws Utils.InvalidApiParametersException

Disable GEO.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.4.5.3IsGEOEnabled

public LoadMasterResponse IsGEOEnabled()

throws Utils.InvalidApiParametersException

Check if GEO is enabled.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.5Statistics

4.5.1ShowStats

public LoadMasterResponse ShowStats()

Display the statistics of the Virtual Service(s) and Real Server(s) on the LoadMaster.

If you run the ShowStats command on the admin node when using LoadMaster clustering – the output will show the combined totals of all machines.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

Expected Output:

======== Response ========

Status code: 200

Code: ok

========== Data =========

XmlNode: total

User: 0

System: 1

Idle: 99

IOWaiting: 0

XmlNode: cpu0

User: 1

System: 0

HWInterrupts: 0

SWInterrupts: 0

Idle: 99

IOWaiting: 0

XmlNode: cpu1

User: 0

System: 1

HWInterrupts: 0

SWInterrupts: 0

Idle: 99

IOWaiting: 0

XmlNode: CPU

XmlNode: Memory

memused: 272368

percentmemused: 26

memfree: 751388

percentmemfree: 74

XmlNode: eth0

speed: 1000

in: 0.0

out: 0.0

XmlNode: eth1

speed: 1000

in: 0.0

out: 0.0

XmlNode: Network

XmlNode: TPS

Total: 0

SSL: 0

XmlNode: VStotals

ConnsPerSec: 0

BitsPerSec: 0

BytesPerSec: 0

PktsPerSec: 0

XmlNode: Vs

VSAddress: 10.154.25.200

VSPort: 80

VSProt: tcp

Index: 1

ErrorCode: 0

Enable: 1

TotalConns: 0

TotalPkts: 0

TotalBytes: 0

TotalBits: 0

ActiveConns: 0

BytesRead: 0

BytesWritten: 0

ConnsPerSec: 0

WafEnable: 0

XmlNode: Rs

VSIndex: 1

RSIndex: 2

Addr: [fdce:9b36:e54f:110::40:14]

Port: 443

Enable: 1

Weight: 0

ActivConns: 0

Persist: 0

Conns: 0

Pkts: 0

Bytes: 0

Bits: 0

BytesRead: 0

BytesWritten: 0

ConnsPerSec: 0

XmlNode: Rs

VSIndex: 1

RSIndex: 1

Addr: 10.154.25.22

Port: 80

Enable: 1

Weight: 0

ActivConns: 0

Persist: 0

Conns: 0

Pkts: 0

Bytes: 0

Bits: 0

BytesRead: 0

BytesWritten: 0

ConnsPerSec: 0

XmlNode: Data

XmlNode: Success

XmlNode: Response​

 

The statistics are explained in the table below.

Category

Name

Additional Information

 

 

 

CPU

User

The percentage of the CPU spent processing in user mode

System

The percentage of the CPU spent processing in system mode

Idle

The percentage of CPU which is idle

IOWaiting

The percentage of the CPU spent waiting for I/O to complete

HWInterrupts

The percentage of hardware interrupts

SWInterrupts

The percentage of software interrupts

 

Memory

Memused

The amount of memory in use

Percentmemused

The percentage of memory used.

Memfree

The amount of memory free

Percentmemfree

The percentage of free memory

 

 

 

Network

Speed

The speed of the link

In

Inbound

Out

Outbound

Total (TPS)

The total number of Transactions Per Second (TPS)

SSL (TPS)

The total number of SSL Transactions Per Second (TPS)

 

 

VStotals

ConnsPerSec

The number of connections per second

BitsPerSec

The number of bits per second

BytesPerSec

The number of bytes per second

PktsPerSec

The number of packets per second

 

 

 

 

 

 

 

Vs

VSAddress

The IP address of the Virtual Service

VSPort

The port of the Virtual Service

VSProt

The protocol of the Virtual Service. This will either be tcp or udp

Index

The index (ID) number of the Virtual Service

ErrorCode

The error code

Enable

Displays whether the Virtual Service is enabled (1) or disabled (0)

TotalConns

The total number of connections made

TotalPkts

The total number of packets

TotalBytes

The total number of bytes

TotalBits

The total number of bits

ActiveConns

The total number of connections that are currently active

BytesRead

The total number of bytes read

BytesWritten

The total number of bytes written

WafEnable

Displays whether WAF is enabled (1) or disabled (0).

Table 4‑13: Statistics descriptions

4.6Real Servers

4.6.1EnableRealServer

public LoadMasterResponse EnableRealServer(java.lang.String realServerIp)

Enable the Real Server on all Virtual Services.

The IP address (which can be specified using the realServerIp parameter) can be in either IPv4 or IPv6 format:

 

Parameters:

realServerIp - The IP Address of the Real Server that should be enabled on theLoadMaster.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.6.2DisableRealServer

public LoadMasterResponse DisableRealServer(java.lang.String realServerIp)

Disable the Real Server on all Virtual Services.

The IP address (which can be specified using the realServerIp parameter) can be in either IPv4 or IPv6 format:

  • IPv4 address example:10.11.0.24
  • IPv6 address example: fdce:9b36:e54f:110::40:14

Parameters:

realServerIp -The IP Address of the Real Server that should be enabled on the LoadMaster.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.7Rules and Checking

4.7.1Content Rules

4.7.1.1AddRule (Mandatory Settings)

public LoadMasterResponse AddRule(java.lang.String ruleName,

java.lang.String matchPattern)

Add a Rule to the LoadMaster.

Parameters:

ruleName – The name of the rule that should be applied to the Virtual Service.

matchPattern-Specifies the pattern to search for.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.7.1.2AddRule (recommended method)

public LoadMasterResponse AddRule(java.lang.String ruleName,

java.lang.String matchPattern,

java.util.Map<java.lang.String,java.lang.String> paramaters)

Add a Rule to the LoadMaster.

 

Parameters:

ruleName - The name of the rule that should be applied to the Virtual Service. The name must be unique.

matchPattern - Specifies the pattern to search for.

paramaters - Extra optional parameters.

The following parameters can be set (dependent on the type of the Rule). When creating a Rule and the "type" is not specified, it will default to zero, i.e. a MatchContentRule. If "type" is not specified when performing a modify operation, the type will not be changed.

Unless modifying/adding an AddHeaderRule, the pattern parameter must be supplied.

Type 0 (MatchContentRule)

Name

Type

Default

Range

Additional Information

matchtype

S

regex

regex

prefix

postfix

The type of matching to be performed by the rule.

inchost

B

N

 

Prepend the hostname to request URI before performing the match.

nocase

B

N

 

Ignore case when comparing the strings.

negate

B

N

 

Invert the sense of the match.

incquery

B

N

 

Append the query string to the URI before performing a match.

header

S

<unset>

See below

The header field name that should be matched. If no header field is set, the default is to match in the URL. Set this to body to match on the body of a request.

pattern

S

<unset>

 

The pattern that is to be matched.

Table 4‑14: Rule Type 0 Parameters

The header parameter is optional and is the header in which the match is to be performed.

 

Type 1 (AddHeaderRule)

Name

Type

Default

Additional Information

header

S

<unset>

Name of the header field to be added.

replacement

S

<unset>

The value of the header field to be added.

Table 4‑15: Rule Type 1 Parameters

Type 2 (DeleteHeaderRule)

Name

Type

Default

pattern

S

<unset>

Table 4‑16: Rule Type 2 Parameters

 

Type 3 (ReplaceHeaderRule)

Name

Type

Default

Additional Information

header

S

<unset>

The header field name where the substitution should be performed.

replacement

S

<unset>

The replacement string.

pattern

S

<unset>

The pattern to be matched.

Table 4‑17: Rule Type 3 Parameters

 

Type 4 (ModifyURLRule)

Name

Type

Default

Additional Information

replacement

S

<unset>

How the URL is to be modified.

pattern

S

<unset>

The pattern to be matched.

Table 4‑18: Rule Type 4 Parameters

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

4.7.1.3AddRule (with more settings)

public LoadMasterResponse AddRule(java.lang.String ruleName,

int ruleType,

java.lang.String matchPattern,

java.lang.String matchType,

java.lang.String header,

boolean includeHostInUrl,

boolean includeQueryInUrl,

boolean ignoreCase,

boolean negation)

Add a Rule to the LoadMaster.

Parameters:

ruleName - The name to be assigned to this rule on the LoadMaster. This name must be unique.

ruleType - An integer value representing the Type of rule to be created. The type can be one of the following:

Value

Rule

0

Match Content Rule

1

Add Header Rule

2

Delete Header Rule

3

Replace Header Rule

4

Modify URL Rule

Table 4‑19: AddRule ruleType Values

matchPattern -Specifies the pattern to search for.

matchType - Specifies whether the rule matches on a regular expression (regex), prefix, or postfix. This parameter defaults to regex, but will also accept prefix or postfix.

header - The header field name that should be matched. If this is set to null then the default is set to match in the URL.

includeHostInUrl - Specifies whether to include the host in the URL. This option is disabled by default.

includeQueryInUrl - Specifies whether to include the query string in the match. This option is disabled by default.

ignoreCase - Specifies whether to ignore case/capitalization. This option is disabled by default.

negation - Specifies whether to invert the case of the match. This option is disabled by default.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.7.1.4ModifyRule (recommended method)

public LoadMasterResponse ModifyRule(java.lang.String ruleName,

java.lang.String matchPattern,

java.util.Map<java.lang.String,java.lang.String> paramaters)

Add a Rule to the LoadMaster.

Parameters:

ruleName - The name to be assigned to this rule on the LoadMaster. This name must be unique.

matchPattern - Specifies the pattern to search for.

paramaters - Extra optional parameters. For a list of these parameters, refer to the table in Section 4.7.1.2.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

4.7.1.5ModifyRule (Alternative Method)

public LoadMasterResponse ModifyRule(java.lang.String ruleName,

int ruleType,

java.lang.String matchPattern,

java.lang.String matchType,

java.lang.String header,

boolean includeHostInUrl,

boolean includeQueryInUrl,

boolean ignoreCase,

boolean negation)

Modify an existing Rule on the LoadMaster.

Parameters:

ruleName - The name to be assigned to this rule on the LoadMaster. This name must be unique.

ruleType - An integer value representing the type of rule. The type can be one of the following:

Value

Rule

0

Match Content Rule

1

Add Header Rule

2

Delete Header Rule

3

Replace Header Rule

4

Modify URL Rule

Table 4‑20: Modify Rule ruleType Values

matchPattern -Specifies the pattern to search for.

matchType - Specifies whether the rule matches on a regular expression (regex), prefix, or postfix. This parameter defaults to regex, but will also accept prefix or postfix.

header - The header field name that should be matched. If this is set to null then the default is set to match in the URL.

includeHostInUrl -Specifies whether to include the host in the URL. This option is disabled by default.

includeQueryInUrl -Specifies whether to include the query string in the match. This option is disabled by default.

ignoreCase -Specifies whether to ignore case/capitalization. This option is disabled by default.

negation -Specifies whether to invert the case of the match. This option is disabled by default.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.7.1.6DeleteRule

public LoadMasterResponse DeleteRule(java.lang.String ruleName)

Delete an existing rule from the LoadMaster.

Parameters:

ruleName - The name assigned to the rule to delete.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.7.1.7ShowRule

public LoadMasterResponse ShowRule(java.lang.String ruleName)

Display a rule (header modify or matching rule).

Parameters:

ruleName - The name of the rule to display.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.7.2Check Parameters

4.7.2.1ModHealth

public LoadMasterResponse ModHealth(int retryInterval,

int timeout,

int retryCount)

Modify the Service Health Check parameters.

Parameters:

retryInterval – Specifies how often the load balancer to check a Real Server for service availability.

timeout – Specifies how long to wait for a service check from a Real Server.

retryCount – Specifies the number of failed attempts before listing a service as down.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.7.2.2ModAdaptive

public LoadMasterResponse ModAdaptive(java.lang.String adaptiveURL,

int adaptivePort,

int adaptiveInterval,

int minPercent)

Modify the Adaptive Health Check parameters.

Parameters:

adaptiveURL – The URL on the Real Servers which will return the current load of the Real Server.

adaptivePort– The Real Server port which should be used to access the URL containing the current load on the Real Server.

adaptiveInterval – When using adaptive scheduling, the Real Servers are polled to retrieve their loading values. How often this occurs can be specified here.

minPercent – The minimum load of the Real Server below which the Real Server is said to be idle.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.7.2.3ShowHealth

public LoadMasterResponse ShowHealth()

Display the Service Health Check parameters.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.7.2.4ShowAdaptive

public LoadMasterResponse ShowAdaptive()

Display the Adaptive Health Check parameters.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.8Certificates

4.8.1SSL Certificates

4.8.1.1setAuthenticationCert

public void setAuthenticationCert(java.lang.String authenticationCert)

4.8.1.2AddCert

public LoadMasterResponse AddCert(java.lang.String certfile,

java.lang.String certName,

java.lang.String certPassphrase,

int replace)

Upload a certificate file to the LoadMaster.

Parameters:

certfile – The name of the certificate to be added to the LoadMaster. If you are uploading a certificate and key file, please put both the certificate and key in the same file.

certName - The name to be assigned to the certificate when it is uploaded to the LoadMaster.

certPassphrase - The passphrase for the certificate being uploaded.

replace- Specifies if this certificate replaces an existing certificate already installed. Default: 0. Set to 1 to overwrite an existing cert

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.8.1.3DeleteCertificate

public LoadMasterResponse DeleteCertificate(java.lang.String certificateName)

Delete a certificate from the LoadMaster.

Parameters:

certificateName - The name of the certificate to be deleted from the LoadMaster.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.8.2Intermediate Certs

4.8.2.1DeleteIntermediateCertificate

public LoadMasterResponse DeleteIntermediateCertificate(java.lang.String intermediateCertificateName)

Delete an intermediate certificate from the LoadMaster.

Parameters:

intermediateCertificateName - The name of the intermediate certificate to be deleted from the LoadMaster.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.8.2.2AddIntermediateCert

public LoadMasterResponse AddIntermediateCert(java.lang.String certfile,

java.lang.String certName)

Upload an intermediate certificate to the LoadMaster.

Parameters:

certfile - The Identifier of the certificate(s) to be assigned to the Virtual Service.

certName - The name to be assigned to the certificate when it is uploaded to the LoadMaster.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.8.3Backup/Restore Certs

4.8.3.1BackupCert

public java.io.BufferedReader BackupCert(java.lang.String saveFilePath,

java.lang.String backupPassword)

Backup all VIP and intermediate certificates.

Parameters:

saveFilePath – Path to save the file to

backupPassword – Specifies the password for the user account that has access to save the backup file.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.8.3.2RestoreCert

public LoadMasterResponse RestoreCert(java.lang.String certToRestore,

java.lang.String pass)

Restore a specific certificate.

Parameters:

certToRestore – The certfile to restore

pass - Password

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.8.4HSM Configuration

4.8.4.1IsCorrectCredentials

public boolean IsCorrectCredentials()

Check if the credentials are valid.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Returns true if the API is enabled on the LoadMaster.

4.8.4.2HSMShow

public LoadMasterResponse HSMShow()

Display the Hardware Security Module (HSM) parameters.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.8.4.3HSMConfigure

public LoadMasterResponse HSMConfigure(java.util.Map<java.lang.String,java.lang.String> parameters)

Configure the HSM parameters.

Parameters:

parameters - A key value map for setting parameters. These parameters are listed below:

Name

Type

Additional Information

safeaddr

A

Specify the address of the Safenet HSM unit to be used.

clpass

S

Specify an administrator password for the partition on the HSM so that the LoadMaster can access the HSM.

enable

B

Enable or disable Safenet HSM:

0 – Disabled

1 – Enabled

Table 4‑21: HSMConfigure Parameters

Starting the HSM may take some time.

Disabling the HSM will cause the LoadMaster to be unable to create new SSL (HTTPS) connections and will immediately drop existing connections until another HSM is added or the certificate configuration is changed.

It is strongly recommended to only change the HSM configuration when there are no active SSL connections.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.8.4.4HSMUploadCACert

public LoadMasterResponse HSMUploadCACert(java.lang.String cert)

throws Utils.InvalidApiParametersException

Upload Certificate Authority (CA) certificate that has been downloaded from the HSM.

Parameters:

cert - The name of the certificate (including the extension).

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.8.4.5HSMGenerateClientCert

public LoadMasterResponse HSMGenerateClientCert(java.lang.String path,

java.lang.String clcertname)

throws Utils.InvalidApiParametersException

Generate a HSM client certificate.

Parameters:

path - Path to the file

clcertname - Client certificate name

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.9Interfaces

4.9.1AddVlan

public LoadMasterResponse AddVlan(java.lang.String interfaceId,

java.lang.String vlanId)

Add a new VLAN to an Interface on the LoadMaster.

Parameters:

interfaceId - The ID of the interface that should be removed from the VLAN.

vlanId - The VLAN that the specified interface should be added to.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.9.2DeleteVlan

public LoadMasterResponse DeleteVlan(java.lang.String interfaceId)

Delete an existing VLAN from an interface on the LoadMaster

Parameters:

interfaceId - The ID of the interface that should be removed from the VLAN.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.9.3AddAdditionalAddressToInterface

public LoadMasterResponse AddAdditionalAddressToInterface(java.lang.String iface,

java.lang.String address)

Add an additional address to an interface on the LoadMaster.

Parameters:

iface - The ID of the interface the additional address is to be added to.

address - The address to be added.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.9.4DeleteAdditionalAddressToInterface

public LoadMasterResponse DeleteAdditionalAddressToInterface(java.lang.String iface,

java.lang.String address)

Delete an additional address from an interface on the LoadMaster.

Parameters:

iface - The ID of the interface the additional address is to be deleted from.

address - The address to be deleted.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.9.5CreateBond

public LoadMasterResponse CreateBond(int interfaceId)

Create a bonded interface on the LoadMaster.

Parameters:

interfaceId - The Interface ID that should be bound to the Bonded Interface.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.9.6UnBond

public LoadMasterResponse UnBond(int interfaceId)

Remove a bonded interface from the LoadMaster.

Parameters:

interfaceId - The Interface ID that should be unbound to the Bonded Interface.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.9.7AddBond

public LoadMasterResponse AddBond(int interfaceId,

int bondId)

Add an interface to an existing bonded interface on the LoadMaster.

 

Parameters:

interfaceId - The Interface ID which should be bound to the Bonded Interface.

bondId - The Bonded Interface ID the network interface should be bound to.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.9.8DeleteBond

public LoadMasterResponse DeleteBond(int interfaceId,

int bondId)

Remove and interface from a bonded interface from the LoadMaster.

Parameters:

interfaceId - The ID of the interface that has the bond.

bondId - The ID of the bonded interface to be removed.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.9.9ModIface (recommended method)

public LoadMasterResponse ModIface(java.lang.String iface,

java.util.Map<java.lang.String,java.lang.String> parameters)

throws Utils.InvalidApiParametersException

Modify an interfaces parameters.

Parameters:

iface - The number of the interface to modify.

parameters - Parameters to modify. The parameters are listed in the table below:

Name

Type

Description

Additional Information

interface

I

 

The number of the interface to modify.

addr

S

IP address

Specify the internet address of this interface.

mtu

I

MTU size

Range: 512-9216

Change the maximum size of the Ethernet frame that will be sent from this interface.

hacheck

B

0 – Not used for HA checks

1 – Used for HA checks

This parameter is only relevant in a HA configuration. Specify whether or not to use this interface for HA checks.

gwiface

B

Use this interface as the default gateway

Selects this checkbox on the Network Interface Management screen.

bondmode

I

1 = active-backup

4 = 802.3ad

The bondmode determines the way in which traffic sent out of the bonded interface is actually dispersed over the real interfaces.

partner

A

IP address of the partner machine

P address of the partner machine (HA only

shared

A

IP address of the shared address

IP address of the shared address (HA only)

adminwuienable

B

This option can only be set to yes (1) if the multihomedwui parameter is set to yes for this command.

When both of the adminwuienable and multihomedwui parameters are enabled, the WUI can be accessed from the IP address of the relevant interface, and any Additional addresses set up for that interface.

 

geotraffic

B

0 – Do not use for GEO requests and responses

1 – Use for GEO requests and responses

Specify whether or not to use this interface for GEO responses and requests.

Table 4‑22: ModIface parameters

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.9.10ModIface (Alternative Method)

public LoadMasterResponse ModIface(java.lang.String iface,

java.lang.String address,

int mtu,

java.lang.String interfacetype,

boolean defaultInterface

boolean geotraffic)

Modify an interface's parameters.

Parameters:

iface – The interface ID is the numeric value of an interface, for example the interface ID for eth0 is 0.

address – Specify the internet address of this interface.

mtu – The Maximum Transmission Unit (MTU) setting for this interface.

defaultInterface – Set this to the default interface.

geotraffic – Specify whether or not to use this interface for GEO responses and requests.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.9.11ShowIface

public LoadMasterResponse ShowIface(int iface)

Display an interface's parameters.

Parameters: iface - The id of the interface to display.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.9.12AddVxlan

public LoadMasterResponse AddVxlan(java.lang.String interfaceId,

java.lang.String vni,

java.lang.String address)

Add a new VXLAN to an interface on the LoadMaster.

Parameters:

interfaceId - The ID of the interface the VLAN is to be added to.

VNI - The unique ID of the VXLAN to be added.

address - The multicast group IP address or a remote VXLAN Tunnel Endpoint (VTEP) IP address for VXLAN.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.9.12.1DeleteVxlan

public LoadMasterResponse DeleteVxlan(java.lang.String interfaceId)

Delete an existing VXLAN from an interface on the LoadMaster.

Parameters:

interfaceId - The interface ID of the VXLAN to be deleted.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.10Web Application Firewall (WAF)

4.10.1WafSetOperation

public LoadMasterResponse WafSetOperation(String vs, String vsPort, String vsProt, String opt)

Allows you to set the WAF operation mode.

Parameters:

vs - The IP address for this Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

opt – Valid values are “normal” and “block”. In audit-only mode, logs will be created but requests and responses are not blocked. Using block mode, it is possible to block requests and/or responses. For details on how to do this refer to Section 4.3.1.2.16.

4.10.2WafSetAuditMode

public LoadMasterResponse WafSetAuditMode(String vs, String vsPort, String vsProt, String opt)

Specify the WAF Audit Mode.

Parameters:

vs - The IP address for this Virtual Service.

vsPort - Specifies the port on which this Virtual Service accepts connections (range: 3-65530).

vsProt - Specifies the communication protocol of the Virtual Service (valid values are: "tcp" & "udp").

opt – Valid values are “none”, “relevant” and “all”.

4.11Route Management

4.11.1Default Gateway

Parameters relating to the date and time that can be managed using Get-Parameter and Set-Parameter commands are detailed in the following table. Refer to Section 4.16 for further details on the Get-Parameter and Set-Parameter commands.

Parameter

Parameter Type

Parameter Description

Mandatory

dfltgw

A (IPv4)

Specify the IPv4 default gateway that is to be used for communicating with the internet.

No

dfltgwv6

A (IPv6)

Specify the IPv6 default gateway that is to be used for communicating with the internet.

No

Table 4‑23: Default Gateway parameters

4.11.2Additional Routes

4.11.2.1AddRoute

public LoadMasterResponse AddRoute(java.lang.String destination,

java.lang.String gateway)

Add an additional Route to the LoadMaster.

 

Parameters:

destination - The destination network which needs to be accessed.

gateway - The gateway on the local network which allows access to the destination network.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.11.2.2DeleteRoute

public LoadMasterResponse DeleteRoute(java.lang.String destination)

Delete an existing Route from the LoadMaster.

Parameters:

destination - The destination network which needs to be accessed.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.11.3VPN Management

4.11.3.1CreateVpnConnection

public LoadMasterResponse CreateVpnConnection(java.lang.String name)

Create a new Virtual Private Network (VPN) (IPsec) connection in the LoadMaster.

Parameters:

name - The name of the VPN connection.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.11.3.2DeleteVpnConnection

public LoadMasterResponse DeleteVpnConnection(java.lang.String name)

Delete an existing VPN (IPsec) connection from the LoadMaster.

Parameters:

name - The name of the VPN connection.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.11.3.3SetVpnAddrs

public LoadMasterResponse SetVpnAddrs(java.lang.String name,

java.lang.String localIp,

java.lang.String localSubnet,

java.lang.String remoteIp,

java.lang.String remoteSubnet)

Set address parameters for an existing VPN connection.

Parameters:

name - The name of the VPN connection.

localIp - In non-HA mode, the default is the LoadMaster IP address, i.e. the IP address of the default gateway interface.

In HA-mode, the default is the shared IP address.

localSubnets - When the LocalIp is set, the LocalSubnet is automatically populated. Multiple local subnets can be specified using a comma-separated list. Up to 10 IP addresses can be specified.

remoteIp - Set the IP address for the remote side of the connection.

remoteSubnets - Set the subnet for the remote side of the connection. Multiple remote subnets can be specified using a comma-separated list. Up to 10 IP addresses can be specified.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.11.3.4SetVpnSecret

public LoadMasterResponse SetVpnSecret(java.lang.String name,

java.lang.String localID,

java.lang.String remoteID,

java.lang.String key)

Set secret parameters for the VPN connection.

Parameters:

name - The name of the VPN connection.

localID - Identification for the local side of the connection.

remoteID - Identification for the remote side of the connection. This can be the remoteip.

key - The Pre Shared Key (PSK) string. This is the Shared key which is generated and managed on the Azure side. The key length should be at least 16 and at most 64 characters.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.11.3.5SetVpnLocalIp

public LoadMasterResponse SetVpnLocalIp(java.lang.String name,

java.lang.String localIp)

Set the local IP address for a VPN connection.

Parameters:

name - The name of the VPN connection.

localIp - In non-HA mode, the default is the LoadMaster IP address, i.e. the IP address of the default gateway interface.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.11.3.6SetVpnLocalSubnets

public LoadMasterResponse SetVpnLocalSubnets(java.lang.String name,

java.lang.String localSubnets)

Set the local subnet(s) for an existing VPN connection.

Parameters:

name - The name of the VPN connection.

localSubnet - Review and set the subnet for the local side of the connection. The local IP can be the only participant if applicable, given the /32 CIDR. Multiple local subnets can be specified using a comma-separated list. Up to 10 IP addresses can be specified.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.11.3.7SetVpnRemoteIp

public LoadMasterResponse SetVpnRemoteIp(java.lang.String name,

java.lang.String remoteIp)

Set the remote IP address for an existing VPN connection.

Parameters:

name - The name of the VPN connection.

remoteIp - Set the IP address for the remote side of the connection.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.11.3.8SetVpnRemoteSubnets

public LoadMasterResponse SetVpnRemoteSubnets(java.lang.String name,

java.lang.String remoteSubnets)

Set the remote subnet IP address(es) for an existing VPN connection.

 

Parameters:

name - The name of the VPN connection.

remoteSubnet - Set the subnet(s) for the remote side of the connection. Multiple remote subnets can be specified using a comma-separated list. Up to 10 IP addresses can be specified.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.11.3.9SetVpnPfsEnable

public LoadMasterResponse SetVpnPfsEnable(java.lang.String name)

Enable the Perfect Forward Secrecy option for a particular VPN connection.

Parameters:

name - The name of the relevant VPN connection.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.11.3.10SetVpnPfsDisable

public LoadMasterResponse SetVpnPfsDisable(java.lang.String name)

Disable the Perfect Forward Secrecy option for a particular VPN connection.

Parameters:

name - The name of the relevant VPN connection.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.11.3.11GetVpnStatus

public LoadMasterResponse GetVpnStatus(java.lang.String name)

Get the VPN connection status.

Parameters:

name - The name of the VPN connection

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.11.3.12ListVpns

public LoadMasterResponse ListVpns()

List all existing VPN connections.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.11.3.13StartVpnConnection

public LoadMasterResponse StartVpnConnection(java.lang.String name)

Start a VPN connection.

Parameters:

name - The name of the VPN connection

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.11.3.14StopVpnConnection

public LoadMasterResponse StopVpnConnection(java.lang.String name)

Stop a VPN connection.

Parameters:

name - The name of the VPN connection

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.11.3.15StartIkeDaemon

public LoadMasterResponse StartIkeDaemon()

Start the IKE daemon.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.11.3.16StopIkeDaemon

public LoadMasterResponse StopIkeDaemon()

Stop the IKE daemon.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.11.3.17StatusIkeDaemon

public LoadMasterResponse StatusIkeDaemon()

Get the status of the IKE daemon.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.12Cluster Control

The clustering API commands are only available on LoadMasters which have a clustering license. To add the clustering feature to your license, please contact a KEMP representative. For further information on clustering, refer to the LoadMaster Clustering, Feature Description.

4.12.1.1nmClusterStatus

public LoadMasterResponse nmClusterStatus()

throws Utils.InvalidApiParametersException

Retrieve the status of the cluster.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

The status is represented by a number, as follows:

  • 0 – The node is down
  • 1 – The node is up
  • 2 – The node is disabled - connections will not be sent to that node. If there are no Virtual Services in the node, the node will be in a Disabled state.
  • 3 – The node has been disabled and the connections are being shut down in an orderly fashion. Drain stopping lasts for 10 seconds by default.
  • 4 – The node is starting
  • 5 - The node is the primary control node.

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.12.1.2nmClusterCreate

publicLoadMasterResponsenmClusterCreate(java.lang.StringSharedAddress)

throws Utils.InvalidApiParametersException

If a LoadMaster is not in cluster mode, it can be converted to cluster mode by running this command.

Parameters:

SharedAddress - The initial shared IP address of the cluster.

Returns:

A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws:

Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.12.1.3nmJoinCluster

public LoadMasterResponse nmJoinCluster()

throws Utils.InvalidApiParametersException

To initiate a node joining a cluster, run this command on the node LoadMaster.

This makes the node LoadMaster available to be added to the cluster. To finish adding the node, please run the nmAddNode command. Refer to Section 4.12.1.4for further information.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.12.1.4nmAddNode

public LoadMasterResponse nmAddNode(java.lang.String Address)

throws Utils.InvalidApiParametersException

Before running this command, the node LoadMaster needs to be available to be added. To make the node available to be added, run the nmJoinCluster command on the node LoadMaster. Refer to Section 4.12.1.3 for further information on the joincluster command.

If the nmAddNode command is run when the node LoadMaster is not available to be added, an error will be returned which says that the machine could not be contacted.

To add a node to the cluster (while the node LoadMaster is available to be added), run this command on the shared IP address.

Parameters:

Address - The IP address of the node LoadMaster.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.12.1.5nmEnableNode

public LoadMasterResponse nmEnableNode(java.lang.String NodeId)

throws Utils.InvalidApiParametersException

When a node is first added to the cluster it is disabled by default. To enable a node, run this command.

Parameters:

NodeId - The ID number of the node to be enabled. The ID of the node can be found in the ID column in the Cluster Control screen in the LoadMaster WUI, or by running the nmClusterStatus command (Section 4.12.1.1).

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.12.1.6nmDisableNode

public LoadMasterResponse nmDisableNode(java.lang.String NodeId)

throws Utils.InvalidApiParametersException

Disable a node.

Parameters:

NodeId - The ID number of the node to be disabled. The ID of the node can be found in the ID column in the Cluster Control screen in the LoadMaster WUI, or by running the nmClusterStatus command (Section 4.12.1.1).

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.12.1.7nmDeleteNode

public LoadMasterResponse nmDeleteNode(java.lang.String NodeId)

throws Utils.InvalidApiParametersException

Delete a node from a cluster.

Parameters:

NodeId - The ID number of the node to be deleted. The ID of the node can be found in the ID column in the Cluster Control screen in the LoadMaster WUI, or by running the nmClusterStatus command (Section 4.12.1.1).

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.13System Administration

4.13.1User Management

4.13.1.1setUsername

public void setUsername(java.lang.String username)

4.13.1.2setPassword

public void setPassword(java.lang.String password)

4.13.1.3setUserSystemPassword

public LoadMasterResponse setUserSystemPassword(java.lang.String currentPassword,

java.lang.String newPassword)

Set the system password (password for the bal user).

Parameters:

currentPassword - Current system password.

newPassword - New system password.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.13.1.4addLocalUser

public LoadMasterResponse addLocalUser(java.lang.String user,

java.lang.String pass,

boolean isRadiusUser)

Add a local user.

Parameters:

user - Username of the new user.

pass - Password of the new user.

isRadiusUser - Enable or disable RADIUS authentication for this user.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.13.1.5 deleteLocalUser

public LoadMasterResponse deleteLocalUser(java.lang.String user)

Delete a local user.

Parameters:

user - User to delete.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.13.1.6changeLocalUserPassword

public LoadMasterResponse changeLocalUserPassword(java.lang.String user,

java.lang.String newPassword,

boolean isRadiusUser)

Change a local user's password.

Parameters:

user - User to change password of.

newPassword - New password for the specified user.

isRadiusUser - Enable or disable RADIUS authentication for this user.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.13.1.7setLocalUserPermissions

public LoadMasterResponse setLocalUserPermissions(java.lang.String user,

java.lang.String permissions)

Set permissions for a local user account.

Parameters:

user - Username of the user to modify.

permissions - A comma seperated list of permissions to allow.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.13.1.8showUser

public LoadMasterResponse showUser(java.lang.String user)

Show a local user's details. Calls usershow REST API command.

Parameters:

user – Username of the user for whom you wish to retrieve permission details.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.13.1.9listUsers

public LoadMasterResponse listUsers()

List all users.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.13.2Update License

4.13.2.1alsiLicense

public LoadMasterResponse alsiLicense(java.lang.String kempid,

java.lang.String kempidPassword)

throws Utils.InvalidApiParametersException

Trigger an online license to the Automated Licensing Support Infrastructure (ALSI) server.

Parameters:

kempid - The KEMP ID originally used to license the LoadMaster. This is an email address provided by the licensee.

kempidPassword - The KEMP ID password.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.13.3System Reboot

4.13.3.1RebootLoadMaster

public LoadMasterResponse RebootLoadMaster()

Reboot the LoadMaster.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.13.3.2ShutDownLoadMaster

public LoadMasterResponse ShutDownLoadMaster()

Shut down the LoadMaster.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.13.4Update Software

4.13.4.1InstallPatch

public LoadMasterResponse InstallPatch(java.lang.String patch)

Update the firmware on the LoadMaster.

 

Parameters:

patch – The local path to the LoadMaster patch file which should be uploaded.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.13.4.2RestorePatch

public LoadMasterResponse RestorePatch(boolean RebootAfterRestore)

Restore a previously installed version of the firmware on the LoadMaster.

Parameters:

RebootAfterRestore - Set true to reboot the LoadMaster after restoring the previous installed firmware version.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.13.4.3addAddon

public LoadMasterResponse addAddon(java.lang.String filename)

throws Utils.InvalidApiParametersException

Upload and add a new add-on pack to the LoadMaster.

Parameters:

filename - The absolute path to the file

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.13.4.4listAddon

public LoadMasterResponse listAddon()

throws Utils.InvalidApiParametersException

List the add-ons that are currently on the LoadMaster.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.13.4.5deleteAddon

public LoadMasterResponse deleteAddon(java.lang.String name)

throws Utils.InvalidApiParametersException

Delete an existing add-on on the LoadMaster.

Parameters:

name - Name of the addon to delete

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.13.5Backup/Restore

4.13.5.1Restore

public LoadMasterResponse Restore(java.lang.String backupToRestore,

int restoreType)

Restore a specific backup.

Parameters:

backupToRestore – The local path to the backup file. Use the following format: <PathToBackupFile>/<BackupFilename>.<Extension>. This parameter is required.

restoreType – The type of information to restore.

Name

Type

Range

 

Description

 

restoreType

Integer

1-3

 

1 = LoadMaster Base configuration

2 = Virtual Service configuration

3 = GEO configuration

 

Table 4‑24: Backup/Restore- restoreType Parameters

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.13.5.2Backup

public java.io.BufferedReader Backup(java.lang.String saveFilePath)

Generate a backup that contains the Virtual Service configuration, the local appliance information and statistics data.

Parameters:

saveFilePath - The local path where the load balancer backup file should be saved. Please include the filename when specifying the path.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.13.6Date/Time

Parameters relating to the date and time that can be managed using GetParameter and SetParameter commands are detailed in the following table. Refer to Section 4.16 for further details on the Get-Parameter and Set-Parameter commands.

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

NTPHost

String

Specifies the time synchronization server. Multiple hosts can be specified using a space-separated list.

No

Time

Int32

Sets the time of the LoadMaster.

No

TimeZone

String

Specifies the time zone of the LoadMaster.

No

ntpkeyid

Int32

The NTP key ID. Valid values range from 1 to 99.

No

ntpkeysecret

String

The NTP shared secret string. The NTP secret can be a maximum of 40 characters long. If the secret is more than 20 characters long, it is treated as a hex string. Setting this value to an empty string will disable the NTPv4 feature.

No

LoadBalancer

String

The IP address of the KEMP device that you are directing the command to. This can be set globally by using the Initialize-LoadBalancer command, but can be overridden on each individual command by using this parameter.

No

Credential

Object

Specifies a user account that has permission to administer the load balancer. You can either enter a username for the load balancer or provide a PSCredential object, such as an object that is returned by the Get-Credential cmdlet. When you type a username, you are prompted for a password.

No

LBPort

Int32

The port of the load balancer.

No

Table 4‑25: Date/Time Parameters

4.14Logging Options

4.14.1Debug Options

4.14.1.1flushSsoCache

public LoadMasterResponse flushSsoCache()

Flush the authentication SSO cache.

Returns: A LoadMasterResponse object containing the response from the LoadMaster Parsed XML LoadMasterResponse object

4.14.2SNMP Options

4.14.2.1GetParameter

public LoadMasterResponse GetParameter(java.lang.String paramName)

The generic GetParameter command can be used to retrieve the SNMP Options.

Parameters:

paramName - The name of the parameter. The SNMP parameters that can be retrieved using the GetParameter command are the same as those that can be set using the SetParameter command. Refer to Table 426 for the list of parameters.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

4.14.2.2SetParameter

public LoadMasterResponse SetParameter(java.lang.String paramName,

java.lang.String value)

The generic SetParameter command can be used to modify the SNMP Options.

Parameters:

paramName - The name of the parameter.

value - The value to assign to the parameter.

The SNMP parameters and values that can be set are in the table below.

Parameter

Parameter Type

Parameter Description

Mandatory

SNMPCommunity

String

Specify the SNMP community string.

No

SNMPContact

String

Specify the contact address that is sent in SNMP responses.

No

SNMPEnable

Boolean

Enable or disable SNMP.

No

SNMPHaTrap

Boolean

Send SNMP traps from the shared IP address. This option is only available when the LoadMaster is in HA mode.

No

SNMPTrapEnable

Boolean

Enable the generation of SNMP events whenever a significant event occurs.

No

SNMPv1Sink

String

Specify the sink address for SNMP type 1 traps.

No

SNMPv2Sink

String

Specify the sink address for SNMP type 2 traps.

No

SNMPv3enable

Boolean

Enable SNMP V3.

0 - Disabled

1 - Enabled

No

SNMPv3user

String

Specify the username.

No

SNMPv3userpasswd

String

Specify the user password.

No

SNMPClient

String

Specify the list of machines that can access the SNMP subsystem. If no clients are specified, then anyone can access SNMP.

No

SNMPLocation

String

Specify the location that is sent in SNMP responses

No

LoadBalancer

String

The IP address of the KEMP device that you are directing the command to. This can be set globally by using the Initialize-LoadBalancer command, but can be overridden on each individual command by using this parameter.

No

snmpAuthProt

String

Specify the relevant authentication protocol:

MD5

SHA

SHA is a more secure protocol.

Note: These values are case sensitive - please enter them in uppercase.

No

snmpPrivProt

String

Specify the relevant privacy protocol:

DES

AES

AES is a more secure protocol.

Note: These values are case sensitive - please enter them in uppercase.

No

Table 4‑26: SNMP parameters

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.14.3SDN Log Files

4.14.3.1Debug Options

There are two modes that can be used to gather the SDN statistics.

The modes are described below:

  • Mode 1: When set to mode 1, the statistics are taken from the switch port that is connected to the server and the statistics are relayed back to the LoadMaster.
  • Mode 2: When set to mode 2, the information is taken from all of the switch ports along the path.

The GetParameter and SetParameter commands can be used to manage the sdnstatsmode parameter. For more information, refer to Sections 4.16.5 and 4.16.3.

4.15Miscellaneous Options

4.15.1WUI Settings

Parameters relating to the WUI Settings that can be managed using GetParameter and SetParameter commands are detailed in the following table. Refer to Section 4.16 for further details on the Get-Parameter and Set-Parameter commands.

Parameter

Parameter Type

Parameter Description

Mandatory

HoverHelp

Boolean

Enables or disables hover help in the web user interface.

No

Motd

String

Sets the Message Of The Day (MOTD) for the web user interface. Either plain text or a text file can be used.

The maximum number of characters is 5,000.

An error will be displayed if the MOTD is greater than 5,000 characters.

No

SessionControl

Boolean

Enables or disables session control.

No

SessionIdleTime

Int32

Specifies the number of seconds that the WUI can be idle before logging the user out. This can be set from 60 to 86400 seconds.

No

SessionMaxFailAttempts

Int16

Number of failed attempts before locking the user account. This can be set from 1 to 999.

No

WUIDisplayLines

Int16

Specifies the number of display lines in the web user interface. This can be set from 10 to 100.

No

LoadBalancer

String

The IP address of the KEMP device that you are directing the command to. This can be set globally by using the Initialize-LoadBalancer command, but can be overridden on each individual command by using this parameter.

No

Credential

Object

Specifies a user account that has permission to administer the load balancer. You can either enter a username for the load balancer or provide a PSCredential object, such as an object that is returned by the Get-Credential cmdlet. When you type a username, you are prompted for a password.

No

LBPort

Int32

The port of the load balancer.

No

sessionconcurrent

String

Limit the maximum number of concurrent a single user can have.

Range: 0 to 9. A value of 0, means logins are unlimited.

No

WUIPreAuth

String

Set the pre-authentication click through banner which will be displayed before the LoadMaster login page. This parameter can contain plain text or HTML code. The field cannot contain JavaScript. This field accepts up to 5,000 characters. Anything past the 5,000 character limit will not be displayed.

No

WUITLSProtocols

I

Specify whether or not it is possible to connect to the LoadMaster WUI using the following protocols; SSLv3, TLS1.0, TLS1.1 or TLS1.2. The protocols can be enabled and disabled using a bitmask value in the range 0 to 14. Refer to Table 428to find out which number corresponds to which settings.

No

Table 4‑27: WUI Settings parameters

Number

SSLv3

TLS1.0

TLS1.1

TLS1.2

0

Enabled

Enabled

Enabled

Enabled

1

Disabled

Enabled

Enabled

Enabled

2

Enabled

Disabled

Enabled

Enabled

3

Disabled

Disabled

Enabled

Enabled

4

Enabled

Enabled

Disabled

Enabled

5

Disabled

Enabled

Disabled

Enabled

6

Enabled

Disabled

Disabled

Enabled

7

Disabled

Disabled

Disabled

Enabled

8

Enabled

Enabled

Enabled

Disabled

9

Disabled

Enabled

Enabled

Disabled

10

Enabled

Disabled

Enabled

Disabled

11

Disabled

Disabled

Enabled

Disabled

12

Enabled

Enabled

Disabled

Disabled

13

Disabled

Enabled

Disabled

Disabled

14

Enabled

Disabled

Disabled

Disabled

Table 4‑28: WUITLSProtocols bitmask values

4.15.2Remote Access

4.15.2.1IsAPIEnabled

public boolean IsAPIEnabled()

Check if the API is currently enabled on the LoadMaster.

Returns: Returns true if the API is enabled on the LoadMaster.

4.15.2.2EnableAPI

public void EnableAPI(boolean enabled)

Toggles the API to enabled or disabled

Parameters:

enabled - true to enable the use of the API, false to disable it.

4.15.2.3SetAdminAccess

public LoadMasterResponse SetAdminAccess(java.util.Map<java.lang.String,java.lang.String> params)

throws Utils.InvalidApiParametersException

The web administrative access interface and the administrative default gateway can be set in one step by running the SetAdminAccess command with the associated parameters.

Parameters:

params - Extra optional parameters. The parameters that can be set using this command are detailed in the table below:

Parameter

Type

Range

Additional Information

Mandatory

wuiiface

I

Valid interface index

The index of an existing interface. This index number corresponds to the interface number in the LoadMaster WUI, i.e. the index for eth0 is 0.

Y

wuiport

I

3-65535

Specify the port used to access the administrative web interface.

Y

wuidefaultgateway

S

Valid IP address

When administering the LoadMaster from a non-default interface, a different default gateway for administrative traffic only can be specified using this parameter.

N

Table 4‑29: SetAdminAccess parameters

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.15.3Network Options

4.15.3.1GetParameter (Network Options)

public LoadMasterResponse GetParameter(java.lang.String paramName)

Get a parameter value from the LoadMaster.

Parameters:

paramName - The name of the parameter. Valid parameter names for the network options settings are listed in the table below.

Parameter

Parameter Type

Parameter Description

Mandatory

SNAT

Boolean

Enabling this options allows the LoadMaster to NAT connections from the Real Servers to the internet

No

AllowUpload

Boolean

The LoadMaster has been optimized with HTTP workloads in mind. Enabling this option allows non HTTP uploads to work correctly.

No

ConnTimeout

Int64

Specify, in seconds, the time a connection can be idle before it is closed. This is independent of Persistency Timeout. Setting a value of 0 resets to the default value of 660 seconds.

No

KeepAlive

Boolean

By default, the system uses TCP keepalives to check for failed clients. Enabling this option improves the reliability of older TCP connections (SSH sessions). Not normally required for normal HTTP/HTTPS services.

No

MultiGW

Boolean

Use this option to enable the ability to move the default gateway to a different interface.

No

NonLocalRS

Boolean

Enable this option to allow assigning non-local Real Servers to Virtual Services.

No

OnlyDefaultRoutes

Boolean

Enable this option to force traffic from Virtual Services, which have default route entries set, to be routed to the interface where the Virtual Service’s default route is located.

No

ResetClose

Boolean

When enabled, the LoadMaster will close its connection to the Real Servers by using TCP RESET instead of the normal close handshake.

No

SubnetOrigin

Boolean

When transparency is disabled for a Virtual Service, the source IP address of connections to Real Servers is the Virtual Service. When enabled, the source IP address is the local address of the LoadMaster. If the Real Server is on a subnet, the subnet address of the LoadMaster will be used.

No

SubnetOriginating

Boolean

When transparency is disabled for a Virtual Service, the source IP address of connections to Real Servers is the Virtual Service. When enabled, the source IP address is the local address of the LoadMaster. If the Real Server is on a subnet, the subnet address of the LoadMaster will be used.

No

TCPTimeStamp

Boolean

The LoadMaster can include a timestamp in the SYN when connecting to Real Servers. Only enable this option when requested to from KEMP Support.

No

RouteFilter

Boolean

When enabled, this option only accepts IP frames from a host over the interface where the routing algorithm would route frames to the host. This is known as strict source route validation.

No

DHKeySize

Integer

Select the strength of the key used in the Diffe-Hellman key exchanges. If this value is changed, a reboot is required in order to use the new value. The default value is 2048 Bits.

No

LoadBalancer

String

The IP address of the KEMP device that you are directing the command to. This can be set globally by using the Initialize-LoadBalancer command, but can be overridden on each individual command by using this parameter.

No

Credential

Object

Specifies a user account that has permission to administer the load balancer. You can either enter a username for the load balancer or provide a PSCredential object, such as an object that is returned by the Get-Credential cmdlet. When you type a username, you are prompted for a password.

No

http_proxy

String

This option allows clients to specify the HTTP(S) proxy server and port the LoadMaster will use to access the internet.

No

Table 4‑30: Network options parameters

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

4.15.3.2SetParameter (Network Options)

public LoadMasterResponse SetParameter(java.lang.<ParameterType> paramName,

<ParameterType> value)

Sets a parameter value on the LoadMaster.

Parameters:

paramName - The name of the parameter. Valid parameter names for the network options settings are listed in the table below.

Parameter

Parameter Type

Parameter Description

Mandatory

SNAT

Boolean

Enabling this options allows the LoadMaster to NAT connections from the Real Servers to the internet

No

AllowUpload

Boolean

The LoadMaster has been optimized with HTTP workloads in mind. Enabling this option allows non HTTP uploads to work correctly.

No

ConnTimeout

Int64

Specify, in seconds, the time a connection can be idle before it is closed. This is independent of Persistency Timeout. Setting a value of 0 resets to the default value of 660 seconds.

No

KeepAlive

Boolean

By default, the system uses TCP keepalives to check for failed clients. Enabling this option improves the reliability of older TCP connections (SSH sessions). Not normally required for normal HTTP/HTTPS services.

No

MultiGW

Boolean

Use this option to enable the ability to move the default gateway to a different interface.

No

NonLocalRS

Boolean

Enable this option to allow assigning non-local Real Servers to Virtual Services.

No

OnlyDefaultRoutes

Boolean

Enable this option to force traffic from Virtual Services, which have default route entries set, to be routed to the interface where the Virtual Service’s default route is located.

No

ResetClose

Boolean

When enabled, the LoadMaster will close its connection to the Real Servers by using TCP RESET instead of the normal close handshake.

No

SubnetOrigin

Boolean

When transparency is disabled for a Virtual Service, the source IP address of connections to Real Servers is the Virtual Service. When enabled, the source IP address is the local address of the LoadMaster. If the Real Server is on a subnet, the subnet address of the LoadMaster will be used.

No

SubnetOriginating

Boolean

When transparency is disabled for a Virtual Service, the source IP address of connections to Real Servers is the Virtual Service. When enabled, the source IP address is the local address of the LoadMaster. If the Real Server is on a subnet, the subnet address of the LoadMaster will be used.

No

TCPTimeStamp

Boolean

The LoadMaster can include a timestamp in the SYN when connecting to Real Servers. Only enable this option when requested to from KEMP Support.

No

RouteFilter

Boolean

When enabled, this option only accepts IP frames from a host over the interface where the routing algorithm would route frames to the host. This is known as strict source route validation.

No

DHKeySize

Integer

Select the strength of the key used in the Diffe-Hellman key exchanges. If this value is changed, a reboot is required in order to use the new value. The default value is 2048 Bits.

No

LoadBalancer

String

The IP address of the KEMP device that you are directing the command to. This can be set globally by using the Initialize-LoadBalancer command, but can be overridden on each individual command by using this parameter.

No

Credential

Object

Specifies a user account that has permission to administer the load balancer. You can either enter a username for the load balancer or provide a PSCredential object, such as an object that is returned by the Get-Credential cmdlet. When you type a username, you are prompted for a password.

No

http_proxy

String

This option allows clients to specify the HTTP(S) proxy server and port the LoadMaster will use to access the internet.

No

Table 4‑31: Network options parameters

value - The value to assign to the parameter.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster

4.15.4AFE Configuration

4.15.4.1AddNoCache

public LoadMasterResponse AddNoCache(java.lang.String fileExtension)

Add a file extension to the list of those which are not to be cached on the LoadMaster.

Parameters:

fileExtension - The file extension that should not be cached. (e.g. ".jpg") The extension must start with a "." A collection of extensions can be provided through the pipeline.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.15.4.2DeleteNoCache

public LoadMasterResponse DeleteNoCache(java.lang.String fileExtension)

Remove a file extension to the list of those which are not to be cached on the LoadMaster.

Parameters:

fileExtension - The file extension that should be removed from the "no cache" list. The extension must start with "." For example: ".jpg"

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.15.4.3AddNoCompress

public LoadMasterResponse AddNoCompress(java.lang.String fileExtension)

Add a file extension to the list of those which are not to be compressed on the LoadMaster.

Parameters:

fileExtension - The file extension that should not be compressed. (e.g. ".jpg") The extension must start with a "." A collection of extensions can be provided through the pipeline.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.15.4.4DeleteNoCompress

public LoadMasterResponse DeleteNoCompress(java.lang.String fileExtension)

Remove a file extension to the list of those which are not to be compressed on the LoadMaster.

Parameters:

fileExtension - The file extension that should be removed from the "no compress" list. The extension must start with "." For example: ".jpg"

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.15.4.5AfeClientLimitAdd

public LoadMasterResponse AfeClientLimitAdd(java.lang.String l7addr,int l7limit)

throws Utils.InvalidApiParametersException

Add a client IP limiter.

Parameters:

l7addr - IP address/mask to be limited in the format <IPAddress>/<Mask>.

l7limit – Limit the number of connections (per second) from a specific host/network

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.15.4.6AfeClientLimitDelete

public LoadMasterResponse AfeClientLimitDelete(java.lang.String l7addr)

throws Utils.InvalidApiParametersException

Delete a client IP limiter.

Parameters:

l7addr - IP address/mask to be deleted

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.15.4.7AfeClientLimitList

public LoadMasterResponse AfeClientLimitList()

throws Utils.InvalidApiParametersException

List the client IP limiters.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.15.5HA Parameters

4.15.5.1Get-Parameter/Set-Parameter (HA Parameters)

The HA Parameters that can be managed using GetParameter and SetParameter commands are detailed in the following table. Refer to Section 4.16 for further details on the GetParameter and SetParameter commands.

Parameter

Parameter Type

Description

Mandatory

HAMode

Int16

Specify the HA mode. If only using a single LoadMaster, use Non-HA Mode. In HA mode, one LoadMaster must be specified as the first and another as second. HA will not work if both LoadMasters are specified the same.

0 = Turn off HA mode

1 = HA 1 mode

2 = HA 2 mode

No

HAIf

Int16

The network interface used when synchronising the configuration between the members of the HA cluster.

No

HAInitial

Boolean

Perform extra network checks at boot time. This may cause instability and should not be used.

No

HAPrefered

Int16

By default, neither partner in a HA cluster has priority. When a machine restarts after a switchover that machine becomes a slave. Specifying a preferred host means that when this machine restarts it will always become the master and the partner will revert to slave mode.

No

HAStyle

Boolean

By default, the system uses a version of VRRP (carp) to check the status of the partner. The system can also support the legacy Heartbeat program. This option only takes effect when both machines are rebooted

No

HATimeout

Int16

The time the master must be unavailable before a switchover occurs. Allowed Values: 1-5, each option being a predetermined time interval:

1 = 3 seconds

2 = 6 seconds

3 = 9 seconds

4 = 12 seconds

5 = 15 seconds

No

HAVhid

Int16

When using multiple HA LoadMasters on the same network, this value identifies each cluster so that there are no potential unwanted interactions.

No

HAWait

Int16

This is how long after the initial boot, before the LoadMaster becomes active. If the partner machine is running this value is ignored. This value can be changed to mitigate the time taken for some intelligent switches to detect that the LoadMaster has started and to bring up the link.

No

MCast

Int16

The network interface used for multicast traffic which is used to synchronize Layer 4 and Layer 7 traffic when Inter HA Updates are enabled.

No

Vmac

Boolean

This option creates a shared MAC address for both units. When failover occurs, the LoadMaster handles the MAC address handover too. This allows the switches to keep the MAC address and not worry about ARP caches or stale records.

No

TCPFailover

Boolean

When using L4 services, enabling updates allows L4 connection maintenance across a HA switchover. This option is ignored for L7 services.

No

CookieUpdate

Boolean

When using L7 services, enabling this option allows sharing of persistency information between HA partners. If a HA switchover occurs, the persistency information will then not be lost. Enabling this option can have a significant performance impact.

No

FinalPersist

Int32

When a Real Server is disabled, the sessions persisting on that Real Server continue to be served until the Drain Time has expired or until no more sessions are being handled by the Real Server. No new sessions will be handled by the Real Server.

No

LoadBalancer

String

The IP address of the KEMP device that you are directing the command to. This can be set globally by using the Initialize-LoadBalancer command, but can be overridden on each individual command by using this parameter.

No

Credential

Object

Specifies a user account that has permission to administer the load balancer. You can either enter a username for the load balancer or provide a PSCredential object, such as an object that is returned by the Get-Credential cmdlet. When you type a username, you are prompted for a password.

No

LBPort

Int32

The port of the load balancer.

No

Table 4‑4: Set-HAOption command parameters

4.15.5.2SwitchHa

public LoadMasterResponse SwitchHa()

Switch the roles of a HA pair, the response includes the IP address of the new active host.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.15.6Azure HA Parameters

The commands in this section are only relevant on the LoadMaster for Azure.

4.15.6.1SetAzureHaMode

public LoadMasterResponse SetAzureHaMode(java.util.Map<java.lang.String,java.lang.String> parameters)

throws Utils.InvalidApiParametersException

Set the Azure HA mode.

Parameters:

parameters - A key value map for setting parameters. There is just one parameter for this command - hamode and it can be set to either master, slave or single (to switch to non-HA mode).

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.15.6.2SetAzureHaParam

public LoadMasterResponse SetAzureHaParam(java.util.Map<java.lang.String,java.lang.String> parameters)

throws Utils.InvalidApiParametersException

Configure the Azure HA mode.

Parameters:

parameters - A key value map for setting parameters. The parameters are listed and described below:

Name

Type

Range

Additional Information

partner

S

Must be a valid IP address

Specify the host name or IP address of the HA partner unit.

hcp

I

Must be a valid port value

Set the port over which the health check will be run. The post must be the same on both the master and slave unit in order for HA to function correctly.

Table 4‑32: Azure HA parameters

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.15.6.3GetAzureHaParam

public LoadMasterResponse GetAzureHaParam()

throws Utils.InvalidApiParametersException

Display the Azure HA Mode parameters.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.15.7AWS HA Parameters

The commands in this section are only relevant on the LoadMaster for AWS.

The port defaults to 443. Ensure to set the port to the port used to communicate with the LoadMaster.

4.15.7.1SetAwsHaMode

public LoadMasterResponse SetAwsHaMode(java.util.Map<java.lang.String,java.lang.String> parameters)

throws Utils.InvalidApiParametersException

Configure the AWS HA mode.

Parameters:

parameters - A key value Map for setting parameters.

Parameter

Parameter Type

Parameter Description

Mandatory

HAMode

String

Specifies the HA mode. Valid values are:

-master

-slave

-single

Yes

Table 4‑5: Set-AwsHAMode command parameters

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.15.7.2SetAwsHaParam

public LoadMasterResponse SetAwsHaParam(java.util.Map<java.lang.String,java.lang.String> parameters)

throws Utils.InvalidApiParametersException

Configure the AWS HA mode parameters.

Parameters:

parameters - A key value Map for setting parameters.

Parameter

Parameter Type

Parameter Description

Mandatory

Hcp

String

The port over which the health check is run. This needs to be the same on both the master and the slave units in order for HA to function correctly.

Yes

Partner

String

Address of the HA partner.

Yes

Table 4‑6: Set-AwsHAOption command parameters

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.15.7.3GetAwsHaParam

public LoadMasterResponse GetAwsHaParam()

throws Utils.InvalidApiParametersException

Retrieve the AWS HA Mode parameters.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.15.8SDN Configuration

4.15.8.1addSDNController

publicLoadMasterResponseaddSdnController(java.lang.Stringipv4, int port, java.util.Map<java.lang.String,java.lang.String> parameters )

throws Utils.InvalidApiParametersException

Parameters:

ipv4 - IPv4 address of the SDN controller.

port - Port of the SDN controller.

parameters – The ipv4 and port parameters are mandatory when adding an SDN controller. In addition to these parameters, a number of optional parameters can also be set using a key value map. For futher information please refer to Section 2.2. The parameters are listed and described below:

  • https - HTTP method to use (boolean)

yes: HTTPS

no: HTTP

  • user - The username to access the SDN controller API
  • password - password for access to SDN controller API
  • clid - Cluster ID for the new SDN controller. If specified, the SDN controller will be added to the cluster with ID `clid` The cluster with ID `clid` must already exist. If the clid is not specified the SDN controller will be added to a new cluster (default).

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.15.8.2deleteSDNController

public LoadMasterResponse deleteSdnController(int clid,int cid)

This command is used to delete an SDN controller from the LoadMaster.

Parameters:

clid - Cluster ID - The ID of the cluster to be deleted (along with all SDN controllers belonging to it).

cid - Controller ID - The ID of the SDN controller to be deleted.

Either a controller or a cluster can be deleted - the Controller ID or the Cluster ID must be specified.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.15.8.3modifySDNController

public LoadMasterResponse modifySdnController(java.lang.String cid, java.util.Map<java.lang.String,java.lang.String> parameters)

throws Utils.InvalidApiParametersException

This command is used when you need to change the parameter values for an SDN controller.

Parameters:

cid - Controller ID - The ID of the controller to be modified.

parameters - A number of optional parameters can be modified using a key value map. For futher information please refer to Section 2.2 The parameters are listed and described below:

  • https - HTTP method to use (boolean)

yes: HTTPS

no: HTTP

  • user - user for access to SDN controller API
  • password - password for access to SDN controller API
  • clid - Cluster ID for the new SDN controller. If specified, the SDN controller will be added to the cluster with ID `clid` The cluster with ID `clid` must already exist. If not specified the SDN controller will be added to a new cluster (default).
  • ipv4 - IPv4 address of the SDN controller.
  • port - Port of the SDN controller.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

Throws: Utils.InvalidApiParametersException - Exception when an invalid parameter/value is used.

4.15.8.4getSDNController

publicLoadMasterResponsegetSdnController()

This command is used to list details about the existing SDN controllers.

The parameters that appear in the output are explained below:

  • Cluster ID: The unique ID of the cluster that the SDN controller is a member of.

Any empty cluster parameter sections relate to clusters that were previously added but were later removed. Each time a new cluster is added it gets assigned a new ID number.

  • Controller ID: The ID of the SDN controller.
  • IPv4: The IPv4 address of the SDN controller.
  • Port: The port of the SDN controller WUI.
  • HTTPS: Displays whether HTTPS (yes) or HTTP (no) is used to access the SDN controller.
  • User: The username to be used to access the SDN controller.
  • Password: The password of the user to be used to access the SDN controller.

Returns:

A LoadMasterResponse object containing the parsed response from the LoadMaster Parsed XML LoadMasterResponse object

4.16Sundry Commands

A list of sundry commands which do not typically fit into any of the WUI-related sections above, are provided below.

4.16.1CheckConnection

public boolean CheckConnection()

Used to check if the program which is executing the API command can contact the LoadMaster.

Parameters:

host - The IP address of the LoadMaster.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster Returns true if the LoadMaster is contacted.

4.16.2SetParameter (string)

public LoadMasterResponse SetParameter(java.lang.String paramName,

java.lang.String value)

Set a parameter value on the LoadMaster.

Parameters:

paramName - The name of the parameter.

value - The String value to assign to the parameter.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.16.3SetParameter (integer)

public LoadMasterResponse SetParameter(java.lang.String paramName,

int value)

Sets a parameter value on the LoadMaster.

Parameters:

paramName - The name of the parameter.

value - The integer value to assign to the parameter.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.16.4SetParameter (boolean)

public LoadMasterResponse SetParameter(java.lang.String paramName,

boolean value)

Sets a parameter value on the LoadMaster.

Parameters:

paramName - The name of the parameter.

value - The boolean value to assign to the parameter.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.16.5GetParameter

public LoadMasterResponse GetParameter(java.lang.String paramName)

Get a parameter value from the LoadMaster.

Parameters:

paramName - The name of the parameter.

4.16.6setLoadMasterAddress

public void setLoadMasterAddress(java.lang.String loadMasterAddress)

4.16.7SetAPIPort

publicvoidSetAPIPort(intport)

4.16.8customApiCall

public LoadMasterResponse customApiCall(java.lang.String paramURL)

Create a custom API call.

Parameters:

paramURL - a string containing the complete API query: /access/?=value&=value&

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

4.16.9ShowAccessKey

public LoadMasterResponse ShowAccessKey()

Display the Access Key of the LoadMaster.

Returns: A LoadMasterResponse object containing the parsed response from the LoadMaster.

5Response Methods

5.1getStatusCode

public java.lang.String getStatusCode()

Return the status from the response of the last call made to the LoadMaster.

Returns: A String containing the Status code contained in the LoadMaster response e.g. '200'.

5.2getCode

public java.lang.String getCode()

Return the code from the response of the last call made to the LoadMaster.

Returns: A String containing the code contained in the LoadMaster response e.g 'ok'.

5.3getParsedXMLMap

public java.util.Map<java.lang.String,java.lang.String> getParsedXMLMap()

Returns the complete map of the Data node from the response of the last call to the LoadMaster

Returns: A Hash Map containing the key/value pairs of data returned from the LoadMaster.

References

Unless otherwise specified, the following documents can be found at http://kemptechnologies.com/documentation.

SSL Accelerated Services, Feature Description Web User Interface, Configuration Guide LoadMaster Clustering, Feature Description

Document History

Date

Change

Reason for Change

Version

Resp.

June 2015

Release updates

Updates for 7.1-28 release

1.5

LB

July 2015

Minor updates

Enhancements made

3.0

LB

Aug 2015

Release updates

Updates for 7.1-28b release

4.0

LB

Sep 2015

Release updates

Updates for 7.1-30 release

5.0

KG

Oct 2015

Minor change

Updated header and footer

6.0

LB

Nov 2015

Minor updates

Enhancements made

7.0

LB

Mar 2016

Minor updates

Enhancements made

8.0

LB

Was this article helpful?

0 out of 0 found this helpful

Comments