Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

Interface Description - Multi-Tenant LoadMaster API

Contents

1 Introduction

The Multi-Tenant LoadMaster Application Program Interface (API) is an interface designed to allow remote applications to access the Multi-Tenant LoadMaster in a simple and consistent manner. The interface is a REST-like interface. REST (Representational State Transfer) is a style of software architecture for distributed systems and is one of the predominant web service design models.

The implementation of the Multi-Tenant LoadMaster API is based on the LoadMaster API. The infrastructure of these APIs is not fully RESTful compliant. For example, the PUT or DELETE HTTP methods are not supported.

1.1 Document Purpose

This document describes the API interface to the Multi-Tenant LoadMaster product. It describes in detail how to configure the various features of the Multi-Tenant LoadMaster using the API.

This document does not explain each of the features in detail. For further information, including details on configuring the Multi-Tenant LoadMaster using the Web User Interface (WUI), refer to the Multi-Tenant LoadMaster, Feature Description.

1.2 Intended Audience

This document is intended to help anyone who wishes to configure the Multi-Tenant LoadMaster using API commands.

2 The Multi-Tenant LoadMaster API Interface

The Multi-Tenant LoadMaster API works in a RESTful manner, allowing a user or application to pass HTTPS requests to the Multi-Tenant LoadMaster. The Multi-Tenant LoadMaster answers the request with a JavaScript Object Notation (JSON) formatted response. The HTTPS request needs to be in the following format:

https://<Username>:<Password>@<MTIPAddress>/api/<Command>?<Parameter>=<Value>

The basic interface is a simple HTTPS GET operation where the command is specified by the URL. If any parameters are required by the operation, they are passed as QUERY parameters.

The following points should be noted regarding the formatting of the HTTPS request:

Only one command can be given at a time.

The ‘?’ character signifies the end of a command.

The ‘&’ character signifies the end of a parameter/value pair.

If there are any unnecessary parameter/value pairs, they will be ignored.

The order in which the parameter/value pairs appear does not matter.

There cannot be any spaces within the query. Although some applications, like browsers, would convert spaces to HTML code prior to sending the string to the Multi-Tenant LoadMaster.

2.1 Notation

2.1.1 Placeholder Text

In the example commands in this document, text which is italicized and is surrounded by angular brackets indicates a value which needs to be entered, for example:

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/set?param=motd&value=<ExampleMessageOfTheDay>"

In the example above, <Username>, <Password>, <MTIPAddress> and <ExampleMessageOfTheDay> all relate to values that should be entered, for example:

curl -k "https://bal:ExamplePassword@172.21.122.200/mtaccess/set?param=motd&value=Example Message of the Day"

Throughout this document, anywhere that the Multi-Tenant LoadMaster IP address needs to be entered will be indicated by <MTIPAddress>.

Some of the commands and parameters are case sensitive.

2.1.2 Parameter Types

Throughout the document the parameter types are defined as follows:

Type

Typical Values

Boolean

Y or N; y or n; 1 or 0;

Integer

<MinimumIntegerValue>-<MaximumIntegerValue>

String

"value"

Address

IP address

File

Some type of file

2.2 Security

An application can only access the Multi-Tenant LoadMaster using the standard WUI IP address.

The user bal naturally has access to all functionality; other users have access to the subsystems that have been assigned to them using the Multi-Tenant LoadMaster permissions.

Depending on security settings and whether the browser has ever connected to the WUI before adding login information may be required. In this case instead of a standard command format such as:

https://<MTIPAddress>/mtaccess/<Command>?<Parameters>

The login information would need to be included, i.e.

https://<Username>:<Password>@<MTIPAddress>/mtaccess/<Command>?<Parameters>

2.3 Enabling the Multi-Tenant LoadMaster API Interface

The RESTful API interface is enabled or disabled using the Multi-Tenant LoadMaster WUI. By default the interface is disabled.

To enable the RESTful API interface, complete the following steps:

1. Go to System Configuration > Miscellaneous Options > Remote Access in the main menu.

Enabling the Multi Tenant.png

2. Select the Enable API Interface checkbox.

2.4 Using Get and Set Commands

A large number of Multi-Tenant LoadMaster parameters can be managed using the get and set commands. These parameters are described throughout the document.

Values of parameters can be obtained using the get command using the format:

https://<Username>:<Password>@<MTIPAddress>/access/get?param=<ParameterName>

Values of parameters can be set using the set command using the format:

https://<Username>:<Password>@<MTIPAddress>/access/set?param=<ParameterName>&value=<ParameterValue>

2.5 Error Reports

If an error occurs, for example if a request is missing a required parameter, an error report is generated such as the following:

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="400" code="fail">

    <Error>

    param: String Value missing

    </Error>

</Response>

The error code may change, depending on what the issue is. The HTTP status of the request also reflects the response code.

Other error messages may be displayed if commands were unsuccessful for some reason, such as:

<Response stat="400" code="fail">

<Error>unable to delete the LoadMaster-VLM image file</Error>

</Response>

3 Multi Tenancy API Commands

3.1 Command Syntax

A request is made up of two parts: the command and the parameters.

https://<Username>:<Password>@<MTIPAddress>/access/<Command>?<Parameters>

When there is more than one parameter in a request, individual parameters are separated using an ampersand (&) symbol.

3.2 Home Screen Information

Some information that is available in the Multi-Tenant LoadMaster WUI is also available using the API. Refer to the sub-sections below for further details.

3.2.1 Retrieve the Multi-Tenant LoadMaster Firmware Version

The Multi-Tenant LoadMaster firmware version can be obtained using the get command and the version parameter:

https://<LoadMasterIPAddress>/mtaccess/get?param=version

3.2.2 Retrieve the Boot Time and Active Time

To retrieve these values, run the following commands:

https://<LoadMasterIPAddress>/mtaccess/get?param=boottime

https://<LoadMasterIPAddress>/mtaccess/get?param=activetime

3.2.3 Retrieve the Serial Number

To retrieve the Multi-Tenant LoadMaster serial number, run the get command for the serialnumber parameter:

https://<LoadMasterIPAddress>/mtaccess/get?param=serialnumber

3.2.4 Retrieve Licensing Information

To retrieve details about the Multi-Tenant LoadMaster license and subscription, run the licenseinfo command:

https://<MTIPAddress>/access/licenseinfo

3.3 Initial Configuration

A number of steps are involved in initially deploying a Multi-Tenant LoadMaster, such as accepting the End User License Agreement (EULA) and licensing the unit. Before the Multi-Tenant LoadMaster can be fully deployed, the user must display and accept the EULA. These initial configuration steps can either be performed via the WUI or the API. The API commands relating to initial configuration are listed in the sections below.

Each of the commands in this section (apart from the licensing commands) can only be run before the Multi-Tenant LoadMaster is fully deployed. If these commands are run on a Multi-Tenant LoadMaster that has been fully deployed, an error will occur.

These commands should be run in sequential order.

3.3.1 Read the EULA

The ReadEula command displays the EULA and a magic cookie.

The magic cookie is used for security reasons - it limits the possibility of remote attacks. If a command requires the magic cookie (like some of the other ones in the sections below) and does not get the correct magic cookie from the previous command, the command will fail.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/readeula"

Example Output

Displays the EULA and the magic string. The EULA can be accepted using the AcceptEULA command which is detailed in the Accept the EULA and Set the License Type section.

The magic string is an automatically generated random string, for example c0a6fccc-1c53-4a26-8ed3-e0d0bb8e23f3. Please copy this string because it will be needed in the next command in order to set the license type.

3.3.2 Accept the EULA and Set the License Type

Currently there are two Multi-Tenant LoadMaster license types available from Progress Kemp. These are:
30 Day Trial License
Permanent License

The AcceptEULA command is used to enter the magic cookie key which is returned by the ReadEula command in order to accept the EULA and set the type of license used (trial or perm).

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/accepteula?magic=<CorrectMagicString>&type=<Trial/Perm>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

magic

String

The magic string which was returned when the ReadEULA command was run. For more information on the ReadEULA command, refer to the Read the EULA secton.

Yes

type

String

The type of license to be applied. Valid values are:

trial - 30 day trial. This is a temporary license used to evaluate the Multi-Tenant LoadMaster.

perm - A purchased, permanent Multi-Tenant LoadMaster.

Yes

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="ok">

<Success><Data><Magic>c0a6fccc-1c53-4a26-8ed3-e0d0bb8e23f3</Magic>

<Eula>

As part of Kemps continuous drive to offer better value and services to our customers Kemp has introduced a Call Home feature.

The LoadMaster can utilize Call Home to get available license updates, information regarding any updated firmware for your product and provide system status information to Kemp.  The system status information will include Throughput, Enabled Features, Virtual Services and Real Servers details but will not include any unique personal information or actual traffic from your network.

Your LoadMaster will initiate a connection to Kemp once during any 24 hour interval.

<b>NOTE</b> – Allowing Call Home is mandatory for Free LoadMaster versions.

For more details on this visit <a href="http://www.kemptechnologies.com/callhome" target="_blank">www.kemptechnologies.com/callhome</a>

</Eula>

</Data>

</Success>

</Response>

Another magic string is displayed in the output of this command. This is needed to run the AcceptEula2 command which is used to accept the terms of the EULA.

3.3.3 Specify whether or not to use the Call Home Feature

The AcceptEULA2 command is used to specify whether or not to use the Call Home feature. If this is enabled, the LoadMaster regularly contacts Progress Kemp to check for updates and other information.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/accepteula2?magic=<CorrectMagicString>&accept=<0/1>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

magic

String

The magic string which was returned when the AcceptEULA command was run. For more information on the AcceptEULA command, refer to the Accept the EULA and Set the License Type section.

Yes

accept

String

Specify whether or not to use the Call Home feature:

0 - Do not use the Call Home feature

1 - Use the Call Home feature

Yes

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="ok">

<Success>Command completed ok</Success>

</Response>

3.3.4 License the Multi-Tenant LoadMaster

Either online or offline licensing can be used to license the Multi-Tenant LoadMaster. Refer to the relevant section below to find out more information.

3.3.4.1 License using the Online Method

The AlsiLicense command can be used to license the Multi-Tenant LoadMaster using the online method.

This step must be performed before the Multi-Tenant LoadMaster password can be set.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/alsilicense?kempid=<KempID>&password=<KempIDPassword>"

Available Parameters

Parameter

Parameter Type

Description

Mandatory

kempId

String

The Kemp ID is the email address which was used when registering for a Kemp ID.

Yes

password

String

The password of the Kemp ID account.

Yes

Example Output

<Response stat="200" code="ok">

<Success>Command completed ok</Success>

</Response>

3.3.4.2 License using the Offline Method

The Multi-Tenant LoadMaster can be licensed offline by using the license command.

A Binary Large Object (BLOB) is needed in order to license using the offline method. The BLOB is sent via email, when requested. For more information on licensing (including details on how to retrieve a BLOB), please refer to the Licensing, Feature Description.

Each time a license is updated a new BLOB is needed. The following is an example of a BLOB:

License the Multi Tenant LoadMaster.png

The BLOB is the body of text from the word begin to the word end, as is highlighted in the example in the screenshot above. The BLOB must be copied and pasted into a text file (in the following example the file is called license.txt).

Example Command

There are a number of methods of using the license command for example, using a CURL command on Linux would look like the following:

curl –X POST -–data-binary “@license.txt” –k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/license"

This command uploads the BLOB file to the Multi-Tenant LoadMaster. The example command above assumes that the license.txt file is in the current directory. If the license.txt file is stored elsewhere, specify the path to the file after the @ symbol.

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="ok">

<Success>Command completed ok. Machine Successfully Licensed</Success>

</Response>

3.3.5 Set the Initial Password

The SetInitialPasswd command is used to set the password of the default Multi-Tenant LoadMaster user (bal).

Example Command

curl –X POST -–data-binary “@license.txt” –k "https://<Username>:<Password>@<MTIPAddress>/set_initial_passwd?passwd=<NewPassword>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

passwd

String

This is the password for the default administrator user (bal). The password should contain at least 8 alphanumeric characters.

Yes

Expected Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="ok">

<Success>Command completed ok</Success>

</Response>

3.4 Instance Management

3.4.1 Upload a VNF Package

This command allows a new LoadMaster Virtualized Network Function (VNF) package to be uploaded to the Multi-Tenant LoadMaster. The command will POST the image file.

Example Command

curl –X POST -–data-binary "@<PathToFile\Filename.Extension>" –k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/installvnf"

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="ok">

<Success><templateid>6</templateid></Success>

</Response>

3.4.2 List the Installed VNF Packages

This command returns the list of the installed VNF packages which exist in the Multi-Tenant LoadMaster.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/listinstalledvnf"

Example Output

The following is an example response with two images installed on the Multi-Tenant LoadMaster:

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="ok">

<Success><DATA>

<installedvnfs>

<vnf>

<id>10</id>

<name>LoadMaster-VLM</name>

<version>7.1-30</version>

</vnf>

<vnf>

<id>11</id>

<name>LoadMaster-VLM</name>

<version>7.1-30</version>

</vnf>

<vnf>

</installedvnfs>

</DATA></Success>

</Response>

The following is an example response when no images are available inside the Multi-Tenant LoadMaster:

<Response stat="200" code="ok">

<Success>

<Data>

</Data>

</Success>

</Response>

3.4.3 Delete a VNF Package

This command deletes the specified VNF package from the Multi-Tenant LoadMaster.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/deletevnf?templateid=<VNFTemplateID>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

templateid

String

The ID of the VNF package. To retrieve the ID of a currently installed VNF package, run the listinstalledvnf command. Refer to the List the Installed VNF Packages section for further information.

Yes

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

</Response>

3.4.4 Create an Instance

This command creates a tenant LoadMaster instance.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/createinstance?dftgw=<DefaultGatewayIPAddress>&memory=<MemoryValue>&templateid=<VNFTemplateID>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

dftgw

Address

The Default Gateway IP address.

Yes

memory

Integer

The memory requirement. The maximum memory value is system dependent.

If you try to set the memory to a value that is too high, an error message will be displayed which returns the maximum memory available.

Yes

templateid

String

The ID of the VNF package. To retrieve the ID of a currently installed VNF package, run the listinstalledvnf command. Refer to the List the Installed VNF Packages section for further information.

Yes

vnfname

String

The nickname for the VNF instance.

No

ipaddress

Address

The IP address of the LoadMaster instance. If this is not set, the IP address will default to 192.168.1.101/24.

No

nics

Integer

The number of network cards for the LoadMaster instance. The default value for this is 1.

Range: 1 to 9

No

cpus

Integer

Number of available CPUs for the LoadMaster instance. The default value for this is 1. The maximum is the number of CPUs on the Multi-Tenant LoadMaster.

No

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="ok">

<Success><instanceID>12</instanceID></Success>

</Response>

This instance ID is needed for both the instanceid and iid parameters in all relevant subsequent commands throughout this document. To retrieve the instance IDs, run the listinstances command which is detailed in the List the Instances section.

3.4.5 List the Instances

This command returns the details about the installed VNF instances.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/listinstances"

This command can either be run without any parameters to display details for all instances, or an instanceid can be specified to display details about a particular instance.

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

instanceid

Integer

The ID of the relevant instance.

No

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="ok">

<Success><DATA>

<VNF>

<Id>21</Id>

<Name>VLM-2 Company 1</Name>

<Status>idle</Status>

<IPAddress>192.168.1.102</IPAddress>

<Autostart>no</Autostart>

</VNF>

</DATA></Success>

</Response>

The tenant status can be idle or running.

An UpdateLicense tag appears if a VNF instance license update is required, for example:

<UpdateLicense>yes</UpdateLicense>

3.4.6 Delete an Instance

This command can be used to delete an instance.

An instance cannot be deleted if it is running. Stop the instance before deleting by running the stopInstance command, if needed. For further information on the stopInstance command, refer to the Start/Stop an Instance section.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/deleteinstance?instanceid=<InstanceID>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

instanceid

Integer

The ID of the instance to be deleted. The instance ID can be retrieved by running the listinstances command. For more information, refer to the List the Instances section.

Yes

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="ok">

<Success>Command completed ok</Success>

</Response>

3.4.7 Retrieve the Currently Committed Resources

This command returns the currently committed resources, that is, how many cores and how much memory is currently in use.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/commitedresources"

Expected Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="ok">

<Success><Data><currentCpus>1</currentCpus>

<currentMemory>512</currentMemory>

</Data>

</Success>

</Response>

The currentMemory displays the amount of memory used.

3.4.8 Allow/Disallow Over Commitment of Resources

The get/set commands can be used to allow or disallow the over commitment of resources.

Allowing over commitment of resources can have an impact on performance.

Example Command

Get (Retrieve):

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/get?param=overcomres"

Set (Configure)

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/set?param=overcomres&value=<0/1>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

param

String

The name of the parameter to be retrieved/configured. In this case, it should be set to overcomres.

Yes

value

String

The value to set the parameter to. In this case, specify whether or not to allow over commitment of resources.

0/no - Disallow

1/yes - Allow

Yes - if setting.

No - if getting.

Example Output

Get (Retrieve):

<Response stat="200" code="ok">

<Success>

<Data>

<overcomres>no</overcomres>

</Data>

</Success>

</Response>

Set (Configure):

<Response stat="200" code="ok">

<Success>Command completed ok</Success>

</Response>

3.4.9 Retrieve the Instance Status

This command returns the status of a specified instance.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/instancestatus?InstanceID=<InstanceID>"

Expected Ouput

<Response stat="200" code="ok">

<Success>

<Data>

<instancestatus>running</instancestatus>

</Data>

</Success>

</Response>

The tenant status can be running or idle.

3.4.10 Configure an Instance

This command can be used to configure an instance.

An instance cannot be configured if it is running. To stop an instance, run the stopInstance command. For further information, refer to the Start/Stop an Instance section.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/configureinstance?vnfname=<VNFName>&memory=<MemoryValue>&intf=<Interface>&ispi=<0/1>&intfid=<InterfaceID>&iid=<VLMInstanceID>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

vnfname

String

The nickname for the VNF instance.

Yes

memory

Integer

The memory requirement. The maximum memory value is system dependent. The values match the WUI values.

If you try to set the memory to a value that is too high, an error message will be displayed which returns the maximum memory available.

Yes

cpus

Integer

Number of available CPUs for the LoadMaster instance. The default value for this is 1. The maximum is the number of CPUs on the Multi-Tenant LoadMaster.

No

intf

String

The VNF network interface, in the format eth<Number>, for example eth1. This must correspond to an existing interface in the Multi-Tenant LoadMaster.

Yes

ispi

Boolean

Specify whether it Is a physical or virtual interface:

0 - Virtual

1 - Physical

Yes

intfid

Integer

The physical or virtual interface ID.

Yes

iid

Integer

The VLM instance ID. This can be retrieved by running the listInstances command. For further information, refer to the List the Instances section.

Yes

All mandatory parameters must be set, even if only one parameter value is being changed.

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="ok">

<Success>Configuration Updated</Success>

</Response>

3.4.11 Start/Stop an Instance

These commands will start/stop an instance.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/startinstance?instanceid=<InstanceID>"

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/stopinstance?instanceid=<InstanceID>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

instanceid

Integer

The ID of the instance to be started/stopped. The instance ID can be retrieved by running the listinstances command. For more information, refer to the List the Instances section.

Yes

Expected Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

</Response>

3.4.12 Enable/Disable AutoStart

This command can be used to specify whether or not an instance should automatically start after a system reboot.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/autoinstance?iid=<VLMInstanceID>&autostart=<0/1>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

iid

Integer

The VLM instance ID. This can be retrieved by running the listInstances command. For further information, refer to the List the Instances section.

Yes

autostart

Boolean

Specify whether or not an instance should automatically start after a system reboot:

0/no - Do not automatically start

1/yes - Do automatically start

Yes

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="ok">

<Success>Command completed ok</Success>

</Response>

3.4.13 Add/Delete an Instance Interface

These commands can be used to add or delete an interface to/from a VNF instance.

Example Command

Add:

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/addinstanceiface?iid=<VLMInstanceID>"

Delete:

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/delinstanceiface?iid=<VLMInstanceID>"

An instance interface cannot be deleted if the instance is running. To stop an instance, run the stopinstance command. For more information, refer to the Start/Stop an Instance section.

Running the delinstanceiface command will delete the interface which was last added. It is not possible to delete the eth0 interface.

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

iid

Integer

The VLM instance ID. This can be retrieved by running the listInstances command. For further information, refer to the List the Instances section.

Yes

Example Output

Add:

<Response stat="200" code="ok">

<Success>VNF network interface Created</Success>

</Response>

Delete:

<Response stat="200" code="ok">

<Success>VNF network interface Deleted</Success>

</Response>

3.4.14 Update the License for an Instance

Before updating the license for an instance, you must update the Multi-Tenant LoadMaster license. For details on how to do this, refer to the License the Multi-Tenant LoadMaster section. 

After you update the Multi-Tenant LoadMaster license, you can then update the license for an instance using the updateinstancelicense command.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/updateinstancelicense?instanceid=<VLMInstanceID>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

instanceid

Integer

The ID of the relevant instance.

No

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="ok">

<Success>License updated successfully for VNF LoadMaster-VLM, instance id: 2</Success>

</Response>

3.4.15 Backup/Restore Instance Commands

The sub-sections below contain details about commands relating to the backing up and restoring of instances.

3.4.15.1 List Backup Instances

This command lists any existing backups for the specified instance.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/listbackupinstance?iid=<VNFInstanceID>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

iid

Integer

The VLM instance ID. This can be retrieved by running the listInstances command. For further information, refer to the List the Instances section.

Yes

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="ok">

<Success><DATA><backup_0>LMBackups_2015_10_20.14_33</backup_0><backup_1>LMBackups_2015_10_20.14_52</backup_1></DATA></Success>

</Response>

The date and timestamp in the backup filename is in the format YYYY_MM_DD.HH_mm.

3.4.15.2 Back Up an Instance

This command backs up the specified instance.

The backup name includes a date and timestamp. This has a granularity of one minute. If more than one backup is created in the same minute, the original backup (with the same name) will be overwritten. If there is more than one minute between backup attempts, a separate file will be created.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/backupinstance?iid=<VNFInstanceID>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

iid

Integer

The VLM instance ID. This can be retrieved by running the listInstances command. For further information, refer to the List the Instances section.

Yes

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="ok">

<Success>Successfully Created a Backup</Success>

</Response>

3.4.15.3 Restore a Backup Instance

This command restores a backup instance.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/restorebackupinstance?iid=<VNFInstanceID>&bckname=<BackupName>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

iid

Integer

The VLM instance ID. This can be retrieved by running the listInstances command. For further information, refer to the List the Instances section.

Yes

bckname

String

The name of the backup to be restored.

Note: This is case sensitive.

Yes

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="ok">

<Success>Successfully Restored the Backup </Success>

</Response>

3.4.15.4 Delete a Backup

This command deletes the specified backup.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/deletebackupinstance?iid=<VNFInstanceID>&bckname=<BackupName>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

iid

Integer

The VLM instance ID. This can be retrieved by running the listInstances command. For further information, refer to the List the Instances section.

Yes

bckname

String

The name of the backup to be deleted.

Note: This is case sensitive.

Yes

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="ok">

<Success>Backup deleted</Success>

</Response>

3.4.15.5 Download a Backup

This command downloads the specified backup file to the local machine.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/downloadbackupinstance?iid=<VLMInstanceID>&bckname=<BackupName>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

iid

Integer

The VLM instance ID. This can be retrieved by running the listInstances command. For further information, refer to the List the Instances section.

Yes

bckname

String

The name of the backup to be downloaded.

Note: This is case sensitive.

Yes

Example Output

When this command is run, the backup file will be downloaded. The download location is handled by whatever program is making the API call.

3.5 Template Management

3.5.1 Upload a Template

This command uploads a template file to the Multi-Tenant LoadMaster.

Example Command

curl –X POST -–data-binary "@<PathToFile\Filename.Extension>" –k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/importtemplate"

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

</Response>

3.5.2 List Installed Templates

This command returns a list of templates which are installed on the Multi-Tenant LoadMaster.

Due to security reasons, the listtemplates command does not work when run in a browser. Use a cURL command to run this command.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/listtemplates"

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="ok">

<Success><Data>

<template>

<name>Exchange 2013 HTTPS<name>

<description>Handles all HTTPS services including Autodiscover, OWA, OA, AS, ECP, EWS. Includes an HTTP redirector virtual service. Requires version 7.1-16. (Version 1.9)<description>

</template>

<template>

<name>Exchange 2013 HTTPS Offloaded<name>

<description>Handles all HTTPS services including AS, ECP, EWS, EAS, MAPI, OA, OAB, OWA and PS. Includes an HTTP redirector virtual service. Requires LoadMaster version 7.1-28a and Exchange 2013 SP1. (Version 1.9)<description>

</template>

<template>

<name>Exchange 2013 HTTPS Reencrypted<name>

<description>Handles all HTTPS services including AS, ECP, EWS, EAS, MAPI, OA, OAB, OWA and PS. Includes an HTTP redirector virtual service. Requires LoadMaster version 7.1-28a and Exchange 2013 SP1. (Version 1.9)<description>

</template>

<template>

<name>Exchange 2013 SMTP<name>

<description>Handles SMTP connections to Edge or Hub Transport servers. (Version 1.9)<description>

</template>

</Data>

Command completed ok</Success>

</Response>

3.5.3 List the Available and Installed Templates for an Instance

This command lists the available and installed templates for an instance.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/listtemplatesinstance?iid=<VLMInstanceID>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

iid

Integer

The VLM instance ID. This can be retrieved by running the listInstances command. For further information, refer to the List the Instances section.

Yes

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="ok">

<Success><Data>

<AvailableTemplates>

<name>Fujifilm Synapse</name>

<name>SAP Business Objects Explorer Offloaded</name>

<name>SAP Business Objects Explorer Re-encrypted</name>

<name>SAP CRM Offloaded</name>

<name>SAP CRM Re-encrypted</name>

<name>SAP Enterprise Portal Offloaded</name>

<name>SAP Enterprise Portal Re-encrypted</name>

</AvailableTemplates>

<InstalledTemplates>

<name>Greenway PrimeSuite</name>

<name>Oracle EBS HTTP</name>

<name>Oracle EBS HTTPS</name>

<name>VMWare Horizon View Connection Pool</name>

<name>VMWare Horizon View Security Pool</name>

</InstalledTemplates>

</Data>

</Success>

</Response>

3.5.4 Add/Remove Template(s) to/from an Instance

These commands can be used to add or remove template(s) to/from an instance.

A template(s) cannot be added/remove to/from an instance when the instance is running. To stop an instance, run the stopinstance command. For further information, refer to the Start/Stop an Instance section.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/configtemplatesinstance?iid=<VLMInstanceID>&tcmd=<add/rem>&tnames=<TemplateNames>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

iid

Integer

The VLM instance ID. This can be retrieved by running the listInstances command. For further information, refer to the List the Instances section.

Yes

tcmd

String

Specify the action to perform:

add - Add the template(s)

rem - Remove the template(s)

Yes

tnames

String

Specify the name(s) of the template(s) to be added/removed. Multiple templates can be specified in a comma-separated list.

Note: The names are case sensitive - please ensure to specify the exact template name in order for this command to work.

Yes

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="ok">

<Success>Command completed ok</Success>

</Response>

3.5.5 Delete a Template

This command removes an existing template file.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/deletetemplate?tname=<TemplateName>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

tname

String

Specify the name of the template to be removed.

Note: The name is case sensitive - please ensure to specify the exact template name in order for this command to work.

Yes

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

</Response>

3.6 Statistics

This command can be used to retrieve the Multi-Tenant LoadMaster statistics.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/stats"

Example Output

<Response stat="200" code="ok">

<Success>

<Data>

<CPU>

<total>

<User>0</User>

<System>0</System>

<Idle>100</Idle>

<IOWaiting>0</IOWaiting>

</total>

<cpu0>

<User>0</User>

<System>0</System>

<HWInterrupts>0</HWInterrupts>

<SWInterrupts>0</SWInterrupts>

<Idle>100</Idle>

<IOWaiting>0</IOWaiting>

</cpu0>

<cpu1>

<User>0</User>

<System>0</System>

<HWInterrupts>0</HWInterrupts>

<SWInterrupts>0</SWInterrupts>

<Idle>99</Idle>

<IOWaiting>0</IOWaiting>

</cpu1>

<cpu2>

<User>0</User>

<System>0</System>

<HWInterrupts>0</HWInterrupts>

<SWInterrupts>0</SWInterrupts>

<Idle>100</Idle>

<IOWaiting>0</IOWaiting>

</cpu2>

<cpu3>

<User>0</User>

<System>0</System>

<HWInterrupts>0</HWInterrupts>

<SWInterrupts>0</SWInterrupts>

<Idle>99</Idle>

<IOWaiting>0</IOWaiting>

</cpu3>

</CPU>

<Memory>

<memused>559056</memused>

<percentmemused>6</percentmemused>

<memfree>7637744</memfree>

<percentmemfree>94</percentmemfree>

</Memory>

<Network>

<eth0>

<speed>1000</speed>

<in>0.0</in>

<out>0.0</out>

</eth0>

<eth1>

<speed>1000</speed>

<in>0.0</in>

<out>0.0</out>

</eth1>

</Network>

</Data>

</Success>

</Response>

3.7 Network Management

3.7.1 Retrieve Interface Details

This command retrieves the details of the specified Multi-Tenant LoadMaster interface.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/showiface?interface=<InterfaceID>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

interface

Integer

The ID number of the relevant Multi-Tenant LoadMaster interface. This number corresponds to the number after eth in the WUI, for example eth0 has an ID of 0.

Yes

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="ok">

<Success><Data><Interface>

<Id>0</Id>

<IPAddress>172.21.56.105/24</IPAddress>

<Mtu>1500</Mtu>

<InterfaceType>Port</InterfaceType>

<DefaultInterface>yes</DefaultInterface>

</Interface>

</Data>

</Success>

</Response>

3.7.2 Modify Interface Details

This command can be used to modify the settings of an interface.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/modiface?interface=<interfaceID>&addr=<IPAddress/Prefix>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

interface

Integer

The ID number of the relevant interface.

Yes

addr

Address

The IP address of the interface followed by the CIDR in the format <IPAddress/Prefix>.

No

mtu

Integer

The maximum size of the Ethernet frame that will be sent from this interface.

Range: 512 to 9216

The MTU size may need to be low, depending on which network adapter is chosen for the Multi-Tenant LoadMaster. For example, an E1000 network adapter may limit the MTU to 1500 but a VMXNET 3 network adapter may have a maximum of 9216.

No

gwiface

Boolean

Specifies if this is a network gateway interface or not.

0 - Not a network gateway interface

1 - Is a network gateway interface

No

bondmode Integer

The bondmode determines the way in which traffic sent out of the bonded interface is actually dispersed over the real interfaces.

1 - active-backup

4 - 802.3ad

No

Example Output

<Response stat="200" code="ok">

<Success>Command completed ok</Success>

</Response>

3.7.3 Add/Remove Additional Addresses

These commands can be used to add or remove additional addresses.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/addadditional?interface=<InterfaceID>&addr=<IPAddress/Prefix>"

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/deladditional?interface=<InterfaceID>&addr=<IPAddress/Prefix>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

interface

Integer

The ID number of the relevant interface.

Yes

addr

Address

The IPv4 or IPv6 address of the additional address.

Yes

Example Output

<Response stat="200" code="ok">

<Success>Command completed ok</Success>

</Response>

3.7.4 Bonded Interfaces

A bonded interface can be created by using the following command:

https://<MTIPAddress>/mtaccess/createbond?interface=<InterfaceID>

An interface can be added to a bonded interface by using the following command:

https://<MTIPAddress>/mtaccess/addbond?interface=<InterfaceID>&bond=<BondID>

An interface can be removed from a bonded interface by using the following command:

https://<MTIPAddress>/mtaccess/delbond?interface=<InterfaceID>&bond=<BondID>

A bond can be converted back to a port by using the following command:

https://<MTIPAddress>/mtaccess/unbond?interface=<InterfaceID>

To view the interface ID for each of the interfaces, run the stats command. The interface IDs are displayed as the ifaceID in the XML output. For further information on the stats command, refer to the Statistics section.

The BondID is the number of the bond in the Interfaces section of the main menu in the WUI. For example, bnd2 will have a BondID of 2.

3.7.5 Create/Delete a VLAN

These commands can be used to add/delete a VLAN.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/addvlan?interface=<InterfaceID>&vlanId=<VLANID>"

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/delvlan?interface=<InterfaceID>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

interface

Integer

If creating - this should be the ID number of the relevant interface.

If deleting - this should be the VLAN ID.

Yes

vlanid

Integer

The ID number of the VLAN.

Yes if creating.

No if deleting.

Example Output

Create:

<Response stat="200" code="ok">

<Success>Created VLAN Interface id 2</Success>

</Response>

Delete:

<Response stat="200" code="ok">

<Success>Command completed ok</Success>

</Response>

3.7.6 Get/Set the Host Name

The host name can be retrieved/configured using the get/set commands.

Example Command

Set (Configure):

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/set?param=hostname&value=<HostNameValue>"

Get (Retrieve):

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/get?param=hostname"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

param

String

The name of the parameter to be retrieved/configured. In this case, it should be set to hostname.

Yes

value

String

The value to set the parameter to. In this case, enter the desired host name.

Yes - if setting.

No - if getting.

Example Output

Set (Configure):

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

<Success>Command completed ok</Success>

</Response>

Get (Retrieve):

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

<Success><Data>hostname</Data>

</Success>

</Response>

3.7.7 Get/Set the Nameserver

The nameserver can be retrieved/configured using the get/set commands.

Example Command

Set (Configure):

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/set?param=namserver&value=<DNSServerIPAddress>"

Get (Retrieve)

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/get?param=namserver"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

param

String

The name of the parameter to be retrieved/configured. In this case, it should be set to namserver.

Yes

value

String

The value to set the parameter to. In this case, enter the IP address of a DNS server which is to be used to resolve names locally on the Multi-Tenant LoadMaster. Up to three IP addresses can be specified using a comma-separated list.

To delete the list of nameservers, set the parameter value to an empty string.

Yes - if setting.

No - if getting.

Example Output

Set (Configure):

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

<Success>Command completed ok</Success>

</Response>

Get (Retrieve):

<Response stat="200" code="ok">

<Success>

<Data>

<namserver>10.0.70.2</namserver>

</Data>

</Success>

</Response>

3.7.8 Get/Set the Search Domain

The get/set commands can be used to retrieve or configure the domain name to be prepended to requests to the DNS name server.

Example Command

Set (Configure):

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/set?param=searchlist&value=<DomainName>"

Get (Retrieve):

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/get?param=searchlist"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

param

String

The name of the parameter to be retrieved/configured. In this case, it should be set to searchlist.

Yes

value

String

The value to set the parameter to. In this case, enter the domain name that is to be prepended to requests to the DNS nameserver. Multiple domain names can be entered by using a comma-separated list.

Yes - if setting.

No - if getting.

Example Output

Set (Configure):

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

<Success>Command completed ok</Success>

</Response>

Get (Retrieve):

<Response stat="200" code="ok">

<Success>

<Data>

<searchlist>Example.com</searchlist>

</Data>

</Success>

</Response>

3.7.9 Get/Set the Default Gateway

3.7.9.1 Get/Set the IPv4 Default Gateway

The get/set commands can be used to retrieve or configure the IPv4 default gateway.

Example Command

Set (Configure):

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/set?param=dfltgw&value=<DefaultGatewayIPAddress>"

Get (Retrieve):

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/get?dfltgw"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

param

String

The name of the parameter to be retrieved/configured. In this case, it should be set to dfltgw.

Yes

value

String

The value to set the parameter to. In this case, enter the IPv4 default gateway that is to be used for communicating with the internet.

Yes - if setting.

No - if getting.

Example Output

Set (Configure):

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

<Success>Set IPv4 default gateway to 172.21.122.1</Success>

</Response>

Get (Retrieve):

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

<Success><Data><dfltgw>172.21.122.1</dfltgw></Data>

</Success>

</Response>

3.7.9.2 Get/Set the IPv6 Default Gateway

The get/set commands can be used to retrieve or configure the IPv6 default gateway.

Example Command

Set (Configure):

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/set?param=dfltgwv6&value=<IPv6DefaultGateway>"

Get (Retrieve):

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/get?dfltgwv6"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

param

String

The name of the parameter to be retrieved/configured. In this case, it should be set to dfltgwv6.

Yes

value

String

The value to set the parameter to. In this case, enter the IPv6 default gateway that is to be used for communicating with the internet.

Yes - if setting.

No - if getting.

Example Output

Set (Configure):

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

<Success>Set IPv6 default gateway to fdce:9b36:e54f:110::40:14/64</Success>

</Response>

Get (Retrieve):

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

<Success><Data><dfltgw>fdce:9b36:e54f:110::40:14/64</dfltgw></Data>

</Success>

</Response>

3.7.10 Add/Delete Additional Routes

These commands can be used to add/delete additional routes.

Example Command

Add:

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/addroute?dest=<DestinationIpAddress>&gateway=<GatewayIPAddress>"

Delete:

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/delroute?dest=<DestinationIPAddress>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

dest

Address

The destination network which needs to be accessed.

Yes

gateway

Address

The gateway on the local network, which allows access to the destination network.

Yes - if adding.

No - if removing.

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

<Success>Command completed ok</Success>

</Response>

3.8 System Management

3.8.1 Retrieve the Firmware Version

The get command can be used to retrieve the currently installed Multi-Tenant LoadMaster firmware version.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/get?param=version"

Example Output

<Response stat="200" code="ok">

<Success>

<Data>

<version>7.1-29-227</version>

</Data>

</Success>

</Response>

3.8.2 User Management

3.8.2.1 Change the System Password

This command can be used to change the password of the default bal user.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/usersetsyspassword?currpassword=<CurrentPassword>&password=<NewPassword>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

currpassword

String

The current password for the default bal user.

Yes

password

String

The new password for the default bal user.

Yes

Example Output

<Response stat="200" code="ok">

<Success>Password Changed</Success>

</Response>

3.8.2.2 Add a New Local User

This command adds a new local user.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/useraddlocal?user=<Username>&password=<Password>&radius=<0/1>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

user

String

The username of the new user being created.

Yes

password

String

The password of the new user being created.

Yes

radius

Boolean

Specify whether or not RADIUS server authentication will be used when this user is logging on. The RADIUS server details must be configured in order to enable this option.

0 - Disabled

1 - Enabled

Yes

Example Output

<Response stat="200" code="ok">

<Success>Command completed ok</Success>

</Response>

3.8.2.3 List All Local Users

This command lists all local users and their permissions.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/userlist"

Example Output

<Response stat="200" code="ok">

<Success>

<Data>

<User>

<Name>ExampleUser</Name>

<Perms>,backup,certs,cert3,certbackup</Perms>

</User>

</Data>

</Success>

</Response>

3.8.2.4 Display Permissions for a Particular Local User

This command displays permissions for a particular local user.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/usershow?user=<Username>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

user

String

The username of the user to display the permissions for.

Yes

Example Output

<Response stat="200" code="ok">

<Success>

<Data>

<User>

<Name>ExampleUser</Name>

<Perms>,backup,certs,cert3,certbackup</Perms>

</User>

</Data>

</Success>

</Response>

3.8.2.5 Set Permissions for a Local User

This command can be used to set permissions for a specified local user.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/usersetperms?user=<Username>&perms=<CommaSeparatedListOfPermissions>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

user

String

The username of the user to set the permissions for.

Yes

perms

String

A comma-separated list of permissions. The valid values for this parameter are below:

- backup

- certs

- certs3 (for Intermediate Certificates)

- certbackup

- users

- root

Yes

Example Output

<Response stat="200" code="ok">

<Success>Command completed ok</Success>

</Response>

3.8.2.6 Delete a Local User

This command deletes the specified local user.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/userdellocal?user=<Username>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

user

String

The username of the user to be deleted.

Yes

Example Output

<Response stat="200" code="ok">

<Success>Command completed ok</Success>

</Response>

3.8.2.7 Change the Password of a Local User

This command can be used to change the password of a local user.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/userchangelocpass?user=<Username>&password=<NewPassword>&radius=<0/1>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

user

String

The username of the user to change the password for.

Yes

password

String

The new password for the specified user.

Yes

radius

Boolean

Specify whether or not RADIUS server authentication will be used when this user is logging on. The RADIUS server details must be configured in order to enable this option.

0 - Disabled

1 - Enabled

Yes

Example Output

<Response stat="200" code="ok">

<Success>Reset Password for ExampleUser</Success>

</Response>

3.8.3 License Management

The commands used to update the Multi-Tenant LoadMaster license are the same as those used when initially licensing. For further information, refer to the License the Multi-Tenant LoadMaster section.

3.8.4 Shut Down/Reboot the Multi-Tenant LoadMaster

The commands below can be used to shut down and reboot the Multi-Tenant LoadMaster.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/shutdown"

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/reboot"

If the shutdown command is run, the Multi Tenancy machine will need to be powered back on to regain access.

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

<Success>Command completed ok</Success>

</Response>

3.8.5 Update the Multi-Tenant LoadMaster Firmware

This command can be used to update the firmware version on the Multi-Tenant LoadMaster.

curl –X POST -–data-binary "@<PathToFile\Filename.Extension>" –k https://<Username>:<Password>@<MTIPAddress>/mtaccess/installpatch"

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

<Success>Command completed ok</Success>

</Response>

The Multi-Tenant LoadMaster needs to be rebooted in order for the firmware update to be applied. When you reboot the Multi-Tenant LoadMaster this also causes the VNFs to go down. Refer to the Shut Down/Reboot the Multi-Tenant LoadMaster section for details on the reboot command.

3.8.6 Restore a Firmware Version to the Multi-Tenant LoadMaster

The following command allows the previous version of firmware to be restored.

Example Command

curl –k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/restorepatch"

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

<Success>Previous version of Software restored

Please reboot to reactivate</Success>

</Response>

The Multi-Tenant LoadMaster needs to be rebooted in order for the firmware change to be applied. When you reboot the Multi-Tenant LoadMaster this also causes the VNFs to go down. Refer to the Shut Down/Reboot the Multi-Tenant LoadMaster section for details on the reboot command.

If there is no previous firmware version available, an error message will be returned and the Multi-Tenant LoadMaster will be inaccessible for approximately two minutes.

3.8.7 Backup/Restore Configuration

These commands can be used to back up the system configuration or to restore a previously saved configuration of the Multi-Tenant LoadMaster.

Example Command

Backup

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/backup"

Restore

curl -X POST --data-binary "@<BackupFilename>" -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/restore?type=1"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

Type

Integer

Enter 1 as the value for this parameter.

Yes

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

<Success>Command completed ok</Success>

</Response>

3.8.8 Configure Automatic Backups

The get/set commands can be used to configure automatic backups of the Multi-Tenant LoadMaster. The automatic backup is performed at the specified time and is saved on a remote host (via FTP). The automatic backup configuration can be managed using set/get commands.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/set?param=backupEnable&value=yes"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

backupEnable

Boolean

0 - Disabled

1 - Enabled

No

backupDay

Integer

0 - Daily

1 - Monday… etc.

7 - Sunday

No

backupHost

Address

The IP address of the remote host to save the backups to.

No

backupPath

String

The path to the folder on the remote host to store the backups in.

No

backupHour

Integer

0 - Midnight… etc.

23 - 11 PM

No

backupMinute

Integer

0 to 59

No

backupUser

String

The username of the remote FTP user.

No

backupPassword

String

The password of the remote FTP user.

No

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

<Success>Command completed ok</Success>

</Response>

3.8.9 Date/Time

Parameters relating to the date and time can be managed using the get and set commands.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/set?param=timezone&value=UTC"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

ntphost

Address

Specify the host from which the Multi-Tenant LoadMaster will set its idea of the time. Multiple hosts can be specified in a space-separated list. Please escape the spaces using %20. The time will be set from the first host that returns a valid value.

No

time

String (read only)

The Multi-Tenant LoadMaster’s idea of the time. This parameter cannot be set via the API.

No

timezone

String

The time zone where the Multi-Tenant LoadMaster is located.

No

Example Output

<Response stat="200" code="ok">

<Success>Command completed ok</Success>

</Response>

3.9 Logging Management

3.9.1 Manage System Logs

These commands can be used to download and reset the system log files.

Example Command

Download:

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/logging/downloadlogs"

Reset:

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/logging/resetlogs"

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

<Success>Command completed ok</Success>

</Response>

3.9.2 Debugging

3.9.2.1 Ping Host

This API command can be used to perform a ping.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/logging/ping?addr=<IPAddress>&intf=<InterfaceID>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

addr

Address

Specify the host to perform the ping on.

Yes

intf

Integer

Specify the ID of the interface from which the ping should be sent from. If the interface is not specified here, the correct interface to ping an address on a particular network will be automatically selected.

No

Example Output

<Response stat="200" code="ok">

<Success>

PING 10.154.11.150 (10.154.11.150) 56(84) bytes of data. 64 bytes from 10.154.11.150: icmp_seq=1 ttl=62 time=89.6 ms 64 bytes from 10.154.11.150: icmp_seq=2 ttl=62 time=88.7 ms 64 bytes from 10.154.11.150: icmp_seq=3 ttl=62 time=89.5 ms --- 10.154.11.150 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2003ms rtt min/avg/max/mdev = 88.787/89.326/89.631/0.515 ms

</Success>

</Response>

3.9.2.2 Run a Traceroute

This command can be used to perform a traceroute.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/logging/traceroute?addr=<IPAddress>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

addr

Address

Specify the host to perform the traceroute on.

Yes

Example Output

<Response stat="200" code="ok">

<Success>

<DATA>

#traceroute to 10.154.11.150 (10.154.11.150), 30 hops max, 60 byte packets#1 172.21.122.1 0.656 ms 0.610 ms 0.579 ms#2 10.0.70.1 1.621 ms 1.614 ms 1.582 ms#3 10.154.11.150 92.547 ms 92.550 ms 92.532 ms#

</DATA>

#

</Success>

</Response>

3.9.2.3 Debug Options

3.9.2.3.1 Get/Set Debug Options

The following debug options can be managed using the set/get commands.

netconsole

irqbalance

irqpin

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/set?param=netconsole&value=<NetconsoleHost>"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

param

String

The name of the parameter to be retrieved/configured.

Yes

value

String

The value to set the parameter to.

Yes - if setting.

No - if getting.

Example Output

<Response stat="200" code="ok">

<Success>Command completed ok</Success>

</Response>

3.9.2.3.2 Get/Set the Open vSwitch Log Level

The commands below can be used to retrieve or configure the Ovs Logging Level.

Example Command

Set (Configure)

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/logging/setovsloglevel?level=<Level>"

Get (Retrieve)

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/logging/getovsloglevel

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

level

String

The level of Open vSwitch logs to record. Valid values are as follows:

- Off

- Emer

- Err

- Warn

- Info

- Dbg

Yes - if setting.

No – if getting.

Example Output

<Response stat="200" code="ok">

<Success>Command completed ok. level=emer</Success>

</Response>

3.9.2.3.3 Run a TCP Dump

A TCP dump can be ran by running the following command:

https://<MTIPAddress>/mtaccess/tcpdump?maxpackets=<MaximumNumberOfPackets>&maxtime=<MaximumTime>&interface=<InterfaceID>&port=<Port>&address=<Address>&tcpoptions=<OptionalParameters>

All parameters are optional.

Name

Type

Parameter Description

Mandatory

maxpackets

I

The maximum number of packets to capture. The default value for this parameter is 10000. Valid values range from 1 to 200000. The maximum is the API maximum. The actual maximum size is defined by the space available.

N

maxtime

I

The maximum number of seconds to capture. The default value for this parameter is 10. Valid values range from 1 to 600.

N

interface

I

The interface(s) to monitor. The default interface is eth0. A TCP dump can be captured either by one or all Ethernet ports.

N

port

I

The port to be monitored.

N

address

I

The (optional) address to be monitored.

N

tcpoptions

S

Any optional parameters needed. The maximum number of characters permitted is 255.

N

For detailed information related to TCP dump, refer to the Packet Trace Guide Technical Note.

3.9.2.3.4 Run Other Debug Options

These other debug options commands can be run via the API:

ps

The ps command does not work when run in a browser. Use a cURL command to run a ps.

meminfo

ifconfig

netstat

interrupts

partitions

cpuinfo

df

lspci

lsmod

slabinfo

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/logging/meminfo"

Example Output

<Response stat="200" code="ok">

<Success>

Content-Type: text/plain MemTotal: 8196800 kB MemFree: 7636968 kB Buffers: 3076 kB Cached: 200512 kB SwapCached: 0 kB Active: 105144 kB Inactive: 116768 kB Active(anon): 18556 kB Inactive(anon): 20 kB Active(file): 86588 kB Inactive(file): 116748 kB Unevictable: 0 kB Mlocked: 0 kB SwapTotal: 0 kB SwapFree: 0 kB Dirty: 28 kB Writeback: 0 kB AnonPages: 18448 kB Mapped: 9804 kB Shmem: 252 kB Slab: 17132 kB SReclaimable: 7148 kB SUnreclaim: 9984 kB KernelStack: 848 kB PageTables: 1052 kB NFS_Unstable: 0 kB Bounce: 0 kB WritebackTmp: 0 kB CommitLimit: 4098400 kB Committed_AS: 196668 kB VmallocTotal: 34359738367 kB VmallocUsed: 148456 kB VmallocChunk: 34359589499 kB AnonHugePages: 0 kB DirectMap4k: 10176 kB DirectMap2M: 8378368 kB

</Success>

</Response>

3.9.2.3.5 Retrieve RAID Information

Display the Redundant Array of Independent Disks (RAID) controller details, including the model name, serial number, capacity, state, status, level, and total members in the RAID, by running this command:

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/getraidinfo"

3.9.2.3.6 Retrieve RAID Disk Information

Display details about the RAID disks, including the model name, serial number, firmware version, capacity, type, and speed, by running this command:

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/getraiddisksinfo"

3.9.3 Reset Statistics

This command resets the statistics.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/logging/resetstats"

Example Output

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

<Success>Command completed ok</Success>

</Response>

3.9.4 Get/Set Syslog Options

The get/set commands can be used to retrieve or configure the syslog options.

Example Command

Set (Configure):

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/set?param=syslogwarn&value=<HostIPAddress>"

Get (Retrieve):

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/get?param=syslogwarn"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

param

String

The name of the parameter to be retrieved/configured. The parameters for the syslog settings are:

syslogemergency - host(s) that will receive the EMERGENCY events only.

syslogcritical - host(s) that will receive the EMERGENCY and CRITICAL events.

syslogerror - host(s) that will receive the EMERGENCY, CRITICAL and ERROR events.

syslogwarn - host(s) which will receive the EMERGENCY, CRITICAL, ERROR and WARNING events.

syslognotice - host(s) that will receive the EMERGENCY, CRITICAL, ERROR, WARNING and NOTICE events.

sysloginfo - host(s) that will receive ALL events.

Yes

value

String

The value to set the parameter to. In this case, specify the host(s) that will receive the events. Entries must be comma separated. Up to 10 entries are supported.

Yes - if setting.

No - if getting.

Example Output

Set (Configure):

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

<Success>Command completed ok</Success>

</Response>

Get (Retrieve):

<Response stat="200" code="ok">

<Success>

<Data>

<syslogwarn>172.21.122.220</syslogwarn>

</Data>

</Success>

</Response>

3.9.5 Get/Set SNMP Options

The SNMP settings can be managed using the set/get commands.

Example Command

Set (Configure):

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/set?param=snmpEnable&value=yes"

Get (Retrieve):

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/get?param=snmpenable"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

param

String

The name of the parameter to be retrieved/configured. The parameters for the SNMP Options are:

- snmpEnable

- snmpCommunity

- snmpContact

- snmpLocation

- snmpClient

- snmpTrapEnable

- snmpv1TrapsSink

- snmpv2TrapsSink

- snmpV3enable

- snmpV3User

- snmpV3UserPasswd

- snmpauthprot (Valid values are SHA and MD5)

- snmpprivprot (Valid values are AE5 and DES)

Note: The values for the snmpauthprot and snmpprivprot parameters are case sensitive - please enter them in uppercase.

Yes

value

String

The value to set the parameter to.

Yes - if setting.

No - if getting.

Example Output

Set (Configure):

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

<Success>Command completed ok</Success>

</Response>

Get (Retrieve):

<Response stat="200" code="ok">

<Success><Data><snmpenable>yes</snmpenable></Data>

</Success>

</Response>

3.9.6 Get/Set Email Options

The email settings can be managed using the set/get commands.

Set (Configure):

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/set?param=emailenable&value=yes"

Get (Retrieve):

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/get?param=emailinfo"

Available Parameters

Parameter

Parameter Type

Parameter Description

Mandatory

param

String

The name of the parameter to be retrieved/configured. The parameters for the Email Options are:

- emailenable

- emailserver

- emailport

- emaildomain

- emailuser

- emailpassword

- emailsslmode

- emailemergency

- emailcritical

- emailerror

- emailwarning

- emailnotice

- emailInfo

Yes

value

String

The value to set the parameter to.

Yes - if setting.

No - if getting.

Example Output

Set (Configure):

<?xml version="1.0" encoding="ISO-8859-1"?>

<Response stat="200" code="OK">

<Success>Command completed ok</Success>

</Response>

Get (Retrieve):

<Response stat="200" code="ok">

<Success>

<Data>

<emailinfo>jbloggs@kemptechnologies.com</emailinfo>

</Data>

</Success>

</Response>

3.10 Miscellaneous Options

3.10.1 WUI Settings

Parameters relating to WUI Settings can be managed using get and set commands.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/set?param=motd&value=<MessageToBeDisplayed>"

Available Parameters

Name

Type

Range

Description

hoverhelp

B

0 - Disable

1 - Enable

 

This option allows the display of descriptive text when a cursor rests on a clickable option in the WUI screen.

motd

S

 

This is the Message of the Day (MOTD). Either plain text or a text file can be used.

The maximum number of characters is 5,000.

An error will be displayed if the MOTD is greater than 5,000 characters.

sessioncontrol

B

 

Enables or disables session control.

sessionidletime

I

60-86400

Specifies the number of seconds that the WUI can be idle before logging the user out. This can be set from 60 to 86400 seconds.

sessionmaxfailattempts

I

1-999

Number of failed attempts before locking the user account. 

wuidisplaylines

I

10-100

Set the maximum number of lines which can be displayed on a single statistics page.

wuicipherset

S

The valid values are below:

Default

Default_NoRc4

BestPractices

Intermediate_compatibility

Backward_compatibility

WUI

FIPS

Legacy

<NameOfCustomCipherSet>

Specify the cipher set to use for the LoadMaster WUI.

If the Message Of The Day (MOTD) is specified using the set command as above, the maximum number of characters that can be entered is 5,000. If you would like to enter a MOTD that is longer than 5,000 characters, use a plain text document to store the MOTD and use the command below to post it to the Multi-Tenant LoadMaster:
curl –d @<Filename> -k https://<Username>:<Password>@<MTIPAddress>/mtaccess/setmotd

Example Output

<Response stat="200" code="ok">

<Success>Command completed ok</Success>

</Response>

3.10.2 WUI Authentication and Authorization Options

Parameters relating to WUI Authentication and Authorization Options can be managed using get and set commands.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/get?param=ldaprevalidateinterval"

Available Parameters

Name

Type

Range

Description

ldapbackupserver

A

 

Specifies the backup LDAP server for authentication.

ldapsecurity

I

0 = Not Encrypted

1 = StartTLS

2 = LDAPS

Specifies the security mode for LDAP authentication.

ldapserver

A

 

Specifies the LDAP server to use for authentication.

ldaprevalidateinterval

B

 

Specifies how often to revalidate the authentication to the LDAP server.

radiusbackupport

I

3-65535

Specifies the TCP port for the backup RADIUS server.

radiusbackupsecret

S

 

Specifies the password (secret) to the backup RADIUS server.

radiusbackupserver

A

 

Specifies the backup RADIUS server to use for authentication.

radiusport

I

3-65535

Specifies the TCP port for communication to the RADIUS server.

radiusrevalidateinterval

I

10-86400

Specifies when to revalidate the authentication to the RADIUS server.

radiussendnasid B

0 - Disabled

1 - Enabled

If this parameter is disabled (default), a NAS identifier is not sent to the RADIUS server. If it is enabled, a Network Access Server (NAS) identifier string is sent to the RADIUS server. By default, this is the hostname. Alternatively, if you specify a value in the radiusnasid parameter, this value is used as the NAS identifier. If the NAS identifier cannot be added, the RADIUS access request is still processed.
radiusnasid S  

If the radius_send_nas_id parameter is enabled, the radius_nas_id parameter is relevant. When specified, this value is used as the NAS identifier. Otherwise, the hostname is used as the NAS identifier. If the NAS identifier cannot be added, the RADIUS access request is still processed.

This parameter is only relevant if the radiussendnasid parameter is enabled.

radiussecret

S

 

Specifies the password (secret) to the RADIUS server.

radiusserver

A

 

Specifies the RADIUS server to use for authentication.

sessionlocalauth

B

 

Enables or disables local authentication.

sessionauthmode

I

Refer to the table below

Specifies the authentication mode for the load balancer.

 

The table below describes the Radius, LDAP and Local user options that are selected depending on the value given to the sessionauthmode parameter

 

Radius

LDAP

Local

Value

Authent.

Author.

Authent.

Authent.

Author.

7

No

No

No

No

No

263

Yes

No

No

Yes

Yes

775

Yes

Yes

No

Yes

Yes

23

No

No

Yes

Yes

Yes

22

No

No

Yes

No

Yes

788

Yes

Yes

Yes

No

No

790

Yes

Yes

Yes

No

Yes

791

Yes

Yes

Yes

Yes

Yes

789

Yes

Yes

Yes

Yes

No

773

Yes

Yes

No

Yes

No

262

Yes

No

No

No

Yes

774

Yes

Yes

No

No

Yes

772

Yes

Yes

No

No

No

278

Yes

No

Yes

No

No

279

Yes

No

Yes

Yes

Yes

Example Output

<Response stat="200" code="ok">

<Success>

<Data>

<ldaprevalidateinterval>60</ldaprevalidateinterval>

</Data>

</Success>

</Response>

3.10.3 Remote Access Options

Parameters relating to Remote Access can be managed using get and set commands.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/get?param=sshaccess"

Available Parameters

Name

Type

Range

Additional Information

admingw

A

 

When administering the Multi-Tenant LoadMaster from a non-default interface, this option allows the user to specify a different default gateway for administrative traffic only.

enableapi

B

 

Enables the programmable command API Interface.

sshaccess

B

 

Specify over which addresses remote administrative SSH access to the Multi-Tenant LoadMaster is allowed.

sshiface

S

 

Specify the addresses over which remote administrative SSH access to the Multi-Tenant LoadMaster is allowed.

sshport

I

3-65530

Specify the port used to access the Multi-Tenant LoadMaster via the SSH protocol.

wuiaccess

B

 

Enables or disables WUI access.

wuiiface

I

 

Specifies the interface for WUI.

wuiport

I

 

Specifies the port to access the WUI.

This has a default value of 443.

multihomedwui

B

 

Allow WUI access from multiple interfaces. Apart from the main administrative interface, each interface can then be enabled to allow WUI access.

Example Output

<Response stat="200" code="ok">

<Success>

<Data>

<sshaccess>yes</sshaccess>

</Data>

</Success>

</Response>

3.10.4 Cipher Sets

Custom cipher sets can be manipulated using the commands below.

It is not possible to modify or delete system-defined cipher sets.

3.10.4.1 Modify a Custom Cipher Set/Create a New Custom Cipher Set

The modifycipherset command can be used to update an existing custom cipher set or create a new custom cipher set.

Example Command

https://<LoadMasterIPAddress>/access/modifycipherset?name=<CustomCipherSetName>&value=<Cipher(s)>

Available Parameters

Name

Type

Range

Description

name

S

The valid values for the name parameter are below:

Default

Default_NoRc4

BestPractices

Intermediate_compatibility

Backward_compatibility

WUI

FIPS

Legacy

<NameOfCustomCipherSet>

The values are case sensitive.

Name of the cipher set to be modified. If the name of an existing cipher set is specified, that cipher set will be updated. If a new name is used, a new cipher set will be created.

value

S

List of valid ciphers

List the ciphers to include in the cipher set. Multiple ciphers can be assigned by separating them with a colon (:).

Example Output

<Response stat="200" code="ok">

<Success>Cipher set updated</Success>

</Response>

3.10.4.2 Retrieve the Details of an Existing Cipher Set

The getcipherset command can be used to retrieve the list of ciphers which are in the specified cipher set.

Example Command

https://<LoadMasterIPAddress>/access/getcipherset?name=<CipherSetName>

Available Parameters

Name

Type

Range

Description

name

S

The valid values for the name parameter are below:

- Default

- Default_NoRc4

- BestPractices

- Intermediate_compatibility

- Backward_compatibility

- WUI

- FIPS

- Legacy

- <NameOfCustomCipherSet>

The values are case sensitive.

Name of the cipher set to be retrieved.

<Response stat="200" code="ok">

<Success>

<Data>

<cipherset>

ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:AES256-SHA256:AES256-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:AES128-SHA256:AES128-SHA:DES-CBC3-SHA

</cipherset>

</Data>

</Success>

</Response>

3.10.4.3 Delete a Custom Cipher Set

The delcipherset command can be used to delete an existing custom cipher set.

Example Command

https://<LoadMasterIPAddress>/access/delcipherset?name=<CustomCipherSetName>

A custom cipher set cannot be deleted if it is assigned to any Virtual Services. If this command is run when a cipher set is assigned to a Virtual Service, an error message will be returned which says Command Failed: Cipher set in use.

Available Parameters

Name

Type

Range

Description

name

S

The valid values for the name parameter are below:

- Default

- Default_NoRc4

- BestPractices

- Intermediate_compatibility

- Backward_compatibility

- WUI

- FIPS

- Legacy

- <NameOfCustomCipherSet>

The values are case sensitive.

Name of the cipher set to be retrieved.

 

Expected Output

<Response stat="200" code="ok">

<Success>Cipher set deleted</Success>

</Response>

3.10.5 Network Options

Parameters relating to Network Options can be managed using the get and set commands.

Example Command

curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/set?param=dhkeysize&value=2048"

Available Parameters

Name

Type

Range

Additional Information

multigw

Boolean

0 - Disabled

1 - Enabled

Use this option to enable the ability to move the default gateway to a different interface.

routefilter

Boolean

0 - Disabled

1 - Enabled

When enabled, this option only accepts IP frames from a host over the interface where the routing algorithm would route frames to the host. This is known as strict source route validation.

http_proxy

String

 

This option allows clients to specify the HTTP(S) proxy server and port the Multi-Tenant LoadMaster will use to access the internet.

dhkeysize

Integer

512, 1024 or 2048

Select the strength of the key used in the Diffe-Hellman key exchanges. If this value is changed, a reboot is required in order to use the new value. The default value is 2048 Bits.

vnfdhcp

Boolean

0 - Disabled

1 - Enabled

Specifies whether or not the MT guests should utilise DHCP for initial IP configuration. If this is enabled, the initial IP address and default gateway of the guest VNF will be automatically obtained via DHCP, and you will not be prompted to set them. If this option is disabled, the initial IP address and default gateway will need to be set when creating a new instance.

Example Output

<Response stat="200" code="ok">

<Success>Command completed ok</Success>

</Response>

References

Unless otherwise specified, the following documents can be found at http://kemptechnologies.com/documentation.

Multi-Tenant LoadMaster, Feature Description

Licensing, Feature Description

Last Updated Date

This document was last updated on 01 March 2023.


Comments