NetF Cli

About Teamsun:
Beijing Teamsun Technology Co., Ltd. (hereinafter referred to as: Teamsun) is China's leader-class
integrated IT service provider, is the first domestic service
Network covering the entire Greater China region and part of the local IT service provider in Southeast
Asia. Owns two listed companies: Teamsun (on the Shanghai Stock Exchange
City Company: 600410), the Hong Kong ASL Company (Hong Kong Stock Exchange listed companies:
00,771). Headquartered in Beijing, and Hong Kong and in mainland China
Macao and Taiwan, Southeast Asia and other regions with more than 40 branches and employs more
than 5000, either directly or indirectly controlled subsidiaries have more than twenty. Huasheng
Tiancheng listed since 2004, the scale of business CAGR (CAGR) of more than 30%, are business scale
more than 5 billion yuan.
Teamsun business direction involving cloud computing, mobile Internet, networking, information
security and other areas, business areas of IT products and services covered by the application software
Pieces of the development, a variety of IT services such as systems integration and value-added
resellers, the company is China's first IT service products made of. Based on "customer-oriented" by
Business philosophy and the "cooperation and win-win" development strategy, Teamsun based on the
Greater China market, that corporate and government clients improve IT core capabilities for the
mission,
Excellent solution for customers as well as a deep understanding of the business throughout Greater
China and some Southeast Asian region densely efficient service delivery network for our customers
IT provides construction throughout its entire life cycle of the "one-stop" service. Companies in the
telecommunications, postal services, financial services, government, education, manufacturing, energy,
transportation,
Military and other fields have a lot of success stories.
Contact us:
Beijing Teamsun Technology Co., Ltd.
BeiJing Teamsun Technology Co.Ltd.
Headquarters Address: A Block Technology Fortune Center on the 8th Xueqing Road, Haidian District,
Beijing, 10-11
Zip: 100192 Tel: 010-8273988 Fax: 8610-82733999
Pre-sales advice: 010-82733908
Official Website: http: //www.teamsun.com.cn
Microblogging: Teamsun official microblogging V catalog
2013 Teamsun
All rights reserved
III
Table of Contents
About Teamsun: ............................................. .................................................. .............................. II
Contact us: ............................................... .................................................. .................................... II
Table of Contents ................................................. ..................................................
............................................. III
Chapter 1 CLI-based ............................................. .................................................. .............................. 1
1.1 Login AS equipment .............................................. .................................................. ................. 1
1.2 Global access control levels ............................................. .................................................. ......... 2
1.3 Shortcuts ............................................... .................................................. ........................... 2
Chapter 2 Basic System Operation ............................................ ..................................................
...................... 4
Chapter 3 Advanced System Operation ............................................ ..................................................
.................... twenty four
Chapter 4 Link Aggregation ............................................ .................................................. ............................
35
Chapter 5 clusters .............................................. .................................................. .................................. 37
Chapter 6, High Availability (HA) .......................................... .................................................. ................. 46
Chapter 7 server load balancing (SLB) ......................................... .................................................. .. 68
7.1 SLB basic commands .............................................. .................................................. .............. 68
7.2 add real service .............................................. .................................................. .............. 70
7.3 add items and health check health check list of items ........................................ .......................... 83
7.4 Adding virtual services .............................................. .................................................. .............. 93
7.5 Adding a virtual service port range ........................................... ............................................. 100
7.6 Add SLB Groups service ............................................ .................................................. ..... 102
7.7 Adding IP address pool ............................................. .................................................. ........... 121
7.8 for the group to add real service ........................................... .................................................. ... 122
7.9 Other SLB group command ............................................ .................................................. ..... 123
7.10 SLB policy settings .............................................. .................................................. ...... 125

7.11 Other SIP command .............................................. .................................................. ....... 142
7.12 Compatibility Check .............................................. .................................................. .......... 144
7.13 proxy mode ............................................... .................................................. ............. 145 directory
2013 Teamsun
All rights reserved
IV
7.14 Statistics ................................................ .................................................. .............. 146
7.15 URL Rewrite / Redirect HTTP / HTTPS .......................................... ........................ 148
7.16 URL filtering ............................................... .................................................. ............ 155
7.17 SLB summary ............................................... .................................................. ............. 162
Chapter 8 reverse proxy cache ........................................... .................................................. ...................
165
8.1 Cache command ............................................... .................................................. ................... 165
8.2 HTTP command ............................................... .................................................. ................ 178
Chapter 9 HTTP content rewrite ............................................ .................................................. ...............
196
Chapter 10 DNS cache ............................................. .................................................. ...................... 202
Chapter 11 HTTP compression ............................................. .................................................. ....................
204
Chapter 12 Secure Sockets Layer (SSL) ......................................... .................................................. ........
208
Chapter 13 Quality of Service (QoS) .......................................... .................................................. ...........
232
13.1 QoS queue ............................................... .................................................. ............ 232
13.2 QoS Filter Rule .............................................. .................................................. ..... 235
13.3 Other QoS command .............................................. .................................................. ..... 236
Chapter 14 Link Load Balancing (LLB) ........................................ .................................................. ..... 238
Chapter 15 Global Server Load Balancing (GSLB) ........................................ ........................................ 255
15.1 Basic SDNS command .............................................. .................................................. .. 255
15.2 SDNS members ............................................... .................................................. .......... 256

15.3 SDNS Disaster Recovery (DR) Group .......................................... ....................... 257
15.4 SDNS site ............................................... .................................................. .......... 258
15.5 SDNS close ............................................... .................................................. .......... 260
15.6 SDNS overflow chain .............................................. .................................................. ....... 261
15.7 SDNS area ............................................... .................................................. .......... 262
15.8 SDNS bandwidth ............................................... .................................................. .......... 263
15.9 SDNS Pool ............................................... .................................................. ........... 263
15.10 SDNS ITSA ............................................... .................................................. ......... 268
15.11 SDNS Host ............................................... .................................................. .......... 268
15.12 SDNS domain operations .............................................. .................................................. Contents
....... 269
2013 Teamsun
All rights reserved
V
15.13 SDNS backup ............................................... .................................................. .......... 270
15.14 SDNS Full DNS .............................................. .................................................. .... 271
15.15 SDNS DPS ............................................... .................................................. ........... 272
15.16 SDNS Statistics ............................................... .................................................. .... 278
Chapter 16 Access Control ............................................. .................................................. .......................
282
16.1 Access Group ............................................... .................................................. ................. 282
16.2 Access List ............................................... .................................................. ............. 282
16.3 Firewall ................................................ .................................................. ................ 285
16.4 Advanced ACL ............................................... .................................................. .... 286
Chapter 17 Advanced IPv6 Configuration ............................................ ..................................................
............... 293
17.1 DNS64 and NAT64 .............................................. ................................................ 293
17.2 DNS46 and NAT46 .............................................. ................................................ 295
Chapter 18 ePolicy .............................................. .................................................. .......................... 298
Chapter 19 log .............................................. .................................................. .............................. 301

Chapter 20 Management Tools ............................................. ..................................................
....................... 310
20.1 Configuration Management Command .............................................. ..................................................
...... 310
20.2 role-based permission management ............................................ .............................................. 322
20.3 configuration synchronization commands ..............................................
.................................................. ...... 327
20.4 SDNS configuration synchronization commands .............................................
.............................................. 329
20.5 SNMP commands ............................................... .................................................. ......... 329
20.6 troubleshooting commands .............................................. .................................................. ...... 333
20.7 debug commands ............................................... .................................................. ............. 336
20.8 Remote Access command .............................................. .................................................. ...... 343
Chapter 21 Monitoring .............................................. .................................................. ..............................
345
21.1 through CLI configuration graphic items ............................................ .......................................... 345
21.2 Default legend string ............................................. .................................................. ... 346
Appendix I SNMP OID list ............................................. .................................................. ................ 352
Chapter 1 CLI-based
2013 Teamsun
All rights reserved
1
Chapter 1 CLI-based
CLI AS equipment (Command Line Interface, Command Line Interface) allows administrators to use the
command line directly to the main features of the device be equipped
Is set and controlled so as to maximize the use of the capabilities and performance of AS device.
This manual describes how AS CLI administrator and user equipment is configured correctly and use
each command. Command contained in this manual will perform the following one
General provisions:
Prescribed format
The main use of bold CLI commands in bold.
Italics CLI parameter using italics.

<> <> The parameter is mandatory parameters.
[] [] The parameter is optional.
Said "no", "show" and "clear" and other sub-command.
{X | y | ...} Alternative items put together within curly braces and separated by vertical bars. Should
select an item.
[X | y | ...] Optional alternative items placed within brackets and separated by vertical bars. Should
choose a project or a
One not chosen.
Note: When configuring the parameters, if we enter a string begins with a number, or a string contains
spaces, in order to ensure the correct configuration commands
So, we must configure the string into double quotes.
1.1 Login AS equipment
After a successful connection to connect to the AS device via SSH or console, the administrator will be
prompted to enter a user name and password. System default initial login
The user name is "admin", for the first time login password is "admin".
To restore the login password, the administrator needs to online@teamsun.com.cn, get help Teamsun
staff. To restore the landing
Password, the administrator must follow these steps:
1 AS devices to establish a console connection;
At the command line interface, enter the command "recovery";
3. AS Device Manager displays a validation issue will contain a character string of randomly generated.
The next line shows the prompt
"Response".
4. administrator needs to verify that the character "copy" and "paste" it into an email and send it
Teamsun customer support personnel,
Address online@teamsun.com.cn.
5. Teamsun customer support staff will return to the administrator for the verification period previously
received valid responses. Reply to
"--begin--" Beginning with "--end--" at the end.
6 administrators need to respond to this complete copy, and paste it into the CLI prompt "response:"
After that, and make sure that the beginning and end
The tail portion is not included. Then, press the "Enter" key. Chapter 1 CLI-based
2013 Teamsun
All rights reserved
2
7 user name "admin" corresponding password will be reset to the default "admin".
Note: If the "admin" user is deleted, "username recovery" function will fail.
1.2 Global access control levels
AS equipment and NetFOS access global configuration provides three levels or modes. Each mode,
respectively, with a particular cursor prompt. CLI mention
AS symbol contains the host name shows the device, followed by ">", "#" or "(config) #".
de
The first level is the user-mode (User Mode). In this mode,
The user is only entitled to perform some very basic operations and non-critical functions. Users
Mode prompt is displayed as "TS>" in the CLI.
In enable mode (Enable Mode), users can access only view

Most commands, such as, "show log config" command. Once a
Power to enter enable mode, CLI will prompt the "TS>" into "TS #".
Configuration Mode (Config Mode) is the last model. At this level,

Users can modify the contents of any configuration AS devices. Two users can not
At the same time to enter configuration mode. Enter configuration mode, CLI prompt
By "TS #" into "TS (config) #".
Description: In NetFOS, users can be divided into two access levels Enable or Config. Enable users can
not access the Config mode.
If you want to Enable users to access Config mode, the administrator must first modify the access rights
of the user, the method is to perform "user
<user_name> <password> [enable | config] "command.
1.3 Shortcuts
NetFOS design process using a shortcut key features to ensure the quality of user-friendly interaction
interface. Users simply enter the first few CLI commands
Letters, AS device can very intuitively complete command. Listed below are shortcuts to other user
actions:
CLI shortcuts
^ a / ^ e use ^ a / ^ e, move the cursor to the beginning or end of the line.
^ f / ^ b using ^ f / ^ b, move the cursor to the previous character or the characters.
Esc-f using the Esc-f, move the cursor one character to move forward.
Esc-b using the Esc-b, move the cursor back one character.
^ d use ^ d, delete the character under the cursor. Chapter 1 CLI-based
2013 Teamsun
All rights reserved
3
CLI shortcuts
Use ^ k ^ k, delete from the cursor to the end of the line.
^ u use ^ u, delete the entire line.
Description: The "^" means press the Control key (Ctrl), simultaneously press the symbol behind the
letters. Chapter 2 Basic System Operation
2013 Teamsun
All rights reserved
4
Chapter 2 Basic System Operation
System Operation section CLI, do not focus on specific details of the AS device. This chapter command
for the device to assign IP address and subnet mask, you can
View current network interfaces and software parameters.
help
Help command displays all commands and functions under the current level. During the AS device
configuration, the user can always call this command at any level.
enable [recovery]
This command is used to enter the Enable level NetFOS's. After the CLI command line enter the
command, the system prompts the user to enter Enable level
Password. By default, the password is blank (no password).

If the user forgets their password assigned, you can perform "enable" command, while adding
"recovery" parameter, follow these steps to respond to Enable
Level default password:
1 in the User level prompt, enter "enable recovery", for example, TS> enable recovery.
2 A message appears asking string.
3 will ask the string sent to the customer support staff online@teamun.com.cn via email.
4 customer support to customers return the appropriate code via e-mail.
5 users will respond to cut and paste code to CLI, press "Enter". Enable-level password will be reset to
empty.
disable
This command allows the user to return to User mode from the current privilege mode.
exit
This command returns the user mode from the current low level permissions model. If the user is
currently in User mode, which allows him to exit the shell command system.
quit
This command allows the user to exit the CLI mode. During the configuration process, the user can
execute this command at any time.
show tech
This command allows the user to view real-time grab and basic system information.
system numa on
The command to enable NUMA capabilities. Chapter 2 Basic System Operation
2013 Teamsun
All rights reserved
5
system numa off
This command disables the NUMA functions.
show system numa
The status of the command port and a NUMA NUMA fields for display.
show system warning
This command allows the user to view real-time system warning messages.
If any of the following hardware error occurs, the yellow LED lights will light up on the device. At this
point, the user can run this command to check whether there is
The following hardware error:
1. CPU fan stopped working;
2. CPU overheating (over 85 );
3 system to overheat (1U of devices exceeds 75 , or 2U of devices exceeds 85 );
Among all the way to 4 dual power supply fails (for devices with redundant power supply situation).
Note: If the error elimination, warning information is also cleared. However, users can still view the
related records in the system log.
ip address {system_ifname | mnet_ifname | vlan_ifname | bond_ifname} <ip_address>
{netmask | prefix} [overlap]
This command allows the user to set the IP address, subnet mask, system interface prefix length, MNET
interface, VLAN interface or aggregate interface.
system_ifname system interface name is specified, the default is port1, port2, port3, port4
And so on. (Administrators can use "interface name" command, self-designated Department
System interface name. )
mnet_ifname MNET interface name is specified, the string should be composed of letters and numbers.
vlan_ifname specified VLAN interface name, the string should be composed of letters and numbers.
bond_ifname aggregation interface name is specified, the string should be composed of letters and
numbers. Mo
Recognize aggregate interface name bond1, bond2, bond3, bond4 so on.
ip_address IP address of the specified interface. Can be IPv4 or IPv6 address.
netmask | prefix and prefix length subnet mask specified interface IP addresses.
2013 Teamsun
All rights reserved
6
Address, it can be an integer. If it is an integer, its value
Should be between 0-32.
refix" for an IPv6 address, and its value should be between 0-128.
overlap optional command. Typically, a need to increase the subnet interface is subject to any
Subnet overlapping existing interface, so it is not necessary to specify this parameter. But
Yes, need to be arranged NUMA SLB (single VIP, reverse mode), while
And the need to increase the interface subnet need to overlap with any existing interface subnet
This parameter needs to be specified as "overlap".
This parameter is not used for VLAN interfaces.
For example:
no ip address <interface_name>
This command is used to delete the specified IP address from the configuration.
show ip address
This command is used to display the system's IP address and subnet mask assignment.
clear ip address
This command is used to delete the IP address has been configured.
interface mac <interface_name> <mac_address>
This command is used to configure the MAC address of the interface specified system.
interface_name Specifies the system interface name. The interface can not be VLAN, MNET and poly
Combined interface. If the interface IP address is already in VLAN, MNET, polymerization
Or the SLB virtual service configuration, its MAC address can not be changed.
mac_address specified system interface MAC address.
no interface mac <interface_name>
This command is used to specify the MAC address of the system interface to their default values.
Chapter 2 Basic System Operation
2013 Teamsun
All rights reserved
7
interface_name Specifies the system interface name.
clear interface mac

This command is used to restore all system interface MAC address to the default value.
ip host <host_name> <ip>
This command allows the user to set a DNS host names and corresponding IP addresses.
no ip host <host_name> [ip]
This command allows the user to delete an already configured DNS host name.
clear ip host
This command allows the user to configure the DNS host name has been deleted from the current
configuration.
show ip host
Already configured DNS host name and IP address of the secondary-level commands for display.
ip arp <ip> <mac_address>
This command is used to add a static ARP project to the system. Can add up to 128 static ARP project to
the system.
ip specify the IP address for a remote host. This address can only be an IPv4
Address.
mac_address specify the MAC address for the remote host.
Note: When the system receives the ARP broadcast packets from a remote host, it will automatically
generate ARP project. After system restart, static ARP project is still
However, the presence of dynamic ARP projects will be cleared.
show ip arp [ip_address]
This command is used to display all dynamic ARP entries on all static ARP project and system
configuration automatically analyzes.
ip_address optional command. This parameter specifies the IP address of a remote host. In case
This parameter is specified, only static and dynamic ARP entry for the IP address of
Head.
ip route default <gateway_ip> Chapter 2 Basic System Operation
2013 Teamsun
All rights reserved
8
This command allows the user to set the default gateway IP address in the AS device configuration. Only
allows you to configure a default route. IPv4 default gateway IP can be
Or IPv6 addresses.
ip route static <destination_ip> {netmask | prefix} <gateway>
This command is used to configure a static route network. The user can configure multiple static routes.
Specify the destination IP address destination_ip static route. IPv4 or IPv6 address can be
Address. Typically, the IP address is a network address.
netmask | prefix and prefix length subnet mask specified destination IP address.
resses in the range of 0-128.

no ip route static <destination_ip> {netmask | prefix} <gateway>
This command allows the user to delete a static route from the current configuration.
no ip route default <gateway_ip>
This command allows the user to remove the default IP routing from AS device.
show ip route
This command allows the user to display a static routing table information.
show route match <src_ip> <src_port> <dst_ip> <dst_port> <protocol> [interface_name]
[action_table]
This command is used to display the specified source IP, source port, destination IP address, destination
port, and protocol type corresponding routing or routing group, or display the specified
Source IP, source port, destination IP, destination port, protocol type, interface name and the type of
access rules corresponding access rules.
src_ip specify the source IP address.
src_port specify the source port.
dst_ip specified destination IP address.
dst_port specify the destination port.
protocol specified protocol type, which can be TCP, UDP, ICMP and other types. This
In addition, you can also specify WebWall access rule type, which can be ah or Chapter 2 Basic System
Operation
2013 Teamsun
All rights reserved

9
esp.
interface_name optional. This parameter is used to specify the interface name. The default value is
empty, indicating that the
There are interfaces.
action_table optional. This parameter is used to specify the type of access rules. "1" indicates the license
regulations
The type, "2" indicates reject rule type. The default value is 1.
show statistics ip [ip_address]
This command is used to display information specific IP addresses. If no IP address is specified, this
command displays all configured IP addresses all the relevant statistics
Information.
ip_address Specifies the IP address of the statistical information is displayed. The address can be an IPv4
or
IPv6 addresses.
For example:
============================================ ====================
2aa: ff: fe28: 9c5a 0 0 0 0 06/21/12 14:37

------------------------------------------------- -------------------------------------------------- -----------------
clear statistics ip [ip_address]
This command will clear the statistics for a specified IP address. If you do not specify an IP address, the
command will clear all the statistics.
ip_address Specifies the IP address to clear statistical information. The address can be an IPv4 or
IPv6 addresses.
interface mtu <interface_id> <mtu_size>
This command allows the user to set up the network can transmit the maximum frame size. Chapter 2
Basic System Operation
2013 Teamsun
All rights reserved
10
On interface_id NetFOS aggregation interface name or the default Ethernet physical interface ID
(Port1, port2, port3, port4 ...). Physical interface device supports AS
The number of ports depends on the device model.
mtu_size maximum transmission unit (MTU) size. The most it is the network that can be transmitted
Large frame sizes. The default is 1500 bytes. TCP / IP uses each one by
Mouth may have different MTU values.
interface name <interface_id> <interface_name>
This command allows the user to set the interface name.
interface_id NetFOS physical interface the default interface ID (port1, port2, port3,
port4 ...). AS the number of physical interfaces supported by the device depends on the device type
Number.
interface_name specify a unique name for the physical interface, by numbers and letters, up to 31
Characters. The default name for the system interface port1, port2, port3, port4
And so on.
interface speed <interface_id> <speed_option>
This command allows the user to set the interface speed. Interface speed 10G ports can only be set to
"adaptive."
The default port ID interface_id NetFOS physical interfaces (port1, port2, port3,
port4 ...). AS the number of physical interfaces supported by the device depends on the device type
Number.
speed_option speed can be divided into 10 MB half duplex, half duplex 100 megabytes, 100 megabytes
whole
Duplex, full-duplex or adaptive 1000 megabytes.
Description: NetFOS default interface speed is set to adaptive. If you pick
Port connected to a device, such as a specific speed and duplex mode
Routes or switches, the user needs to set AS equipment to meet these requirements.
Users can use the "show interface" command to view the current speed setting
Position.
show interface [interface_name]
This command is used to display the current configuration of all system interfaces and VLAN interfaces
have statistics. If developed an interface name, the system will display only Chapter 2 Basic System
Operation
2013 Teamsun
All rights reserved
11
Shows the interface statistics.
interface_name Specifies the system interface or VLAN interface name, composed of letters and
numbers,
Up to 31 characters. The default name for the system interface port1, port2,
port3, port4 so on.
Description:
If the number of packets IP statistics function is disabled, "show interface" command output results
WebWall allowed or discarded are 0. Default
State, IP statistics function is disabled, you can also "ip statistics off" command to disable it.
All virtual IP address in the IP address pool defined output will be displayed in the "show interface"
command which.
clear interface name
This command is used to name all the interfaces to their default values.
clear interface speed {interface_id | all}
This command is used to restore the specified interface speed and duplex mode. "All" means all
interfaces.
interface_id default port ID NetFOS physical interface is port1, port2, port3,

port4 ... AS the number of physical interfaces supported by the device depends on the device model.
clear interface mtu {interface_id | all}
This command is used to delete the development of the interface (for example, port1) of the MTU
setting. "All" means all interfaces.
no interface name <interface_id>
This command is used to specify the interface (for example, port1) name revert to the default values.
show system tune
This command is used to display a user-defined system tuning parameters.
show system attackfilter
This command is used to display the attack packets are discarded AS device statistics.
clear system tune
This command is used to customize the system tuning parameters to their default values.
system tune defraglimit <smallest_object_size> Chapter 2 Basic System Operation
2013 Teamsun
All rights reserved
12
This command is used to integrate data packets require less memory frame. Users
"smallest_object_size" (in bytes) specified number of defragmentation
Packet. The default value is 0.5, for example, the size of an object is 10K, server MTU for 1K. In simple
terms, NetF receive 10 packets
At the same time the frame buffer 10 with the object. If the parameter "smallest_object_size" is set to
512, AS device 10K data caches to 10 frames
20 frames (0.5KB / per frame) in order to make full use of frame memory.
system tune route multicore {on | off}
This command is used to enable or disable the device's multi-core AS traffic handling capabilities. When
this function is disabled, AS device will use multithreading routing
Flow, greatly improving the data forwarding function. By default, this feature is disabled. Note: When
this feature is disabled, SLB DNS, RTSP,
RDP does not work.
[no] system tune hwcksum {on | off}
This command is used to enable or disable the NIC hardware verification. The default setting is enabled.
This configuration can be used for IPv4 and IPv6 packets. Command "no system
tune hwcksum "is used to restore the default settings of hardware verification.
[no] system tune tcpidle <max_idle_time>
This command allows the user to set the maximum TCP connection idle time (in seconds). Once you
reach the idle time, TCP connection is terminated. Idle
Time range is 60-7200 seconds, the default value is 300 seconds.
no system tune tcpidle command to restore the default maximum idle time value.
[no] system tune attackfilter {level_0 | 1 | 2}
This command is used to set the filter some invalid IP packet level. "Level_0 | 1 | 2" equipment system
parameters for AS level. The default value is 0.
0 disables the internal IP packet filtering. In other words, this parameter allows any
Packets via the Ethernet card into our system.
1 AS device discards the packet meets the following conditions:
Source or destination IP of 0.0.0.0
Source IP is 255.255.255.255
Source IP for 224.x.x.x
TCP port or UDP port is 0.5 which requires the development of a port using fire
Wall.
2 AS device drops packets that meet the following criteria:
Source or destination IP is 0.0.0.0. Chapter 2 Basic System Operation
2013 Teamsun
All rights reserved
13
Source IP is 255.255.255.255.
Source IP for 224.x.x.x.
TCP port or UDP port is 0. This requires the development of an interface to open fire
Wall.
Source IP is the local IP address, but the data packet is received via an Ethernet interface.
system tune tcp retransmit timeout <timeout>
This command allows the user to set data retransmission timeout. The default setting is 1000
milliseconds. In the absence of access to NetF technical support, it is recommended
Do not modify the default settings.
system tune tcp retransmit dupacks <dupacks>
This command allows the user to set the start TCP fast transmission received much duplicate ACK. The
default setting is 3 in the case did not get NetF supported under
Not recommended to modify the default settings.
system tune tcp retransmit policy {newreno | adaptive}
This command allows the user to enable the rapid transmission of the default algorithm TCP NewReno
to shift from Adaptive. Without obtaining technical support NetF
Under the circumstances, it is recommended not to change the default settings.
system tune tcp slowstart {on | off}
In the absence of access to NetF technical support, it is recommended not to change the default
settings. The default state is enabled.
system tune tcp delack count <count>
This command is used to configure the ACK maximum delay count. "Count" is defined maximum data
can be delayed ACK packet. The default value is 4.0, indicating no delay
ACK.
system tune tcp delack timeout <timeout>
The command to configure the maximum delay ACK timeout (in milliseconds). "Timeout" to define the
maximum delay ACK timeout (in milliseconds), the value must
Is a multiple of 10. The default is 100 milliseconds.
system tune tcp syntimeout <min_timeout>
The minimum timeout This command is used to set TCP SYN packets, in seconds. The default is 60
seconds.
no system tune tcp delack
This command is used to restore the TCP delayed ACK to the default settings. Chapter 2 Basic System
Operation
2013 Teamsun
All rights reserved
14
no system tune tcp retransmit {timeout | dupacks | policy}
This command is used to specify the TCP re-transmission settings (timeout period, repeated
confirmation and policies) revert to the default settings.
no system tune tcp slowstart
This command is used to slowstart set back to the default (enabled).
system tune tcp zwdefend {on | off}
This command is used to enable or disable the zero window probe timer. The default is disabled.
system tune ip randomid {on | off}
This command allows the user to enable or disable the feature set of random numbers for an IP packet.
By default, this feature is disabled, an IP packet
The numbers increase sequentially. If you enable "randomid", IP packet numbers will be randomly
generated.
system tune tcp pktdropopt <packet_drop_option>
When the TCP packet in a closed TCP port accepts and discards, this command to control the discarding
of packets. This feature is beneficial to prevent
Port scan on the system or trying to detect system vulnerabilities service behavior. In addition, it can
stop trying to implement a DoS attack behavior.
packet_drop_option optional values have 0,1,2 default is 2.
Then return TCP RST.
system tune udp pktdropopt <packet_drop_option>

When the UDP packet is a closed UDP port received and discarded when this command is used to
control the behavior of dropped packets. This feature is beneficial to prevent
Any use port scanning system behavior, and the behavior of a system trying to detect vulnerable
services. This feature also prevents attempts to implement DoS
Behavior attack.
packet_drop_option command value can be 0 or 1. The default is 0.
P packets.
no system tune tcp pktdropop
This command is used to discard TCP packets return to the default behavior. Chapter 2 Basic System
Operation
2013 Teamsun
All rights reserved
15
no system tune udp pktdropop
This command is used to discard UDP packet back to the default behavior.
[no] system tune accel {oa | mq}
This command is used to enable the AS device load balancing acceleration. To enable this feature, the
administrator must first "slb directfwd on" command to enable
DirectFWD function. No system tune accel AS device used to disable load balancing acceleration.
oa | mq This parameter is used to specify the load balancing accelerated mode.
oa: AS device only when the configuration of a VIP, parameter "oa" to start
By deploying Layer 4 SLB arm acceleration.
mq: When multiple VIP on the AS, the parameter "mq" is used to enable the 4th
Layer SLB and LLB acceleration.
Description: When load balancing acceleration through the "system tune accel mq" command is
enabled, the data can not be in 10G NIC AS equipment and
Transmission between 1G NIC. When the "system tune accel mq" and "system tune dispatcher numa"
commands are configured, systemic
Can be substantially reduced. Therefore, only one configuration command.
NetFOS TM8.4 optimized TCP options. Added three TCP options: Window Scale, Timestamp, and
Selective
Acknowledgment (SACK). NetFOS TM8.4 fully support these three TCP options, the system's MSS
options and SLB virtual service functions
Energy. The following new command to configure these TCP options.
system tune tcp option wscale on [shift_count]
This command is used to enable the Window Scale option system. The default is disabled.
shift_count optional. This parameter specifies the system to change the window size by right shift key
when
Number of bits. This parameter is in the range of 0-14. The default is 3. This parameter
Only after a few Windw Scale option is enabled in order to use.

Note: The actual size of the window used = TCP packet window size 2shift_count.
system tune tcp option wscale off
This command is used to disable the system Window Scale option.
system tune tcp option timestamp on
This command is used to enable the system Timestamp option. The default is disabled.
system tune tcp option timestamp off Chapter 2 Basic System Operation
2013 Teamsun
All rights reserved
16
This command is used to disable the system Timestamp option.
system tune tcp option sack on
This command is used to enable the system Selective Acknowledgment (SACK) option. This option is
disabled by default.
system tune tcp option sack off
This command is used to disable the system Selective Acknowledgment (SACK) option.
system tune tcp syncache on
This command is used to enable the system Syncache function. The default is disabled. Syncache feature
allows the device records AS TCP option is set, this function
Help avoid synflood attacks.
Note: To ensure Window Scale, Timestamp, SACK and MSS option is in effect for the system or the
specified virtual service, you must
Must first enable the TCP Syncache function.
system tune tcp syncache off
This command is used to disable the system Syncache function.
system tune tcp rmem_max [size]
This command sets the maximum receive buffer size.
size is optional. This parameter is used to specify the maximum number of bytes received cache. This
parameter
It ranges 65536-287047680 bytes. The default value is 131072.
system tune dispatcher numa

This command is used to send packets NIC device policy settings for non-uniform memory access
(NUMA).
Note: Before executing this command, make sure that the input and output ports to be managed by the
same CPU. When this item command and the "system tune accel
At the same time configuration, the system performance will be a sharp decline in mq ". Consequently,
intelligent configuration of a command.
system tune dispatcher default
This command is used to restore the NIC packet sender policy to default.
no system tune dispatcher
This command is used to revert to the default NIC packet sender strategy.
slb tcpoption wscale <virtual_service> {on | off} [shift_count] Chapter 2 Basic System Operation
2013 Teamsun
All rights reserved
17
This command is used to enable or disable a virtual service Window Scale option. The default is disabled.
virtual_service specify a virtual service.
on | off If this parameter is set to "on", then for the specified virtual service
Window Scale option is enabled; If this parameter is set to "off", then
Window Scale option for the specified virtual service is disabled.
shift_count optional. This parameter specifies the size of the window system right shift bit number. The
reference
Number ranging from 0-14. Default is 3 only in the Window Scale
When the option is enabled, this parameter can be used.
Note: The actual use of window size = TCP packet window size 2shift_count.
slb tcpoption timestamp <virtual_service> {on | off}
This command is used to enable or disable a virtual service Timestamp option. The default is disabled.
on | off If this parameter is set to "on", the specified virtual service enabled
Timestamp; If this parameter is set to "off", the specified virtual service
Disable Timestamp.
slb tcpoption sack <virtual_service> {on | off}
This command is used to enable or disable the SACK option of a virtual service. The default is disabled.
on | off If this parameter is set to "on", to enable SACK Option specified virtual services
If this parameter is set to "off", disabling specified virtual service SACK; items
Option.
slb tcpoption mss <virtual_service> [size]
Maximum segment size of this command is used to set a virtual service (MSS).
size is optional. This parameter specifies the MSS size in bytes. This parameter Chapter 2 Basic System
Operation
2013 Teamsun
All rights reserved
18
In the range of 536-1460. Default value is 0, indicating that MSS option
Current virtual service disabled. Otherwise, said the MSS option is enabled.
ip nameserver <ip>
This command allows the user to add three name servers. The user can only enter a domain name
server IP address, the standard dotted format. If you use
Households trying to add a fourth name servers, AS device will alert the user to first remove a domain
name server address of the original set, and then can receive
New data.
show ip nameserver
This command allows the user to display the name server IP address.
no ip nameserver <ip>
This command allows the user to delete a domain name server from the configuration protocol.
[no] fwd mode {nontransparent | transparent}
This command allows the user to set the operating mode. AS device will use NetF management IP (nontransparent) or customer IP (transparent) even as port forwarding
Then the source IP address. The default transparent mode.

Description: Port forwarding does not support FTP, in this case, it is recommended to use SLB feature.
system date <year> <month> <date>
If the network does not rely on an NTP server, the user can use this command to set the internal date AS
device. The value of each parameter can be as required
To enter one or two digits. For example, if a user wants to enter the October 20, 2010, the following can
be entered:
show date
This command allows the user to view the date and time to run the equipment.
system time <hour> <minute> <second>
If a network does not rely on an NTP server, the user can use this command to set the time for the AS
inside the device. The value of each parameter can be
According need to enter one or two figures (Note: AS device uses a 24 hour clock / military standard
clock). For example, if a user wants to enter in the afternoon
11:33:51 This time, according to the following steps to enter:
system timezone [timezone_string] Chapter 2 Basic System Operation

2013 Teamsun
All rights reserved
19
This command allows the user to set the time zone for the system. When this command is executed, AS
device prompts the user for a three-step guide users to the correct input time zone.
The first step is to select the correct input process continent (ie, Asia, Europe and North America). After
entering the desired continent, the next step will display the specified large
Lu list of countries supported (for example, China, Hong Kong, Japan, Korea, Singapore and Taiwan). The
last step is to generate a list of the device from the AS
Select a specific time zone. Description: The time zone setting at any time, the user can enter "0" to
return to the previous option (ie, in the national list page, enter "0"
Will guide the user to return to the continent page).
show system timezone
This command is used to display the current time zone.
clear system timezone

This command is used to restore the system time zone as the default, the system default time zone is
"GMT".
ntp {on | off}
AS this command to enable or disable the device clock synchronization of NTP servers. AS device
settings received from the NTP server and NTP time settings gifted
First select the date and time settings CLI. "Ntp server" command must first be configured before you
can enable NTP function.
ntp server <ip> [version]
This command allows the device to work as specified AS NTP server client form. If you prefer, you can
choose a specific NTP protocol
Version. If the time difference between the NTP server and NetF box of over 1000 seconds (about 16
minutes) reasonable limits, NTP will close. In case
Time difference over 1000 seconds, should pass "system time" command, adjusted to an approximation,
and then call the NTP command.
ip specified NTP server IP address. The address is an IPv4 address
Or IPv6 addresses.
version is optional. This parameter specifies the NTP version, ranging from 1-4. Default
Value of 4.
show ntp
This command allows the user to view the current NTP configuration. This command also displays the
current time and the time of contact dispersed servers.
clear ntp
This command deletes the NTP configuration.
show statistics tcp
This command displays the TCP connection details. Number of TCP connections are counted in each
state:
2013 Teamsun
All rights reserved
20
NG: 0
Output compared with the "show memory", "TIME_WAIT" value and "USED" TCP small pcb same. All
other items, from the "LISTEN"
Value to "FIN_WAIT", adding equal USED "TCP pcb items.
hostname <host_name>
This command allows the user to set or change the name of an AS device, even when specifying the
device has not been running this operation can be carried out (device name
Will be saved in the running configuration among all the other, named after the new equipment added
to the system and run, machine tools tell new machines will be notified of its new distribution
Name). The device name can be a string of alphanumeric combinations sustained, may also be a string
of double quotes alphanumeric combinations. Currently, the host name of the
Great length is 64 characters.
show hostname
This command is used to display the host name of a AS device.
no hostname
This command is used to delete the host name of a AS device. After the host name deleted, the host
name to the default value "TS" replaced.
[no] system mail from <from_string>
This command is used to configure the log messages sent from the AS device sender e-mail address. For
some events configuration (for example, URL filtering and logging
Reminders), AS device will use this address as the sender address configured to send log messages to
the administrator. No system mail from command to remove hair
Piece people e-mail address configuration.
For example:
According to the above command configuration, the administrator receives an email, the sender will be
displayed as "online@teamsun.com.cn".
Following string support "from_string" parameter configuration:
% h "hostname" command to define the host full name. Chapter 2 Basic System Operation
2013 Teamsun
All rights reserved
Twenty one
% q If you want to enter the double brackets, please "% q" instead. For example, to enter "" an ""
When should type "% qan% q".
%% If you want to enter the percent sign, type "%%."
(In the above string, the first character "%" is an escape character which can be used to configure a
separate process.)
"From_string" The default value is "% h alert@log.domain".
[no] system mail hostname <host_string>
This command is used to configure the device to send log messages AS host name. For some events
configuration (for example, URL filtering and logging reminders), AS
Device will use this host name in the log messages sent to the administrator of the. No system mail
hostname command to remove the host name configuration.
For example:
With the above command configuration, when the administrator receives an e-mail, e-mail header
information in the host name appears as "AS01":
-Uidl: AAAxppMAAAQQC9mCRRdJp + 0gm9UwkbuD && mail.teamsun.com.cn
ail.teamsun.com.cn over TLS secured channel with Microsoft

SMTPSVC (6.0.3790.4675);
The following strings can be used to "host_string" parameter configuration.

% h using the "hostname" command to define the host full name.
% l host name of the first part (from the host name of the first. "" OK).
(In the above string, the first character "%" is an escape character and it can not be used for the
configuration.)
"Host_string" default value "% l.alert_pseudo_domain".
[clear | show] system mail
This command allows the user to view or clear the system mail configuration. Chapter 2 Basic System
Operation
2013 Teamsun
All rights reserved
Twenty two
system mail relay server <host_name> <relay_server>
This command allows the user to create a new system of mail relay server.
host_name configure the domain name.
relay_server IP address or server name.
system mail relay {on | off}
This command is used to enable or disable the system mail relay service. The default display system mail
relay service. Here is the use of CLI set up a mail relay service
Examples of the.
AS device will use "relay.com" and the host name "teamsun.com.cn" send a message. However, we
must first ensure that the device can find AS
To the relay server "relay .com", or to ensure that DNS to find it.
show system relay
This command is used to display the configuration and status of relay services.
clear system relay
This command is used to delete all the relay server, or disable mail relay service.
no system mail relay server <host_name>
This command is used to delete the system mail relay server configuration records.
system interactive on
This command is used to enable the CLI commands in interactive mode. If you use this command, the
system will display the results of the command more information.
system interactive off
This command is used to enable the CLI command active mode. After executing the command, the
system will reduce the command results are displayed. This is the default setting.
show system interactive
This command is used to interact with the reality of the current system settings (on | off).
system command timeout <timeout>
System startup or user executes | when "config file config memory" command, this command is used to
set the execute command timeout. Fastlog and Chapter 2 Basic System Operation
2013 Teamsun
All rights reserved
Twenty three
syslog records timeout command to use when troubleshooting.
timeout Specifies the timeout value (30-65535 seconds). The default value is 120 seconds.
show system command timeout
Run this command timeout values for display.
setup
This command allows the user to log wizard navigation mode, the user can set up to guide the next
steps AS device in the system.
switch weblink <url>
This command is used to configure the management URL AS-device switch. By specifying a URL, you can
page through the AS WebUI configuration switches.
Description: This command is only used AS35xx and AS4600 Chapter 3 Advanced system operation.
2013 Teamsun
All rights reserved
Twenty four
Chapter 3 Advanced System Operation
This chapter describes the commands related to advanced system configuration.

mnet {system_ifname | bond_ifname} <user_interface_name>
This command is used on the specified system interface, or aggregate interface to create multiple
network interfaces (MNET). NetFOS supports up to 32 MNET interface.
And so on. (Administrators can "interface name" command to specify the system itself
Interface. )
bond_ifname aggregation interface name is specified, the default is bond1, bond2, bond3,
bond4 so on. (Administrators can "bond name" command custom poly
Combined interface name. )
user_interface_name custom MNET interface name, composed of letters and numbers up to 31
Characters.
no mnet <mnet_ifname>
This command is used to MNET interface from the system to remove a formulated.
mnet_ifname specify the need to remove the system MNET interface name.
[show | clear] mnet
This command is used to display or remove all MNET interface configuration.
vlan {system_ifname | bond_ifname} <vlan_ifname> <vlan_tag>
This command is used on the specified system interface, or aggregate interface to create a virtual local
area network (VLAN) interfaces. NetFOS support the creation of up to 4096
VLAN interfaces.
And so on. (Administrators can "interface name" command to specify their own department
System interface name. )
bond_ifname aggregation interface name is specified, the default is bond1, bond2, bond3,
bond4 so on. (Administrators can "bond name" command to specify their own Chapter 3 Advanced
System Operation poly
2013 Teamsun
All rights reserved
25
Combined interface name. )

vlan_ifname specified VLAN interface name, composed by numbers and letters, up to 31
Characters.
vlan_tag designated to rebuild the VLAN interface ID, should be any integer 1-4094's.
Description:
If the interface is already configured to aggregate interface, do not configure VLAN on it.
no vlan <vlan_ifname>
This command is used to delete a specified VLAN interface from the system.
vlan_ifname specified VLAN interface name to be deleted.
[show | clear] vlan
This command is used to display or remove all VLAN interface configuration.
fwd tcp <local_ip> <local_port> <remote_ip> <remote_port> [timeout]
This command allows the user to map AS a port on the device to a network IP or port right. AS device
access to a specific local IP and port
All TCP data will be routed to a specific IP or port. NetFOS supports the creation of up to 584 "fwd tcp |
udp" configuration.
local_ip local forwarding IP address. The address can be an IPv4 or IPv6 address.
local_port forwarded to the network server farms local port.
remote_ip equipment forwarded to the backend server server IP address can be an IPv4
Or IPv6 addresses.
The purpose remote_port corresponding IP address of the remote port.
timeout Optional timeout setting in seconds; default value is 300 seconds.
fwd udp <local_ip> <local_port> <remote_ip> <remote_port> [timeout]
This command allows the user to forward UDP packets. All flows to a specific local IP and data ports will
be routed to a specified remote IP and
Port. NetFOS supports the creation of up to 584 "fwd tcp | udp" configuration. Chapter 3 Advanced
System Operation
2013 Teamsun
All rights reserved
26
local_ip local IP address for forwarding. Can be IPv4 or IPv6 address.

local_port for forwarding UDP port.
remote_ip server IP address, the standard dotted format. IPv4 or IPv6 address.
remote_port destination port corresponding IP addresses.
timeout Optional timeout setting (in seconds); default is 300 seconds.
no fwd tcp <local_ip> <local_port>
no fwd udp <local_ip> <local_port>
These commands are used to disable the specified port forwarding configuration.
show fwd
This command is used to display the port forwarding mode.
clear fwd
This command is used to remove any port forwarding configuration.
nat port {pool_name | vip} <source_ip> {netmask | prefix} [timeout] [gateway] [description]
This command is used to enable the Network Address Translation (NAT) and Port transformation
functions. NAT address of each server or device within the network converted to mutual
Networking preset an IP address pool or multiple IP addresses, or in the opposite direction of the
conversion. It can also act as a firewall, can not see the inside of the external
A specific IP address. Device will check to verify the configuration of the subnet overlap or virtual IP
exists. Only the following conditions, the packet will be NAT:
uting gateway. If the "gateway" is set to the default value of

0.0.0.0, "VIP / IP pool" and
Routing gateway should be in the same segment.
Each AS device can be configured up to 512 "nat port".
pool_name | vip virtual IP address or IP address pool name can be an IPv4 or IPv6 address /
Address pool.
Note: If you configure the VIP address with other systems interface IP addresses are not
In the same segment, VIP address is set to the default interface port1. Chapter 3 Advanced System
Operation
2013 Teamsun
All rights reserved

27
Therefore, port1 interface must be pre-configured with an IP address.
source_ip perform network switching network IP, can be IPv4 or IPv6 address.
netmask | prefix to perform NAT-enabled network subnet mask and prefix length.
Address or integer. If it is an integer which ranges

0-32.
-128.
timeout timeout (in seconds), optional; default is 60 seconds.
NAT gateway after routing packets to the gateway IP address, default is 0.0.0.0.
description description of the "nat port" configuration can be used as memo reminder or record.
The description should be enclosed in double quotes. The maximum length of the description is 31
characters.
Description:
For IPv6 addresses, only TCP (except FTP application) and UDP packets can be NAT, and can not
configure the gateway.
L2 SLB configuration does not work with "nat port". When "nat port" has been configured L2 SLB
configuration and system interfaces with, not born
Effect.
no nat port {pool_name | vip} <source _ip> {netmask | prefix}
This command is used to delete a specified "nat port" configuration.
nat portdst {pool_name | vip} <destination_ip> {netmask | prefix} [timeout] [gateway]
[description]
This command is used to enable the destination IP address of the NAT basis. When the destination IP
address in the specified network segment, and the gateway (such as designated) and routing gateways
The same packet in order to be converted. If the gateway is set to the default value of 0.0.0.0, for the
purpose of NAT IP or IP address pool and routing network
Off should be located in the same network segment.
pool_name | vip virtual IP address or IP address pool name can be IPv4 or IPv6.
destination_ip implementation of network switching network IP, can be IPv4 or IPv6.

netmask | prefix to implement NAT subnet mask or the prefix length.
Advanced System Operation
2013 Teamsun
All rights reserved
28
Or integer. If it is an integer in the range of 0-32.
-128.
timeout NAT entries timeout (in seconds), optional; default is 60 seconds.
gateway routing data packets are converted after the actions of the gateway IP address, default
0.0.0.0.
Description description of the "nat portdst" configurations, can be used as memo reminder or record.
Describe the contents should be placed in double brackets, the maximum length is 31 characters.
Note: For IPv6 addresses, only TCP (except FTP application) and UDP packets can be converted, and the
gateway can not be configured.
no nat portdst {pool_name | vip} <destination_ip> {netmask | prefix}
This command is used to delete a specified "nat portdst" configuration.
show nat port
This command is used to display all NAT configurations.
clear nat port
This command is used to organize and delete NAT configuration.
nat static <vip> <network_ip> [timeout] [gateway] [description]
This command allows the user to create a static NAT routing. This type of NAT routing can convert IP
addresses, but the port remains unchanged. This route is also
Can process data from the network to the public network, or vice versa. Only the following conditions,
data packets can be converted:
ng gateway (router gateway using "ip route

default" command). In case
"Gateway" is set to the default value 0.0.0.0, "vip" and routing gateway should be in the same segment.
Implementation of object address translation is IPv4 packets. However, if the first condition is met, the
address conversion data packets will be IPv6 packet.
vip a virtual IP address is provided. Can be IPv4 or IPv6 address.
Note: If you configure the VIP address with other systems interface IP address is not
On the same network segment, VIP address by default bound to port1 interface. Chapter 3 Advanced
System Operation
2013 Teamsun
All rights reserved
29
Thus, the interface port1 must be pre-configured with an IP address.
network_ip implementation of network switching network IP. Can be an IPv4 or IPv6 address
Address.
timeout timeout value (in seconds); default is 60 seconds.
Gateway IP address gateway packet routing actions of converted after. This address can be
Be IPv4 or IPv6. The default value of IPv4 address 0.0.0.0, IPv6
Address can be specified only ::.
Description description "nat static" configuration, or as a reminder memo recording. Description
Said content should be placed within double quotes, the maximum length is 31 characters.
Description: L2 SLB configuration does not work with "nat static" configuration. When "nat static" and a
system interface has been configured with SLB
, You can not take effect.
no nat static <vip>
This command is used to delete the specified virtual IP address from a static NAT configuration.
show nat static
This command is used to display all the static NAT configuration.
clear nat static
This command is used to stop or delete static NAT configuration.
nat protocol pptp [port]
This command is used to enable NAT traversal function PPTP tunnel. This feature is enabled by default.
PPTP server port specified port number. The default is 1723.
no nat protocol pptp

This command is used to disable PPTP tunnel NAT traversal.
clear statistics pptp
This command is used to delete all PPTP AS statistical information on the device. Chapter 3 Advanced
System Operation
2013 Teamsun
All rights reserved
30
show nat protocol
This command PPTP NAT traversal tunnel configuration for display.
show nat table
This command displays the network to convert existing GRE tunnel input and output data and statistics.
This command only supports TCP protocol does not support ICMP and
UDP protocol.
Example:
rough 172.16.2.11 (35940) to 172.16.2.226 (1723)
rip {on | off}

This command is used to enable or disable RIP. RIP feature is disabled by default.
rip version {1 | 2}
This command is used to RIP version is set to RIPv1 or RIPv2.
[no] rip network <ip_address> <netmask>
This command is used to enable or disable the RIP interface, such an interface address and parameters
"ip_address" match.
show rip status
This command is used to display the RIP status.
show rip settings
This command displays the current settings RIP.
ospf {on | off} Chapter 3 Advanced System Operation
2013 Teamsun
All rights reserved
31
This command is used to enable or disable OSPF. OSPF feature is disabled by default.
Note: When OSPF is enabled, the system will analyze OSPF routing. However, after the OSPF routing
analysis does not take effect immediately. They will
Take effect within 30 seconds.
[no] ospf network <ip_address> <netmask> <area_id>
This command is used to enable or disable the OSPF interface, and defines an area ID for those
interfaces.
area_id assigned identification number (0-4294967295) interface.
show ospf status
This command is used to display OSPF running.
show ospf settings
This command displays the current settings for OSPF.
ipv6 ospf {on | off}
This command is used to enable or disable the OSPFv3 feature (IPv6 OSPF). This feature is disabled by
default.
ipv6 ospf routerid <id>
This command is used to set the address format dotted IPv4 OSPF routing ID.
ipv6 ospf drpriority <interface_name> <priority>

This command is used to set the OSPF DR (destination routing) interface sequence.
interface_name Specifies the interface name, can be a system interface, aggregate interfaces, VLAN
access
Mouth or MNET interface.
the order of priority specified interface, in the range 0-255, the default is 1.
ipv6 ospf interface <interface_name> <area_id>
This command is used to enable OSPFv3 on the specified interface and define a zone ID for this
interface.
Interface_name specify the interface name, can be a system interface, aggregation, VLAN, then Chapter
3 Advanced System Operation
2013 Teamsun
All rights reserved
32
area_id "area_id" parameter can be within the means of a digital 0-4294967295
Given, the default is 0.
no ipv6 ospf interface <interface_name> <area_id>
This command is used to delete the specified area ID OSPFv3 configuration interface.
show ipv6 ospf settings
This command is used to display OSPFv3 settings. For example:
6 ospf on
show ipv6 ospf status
This command is used to display OSPFv3 status (on / off).

ipv6 ndp <ipv6_address> <mac_address>
This command is used to add a static NDP item to the system.
ipv6_address specify the IPv6 address for a remote host.
mac_address specify the MAC address for the remote host.
no ipv6 ndp <ipv6_address>
This command is used to delete the specified static IPv6 address NDP project.
show ipv6 ndp
This command is used to display all static NDP projects.
clear ipv6 ndp Chapter 3 Advanced System Operation
2013 Teamsun
All rights reserved
33
This command is used to clear all static NDP projects.
ip pool <pool_name> <start_ip> [end_ip]
This command is used to create an IP address pool, and add the IP address pool an IP network segment.
This command can also be used to only add to an IP address pool
An IP network segment. Multiple IP network can be added to an address pool. If the IP address pool
does not exist, NetFOS will create a new IP address
Pool. The maximum number of IP address pools with different AS device supports system memory
changes; By default, each IP address pool to allow the IP address of the most
Large quantity of 256.
pool_name IP address pool name. Address pool name must be entered with a capital or small
Write beginning English characters.
Start IP address start_ip IP segment. Can be an IPv4 address or an
IPv6 addresses.
end_ip IP network ending IP address can be an IPv4 or IPv6 address. It was
An optional parameter. If there is no distribution, only the "start_ip" will be added to the IP
Address pool.
Description: AS equipment manufacturers can configure multiple IP address pool, an IP address pool can
add up to 256 IP addresses. The largest pool of IP addresses
Varies with changes in the number of system memory. Details refer to the following table.
The maximum number of IP addresses of system memory pool
4GB 32
8GB 64
16GB 128
32GB 256
no ip pool <pool_name> [start_ip]
This command is used to delete an IP network segment from the specified IP address pool.
pool_name IP address pool name.
Start IP address to be deleted start_ip IP segment. For the initial configuration
IP, IP network in order to start the IP address will be deleted.
Optional. If not specified, the specified IP address pool will be deleted.
clear ip pool [pool_name]
This command is used to delete the specified IP address pool. If you do not specify "pool_name"
parameter, this command will delete all the IP address pool. Chapter 3 Advanced System Operation
2013 Teamsun
All rights reserved
34
show ip pool [pool_name]
This command is used to display the specified IP address pool configuration information. If you do not
specify "pool_name" parameter, this command will display all IP address pools
Configuration information. Chapter 4 Link Aggregation
2013 Teamsun
All rights reserved
35
Chapter 4 Link Aggregation
Link aggregation configuration commands are designed to help the user to set the key parameters to
use this new feature.
bond name <bond_id> <bond_name>

This command allows the user to specify the definition of an aggregate interface name. AS device
supports up to six aggregation interface.
bond_id AS aggregation default device ID interfaces (bond1, bond2, bond3,
bond4 ...)
bond_name aggregation interface name specified by a string of letters and numbers constitute up to
31 characters. The default name for an aggregate interface bond1, bond2, bond3,
bond4 so on.
bond interface <bond_name> <interface_name> [1 | 0]
This command allows the user to add a polymerization system interface for the specified interface. An
aggregate interface can add up to 12 system interfaces.
You can use "1 | 0" parameter is set to the interface of an aggregated link, the main (a) or standby (0)
interface. Aggregation interface can set multiple primary
Interface or standby interface. If all the primary interface aggregation interfaces are not available, an
alternate interface can replace the main interface to work.
bond_name interface name string specified by an aggregate alphanumerical. Default
Aggregation interface name is bond1, bond2, bond3, bond4 so on.
interface_name a network interface name string specified by alphanumerical. Default
System interface name is port1, port2, port3, port4 so on. Interface can pass
Guo "interface name" command.
1 | 0 1: The interface is set to aggregate interface in a primary interface. The default is 1.
0: The interface is set to aggregate interface in a standby interface.
no bond interface <bond_name> <interface_name>
This command allows the user to remove the aggregation interface system interface.
show bond [bond_name]
This command is used to display the current aggregate interface for all system information. If the
aggregation interface name is specified, the command will display only the specified interface
information.
This command is used to display the current aggregate interface for all system information. If the
aggregation interface name is specified, the command will display only the specified interface
information.
Chapter 4 Link Aggregation
2013 Teamsun
All rights reserved
36
clear bond [bond_name]
This command is used to aggregate interface configuration to its default value. If you do not specify an
aggregate interface name, all aggregation interface configuration will be deleted.
Chapter 5 clusters
2013 Teamsun
All rights reserved
37
Chapter 5 clusters
This chapter describes the commands to configure the cluster function.
show cluster virtual status [interface_name]
This command is used to output AS device features a cluster state (including on or off), the status of
each virtual cluster configuration (incomplete state, initialization,
Backup or primary device status), as well as interface name and link status assigned to each virtual
cluster.
If you specify an interface name, the system will display only the cluster status information for the
interface.
access
For example:
cluster virtual {on | off} [cluster_id | 0] [interface_name]

This command is used to enable or disable the device AS virtual training capabilities. The minimum value
of a virtual cluster ID is 1, the maximum is 255. The default is 0,
Indicates that all clusters are enabled. Using this command, you must specify the appropriate interface
name. If no cluster ID or interface
Name, all clusters are enabled.
cluster virtual ffo {on | off}
This command is used to enable or disable the Fast Failover (FFO) function. Default is off.
cluster virtual ffo interface carrier loss timeout <interface_timeout>
Chapter 5 clusters
2013 Teamsun
All rights reserved
38
This command is used to configure the AS device, found the interface carrier loss (milliseconds) how
long to wait before failover (if necessary) If the network
Carrier recovery within the timeout value, you do not need to take action. The timeout value range is 065535 milliseconds. 0 means no waiting, 65535
Means no failover.
system test failover port [on / off]
This command allows the user to test FFO port status AS device. AS device provides two types of FFO
port: control type and USB type.
To test the type of FFO port state control, follow these steps:
1 implementation of "cluster virtual ffo off" command to disable FFO function.

2 execution "system test failover port", the system will provide the following tips:
3 will pull control cable from the control port, insert FFO port.
Press the Enter key to see whether the system prompts for any information:
5 reinsert the control cable control port.

Description: This command tests using FFO port before, first make sure that the implementation of
"cluster virtual ffo off", disabling Fast Failover feature.
To test the USB type FFO port status, proceed as follows:
1 The USB FFO FFO cable end into the USB port type.
2 Install the USB driver on the PC, so the PC recognize AS equipment.
3 Start any terminal software on a PC, and then connect the USB-COM port.
4 execute "system test failover port on" in the terminal software, enable test mode.
5 Press any key keyboard, observe the input character is displayed on the terminal software.
6. execute "system test failover port off" on the terminal software, disable test mode.
show cluster virtual config [interface_name]
Chapter 5 clusters
2013 Teamsun
All rights reserved
39
This command is used to display the current virtual cluster configuration or all interfaces virtual cluster
configuration. If you specify an interface name, the system will only display the
Interface cluster status information.
access
Mouth or MNET interface. The default is All.
For example:
(config) #show cluster virtual config port2
uster virtual priority "port2" 1 200

show cluster virtual ffo
This command is used to display the current rapid failover configuration.
cluster virtual ifname <interface_name> <cluster_id>
This command is used to define the specified interface virtual cluster ID.
access
cluster_id a virtual cluster ID, the minimum decimal value is 1, the maximum number of decimal
Value of 255.
Description:
Because there are too many virtual cluster ID (VCID) may lead to unnecessary system overload
problems, it is recommended not to configure too VCID in the system. As
Many virtual IP address if necessary, administrators can configure multiple IP addresses in a VCID, rather
than each IP address to configure a VCID.
If the specified interface on the local node is configured with an IPv6 address only, but also in the peer
interface is configured with an IPv6 address is specified,
IPv6 link will be used to send VRRP packets between two nodes. If two nodes specified interfaces are
configured IPv4 and IPv6 addresses, IPv4
Link to send VRRP packets between two nodes.
show cluster virtual interface
This command allows the user to view by declaring the interface name "cluster virtual ifname"
command configuration.
Chapter 5 clusters
2013 Teamsun
All rights reserved
40
clear cluster virtual {interface_name | all} {cluster_id | 0}
This command is used to delete the virtual cluster from the specified system interface.
interface_name | all specified interface name, can be a system interface, aggregate interfaces, VLAN
access
Mouth or MNET interface. "All" means all existing interfaces.
cluster_id | 0 specified to be deleted virtual cluster ID, in the range of 1-255. "0" means
With all the virtual cluster.
cluster virtual vip <interface_name> <cluster_id> <vip>
This command is used to configure virtual IP address for specifying a virtual cluster interface.
access
cluster_id a virtual cluster ID, the minimum decimal value of a maximum of 255. A
A cluster ID can contain up to 255 virtual IP addresses. Located in different
Virtual ID interface is the same as different virtual ID. With the same virtual
All virtual IP address ID have the same status (primary and backup).
vip a valid virtual IP address, which can limit the IP address of the alternate functions,
For example loopback, multicast, and other common specific range. Input
Each virtual IP address must be unique and can be IPv4 or IPv6
Address.
cluster virtual auth <interface_name> <cluster_id> {0 | 1} [password]
This command is used to configure the virtual cluster authentication.
access
cluster_id a virtual cluster ID, the minimum decimal value of a maximum of 255.
0 | 1 value of "0" without using a password authentication type represents a value of "1"
Authentication type required to enter a simple text password.

Chapter 5 clusters
2013 Teamsun
All rights reserved
41
password password constituted by eight alphanumeric string. (Note: All figures word
String must be enclosed in quotes. )
cluster virtual preempt <interface_name> <cluster_id> <mode>
This command is used to configure the virtual cluster preemption mode. (Note: no configured cluster
number is 255.)
access
cluster_id virtual cluster configuration identity number.
mode specified virtual cluster preemption mode. Can be set to 1 or 0, the default is 1.
The value "1" Allow seize a higher level of the main cluster, the value "0" ban
Seize the higher level of the primary cluster only.
cluster virtual interval <interface_name> <cluster_id> <seconds>
This command is used to set the advertisement interval specified cluster.
access
cluster_id virtual cluster configuration identity number.
Notice seconds specified interval, ranging from 3-60 seconds. The default interval is 5 seconds.
Any state transition virtual cluster is about three times the value of the interval.
Description: Configure the same virtual cluster ID should be set to the same interval on the same circular
interface name primary and backup nodes. Otherwise, the two kinds of nodes
The state is "MAST", will lead to a cluster failure.
cluster virtual priority <interface_name> <cluster_id> <priority> [synconfig_peer_name]
This command is used to set up a virtual cluster priority. Priority number is 1-255, where 255 is the most
advanced.
access
Chapter 5 clusters
2013 Teamsun
All rights reserved
42
cluster_id virtual clusters assigned identification number.
priority to configure this parameter to determine the redundancy priority. The larger the value of the
parameter, the priority
Higher. In the range of 1-255.
synconfig_peer_name optional parameters. The default value is "Primary". In addition to the default
value ("Primary"),
This parameter can be "synconfig peer <peer_name>
<peer_ip> "command defines the configuration of the end of any synchronization when the value is
When the "Primary", this command applies to the local node. When the parameter is set to a
Actual synchronization configuration client name, client name synchronization configuration command
applies the corresponding
Node. It can also be configured to synchronize the local client node definition. This
, The command applies to the local node.
no cluster virtual vip <interface_name> <cluster_id> <vip>
This command is used to remove the VIP from the specified cluster ID and interface name.
Description:
When the master or a virtual cluster on the standby node is deleted, the primary and standby nodes
state immediately switched to "INIT". At the same time,
Cluster standby node will replace the master node to become the new master with node.
If the virtual cluster on the primary and backup node configuration is different, the two state nodes may
become "MAST", thus leading to an IP address conflict. Therefore,
Before changing the master node configuration, it is strongly recommended that you disable the cluster
function on the standby node, and then after the completion of the master node configuration changes
for the standby node
Synchronized standby node configuration.
no cluster virtual auth <interface_name> <cluster_id>
This command is used to restore the default settings cluster certification (false).
no cluster virtual interval <interface_name> <cluster_id>
This command is used to advertise the interval to restore the default value (5 seconds).
no cluster virtual preempt <interface_name> <cluster_id>
This command is used to restore the cluster preemptive mode to the default value (true).
no cluster virtual priority <interface_name> <cluster_id> [synconfig_peer_name]
This command is used to restore the cluster priority to the default value (100), or delete the cluster
priority information specified by this parameter.
Chapter 5 clusters
2013 Teamsun
All rights reserved
43
access
cluster_id designated identification number assigned to the virtual cluster.
synconfig_peer_name optional. The default value is "Primary". In addition to the default value
("Primary"),
The value can be "synconfig peer <peer_name> <peer_ip>"
Order any synchronization configuration end definition. When this value is set to "Primary"
When the local node synchronization settings or client name, this command will local node cluster
Priority revert to the default value (100). When this value is set to other synchronization
When configuring the client name, this command only from the local node cluster removes the cluster
priority
Level information.
cluster virtual discreet {on | off}
This command is used to enable or disable the discrete cluster standby mode (Discreet Backup). In this
mode, the system through one mind jumper
Main (Heartbeat cable) collected from the device status information to determine the status of the
master and slave devices, and ultimately determine whether you need to switch the master and slave
device status.
In this mode, the status of the device to switch between more secure, VRRP packet loss does not cause
double the host state. By default, this mode
For the disabled. Note: In the discrete standby mode, the system collects status information via
heartbeat, and therefore should ensure that between master and slave devices correct heartbeat
Connection, and through "cluster virtual ffo on" command first enable heartbeat (heartbeat and FFO
line is a line).
show cluster virtual discreet
This command is used to display the configuration of discrete standby mode.
For example:
show cluster virtual transition [interface_name]

This command is used to display the specified interface 100 cluster state transitions recent record. If the
interface name is not specified, the command displays all interfaces recently
100 times the cluster state transition log. Cluster states include initial (INIT), alternate (BACK), discrete
backup (DISCREET), FFO and main
By (MAST).
access
Mouth or MNET interface. The default is All.
For example:
Chapter 5 clusters
2013 Teamsun
All rights reserved
44
ACK -> MAST] Timeout.
-> BACK] Receive a VRRP advertisement of priority 0.

-> DISCREET] Entering discreet mode.
-> BACK] FFO cable is OK Cluster is ready to work..
-> FFO] FFO is enabled.
-> INIT] Stop running.
-> BACK] FFO cable is OK Cluster is ready to work..
-> FFO] FFO is enabled.
clear cluster virtual transition [interface_name] [cluster_id]
This command is used to display the last 100 clusters specified interface state transitions logs, including
the designation of all virtual cluster and virtual cluster. Default,
All cluster configuration "interface_name" parameter, which means removing cluster status on all
interfaces conversion log. By default, "cluster_id"
Parameter is set to 0, meaning that the state of all virtual cluster removes the cluster on the conversion
log.
show statistics cluster virtual [interface]
This command is used to display the virtual cluster statistics for the specified interface. If the interface
name is not specified, this command will display all interfaces on the virtual set
Group statistics.
For example:
- receive none VRRP advertisements from master for two intervals while in
backup state, but receive a valid VRRP advertisement before timeout (three intervals)
-used for quick transition)
lower priority)
Note: The content above in brackets are for output explanation.
clear statistics cluster virtual [interface_name] [cluster_id]
This command is used to delete a cluster statistics for the specified interface, including the designation
of the virtual cluster and all the virtual cluster. By default, all cluster
Use "interface_name" argument, delete the cluster statistics for all interfaces. By default, the parameter
"cluster_id" is set to 0,
Deletes cluster statistics for all virtual cluster.
Chapter 5 clusters
2013 Teamsun
All rights reserved
Forty five
cluster virtual arp interval [seconds]
This command is used to set the master device broadcasts a gratuitous ARP interval.
seconds time interval can be any integer from 0, or between 30-65535,
In seconds. The default is 60 seconds. 0 indicates that the device used to convert to the main form
After the state broadcasting only gratuitous ARP messages.
Chapter 6 line availability (HA)
2013 Teamsun
All rights reserved
46
Chapter 6, High Availability (HA)
This chapter describes the function of HA configuration commands.
ha on
This command is used to enable the HA feature.
Description: IP address pool must be configured to use HA HA enabled before. If the IP address pool
configuration after HA is enabled, you will need to reStart HA function, it will first disable and then enable the feature.
ha off [force]
This command is used to disable the HA feature. By default, HA feature is disabled.
When the force when a unit device joins HA domain and appears to hang, this parameter is used
Disable HA functionality.
ha unit <unit_name> <ip_address> [port]
This command is used to join a domain HA HA units. An HA domain allows a maximum of 32 units.
unit_name designated HA unit name, case sensitive, letters and numbers,
Up to 8 characters. The name of each unit in an HA domain should be independent
One goes for.
ip_address HA units specified IP address used for communication with the other main link unit.
Can be IPv4 or IPv6 address.
port is optional. Specify the port to communicate with other units using the main link. The default value
To 65521.
Note: Before you configure the local unit, you must first configure the IP address of the local unit of the
interface. Otherwise, the local unit HA domain and can not be identified.
An IP address HA field units must be all IPv4 or IPv6.
By "ha unit" command to add multiple domains after an HA unit, the system will automatically create a
master link connection between the two units.
no ha unit <unit_name>
This command is used to remove a unit from HA HA domain. Chapter 6 line availability (HA)
2013 Teamsun
All rights reserved
47
Note: If the local unit is removed from the HA domain, all "ha hc ..." to configure the local unit will be
deleted, "ha hc peerunit" configuration will be restored
Complex as the default.
ha link network secondary <unit_name> <link_id> <ip_address> [port]
This command is used to configure a backup link an HA unit. Between the two HA units can be
configured with up to 31 standby link.
unit_name designated HA unit name.
link_id specify an alternate link ID. This parameter ranges between 1-31. two units
Each backup link ID should be unique.
ip_address HA units specified IP address, which is used to communicate with the other units
Backup link. The address can be an IPv4 or IPv6.
port is optional. Specify the port to communicate with other units to use an alternate link. Default
Value of 65521.
Please note that when creating a backup link between the two units, you should have two units decibels
configure a backup link the same ID.
For example, two HA units "u1" and "u2" the IP address of 192.168.1.1 and 192.168.1.2. Were prepared
in order to establish a unit between the two
With link two units must perform the following two commands:
#ha link network secondary u2 1 192.168.1.2 65521

After completion of the above-described configuration of the two units, between the "u1" and "u2" is
established the identity of the number "1" is a reserve link.
Description: IP address of a backup at both ends of the link can be IPv4 or IPv6.
no ha link network secondary <unit_name> <link_id>
This command is used to delete a secondary link between two HA units.
clear ha link network secondary
This command is used to delete all configuration backup link local unit.
ha link network on
This command is used to enable the local unit and the other peer network link between the units,
including the master link and spare equipment links. Default,
Enable network connection. Chapter 6 line availability (HA)
2013 Teamsun
All rights reserved
48
ha link network off
This command is used to disable the network established between the local unit and the unit is
connected to other peers.
ha link ffo on
This command is used to enable FFO linked HA functionality. FFO for the HA domain links only two units.
FFO is disabled by default link.
ha link ffo off
This command is used to disable the HA feature FFO link.
ha group id <group_id>
This command is used to define the local unit of a floating IP group. Each unit can define up to 256
groups.
group_id specified floating IP group ID, in the range of 0-255.
no ha group id <group_id>
This command is used to delete the local unit of the floating IP group.
clear ha group id
This command is used to delete the local unit all floating IP group.
ha group fip <group_id> <floating_ip> [interface_name]
This command is used to specify the IP group to configure a floating floating IP address. The total
number of floating IP address and a floating floating IP IP group configuration
Range must not exceed 16.
group_id specified for floating IP group ID, in the range of 0-255.
floating_ip specify the floating IP address can be an IPv4 or IPv6 address.
interface_name optional. This parameter specifies the interface needs to be bound to a floating IP
address.
no ha group fip <group_id> <floating_ip>
This command is used to delete the specified IP group in a floating floating IP address.
clear ha group fip <group_id> Chapter 6 rows high availability (HA)
2013 Teamsun
All rights reserved
49
This command is used to delete the specified floating IP in the group all floating IP addresses.
ha group fiprange <group_id> <start_floating_ip> <end_floating_ip> [interface_name]
This command is used to configure a floating IP range for the specified floating IP group, and then bind
to a specific system interface. Each float
IP ranges contain up to 256 IP addresses. A floating IP group floating floating IP address range of IP
addresses and configuration can not total more than 16
Months.
group_id specified floating IP group ID, in the range of 0-255.
start_floating_ip floating starting IP address specified IP addresses can be IPv4 or IPv6.
end_floating_ip specify the IP address of the end of the floating IP addresses can be IPv4 or IPv6
Address.
interface_name Specifies an interface bound to a floating IP address segment.
Note: All IP addresses contained in the floating IP addresses, including the start IP and end IP, can not be
"ip address" command to assign specific access
Mouth.
Floating range of IP addresses must be greater than or equal to any existing IP address pool range.
no ha group fiprange <group_id> <start_floating_ip> <end_floating_ip>
This command is used to delete the specified IP group in a floating floating IP addresses.
clear ha group fiprange <group_id>
This command is used to delete the specified IP addresses for all floating floating IP group.
ha floatmac on
This command is used to enable the floating MAC function of HA. After enabling this feature, floating
MAC address (via "ha floatmac mac" setting) is cut
Unit interface change to the group status is "Active" is. Thus, when the group state switch, the customer
does not realize that provide application services equipment occurred
Changes in the group because the state before switching to provide application services device's MAC
address has not changed.
By default, the floating MAC feature is disabled. Before enabling this feature, HA function must first
perform "ha off" command to disable HA features.
Note: If the primary link between the unit and only available, it is recommended not to enable the
floating MAC functions, in the group fails, it could lead to float
IP Group abnormal state.
Chapter 6 ha floatmac off-line availability (HA)
2013 Teamsun
All rights reserved

50
This command is used to disable HA floating MAC functions.
ha floatmac mac <interface_name> <floating_mac>
This command is used to bind to a floating MAC address on a specified interface.
interface_name Specifies the interface name, which can be a system interface, MNET interface,
VLAN interface or aggregate interface.
floating_mac specify the floating MAC address. The address may be already bound to a local single
MAC system interface element or the same floating IP peer group unit of any
Address.
Note: If the interface VIP address has been assigned to a number of floating IP group, you can not
enable MAC functions. Therefore, the floating IP for different groups
Floating MAC address can not be configured the same.
no ha floatmac mac <interface_name>
This command is used to remove a floating MAC address to bind to the specified interface.
clear ha floatmac all
This command is used to clear the system of floating MAC All configurations. After executing this
command, the floating MAC functions will also be disabled.
ha arp interval <interval>
This command is used to set the sending ARP broadcast packet interval for the local unit.
interval specified ARP broadcast packets sent interval in seconds. Participation
Value can be set to the value 0, or between 30-65535. The default value
30. If this parameter is set to 0, indicating that only in the ARP broadcast packets
HA unit group status when switching to "Active", will send an ARP wide
Multicast packets.
ha group priority <unit_name> <group_id> <priority>
This command is used to configure the IP group designated a specified floating on the HA unit priority.
unit_name designated HA unit name. It can be a local unit can also be
One peer unit. Chapter 6 line availability (HA)
2013 Teamsun
All rights reserved
51
group_id specified floating IP group ID.
priority specify a priority on specific cell-specific floating IP group. Value
Range is 0-255. The larger the value, the higher the priority.
Note: Administrators can modify the unit floating IP group priority by this command. If one unit of a
floating IP group priority
Is not specified, the reorganization will not take effect in this unit, group status will always remain "Init".
no ha group priority <unit_name> <group_id>
This command is used to delete a specific IP group floating on a specified unit priority.
ha group preempt on <group_id>
This command is used to enable a specific floating IP group preemption mode. Preemption mode is
enabled, the group with the highest priority on the available floating unit
IP Group will always remain "Active" status. By default, the floating IP groups to enable preemptive
mode.
group_id specified floating IP group ID, in the range of 0-256. "256" represents
Enable preemption mode for all floating IP group.
Note: To ensure preemptive mode to specify the floating IP group into effect, to ensure that all
elements of this group has been in force preemption mode is enabled.
ha group preempt off <group_id>
This command is used to disable a specified group of floating IP preemption mode.
group_id specified floating IP group ID, in the range of 0-256. "256" indicates
All floating IP group only preemption mode.
ha group enable <group_id>
This command is used to enable the local unit to specify a floating IP group. By default, IP Group Disable
All. If a floating IP group in more than one
Yuan is enabled, only the group status is "Active" in the unit in order to provide services at the time of
the reorganization. By performing "ha group fip" and "ha group
fiprange "command, floating IP and application services group can establish contact.
group_id specified floating IP group ID, in the range of 0-256. "256" means
Enable all floating IP group of local units.

ha group disable <group_id> Chapter 6 rows high availability (HA)
2013 Teamsun
All rights reserved
52
This command is used to disable the local unit to specify a floating IP group.
group_id specified floating IP group ID, in the range of 0-256. "256" means
All floating IP group only local unit.
ha hc peerunit [interval] [down_check_times]
This command is used to set the local unit through the primary link, backup links and FFO link
transmission time interval heartbeat packet to the peer unit. As
If any link in the peer unit and sustained period of time can not receive heartbeat response (time period
determined by the "down_check_times"), and other units of the state
State will be marked as "Down". Otherwise, the peer unit status will be marked as "Up".
interval is optional. This parameter specifies the time to send a heartbeat packet interval, the unit is
Ms. This parameter ranges from 1000-10000 milliseconds. The default is
1000 milliseconds.
down_check_times optional. This parameter specifies sustained period of time from the unit receives
heart failure peer
Jump numerical response. This parameter ranges from 3-100. Default value is 3.
Once the peer unit for any errors occur, it is in a floating state within the IP group will switch from
"Active" to "Init". At the same time, the floating IP
Available unit has the highest priority within the group from "Standby" switch to the "Active", began
restructuring of customer service.
The following commands are used to check the status of the local health unit configuration. Make sure
that the local unit is defined limited health check condition configuration; otherwise, these health check
Check the condition can not be added to the local unit.
ha hc gateway <unit_name> <gateway_ip> <condition_name> [interval] [up_check_times]
[down_check_times]
This command is used to configure HA unit for a specified health check condition of a gateway.
unit_name specify the name of an HA unit, it can be a local unit or other single
Yuan.
gateway_ip specify the gateway IP address for a particular HA units. It can be IPv4
Or IPv6 addresses.
condition_name health check conditions specified name. This parameter ranges
GATEWAY_1 to GATEWAY_32.
interval is optional. This parameter specifies the time interval of health checks, the unit is milli
Seconds. This parameter is the range 1000-10000 milliseconds. The default value Chapter 6 rows high
availability (HA)
2013 Teamsun
All rights reserved
53
1000 milliseconds.
up_check_times optional. Specifies the health check results of this parameter is used for the "Up"
duration
Value. This parameter ranges from 3-10. Default value is 3.
down_check_times optional. This parameter specifies the number of times continued health inspection
results for "Down" in
Value. This parameter ranges from 3-10. Default value is 3.
Description: On the local unit, although you can configure the gateway health check conditions on other
units, but only the local unit gateway health check condition
To take effect.
no ha hc gateway <unit_name> <gateway_ip>
This command is used to delete a specified HA unit of a gateway health check condition.
clear ha hc gateway
This command is used to delete all the HA unit configured gateway health check condition.
ha hc cpu overheat <temperature> [interval] [up_check_times] [down_check_times]
This command is used to configure a CPU local HA units overheating health check condition.
temperature for the CPU overheat threshold set temperature, unit . This parameter ranges
1-100.
interval is optional. This parameter specifies the health check interval, in milliseconds. The
Parameter ranges 5000-1000,000 default value is 5000.

up_check_times optional. This parameter specifies the time the CPU temperature does not exceed the
threshold value. The
Parameter in the range of 3-10. Default value is 3.
down_check_times optional. This parameter specifies the CPU issues the duration exceeds the threshold
value.
This parameter ranges from 3-10. Default value is 3.
no ha hc cpu overheat
This command is used to delete the configuration of a local HA unit CPU overheat health check
condition.
ha hc cpu utilization <fatal_percent> [interval] [up_check_times] [down_check_times] Chapter 6 rows
high availability (HA)
2013 Teamsun
All rights reserved
54
This command is used to configure the local HA unit of a CPU application health check condition.
fatal_percent specified threshold CPU applications. This parameter ranges from 1-100, unit
As a percentage.
interval is optional. This parameter specifies the time interval of health checks, in milliseconds.
This parameter ranges 5000-1000000 milliseconds. The default value is 5000.
up_check_times optional. This parameter specifies the application does not exceed the threshold CPU
time for several
Value. The range of this parameter is 3-10. Default value is 3.
down_check_times optional. This parameter specifies the duration of application exceeds the threshold
value of CPU's.
The range of this parameter is 3-10. Default value is 3.
no ha hc cpu utilization
This command is used to delete a local HA unit configured CPU application health check condition.
clear ha hc cpu all
This command is used to delete a local HA unit configured CPU health checks for all conditions, including
CPU CPU overheat health conditions and application health checks
Check the condition.

ha hc sslcard [interval] [up_check_times] [down_check_times]
This command is used to configure an SSL card health check conditions for local HA units.
interval is optional. This parameter specifies the implementation of the health check interval, in
seconds.
This parameter ranges 300000-3600000 milliseconds. The default is
300,000.
up_check_times optional. Specify SSL card working time value of this parameter. This parameter
The range is 3-10. The default value is 3.
down_check_times optional. This parameter specifies the unusual working hours SSL card value. This
parameter
The range is 3-10. The default value is 3.
no ha hc sslcard
This command is used to delete a local HA unit configured SSL card health check condition. Chapter 6
line availability (HA)
2013 Teamsun
All rights reserved
55
ha hc memory atcpzone <zone_name> <fatal_percent> <condition_name> [up_check_times]
[down_check_times]
This command is used to configure a memory application health check local conditions in a particular
ATCP HA unit area.
zone_name designated ATCP area name. ATCP Enter the name to distinguish the size of the area
Writing, and must be enclosed in double quotes. It only supports the following predefined names:
apter 6 line availability (HA)

2013 Teamsun
All rights reserved
56
fatal_percent set a threshold for a specified ATCP region memory applications. The parameter values
Fan
Wai is 1-100, in percent.
condition_name health check conditions specified name. This parameter ranges
ATCPZONE_1 to ATCPZONE_64.
up_check_times optional. This parameter specifies the ATCP area does not exceed the threshold of
memory applications hold
Duration values. This parameter ranges from 3-10, the default value is 3.
down_check_times optional. This parameter is specified ATCP memory applications exceeds the
threshold region continued
The value of time. This parameter ranges from 3-10, the default value is 3.
no ha hc memory atcpzone <zone_name> <condition_name>
This command is used to delete a specific local HA unit ATCP zone configuration memory application
health check condition.
clear ha hc memory atcpzone
This command is used to delete all local HA unit ATCP zone configuration memory application health
check condition.
ha hc memory mbuf <fatal_percent> [up_check_times] [down_check_times]
This command is used to configure a Mbuf application health check conditions for local HA units.
Chapter 6 line availability (HA)
2013 Teamsun
All rights reserved
57
fatal_percent for Mbuf application specified threshold. This parameter ranges from 1-100, single
Position as a percentage.
up_check_times optional. This parameter specifies the application is not Mbuf threshold duration
exceeds
Value. This parameter ranges from 3-10, the default value is 3.
down_check_times optional. This parameter specifies the duration of the value exceeding the threshold
Mbuf application.
The range of this parameter is 3-10. The default value is 3.
no ha hc memory mbuf
This command is used to delete a local HA unit configured Mbuf application health check condition.
ha hc memory mpool <mpool_name> <fatal_percent> <condition_name> [up_check_times]
[down_check_times]
The command for the local HA units of a particular memory pool (mpool) to configure a memory
application health check condition.
mpool_name for a mpool specified name. Enter the name to distinguish the size mpool
Writing, and must be enclosed in double quotes. It only supports the following predefined name
Said:
ache Transactions
2013 Teamsun
All rights reserved
58
ePolicy_group
fatal_percent specified threshold for a particular mpool memory applications. This parameter ranges
100, in units of percentage.
condition_name specify a name for a health check condition. This parameter ranges
MPOOL_1 to MPOOL_16.
up_check_times optional. The parameters for a specific application mpool memory duration does not
exceed the threshold
Values between. This parameter ranges from 3-10, the default is 3.
down_check_times optional. This parameter is application-specific memory mpool duration exceeds the
threshold value
Between set value. This parameter ranges from 3-10. The default value is 3.
no ha hc memory mpool <mpool_name> <condition_name>
This command is used to remove the local HA unit configured to develop a memory applications mpool
health check condition.
clear ha hc memory mpool
This command is used to delete all mpool local HA unit configured memory application health check
condition.
ha hc memory system [free_space_threshold] [used_swap_threshold] [up_check_times]
[down_check_times]
This command is used to configure the system memory health checks conditions for local HA units. HA
unit will also check the system is less than the available memory space available
Thresholds, as well as swap space has been used exceeds the threshold. In the health check process, if
the system is less than the available memory space available threshold or
Who has exceeded the threshold value with the swap space, the health check result is "Down".
free_space_threshold optional parameters. This parameter specifies the system free space threshold,
the unit MB.
This parameter ranges 50-8192MB. The default 50MB.
used_swap_threshold optional parameters. This parameter specifies the threshold of swap space has
been used, the unit MB.
This parameter ranges from 0-8192. Default is 0, indicating that the system does not
Check with the swap space exceeds the threshold.
up_check_times optional parameters. This parameter specifies the health inspection results for "Up"
duration
Value. This parameter ranges from 3-10, the default is 3.
down_check_times optional parameters. This parameter specifies the check result is "Down" the
duration of a few lines in Chapter 6 High Availability (HA)
2013 Teamsun
All rights reserved
59
Value. This parameter ranges from 3-10, the default is 3.
no ha hc memory system
This command is used to delete a local HA unit configured system health check memory conditions.
ha hc memory interval [interval]
This command is used to configure the HA unit in the local implementation of all types of memory
interval health check. The time interval for the following types of memory health check
Entry into force:
interval optional parameters. This parameter specifies the time to implement memory health check
interval,
Milliseconds. This parameter ranges 5,000-1,000,000 ms
The default 5000 milliseconds.
clear ha hc memory all
This command is used to remove the local HA unit health checks for all types of memory configurations.
ha hc process <process_name> <condition_name>
This command is run for the local unit of an HA configuration health check process conditions.
process_name specified process name. Enter the name of the process is case-sensitive, and only
supports
The following predefined names:
emon
2013 Teamsun
All rights reserved
60
condition_name health check conditions specified process name. This parameter ranges
PROCESS_1 to PROCESS_32.
no ha hc process <process_name> <condition_name>
Health check conditions of this command to delete a particular process running locally HA unit
configuration.
clear ha hc process
This command is used to remove the local HA unit all processes running health check condition
configuration.
ha hc vcondition name <vcondition_name> <condition_name> <logic>
This command is used to configure a health check condition group (vcondition) for local HA units.
Vcondition can nest multiple child health check of
Pieces. Child health check condition can be real health check condition, may also be another nested
more child health check condition vcondition.
vcondition_name designated vcondition name. The maximum length of the name is 128 Vcondition
Characters.
condition_name designated vcondition associated with the predefined condition name. This parameter
takes
Values range V_1 to V_32.
logic to specify the logical relationship between vcondition multiple sub-conditions can be
"TSD" or "OR". When the specified logical relationship is "TSD", only the
There are sub-conditions are met, vcondition to meet. When the specified logical
Series relationship is "OR", as long as any one sub-conditions are met, vcondition
Able to meet.
no ha hc vcondition name <vcondition_name>
This command is used to remove the local unit specified vcondition. Chapter 6 line availability (HA)
2013 Teamsun
All rights reserved
61
Note: When performing "no ha hc vcondition name" command to delete the specified vcondition,
vcondition associated with this configuration is also
Deleted, including sub-failure conditions and related rules.
clear ha hc vcondition all
This command is used to delete all local units vcondition.
ha hc vcondition member <vcondition_name> <subcondition_name>
This command is used to add a child to a specified condition vcondition in. A vcondition can be nested
up to 16 sub-criteria.
vcondition_name vcondition specify a name.
subcondition_name specify the name of a sub-condition, which can be a real health check of
Pieces, it can be a vcondition.
no ha hc vcondition member <vcondition_name> <subcondition_name>
This command is used to delete a specified vcondition condition of a child.
clear ha hc vcondition member <vcondition_name>
This command is used to delete a specified vcondition in all sub-conditions.
show ha condition [unit_name]
This command is used to display a specified HA unit's health status.
unit_name designated HA unit name. If this parameter is not specified, or is set

For "all", the system will display the health status of all HA unit.
ha decision rule <condition_name> <action_name> <group_id>
The command for a given configuration of a failure of a floating IP group rule. Failure to specify the rule
refers to a health inspection results for "Down" to be implemented when
Trouble-free operation. A health check condition can be configured with up to eight failures rules.
condition_name health check conditions specified name. The parameter value can be a real
Health check condition, it can be a vcondition. System support
Column value in the form of:
2013 Teamsun
All rights reserved
62
Pieces.
TEWAY_32: Gateway health check condition.
memory
Health check condition.
Pieces.
ck condition.
When action_name certain designated health inspection results for "Down", designated it to be
executed
Impaired operation. The parameter values can be "Unit_Failover",
"Group_Failover" or "Reboot".
Floating group_id specify an expiration rules in force IP group ID. Only
When "action_name" parameter is set to "Group_Failover", this parameter
To take effect.
Description:
To ensure that each unit can get running other peer units, failure to configure the rules must be the
same for all units.
The system provides predefined rules fail. You can run "show ha decision" command to view these
predefined rules. These predefined rules
"Condition_name" is PORT_1 ~ PORT_32, the corresponding "action_name" is all "Group_Failover". You
can run
"Ha decision rule" command to modify these predefined rules "action_name".
no ha decision rule <condition_name> <action_name> <group_id>
This command is used to delete a specified group of a floating IP fail rules.
Note: If the parameter "condition_name" is set to a value from "PORT_1" to "PORT_32" in the system
will be
"Action_name" restore "Group_Failover". Chapter 6 line availability (HA)
2013 Teamsun
All rights reserved
63
clear ha decision rule
This command is used to remove all the invalid rule floating IP group.
Description: The execution of this command does not delete the predefined rules fail. However, the
predefined rules "action_name" will return to the
"Group_Failover".
show ha decision
This command is used to display the local unit all the rules floating IP group all failures, including
predefined rules and custom rules.
For example:
Group_Failover ORT_10 Group_Failover roup_Failover -
- Chapter 6 rows high availability (HA)

2013 Teamsun
All rights reserved
64
-
ha synconfig bootup on
This command is used to enable the bootup synconfig function. This feature is enabled by default.
Description:
In bootup synconfig mode, the local unit only synchronous execution "write memory" command will
save the configuration and other units to the contents of memory.
After enabling bootup synconfig function with all statistics relating SLB will be cleared.
To perform bootup synconfig, we should first remove the "synconfig peer ..."; otherwise, bootup
synconfig function will fail.
During the execution bootup synconfig, are not allowed to implement any configuration to add, modify,
or delete operation.
ha synconfig bootup off
This command is used to disable the bootup synconfig function.
ha synconfig runtime on
This command is used to enable the runtime synconfig function. After only two units to enable runtime
synconfig, both to real-time synchronization with each other
Position. This feature is disabled by default.
ha synconfig runtime off
This command is used to disable the run-time synchronization.
show ha status
This command is used to display the status of all units HA domain, including domain status, group status,
synchronization status, run-time synchronization whitelist and blacklist, chain
Contact state, and so on.

ha ssf peer <peer_ip>
This command is used to specify the SSF functions such as unit.
IP address peer_ip specified peer unit.
no ha ssf peer Chapter 6 line availability (HA)
2013 Teamsun
All rights reserved
65
This command is used to delete the peer unit and SSF function.
ha ssf on [virtual_service]
This command is used to enable session state failover function (SSF). Under default settings, each virtual
services enable SSF function, but for the global
Disabled. To ensure the SSF function for a virtual service to take effect, you need to first enable the SSF
function globally.
virtual_service specify the name of the virtual service. SSF function is only for TCP, UDP, FTP
And IP virtual services take effect.
If no parameters are specified "virtual_service", SSF function globally Kai
With.
Description: SSF feature applies only "1 + 1" HA deployment scenarios.
Suppose two HA units IP addresses are 198.162.1.1 and 198.162.1.2, if two units are required on the SSF
function is enabled,
Needs to be configured as follows:
Unit 1:
nfig) #ha ssf peer 192.168.1.2
Unit 2:
ha ssf off [virtual_service]
This command is used for a specified virtual service disabled SSF function. If you do not specify the
parameters of "virtual_service", will be disabled globally SSF
Function.
ha ssf on nat
This command is used to enable the SSF function for NAT. Default settings, NAT's SSF function is
disabled.
ha ssf off nat
This command is used to disable NAT SSF function.
show ha ssf session Chapter 6 line availability (HA)
2013 Teamsun
All rights reserved
66
This command is used to display all session information and SSF related functions.
show ha ssf settings
This command displays information about all the settings and functions related to SSF.
For example:
show statistics ssf

This command is used to display all the statistical information and functions related to SSF.
clear statistics ssf
This command is used to clear all statistics functions associated with the SSF.
ha log on
This command is used to enable the HA logging. By default setting, HA logging feature is disabled. If the
HA feature is enabled, the log function must also be enabled
With. If the HA feature is disabled, logging must be disabled.
ha log off
This command is used to disable HA log function.
ha log level <level>
This command is used to set the system to produce the level of HA logs.
HA level specified log level. "Level" Valid values emerg, alert, crit,
err, warning, notice, info and debug. The default value is info. A
Once designated HA log level, below the level of information will be ignored.
show ha log [line_number]
This command is used to display the HA logs. Chapter 6 line availability (HA)
2013 Teamsun
All rights reserved
67
line_number optional parameters. This parameter specifies the number of rows displayed log HA. The
default is
100, said display system has recently produced 100 lines HA logs.
clear ha log
This command is used to clear all of the HA logs.
show ha config
This command is used to display all the configuration information associated with the HA functionality.
For example:
config bootup on
clear ha all
This command is used to delete all configuration information associated with the HA functionality.
Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
68
SLB designed to improve server utilization performance, scalability, and failover redundancy. AS
equipment available to monitor the content server, and according to several
Available algorithms require the transfer of customers to the most appropriate server.
7.1 SLB basic commands
show slb all
This command is used to display the entire SLB configuration, including real and virtual services, policies,
groups and group members.
clear slb all
This command is used to remove the SLB configuration.
slb timeout <virtual_name> <timeout>
This command is used for all connections to the virtual service specify custom TCP connection timeout
value. Under default settings, connecting virtual services using TCP
Timeout standard value.
virtual_name virtual service name.
timeout TCP timeout value, in seconds. The maximum value is 199,999,999 seconds.
slb mode ircookie {plainname | hexname | ip}
This command is used to set the SLB insertion, replication, built-in cache mode.
plainname | hexname | ip insertion, replication, built-in model. This mode can be carried out by the
following steps
Settings:
If set to "plainname" mode, ASCII value of the real server names were
Set cookie value, for example: name = aTc8acd 9!?.
If set to "hexname" mode, the hexadecimal value of real servers were set up
For the cookie value, for example, name = 456143!? 04.
If set to "ip" mode, the real server IP address in hexadecimal were set to
cookie value, for example, insert cookie for name = 0A010203, replication, and the
Set cookie to "name = 0A010203!? 9". Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
69
Description: "!?" is the end of the character Replication section.
slb mode icookie {always | onlyone}
This command is used to control the SLB insert cookie behavior to suit different needs of the client
browser. If the mode is set to "always", regardless of passenger
Whether the request has been included households insert cookie content, AS device will always insert
cookie. If the mode is set to "onlyone", when a customer please
When seeking to insert cookie does not contain content, AS device into only one cookie.
[no] slb mode packetbased <virtual_name>
This command is used for a specified virtual service configuration UDP packets based load balancing
requirements. In this configuration, SLB according to the specified algorithm,
A client connection packets transmitted will be scattered in several different servers.
No slb mode packetbased command to delete a specified virtual service packet-based load balancing
configuration.
clear slb mode packetbased
This command is used to delete all configuration packet-based load balancing.
slb directfwd {on | off}
This command is used to enable or disable DirectFWD function. Under default settings, this feature is
disabled. DirectFWD feature can work in IPv6 environments
To make.
slb directfwd statistics {on | off}
This command is used to enable or disable SLB statistics DirectFWD mode. Enabled by default. When
enabled, the system will DirectFWD
Collect statistics SLB mode.
slb directfwd syncache {on | off}
This command is used to enable or disable DirectFWD module syncache function. This function can
effectively avoid synflood attacks. When the initial configuration,
This feature is disabled.
slb mode activeclose {on | off}
This command is used to enable or disable the Active Layer 4 TCP connection shutdown function. This
feature is off by default. When this feature is enabled, if the IP, TCP
And TCPS actual service stops, the system closes the TCP connection associated with the first four layers.
When this feature is disabled before connection timeout, 4th floor
TCP connection is not closed. Although the original actual service has stopped, client requests for the
current connection continues to send. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
70
AS device supports two modes closed Layer 4 TCP connections:
connection. Promptly closed for a long time
Connection is beneficial, you can enable or disable the corresponding connection through this
command.
sive shutdown: For TCP connections, AS device is turned on by checking the actual service to send
each packet, check the actual
Health services. If the actual service has been terminated, AS device will reset the connection.
Moreover, both active off mode
Whether it is turned on, this feature would have been implemented.
slb mode regexcase {on | off} [virtual_service | vlink_name]
This command is used to enable or disable SLB regescase mode, which specifies certain specific SLB user
input device is configured to distinguish between AS string
The uppercase and lowercase letters. The default is "off" state, that device will distinguish between
uppercase and lowercase letters AS (case-sensitive).
on | off If this parameter is "off", AS device is case-sensitive letters
(Case-sensitive).
If this parameter is "on", AS device does not distinguish between uppercase and lowercase letters
(Case-insensitive). AS device in a string uppercase
Automatically converted to lowercase.
virtual_service | vlink_na
me
Optional. This parameter is used to enable or disable a specified virtual service
Or vlink of SLB regexcase mode.
If this parameter is null, SLB regexcase mode for all virtual
All services and vlink enabled or disabled. That is, this is a global set
Position.
If this parameter for a particular virtual service or vlink set for this item
Vlink virtual services or global settings will be ignored.
Description: This function following command to take effect: "slb policy regex", "slb policy header",
"http rewrite request url", "http
rewrite response url "and" slb policy redirect ". SLB regexcase mode is not set before executing these
commands if, the whole
Bureau settings to take effect.
7.2 Adding real service
slb real http <real_name> <ip> [port] [max_conn]
[http | tcp | icmp | script-tcp | script-udp | sip-tcp | sip-udp | dns | none] [hc_up] [hc_down]
slb real tcp <real_name> <ip> <port> [max_conn] Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
71
[http | tcp | icmp | script-tcp | script-udp | sip-tcp | sip-udp | dns | ldap | none] [hc_up] [hc_down]
slb real ftp <real_name> <ip> [port] [max_conn]
[tcp | icmp | script-tcp | script-udp | sip-tcp | sip-udp | dns | none] [hc_up] [hc_down]
slb real udp <real_name> <ip> <port> [max_conn] [hc_up] [hc_down] [timeout]
[icmp | script-tcp | script-udp | radius-auth | radius-acct | sip-tcp | sip-udp | dns | none]
slb real https <real_name> <ip> [port] [max_conn]
[https | tcp | tcps | icmp | script-tcp | script-udp | script-tcps | sip-tcp | sip-udp | dns | none] [hc_up]
[hc_down]
slb real tcps <real_name> <ip> <port> [max_conn]
[tcp | tcps | icmp | script-tcp | script-udp | script-tcps | sip-tcp | sip-udp | dns | none] [hc_up]
[hc_down]
slb real dns <real_name> <ip> <port> [max_conn]
[dns | icmp | script-tcp | script-udp | sip-tcp | sip-udp | dns | none] [hc_up] [hc_down] [timeout]
slb real siptcp <real_name> <ip> [port] [max_conn]
[http | tcp | icmp | script-tcp | script-udp | sip-tcp | sip-udp | dns | none] [hc_up] [hc_down]
slb real sipudp <real_name> <ip> [port] [max_conn]
[icmp | script-tcp | script-udp | radius-auth | radius-acct | sip-tcp | sip-udp | dns | none] [hc_up]
[hc_down]
[timeout]
slb real rtsp <real_name> <ip> [port] [max_conn]
[rtsp-tcp | tcp | icmp | script-tcp | script-udp | dns | none] [hc_up] [hc_down] [timeout]
slb real rdp <real_name> <ip> [port] [maxconn] [tcp | icmp | none] [hc_up] [hc_down]
slb real radauth <real_name> <ip> [port] [max_conn]
[icmp | script-tcp | script-udp | radius-auth | radius-acct | dns | none] [hc_up] [hc_down] [timeout]
slb real radacct <real_name> <ip> [port] [max_conn]
[icmp | script-tcp | script-udp | radius-auth | radius-acct | dns | none] [hc_up] [hc_down] [timeout]
These commands allow the user to configure specific parameters for the actual service. Does not allow
two different services with the same name actually. Must first establish a true
Service before they join the SLB group.
real_name real alphanumeric service name, and supports up to 40 characters.
If the name of the configuration starts with a number, the string should be enclosed in double quotes
The. Whether it is uppercase or lowercase, real service name is not entered Chapter 7 server load
balancing (SLB)
2013 Teamsun
All rights reserved
72
Could be reserved for the system word - "default", "all" or "global".
ip specify the actual server's IP address can be an IPv4 or IPv6 address.
In addition to RDP, SIPUDP and SIPTCP outside, IPv6 addresses applies to all
Type SLB configuration.
port real answer incoming requests for service port number, this parameter takes
Value range is 0-65535. The default value is HTTP 80, FTP default
Value is 21, the default value is 53 DNS, HTTPS the default value is 443,
The default value is 554 RTSP, RADIUS authentication default value is 1812,
RADIUS accounting default value is 1813, the default value is 3389 RDP,
The default value SIP TCP and SIP UDP is 5060. TCP or UDP
There is no default port settings. If the port is 0:00, it is a port Fan
Wai real service, its port range is considered to be all-port.
max_conn set the maximum number of open connections for each real server. The default value
1000. The maximum number affected by the real server performance. If that
Given the maximum number of servers can support more than real level, even supplement
Access will not be established.
http | tcp | icmp | tcps
| dns | srcipt-tcp | script-u
dp
| radius-auth | radius-acc
t
| sip-tcp | sip-udp | rtsp-tc
p
| https | script-tcps | ldap | n

one
To determine the actual service availability and the implementation of a health check type. The default
setting
Set: UDP using "icmp", FTP, HTTP, TCP, HTTPS,
TCPS using "tcp", DNS using the "dns", RTSP uses "rtsp-tcp",
RADIUS accounting using "radius-acct", RADIUS authentication,
"Radius-auth", SIP TCP uses "sip-tcp", SIP UDP use
"Sip-udp".
When the port is 0:00, the actual service can only be used "icmp" or "none" health
Check the type.
"Ldap" health check type can be configured for TCP real service.
Before hc_up service marked "up", health check showed the number of successes.
The range of this parameter is 1-255. The default value is 3.
hc_down before the service is marked as "down", health check results are displayed as "failed"
Times. The range of this parameter is 1-255. The default is 3 times.
timeout optional parameters. The actual service connection timeout in seconds. Only through Chapter 7
server load balancing (SLB)
2013 Teamsun
All rights reserved
73
Over UDP, RADIUS authentication or RADIUS accounting actual service,
Only need to configure this parameter. The range of this parameter is 1-1,000,000
Seconds. The default timeout is set to 60 seconds.
slb real ip <real_name> <ip> [max_conn] [icmp | none] [hc_up] [hc_down] [udp_timeout]
This command is used to Layer 3 IP load balancing configuration. It allows users to add a new real
service, the service type is "IP". Must first establish a true
Real service, you can add it to the SLB group. Layer 3 load balancing real service can support both TCP
and UDP protocols. Real Services
TCP session to comply "system tune tcpidle <idle_time>" Global Settings command specified.
real_name real service name is represented by an alphanumeric string, can support up to 40

Characters. If you configure the service name begins with a number, the string must be put
In double quotes. Whether it is true service uppercase or lowercase input
Name system can not be reserved words - "default", "all" or
"Global".
ip real IP address of the service. The address can be an IPv4 or IPv6 format.
max_conn optional parameters. Most TCP and UDP connection settings for each real service
Large quantities. The default value is 1000. The maximum number of server performance under actual
Affected. If the maximum number specified exceeds the actual server can support
Level, supplementary connection will not be established.
icmp | none Optional parameters. The actual service availability check type, the default is "icmp".
hc_up before the service is marked as "up", shown as the number of successful health check. The
The range parameter is 1-255. The default is 3 times.
hc_down service marked as "down" before checking the number displayed as a failure. The reference
Number in the range of 1-255. The default is 3 times.
udp_timeout real service UDP session timeout value (in seconds). This parameter ranges
1-1,000,000 seconds.
slb real l2ip <real_name> <real_ip>
This command allows the user to create a Layer 2 IP address is the real service load balancing operations
and protocols. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
74
An alphanumeric string real_name real service name, up to 40
Characters. If the name of the configuration starts with a number, the string should be placed in double
quotes
Number. Whether true or service names are uppercase or lowercase, are entered
Can not be a system reserved word - "default", "all" or "global".
real_ip specify the IP address of the real server. Can be IPv4 or IPv6 format.
slb real l2mac <real_name> <real_mac> <output_interface>

This command allows the user to create a Layer 2 MAC address is the true load balancing service
operations and protocols.
real_name constituted by an alphanumeric string representing the name of the real service, up to
Supports 40 characters. If the name of the configured start with a number, the word
String must be enclosed in double quotes. Whether it is uppercase or lowercase input
The real name of the service system can not be reserved words - "default",
"All" or "global".
MAC address real_mac real server in the format AB: CD: EF: GH: IJ: KL.
output_interface real service output interface.
health ipreflect <reflector_name> <ip_address> <port> [protocol]
This command is used for the first two layers SLB TCP health check configuration reflector. The health
check reflector up and running on another AS device.
reflector_name reflector name, up to 40 characters.
IP address ip_address reflector binding. 0.0.0.0 means that any device on the AS
IP addresses.
port health checks reflector listening port.
type protocol health check. Currently only supports TCP.
no health ipreflect <reflector_name>
This command is used to delete the specified reflector configuration.
clear health ipreflect Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
75
This command is used to clear all the reflector configuration.
show health ipreflect
This command is used to display all the reflector configuration.
no slb real {http | tcp | ftp | udp | tcps | https | dns | siptcp | sipudp | rtsp | rdp | radauth | radacct}
<real_name>
This command is used to delete the specified real service name. If true service is a member of any group,
the service will be removed from these groups.
show slb real {http | tcp | ftp | udp | tcps | https | dns | siptcp | sipudp | rtsp | rdp | radauth | radacct}
[real_name]
This command is used to display the specified real service name and protocol. If you do not specify the
actual service, this command will display all the real service specified protocol
Works.
show slb real all
This command displays all defined services and all related real parameters.
clear slb real {http | tcp | ftp | udp | tcps | https | dns | siptcp | sipudp | rtsp | rdp | radauth | radacct}
This command is used to delete all the real service has been configured under the specified protocol.
no slb real ip <real_name>
This command is used to remove the layer 3 real service specified name. If the actual service is a
member of any group, it will be deleted from all groups
In addition.
show slb real ip [real_name]
This command displays all defined Layer 3 services or designated real real service.
clear slb real ip
This command is used to delete all the true definition of Layer 3 services.
no slb real l2ip <real_name>
This command is used to delete based on Layer 2 IP and specify the actual service name. If the actual
service is a member of any group, it will be from
These groups removed.
no slb real l2mac <real_name> Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
76
This command is used to delete the specified name, and based on real service Layer 2 MAC addresses. If
the actual service is a member of any groups, the
Service will remove these groups.
show slb real {l2ip | l2mac} [real_name]

This command displays all the true definition of a Layer 2 service or a specified real service.
clear slb real {l2ip | l2mac}
This command is used to delete all the true definition of Layer 2 service.
show statistics slb real radauth [real_name]
This command displays statistics for the specified RADIUS Authentication real service. If you do not
specify the actual service, show all
RADIUS Authentication of real service.
show statistics slb real radacct [real_name]
This command is used to display real service statistics for the specified RADIUS Accounting. If you do not
specify the actual service, then displays all RADIUS
Accounting real service statistics.
slb real enable <real_name>
This command is used to enable a real service, so that data can be transmitted thereto. This is the
default state of the real service.
slb real activation <real_name> <recovery_time> [warm-up_time]
This command is used to set up a real service recovery and warm-up time.
real_name real service name, composed of alphanumeric strings. Note: If equipped
Set the name begins with a number, the string must be enclosed in double quotes.
recovery_time the time period in seconds flat. When the operational status of a service from a true off
Sleep to active transition, the service at this time entitled to receive from clients
Request. Once this period ends, AS device will be sent to customer requests
The actual service delivered.
warm-up_time optional parameters. Seconds for a period of time, in a real service restored
After the complex for active, slowly client requests sent to the real service for the
It gradually reaches a predetermined level of treatment. At the end of this time, the real service
Ability to achieve its maximum number of connections. If the parameter value is set to 0 (default
Recognize the value), then the real service will immediately reach the largest Chapter 7 server load
balancing after the recovery time (SLB)
2013 Teamsun
All rights reserved

77
Handling capacity.
Administrators can "show statistics slb real" command to check the status of a real service just enabled.
As shown in the following examples, really
After the real service is enabled, its status is displayed first as "UP (softup)", indicates that the service is
in a recovery phase. At this stage, the connection request will not turn
Sent to this real service.
0.10 80 tcp ACTIVE
no slb real activation <real_name>

This command is used to delete the specified real service recovery and warm-up time settings.
show slb real activation <real_name>
This command is used to display the recovery and warm-up time settings specify real service.
slb real application cps <real_name> <max_cps>
This command is used to configure the service to specify the maximum allowable real connections (CPS)
per second, in order to avoid overflow device appears.
real_name This parameter is used to specify the name of a real service. The name should
String is alphanumeric. Please note that if you specify
Names begin with a number, the string should be enclosed in double quotes.
max_cps This parameter is used to specify the maximum number of connections per second input
ranges
To 1-4294967295.
Note: Currently, only TCP / TCPS, HTTP / HTTPS, FTP / FTPS, UDP and RDP types of real services and
virtual service to
CPS set limit. In addition, if the real server pc, ph, pi, pu, sslsid, chi, sipcid, sipuid, chh and rdprt
Groups methods are configured, they set the CPS does not recommend restrictions.
no slb real application cps <real_name> Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
78
This command is used to delete the specified real service allows the maximum number of connections
per second.
show slb real application cps [real_name]
The command on a specified maximum number of connections per second real service configuration for
display. If you do not specify the actual service, the command will display all true service
The maximum number of connection configuration.
clear slb real application cps
This command is used to delete all the real service maximum number of connections per second
configuration.
slb real disable <real_name>
This command is used to disable a real service.
In the default setting, when a real service is disabled or deleted, SLB AS device will not be sent to a real
service has been disabled
If the request. However, for use cookie-based real service group method and load balancing strategies,
for example Persistent Cookie (PC),
Insert Cookie (IC), Rewrite Cookie (RC), SLB will still match an existing session cookie request to disable
the real service,
In order to ensure continuity of service. However, the new session request will be sent to other real
service in working condition. This feature is called "Graceful
Shutdown ".
The following is an example of Graceful Shutdown of:
After disabling the name of "service" real service, users can "show statistics slb real" command to check
the real status of the service.
DOWN
s
The above output information indicates that, "service" is displayed as "INACTIVE (waiting)" represents
the true service is still processing connection requests, that it is still
In "Graceful Shutdown" stage. In this process, the session request matches the cookie will continue to
be forwarded to the actual service, and from new customers
Connection requests were forwarded to other real service in working condition.
After a period of time, the user can run "show statistics slb real" command to check the real status of
the service again. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
79
onse time: 0.000 ms

Above output information indicates "service" status now appears as "INACTIVE (suspend)", which
indicates that it has been completely shut down.
health interval <interval> <server_timeout>
This command is used to set the health check and health check timeout interval.
health check interval specified time interval value in seconds, in the range of
1-1,000,000 seconds, the default is 5 seconds.
server_timeout optional parameter that specifies the real server or service needs to wait a long time
before
You can respond to the health check request. The value of this parameter is
1-1,000,000 seconds, the default is 5 seconds.
health request <request_index> <request_string>
This command is used to index the specific health check request form to add specific "request_string".
The string can be any valid string,
The maximum length is 510 characters. Please note that any string that contains spaces must be
enclosed in double quotes. Index values must be between 0-999.
To overwrite an existing request string, simply enter the new command. To delete an item, use the "no
health request" command.
no health request <request_index>
This command is used to specify the index health check request form health check request to restore
the default request, namely "HEAD / HTTP / 1.0 \ r \ n \ r \ n".
show health request [request_index]
This command is used to display a specified health check request or the entire health check request
form.
request_index optional parameters. Index values request should be located between 0-999. If you do
not
Specify "request_index" parameter or specify it as 65535, then Chapter 7 server load balancing (SLB)
clear health request

This command is used to request a health check list of all the health check request to restore the default
request, namely "HEAD / HTTP / 1.0 \ r \ n \ r \ n".
health response <response_index> <response_string>
This command is used in the health check request form to add the specified index specified
"response_string". The string can be any valid string, the most
Great length of 510 characters. Remember, if the string contains spaces, it should be enclosed in double
quotes. Index values must be between 0-999.
The string must be in line with a request to respond to the string "health server" command
requirements.
For example:
"200 OK" response to a list of strings have been placed in the first five rows.
no health response <response_index>
This command is used to respond to a list of specified index health check health check response to reset
to the default response status, namely "200 OK".
show health response [response_index]
This command specifies the entire health check respond or to respond to a list of health checks for
display.
response_index optional parameters. In response index value must be between 0-999. If you do not
refer to
Fixed "response_index" parameter or specify 65535, the command
Show all Health Response Form content.
clear health response
This command is used to respond to the health of the table all the health response to revert to the
default response, namely "200 OK".
health server {real_name | add_hc_name} <req_index> <res_index>
This command is used to respond to the real server and request a specific index matching table
(request_index and response_index). For this true service
The HTTP health check will receive a request to respond to respond to these requests in the table index.
This command is only attached to the real service and http / https type
Plus health checks take effect. Otherwise, this configuration will not work.
real_name | add_hc_na real server name. Name a maximum length of 40 characters. Chapter 7 server
load balancing (SLB)
2013 Teamsun
All rights reserved
81
me
request_index request in response to a specific request for a table row index.
response_index request to respond to the table in response to a specific row index.
no health server {real_name | add_hc_name}
This command will specify the request and respond to health checks server back to the default state,
including redundant server health checks.
show health server [server_name]
This command is used to display all ACTIVE real server health. "Server_name" is an optional parameter.
If you specify a server name
That displays the specified real server health. If by "slb real disable" command to disable a real service,
its health status
Will not be displayed by this command.
For example:
health server
----------------------------------- Server Status ------------ --------------
----------------------------------- Health Check ------------ --------------port status hct rqr rpr checklist
------------------------------------------------- ---------------------------
clear health server

This command is used to request and respond to all health checks server back to the default state.
health import request <index> <url>
This command is used to import a health check request files from a remote URL.
index recently introduced into the index of the requested file.
URL url import files. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
82
health import response <index> <url>
This command is used to import a file from a remote health check URL.
index index in response to the recent import documents.
URL url import file used.
health load request <index>
This command is used to import a healthy request file is loaded into memory.
index need to load the index file requests.
health load response <index>
A health check response to this command is used to import the file is loaded into memory.
index index in response to a file to be loaded.
show health import request <index> [output_mode]
This command is used to display the request file to import the specified index.
output_mode optional parameters. Can be "binary" or "text" format, the default is
"Binary" format.
show health import response <index> [output_mode]
This command is used to display a specified index of the import response document.
output_mode optional parameters. Can be "binary" or "text" format, the default is
"Binary" format.
no health import request <index>
This command is used to import the request to delete the specified index file.
no health import response <index> Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
83
This command is used to delete the specified index of the import response document.
clear health import request
This command is used to clear all imported request file.
clear health import response
This command is used to clear all imported response file.
7.3 add items and health check health check list of items
health {on | off}
This command allows the user to enable or disable the health check. Enabled by default.
Note: When you disable the health check feature, run "health on" command to reset the counter health
checks for early warning.
health checker <checker_name> <request_index> <response_index> [timeout] [flag]
This command allows the user to create a health check items.
checker_name item name to check the configuration. The maximum length of the name is 40
characters.
If the name begins with a number, then the name should be enclosed in double quotes.
index table elements request_index request contains information to be sent, ranging
0-999.
response_index respond table element index contains the expected response to patterns, ranging from
0-999.
The health check item timeout timeout interval, the default value is 3 seconds.
flag success or failure flag, binary or ASCII flag. Ranges from 0,
1,2,3. The default setting is 1.
0 indicates when the response to a string containing the "health response" preWhen defined string matching, HC server will be marked as DOWN.
Requests and responses string should be entered in ASCII format.
1 In response should match the expectations expressed in response mode, HC smoothly, requesting
2013 Teamsun
All rights reserved
84
And respond should be entered in ASCII format.
2 shows the response to a string containing the command "health
response "predefined string match, HC will mark the server
Is DOWN. Requests and responses should be entered in HEX format string.
3 shows the response to be expected to respond to pattern matching, HC smoothly, please
Sum respond to HEX format should be entered.
no health checker <checker_name>
This command allows the user to clear the specified health checks.
checker_name for health check items specified name. If the name begins with a number, the name
Said should be placed in double quotes.
show health checker [checker_name]
HC inspection items specified in this command is used to display. If you do not specify the HC to check
the entry name, then display all of the HC checks.
clear health checker
This command is used to clear all configurations HC checks.
slb real health <add_hc_name> <real_name> <ip> <port>
[http | https | tcp | icmp | dns | ldap | script-tcp | script-udp | script-tcps | sip-tcp | sip-udp | rtsp-tcp]
[hc_up]
[hc_down]
This command defines additional health checks for existing real server.
add_hc_name additional health checks names. Whether it is attached to uppercase or lowercase input
Plus health check is the system name can not be reserved words - "default",
"All" or "global".
real_name represents the name of the real service, is a string of letters and numbers.
If the specified name from the beginning of the number, the string should be enclosed in double quotes
The.
IP address ip additional health check. Can be IPv4 or IPv6 format. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
85
Additional health checks port port number to use. For Layer 2 SLB health check
Check or "icmp" health check type, port number must be set to 0.
http | tcp | icmp | tcps | dns |
ladp | srcipt-tcp | script-u
dp
| radius-auth | radius-acc
t
| sip-tcp | sip-udp | rtsp-tc
p
| https | script-tcps
Additional health check type, default is tcp.
ldap additional health checks can be configured for TCP real service.
If the "ip" parameter is assigned an IPv6 address, additional health checks category
Type is not supported TCPS, RADIUS-AUTH,
RADIUS-ACCT, SIP-TCP, SIP-UDP and RTSP-TCP.
hc_up service marked as "up" before the required number of successful health checks carried out. Mo
Default is 3.
hc_down service marked as failed health checks required before the number of "down" conducted.
The default is 3 times.
no slb real health <add_hc_name>
This command is used to clear the specified additional health check configuration.
show slb real health [real_name]

This command is used to display a specified real service SLB additional health check configuration. If you
do not specify the actual service, additional display all SLB
Health check configuration.
clear slb real health [real_name]
This command is used to clear the specified real service SLB additional health check configuration. If you
do not specify the actual service, it will clear all SLB additional health
Kang check the configuration.
show health template {ftp | telnet | smtp | ldap | radius-auth | radius-acct | all}
This command is used to display application health check configuration instance information. If you
specify the application protocol, only instance of this protocol is displayed. "All" indicates displayed
There are instances. Currently, support for the following application health check type: ftp, telnet, smtp,
ldap, radius-auth, and radius-acct.
health list <list_name>
This command is used to specify a new check list of items HC. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
86
list_name HC checklist for a specified name. The maximum length of a list of names
To 40 characters. If the list of names beginning with a number, it should be placed in double
Quotes.
no health list <list_name>
This command allows the user to delete the specified checklist HC.
list_name HC checklist for a specified name. If a list of names to the number of
The beginning of the word, the name should be enclosed in double quotes.
clear health list
This command is used to delete a list of all configured HC checks.
health member <list_name> <checker_name> [place_index]
This command is used to add an item to a HC checking the check items list. The maximum number of
members of a check list of items is 10. If not specified
"Place index", the HC HC check items will be added to the list of the last inspection; number of items if
the "place index" is greater than the check list of items, the
The HC check items will be added to the HC to check the list of items last; otherwise, HC check items will
be added to specify the location of HC check list of items.
list_name HC checklist for a specified name. Check the list of the biggest names
Length of 40 characters. If the name check list of items to start with a number,
The name should be enclosed in double quotes.
checker_name to check items specified name. The maximum length of the name check items for 40
Characters. If the name begins with a number, it must be placed within double quotes.
place_index optional parameters, check the list of specified location. The default setting is 0. Value
In the range of 0-10. If this parameter is not specified, the new entry will be added to check
HC final checklist. Users can use the "show health list" command,
See HC order to check the list of items. Note: "place index" parameter
The value is not saved in the configuration.
no health member <list_name> <checker_name>
This command is used to specify the HC check items removed from the list of HC AppHC check items
specify. Check the items are cleared after HC, HC behind it
Check the items will automatically forward a. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
87
clear health member <list_name>
The command to remove a check list of items HC HC check all items.
show health list [list_name]
Check the list of items specified list of items and the inspection of all checked items HC This command
displays. If the HC check item list name is not specified, explicit
Shows a list of all checked items in the list and all the check items in all HC checks.
health app {real_name | add_hc_name} <list_name> [frequency] [hc_localip] [hc_localport]
This command allows the user to check the items specified in the list of HC added a health check items.
If a health check (by "slb real" configuration) is a
HC non-empty list item checked, then check the items in the list by HC term health checks. Otherwise,
the command will be "health server" command
Order or configure the default request request and respond and restore health checks. This order
applies only real service or with a script attached health checks,
Such as script-tcp, script-udp and script-tcps. Otherwise, this configuration will not work.
real_name | add_hc_na
me
The names of actual server or additional health check items, the maximum length of 40
Characters.
Specify the name list_name HC check list of items. The maximum length of a list of names of 40
Characters.
frequency optional parameter that specifies the frequency of health check HC. The default frequency is
2,
In seconds.
hc_localip &
hc_localport
Optional. Local IP and port health checks to use. As
Fruit "hc localip" and / or "hc localport" is not specified, the system will indeed
Fixed local IP and port.
If multiple health checks to the same IP and port to be configured, some
Health checks will not work. NetFOS will provide the following information: "Warning:
The local port may have been other health checks using the health check may
Can not be normal. "
no health app {real_name | add_hc_name} <list_name>
This command allows the user to delete the specified list of items associated with health screening and
health checks between.
show health app [real_name | add_hc_name]
This command is used to display information about a specified health check. Chapter 7 server load
balancing (SLB)
2013 Teamsun
All rights reserved

88
clear health app
This command is used to delete all the associated health screening and health check list of items
between.
health radius auth {real_name | add_hc_name} <secret_string> <username> <password>
[resp_code] [attr_list]
This command is used to set up health checks for Radius server authentication function. Teamsun AS
device sends an authentication request to the Radius packet,
If the Radius server through a series of Radius authentication protocol handshake procedure returns the
expected response, then prove that the Radius server is working properly, whether
Then there is a fault. This order applies only real service or radius-auth type of additional health checks.
Otherwise, this configuration will not work correctly.
me
Real server or additional health check item name, the maximum length should not exceed
40 characters.
secret_string the secret key string to encrypt passwords, should advance from the real server
Get.
resp_code optional parameters. Set the Radius server is expected to return in response mode,
Health status can be used to set the Radius server. This parameter can be
Set to 2 or 3, the default value is 2.
2: Accept Radius visit. The "resp_code" is set to 2, and enter
When the correct user name and password, if Radius server returns back
Should mode 2, Radius servers were marked as UP, otherwise it is marked
Recorded as DOWN.
3: Radius refused access. The "resp_code" is set to 3, and the output
When the password is wrong, if the Radius server returns a response to mode 3,
Radius servers were marked as UP; otherwise, the server is marked
Is DOWN.
attr_list optional parameters. Currently, only "NAS-IP-Address" and "NAS-Port"

Two properties. You can configure the properties of a list of strings in the following format:
"Attribute-name1 = attribute-value1, attribute-name2 = att
ribute-value2 "
Spaces are not allowed the string, the length of each value must be less than 32
Characters. Key / value pairs must be used ',' separated.
For example: Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
89
"NAS-IP-Address = 192.168.1.2, NAS-Port = 2012".
no health radius auth {real_name | add_hc_name}
This command is used to clear the specified Radius authentication health check configuration.
clear health radius auth
This command is used to clear all the Radius authentication health check configuration.
show health radius auth [real_name | add_hc_name]
This command is used to display the Radius authentication health check configuration. If there is no real
service name or additional health check name is not specified, will be displayed
There Radius authentication health check configuration.
health radius acct {real_name | add_hc_name} <secret_string> [resp_code]
This command is used to configure the billing health checks for Radius server. This order applies only
real service or radius-acct type of additional health checks.
Otherwise, this configuration will not work correctly.
me
Real server name, the maximum length is 40 characters.
secret_string The secret string is used as the encryption key password, should advance from the real
service
Acquires.
resp_code optional parameters. Radius server is expected to respond mode set to return,
Can be used to determine the health of the Radius server. The default value is 5.
5: Radius accounting response. The "resp_code" is set to 5:00, if
Radius server returns a response mode 5, Radius server is
Is marked as UP, otherwise it is marked as DOWN.
no health radius acct {real_name | add_hc_name}
This command is used to clear the specified Radius accounting health check configuration.
clear health radius acct
This command is used to clear all Radius accounting health check configuration.
show health radius acct [real_name | add_hc_name] Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
90
This command is configured for Radius accounting health check display. If the actual service name or
additional health check name is not specified, then display all
Radius accounting health check configuration.
clear health radius all
This command is used to clear all billing and Radius authentication health check configuration.
health ldap {real_name | add_hc_name} [bind_dn] [password] [search_dn] [filter_keyword]
This command is used to add LDAP health check configuration to the specified real server. LDAP
supports TCP additional health checks only real service. In addition,
This order applies only real service or ldap type of additional health checks. Otherwise, this
configuration will not work correctly.
me
Real server name or additional health check item name, maximum length of
40 characters.
LDAP distinguished name (DN) bind_dn used to bind operation, the maximum length of 255
Characters.
DN password password Specifies the maximum length of 255 characters.
search_dn implementation DN search to be used, the maximum length of 255 characters.
filter_keyword filter for searching password, maximum length of 255 characters. Use
Password configured filtering, LDAP server returns that match the filter set
Set results. If you do not search your password, then returns all matches
"Search_dn" results. Recommended to specify more accurate "search_dn"
Parameters related to reduce network traffic.
no health ldap {real_name | add_hc_name}
This command is used to clear the specified LDAP health check configuration.
me
Real server or additional health check item name.
clear health ldap
This command is used to clear all LDAP health check configuration.
show health ldap [real_name | add_hc_name] Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
91
This command is used to display the LDAP health check configuration. If the actual service name or
additional checks name is not specified, then all current LDAP display
Configuration.
me
Real server or additional health check item name.
health relation <real_name> <relationship>
This command is used to set the relationship between different health check configuration. When TSD
when the logical relationship, if any of the failed health check in (package
Including basic and additional health check configuration), the real service will fail. When the logical
relationship for OR and only when all health checks fail, really
Real service will fail. For a new real service, the default health check relationship TSD.
real_name real service name, string type.
Check the configuration of the relationship between health relationship is different, can be TSD or OR.
show health relation <real_name>

This command is used to display a real relationship health check service.
health failover {enable | disable}
When all the background real service not available, this command is used to enable or disable automatic
failover feature. The default is to disable the automatic failover feature.
When this setting is enabled and all the real servers are not available, the main cluster will switch to the
standby cluster. If a device is all real clothes AS
Service configuration health check marks are unavailable for the cluster function of the AS device will be
disabled, other devices will take over AS traffic. As long as
AS a real server health check device configuration is marked as UP, AS clustering capabilities of the
device will be re-enabled. If its mode
Have preemptive rights, the AS device will take over traffic.
health failover retries <number_of_retries>
This command is used to attempt to re-set the number of times before failover. The default is 3 times.
health earlywarning <threshold>
This command is used to service all real response time setting global threshold, enabling early health
warning function AS device. If true service
The response time exceeds a threshold, indicating that the real server response is too slow, possibly in
an abnormal state.
After this feature is enabled, AS device will detect the real server to respond to the situation more than
the threshold value, and set a record of such an event occurring counter
Time. According to these records, AS device will create "Warning" log, notify administrators real server
is in an abnormal state.
This feature is disabled by default. The health check is not configured real servers, this feature is
unavailable. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
92
threshold set response time threshold in milliseconds. This parameter ranges
0-60,000 ms. 0 indicates that this feature is disabled.
Description:
1 only when the record value of the real server response time duration exceeds a threshold power of 2
(1,2,4,8 ......), AS device will record "Warning"
Log. Once the response time of return to normal levels, i.e., does not exceed the threshold value, the
original record will be cleared. Counter starts again record.
2 counter can store up to 1,024 records. If the record number of more than 1,024, the counter is reset to
0, and start counting.
clear health earlywarning
This command is used to reset the early warning threshold, while early warning counter is reset.
show health earlywarning
This command is used to display the setting early warning threshold.
Description: After disabling health check function, run "health on" early warning command will reset the
counter.
show statistics health [real_name]
This command is used to display a specified service SLB real basic and additional health check statistics.
If "real_name" parameter is not specified, explicit
Statistics show that all health checks SLB real service.
For example:
s cause: Tcp connection successful
2013 Teamsun
All rights reserved
93
atest health status cause: Tcp connection successful
clear statistics health

This command is used to clear all configured SLB real basic services and additional health check
statistics.
7.4 Adding virtual services
slb virtual http <virtual_name> <vip> [vport] [arp | noarp] [max_conn]
slb virtual https <virtual_name> <vip> [vport] [arp | noarp] [max_conn]

slb virtual tcp <virtual_name> <vip> <vport> [arp | noarp] [max_conn]
slb virtual tcps <virtual_name> <vip> <vport> [arp | noarp] [max_conn]
slb virtual ftp <virtual_name> <vip> [vport] [max_conn]
slb virtual ftps <virtual_name> <vip> [vport] [max_conn]
slb virtual udp <virtual_name> <vip> <vport> [arp | noarp] [max_conn]
slb virtual dns <virtual_name> <vip> [vport] [arp | noarp] [max_conn]
slb virtual sipudp <virtual_name> <vip> [vport] [arp | noarp] [max_conn]
slb virtual siptcp <virtual_name> <vip> [vport] [arp | noarp] [max_conn]
slb virtual rtsp <virtual_name> <vip> [vport] [mode] [arp | noarp] [max_conn]
slb virtual rdp <virtual_name> <vip> [vport] [arp | noarp] [max_conn] Chapter 7 server load balancing
(SLB)
2013 Teamsun
All rights reserved
94
slb virtual radauth <virtual_name> <vip> [vport] [arp | noarp] [max_conn]
slb virtual radacct <virtual_name> <vip> [vport] [arp | noarp] [max_conn]
These commands allow the user to create virtual services for load balancing operations and protocols.
For aggregation and VLAN interface, only the IP address belongs to a subset of their own
Virtual services are allowed to be created.
virtual_name virtual service name, alphanumeric, maximum length is 40 characters
Character. If the specified name begins with a number, the string should be placed in double quotes
Number. Whether it is uppercase or lowercase, entered the virtual service names are
Can not be a system reserved word - "default", "all" or "global".
vip IP address specified virtual service can be IPv4 or IPv6 format.
In addition to RDP, SIPUDP and SIPTCP outside, IPv6 addresses are intended for
All SLB configuration type.
Description: VIP can not be a system interface IP address. If the VIP is not a
At any interface subset, it will be bound to the first interface (port1),
And displays a warning message.

vport virtual server port. The default port is set to: HTTP, 80; HTTPS,
443; DNS, 53; FTP, 21; RTSP, 554; RADIUS recognize
Certificate, 1812; Radius accounting, 1813; SIP UDP and SIP TCP,
5060; RDP, 3389; FTPS, 990. This is the TCP and UDP
Required parameters.
When the port is 0:00, then allow virtual service port range is all ports,
By "slb virtual port" command narrow range.
The parameters for the RTSP SLB mode settings. Can be set to "redirect" or
"Nat". The default is "redirect".
arp | noarp Specifies whether to support ARP (ARP). The default value of this parameter
For the "arp".
When using the "noarp", IP address of the virtual services will not be added to the network
Interface. Therefore, IP address of the virtual services can not ping or ARP
Detected. Customers can without knowing the IP address of the virtual services,
Send packets directly to the IP address of the real server. In this case
Next, AS equipment should be configured as a client gateway. After some SLB treatment, Chapter 7
2013 Teamsun
All rights reserved
95
For example after the SSL acceleration, AS device data will be forwarded to the real server.
max_conn set the maximum number of open connections per virtual service. The default value is 0.
slb virtual ip <virtual_name> <vip>
This command allows the user to layer 3 load balancing operations and protocols to create SLB virtual
service. This type of virtual services can support TCP
And UDP protocols.
slb virtual l2ip <virtual_name> <vip> [gateway_ip]
This command allows the user to load balancing operation creates Layer 2 virtual services.
virtual_name virtual service name, represented by an alphanumeric string of up branch

Hold 40 characters. If the specified virtual service names start with a number,
The string should be placed in double brackets. Whether it is uppercase or lowercase, are lost
Into virtual service names are reserved words can not be the system
- "Default", "all" or "global".
vip IP address specified virtual services can be IPv4 or IPv6 address.
Note: If the VIP is not in any subset of the interface, it will be bound to
On the first interface (port1), while warning message is displayed.
gateway_ip specify the IP address of the gateway IP address associated with the virtual. The default IPv4
address
The default value is 0.0.0.0 and IPv6 address ::.
no slb virtual {http | tcp | https | tcps | ftp | ftps | udp | dns | siptcp | sipudp | rtsp | rdp}
<virtual_name>
This command allows the user to remove the specified virtual service from the load balancing
agreement and all related policies.
no slb virtual l2ip <virtual_name>
This command allows the user to clear the specified Layer 2 virtual service from the load balancing
agreement and all related policies.
show slb virtual {http | tcp | https | tcps | ftp | ftps | udp | dns | siptcp | sipudp | rtsp | rdp}
[virtual_name]
This command is used to display the specified virtual service, if no name is specified, displays all virtual
services specified under the agreement.
show slb virtual all
This command displays all defined virtual services and all relevant parameters.
show slb virtual l2ip [virtual_name]
This command displays all defined Layer 2 virtual service or the specified virtual service.
clear slb virtual {http | tcp | https | tcps | ftp | ftps | udp | dns | siptcp | sipudp | rtsp | rdp}
This command is used to clear all virtual services under a particular protocol type.
no slb virtual ip <virtual_name>
This command is used to delete the specified virtual service name Layer 3 IP Address.
show slb virtual ip [virtual_name]

This command displays all defined Layer 3 virtual service or the specified virtual service.
clear slb virtual ip
This command is used to clear all defined Layer 3 virtual services.
show statistics slb virtual radauth [virtual_name]
This command is used to display the RADIUS authentication statistical information specified virtual
service. If the virtual service is not specified, displays all RADIUS authentication
Virtual statistics service.
show statistics slb virtual radacct [virtual_name]
This command displays statistics for the specified virtual RADIUS accounting services. If the virtual
service is not specified, displays all RADIUS accounting
Virtual Service statistics.
slb virtual {enable | disable} <virtual_name>
This command is used to toggle the state of the virtual service. When a virtual service is disabled, can
not be used for SLB.
slb virtual application cps <virtual_name> <max_cps>
This command is used to configure the specified virtual maximum number of connections per second
(CPS) allows the services to avoid the application of the overflow.
virtual_name This parameter is used to specify the virtual service name, the name should be a letter
Numeric string. Please note that if you specify the name of the digital open
Head, the string should be placed within double quotes. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
97
max_cps This parameter specifies the maximum number of connections per second. Ranges
To 1-4294967295.
no slb virtual application cps <virtual_name>
This command is used to delete the specified maximum number of connections per second virtual
service.
show slb virtual application cps [virtual_name]
The maximum number of connections per second, this command configured for the specified virtual
service for display. If the virtual service is not specified, then the best display of all virtual services
A large number of connections.
clear slb virtual application cps
This command is used to clear all configuration largest virtual service connections per second.
slb virtual health {on | off}
This command is used to enable or disable the virtual server health checks. Check function is enabled, all
real services associated with the virtual service if both fail,
AS device will reset input connection.
show slb summary [virtual_name | vlink_name]
This command displays the settings for a specified virtual service or vlink's. If you do not specify
"virtual_name | vlink_name" parameter will be displayed
Vlink all virtual services and related settings.
For example:
.235 80 arp 0
"hc_1" "r1" 10.8.6.45 80 tcp 3 3
2013 Teamsun
All rights reserved
98
-forwarded-for insertion: disable
http rewrite body on "v1"

-Forwarded-For"
show statistics slb summary [virtual_name | vlink_name]

This command is used to display the specified virtual service or vlink relevant statistical information. If
you do not specify "virtual_name | vlink_name" parameter, then
Displays statistics for all virtual services or vlink's.
For example:
statistics slb summary
er hits: 0 Chapter 7 server load balancing (SLB)

2013 Teamsun
All rights reserved
99
imes
ACTIVE
2013 Teamsun
All rights reserved
100
hits: 0
Note: If all "policy hits" (for example, "default hits") is not a non-zero value, then displays information
about the shooting, that virtual services, group
Groups and true service information.
7.5 Adding a port range for virtual service
slb virtual portrange <virtual_name> <min_port> <max_port> [protocol] [dst | src]
This command is used to "virtual name" parameter specifies the virtual service definition port range.
The port range is from "min_port" to "max_port". A
Repeatability port range of IP is not allowed. This order also applies Layer 2 and SLB port range. If a port
range is attached to a
SLB virtual service, only the network traffic within the port range to achieve balance. Otherwise, the
flow through only as traffic routes.
virtual_name name specified for the virtual service, in the form of a string. Note: If you mean
Given name begins with a number, the string should be enclosed in double quotes.
protocol optional parameters. This parameter can be selected from "all | udp | tcp" in. The default is
"all".
Only when the virtual service belongs to the second layer, this parameter is valid.
dst | src optional parameters. Refers to the destination port or source port. The default is "dst" port.
no slb virtual portrange <virtual_name> <min_port> <max_port> [protocol]
This command allows the user to clear the filter port range from the second layer virtual service.
ftp passive portrange <start_port> <end_port>
This command allows the user to passive FTP / FTPS data connection settings for the port range. Start
and end port should be located between 1024-65535, the user
20-1000 ports can be defined as a range of ports. Port range is globally available for FTP / FTPS virtual
services. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
101
start_port starting port number.
end_port end port number.
Please note that the end of the port, and the difference between the starting port number should be
greater than 19, less than
999. For example, if the starting port number is 2000, the end of the port Code
No minimum for 2019, up to 2999.

clear ftp passive portrange
This command allows the user to clear a port range settings.
show ftp passive portrange
This command allows the user to view a range of ports.
ftp passive externalip <virtual_name> <ip>
This command is used for FTP / FTPS specify the external IP address of the virtual service.
virtual_name virtual service name. Note: If you specify a virtual service name to Digital
The beginning of the string should be enclosed in double quotes.
ip external IP address.
no ftp passive externalip [virtual_name]
The command and delete the external IP address.
virtual_name virtual service name. Optional parameter, the default value is "all", said the removal of the
There FTP / FTPS external IP address of the virtual service.
show ftp passive externalip [virtual_name]
External IP address of the command for display.
virtual_name virtual service name. Optional parameter, the default value is "all", said the display of the
There FTP / FTPS external IP address of the virtual service. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
102
7.6 Add SLB Group Services
The following command is to establish and specify the load balancing protocol steps necessary to group
servers.
slb group method <group_name> [algorithm]
group_name Specifies the real service group name, which supports up to 40 characters.
Note: If the group name in characters other than numbers and non-alphabetic beginning,
The string should be enclosed in double quotes.
algorithm for balancing algorithm for real services within a group load. Optional parameters
Number. The default value is "rr". According to the algorithm may be, some algorithms may need to
specify
Additional parameters. The following are marked with an "*" parameter should specify additional
parameters.
i maintain IP *
2013 Teamsun
All rights reserved
103
Header *
Below these algorithms will be described in more detail.

slb group method <group_name> {rr | pu | sr}
Polling (rr): Each server will be based on its weight order services (if any). For example, if a weight of 3,
each server will be asked three times,
Then select the next server in the list.
The shortest respond (sr): Select the server based on the lowest latency.
Keep the URL (pu): based on the value to the URL. Using this algorithm group must associate a URL
policy by maintaining a virtual service.
slb group method <group_name> hc [rr | sr | lc] [weight | threshold]
Cookie name = method based on paired values only and remain associated Cookie Cookie Policy and
QoS. "Rr | sr | lc | lb" parameter is called the "first
Second selection method. "If a customer's service request has not been specified, this algorithm will
request the nature of the group selection method is suitable for the client based on
Choose a real service. The default value is rr. "Threshold" parameter applies only to "first choice
method" is "lc" situation, the group method lc threshold parameter and
Same.
slb group method <group_name> ic [cookie_name] [add_path] [rr | sr | lc] [threshold]
When you insert a Cookie (ic) algorithm is specified as a group, use this command structure, the user can
provide optional parameter "cookie_name", "add_path",
"Rr | sr | lc" and "threshold".
group_name Specifies the name of the real service group, a period of not more than 40 characters.
Note: If the group name starts with a number or non-alphabetic character, the character
String to be placed in double brackets.
cookie_name insert the name of the cookie. If no cookie name, AS equipment
Will generate a cookie name. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
104
add_path Cookie path attribute. The "add_path" is set to 1 will ensure that the insert
The cookie has a path attribute "/", 0 indicates cookie does not contain
Paths. The default setting is 0.
rr | sr | lc "rr | sr | lc" parameter refers to the "first choice method". If a customer please
Corresponding to the specified requirements of actual service yet, then according to a method adapted
to the group requested
Seeking nature of this algorithm will be used to serve customers choose real. The default value
As "rr".
threshold only when the "first choice method" is lc when to use
"Threshold" parameter, this situation is the same in the group method lc applicable
The threshold parameter.
slb group option ic <group_name> {expires | path | domain | secure | httponly}
The method allows to insert cookie AS has been associated with the server. This command is used to
define the nature of the cookie, including the "expires", "path",
"Domain", "secure" and "httponly" and so on.
To configure this command, the parameter "expires | path | domain | secure | httponly" must be
placed in double brackets and separated by commas; Otherwise, the command
Not run.
group_name Specifies the name of the group's services, can support up to 40 characters. Said
Description: If the group name starts with a number or non-alphabetic character string should
In double brackets.
expires | path | domain | s
ecure | httponly
Cooki properties.
e cookie, ranging
0 to 5.256 million, in minutes, that is 3,650 days. "Expires"
The format is: "expires = day: hour: minute". For example:
"Expires = 3" represents the effective period of the cookie for 3 minutes;
"Expires = 2: 3" represents the effective period of the cookie for two hours and three
Minutes, ie 123 minutes; "expires = 1: 2: 3" represents the cookie

Effective period of 1 day 2 hours and 3 minutes, or 1,563 minutes.
th
Ranging from a string of 1-128 characters. "Path" parameter
Format is: "path = string".
2013 Teamsun
All rights reserved
105
The cookie parameter access through this. Domain length ranges
1-128 characters. Format parameter is: "domain = string".
To "secure = yes | no". When set to "secure = yes", the

through the deployment of HTTPS cookie or other security protocols visit
Browser or server transfer. When set to "secure = no", the
cookie is only transmitted via HTTP protocol.
This visit. Format parameter is: "httponly = yes | no".

Description: The string "path" and "domain" will be defined as it is
Insert cookie. String is case sensitive, no spaces are allowed.
Description: The command "slb group option ic" configuration produced a higher priority than "slb
group method <group_name> ic" configuration.
If "slb group options ic" is not configured, the system will decide whether to press the command "slb
group method <group_name> ic" set
"Add_path" will "/" insert coookie.
If you configure the "slb group options ic":
1 If "slb group option ic" define the "path", the path value will be inserted cookie, the command "slb
group method
Path <group_name> ic "definition will be ignored.
2 If the "slb group option ic" undefined "path", the path value will not insert cookie, the command "slb
group method
Path <group_name> ic "definition will be ignored.
no slb group option ic <group_name>
This command is used to clear the specified group cookie feature, the algorithm is set to ic.
show slb group option ic [group_name]
This command is used to display the cookie feature designated group configuration, the group method
ic. If the group name is not specified, it will display algorithm for ic's
All Groups cookie feature configuration.
clear slb group option ic [group_name]
This command is used to clear the algorithm specified group ic cookie feature. If the group is not
specified, the display algorithm cookie ic of all groups
Feature configuration.
slb group method <group_name> rc [cookie_name] [offset] [rr | sr | lc] [threshold]
When rewriting cookie, need to use the command structure in which "cookie_name" is necessary
"offset" value ("offset" value refers to the backend server generates Chapter 7 server load balancing
(SLB)
2013 Teamsun
All rights reserved
106
the number of bytes in the cookie in need of protection). The user must ensure that the backend server
cookie in the remaining space of four (4) bytes to ensure that AS set
Equipment capable of performing this task. Default "offset" parameter is 0. "Rr | sr | lc | lb" parameter
is called the "first choice method." If the customer requests yet
There are specific real service, the algorithm will choose a real service to customers using the group
method according to the characteristics of the request. The default value is rr.
"Threshold" parameter only in the "first choice method" is "lc" situation applies, with the same group of
law lc the "threshold" parameter is set.
slb group method <group_name> pc [option]
For SLB method Persistent Cookie (pc), "option" parameter corresponds to the offset value of the
cookie. The default value is offset Cookie
0. Groups using this algorithm cookie policy must remain associated with the use of virtual services.
slb group method <group_name> lc [threshold] [yes | no]

When the minimum number of connections (lc) as a service group algorithm should specify two
additional parameters. Parameter "threshold" is an algorithm threshold particle size, said two truth
Response time and a real connection to the service activities that must be met to be considered as the
difference between the different numerical processing algorithms. This parameter is optional, the
default value is 10.
Parameters "yes | no" whether the provisions should take all SLB real service number of active
connections at the same time or the same threshold in response to the polling situation
Condition. "Yes" value indicates the polling algorithm to be used, "no" value indicates not used. This
parameter is optional, the default value is "no".
slb group method <group_name> sslsid [timeout]
For load balancing based SSL SID, use this version of the naming structure. Please note that only TCP real
service to become SSLSID of
Group members, and only TCP virtual service to be associated with that group. This optional parameter
represents a session might be in an open mold before being replaced
Type the length of time (minutes, the default is 5 minutes). This method is only deployed group may be
specified as the default group.
slb group method <group_name> pi [hash_bits] [rr | sr | lc] [threshold]
This command is used to add SLB group, and specify maintain IP (pi) method for the group.
group_name Specifies the name of the group's services, can support up to 40 characters.
If the group name starts with a number or non-alphabetic character, the string should be placed
In double quotes.
hash_bits optional parameters. This parameter specifies the source IP address in the number of digits
for
Production hash data. It is similar to a subnet mask, can be applied before it is hashed
In the IP address. The range of this parameter is 0-32. The default value is 32.
Description: This parameter for IPv6 address poor performance.
rr | sr | lc optional parameters. This parameter specifies the preferred method. If a client request is also
Unspecified real service, this algorithm will correspond to the method according to the group's request
Feature for customers to choose a real service. The default value is rr. Chapter 7 server load balancing
(SLB)
2013 Teamsun
All rights reserved

107
threshold optional parameters. This parameter applies only to the case of the preferred method for lc,
and lc
The method of "threshold" the same parameters. The default value is 10.
slb persistence timeout <timeout_minutes> [group_name] [idle | duration]
This command allows the user to set up a group or a single set of global timeout value.
Currently, the timeout function supports only the group using the following configuration:
sh Header (hh)
timeout_minutes specified timeout parameter values. In the range of 0-50,000, in minutes

(43,200 minutes, or 30 days). The default value is 0, disables the timeout
Function.
If the group has been configured by keeping method, the argument can not
Is set to 0.
group_name optional parameters. Specifies the name of the group's services. If you do not specify a
value,
The time-out function will take effect globally. If the global and a single set of timeouts
Value is specified, then the value of a single set of priorities into force overtime.
idle | duration optional parameters. Dynamic timeout specified session ID management mode, the
default value
As "idle". Configuration of pi, ph, hh, hc, or hq algorithm groups only
Support "idle" parameter.
If AS equipment specified "idle" period did not receive the customer sent
To the new request, AS equipment will end the session and clears its customers off
Associated with the session ID.
Given "session time" is terminated, regardless of whether you receive a new session request, Chapter 7
2013 Teamsun
All rights reserved
108
AS devices are the end customer session and clear the associated session ID.
Note: If you do not specify a timeout value for a single group, the group is using the global timeout
value. Otherwise, a single set of timeouts
Values will take effect in the group.
no slb persistence timeout [group_name]
This command is used to clear the use of the timeout parameter "pi", "ph", "hc", "hh" or "hq" algorithm
configured group settings. If you do not specify "group_name",
The system will delete the global timeout. If you specify "group_name", only to delete the specified
timeout setting group.
show slb persistence timeout [group_name]
This command displays the timeout parameter passed "pi", "ph", "hc", "hh" or "hq" algorithm to
configure a group setting. If you do not specify "group_name",
Global timeout configuration is displayed. If you specify "group_name", only the display timeout
configuration specified group.
slb group method <group_name> ph [rr | sr | lc] [threshold]
This command allows the user to specify the name of the method to configure the host continued. "Rr |
sr | lc" parameter can be called "the preferred method." If a client request is not yet
Specify the actual service, the present method can be used for services based on the customer's
selection of a request for the matching of the group properties and methods. The default value is rr.
"Threshold" parameter applies only to "first choice method" is lc circumstances, and with the same
group method lc threshold parameter set of circumstances.
slb group method <group_name> hi [hash_bits]
This command is used to add SLB groups, and assign Hash IP (hi) method. Hi method based on traffic
source IP will receive traffic is mapped to the real service
On. Hash IP algorithm AS consistent across multiple devices, provided that the Hash IP Group AS
configuration on the device are not the same.
If the group name starts with a number or non-alphabetic character string should be placed
Double quotes.
hash_bits optional parameters. This parameter specifies how many digits the source IP address can be
used
To generate the hash data. The range of this parameter is 0-32. The default is
32. If SLB group of a real service failure, the current continuous
Communication will be aborted.
Description: This parameter work for IPv6 addresses ineffective.
slb group method <group_name> hh <header_name> [rr | sr | lc] [threshold] [prefix] [delimiter]
This command is used to enable the Hash Header (HH) for a specified load balancing method SLB group.
Hh approach allows the system to the entire HTTP headers
String or part of the HTTP header field header field string (determined by the "prefix" and "delimiter")
hash, and true to our clients in Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
109
Session lasts between real servers. If both parameters are specified, and the HTTP request header field
with two parameters set match,
The system will HTTP header field "prefix" and "delimiter" setting hashes. If the request HTTP header
field only with "prefix" setting
Match, the system will hash string HTTP header field "prefix" setting after. Occur if the "prefix" is set in
the HTTP header field several times,
Only the first HTTP header field "prefix" setting will match.
In the following cases, the system will hash the entire HTTP header fields:
group_name Specifies the name of the group's services, can support up to 40 characters. Description:
In double quotes.
header_name specified HTTP header name. The header name is case sensitive, you can pack
Containing ASCII printable characters (ASCII encoding 33-126), but not including empty
Grid, double quotes and colon. The parameter values can be:
-Charset,
Accept-Language, Referer, User-Agent, or
X-Forwarded-For.
: any non-standard header name.
String.
For example: If the hash HTTP request URL "path + query" string
Can run the command "slb group method 'group_name' hh URL".
rr | sr | lc designated "first choice method". The default value is rr.
threshold only choice "lc" method, the parameter to take effect. The default value is 10. As
If the "first choice method" for "rr" or "sr", you must enter a Sui
Machine integers, in order to continue to complete subsequent setup parameters.
prefix optional parameters. This parameter specifies the HTTP header field will be hashed character
String starting position. The parameter values are case-sensitive, if non-alphabetic open
Head, should be placed in double quotes.
delimiter optional parameters. This parameter is used to specify a character that represents HTTP
Header field will be the starting and ending location hash string. The character Chapter 7 server load
balancing (SLB)
2013 Teamsun
All rights reserved
110
Case sensitive, if not the letter, it must be placed in double quotes.
Note: The parameter "prefix" and "delimiter" must be configured together. If you specify a "prefix", the
"delimiter" must be specified at the same time.
For example:
For the string "= 1386666888" hash for HTTP header string "callid = 13866668888; ber = 12", needs to be
"prefix" is set to
"Callid", "delimiter" is set to ";."
For the string "= 1386666888" hash for HTTP header string "username = abc; callid = 13866668888; ber
= 12", needs to be
"Prefix" is set to "callid", "delimiter" is set to ";."
However, if the HTTP header string is "mcallid = 13866668888; ber = 12", regardless of the "prefix" and
"delimiter" how to set up, the Department of
There was no system of the hash string "= 13,866,668,888."
slb group method <group_name> chi [hash_bits]
This command is used to add SLB groups, and assign Consistent Hash IP (chi) method. Chi square
method by hashing the source IP address of the request
Type mapping client requests to the server.
If the group name starts with numeric or non-alphabetic characters, the string should be placed
In double quotes.
hash_bits optional parameters. This parameter specifies the source IP address bits are used to generate
a number of minority
Hash data. The range of this parameter is 0-32. The default value is 32.
If SLB real service group fails, the existing will be in constant communication
Only.
Description: This parameter for IPv6 address poor performance.
slb group method <group_name> prox [rr | sr | lc] [threshold]
This command can be used to specify the group name to create Proximity (prox) group. "Rr | sr | lc"
parameter may be referred to as "the preferred method." If the customer did not request
SDNS proximity rules that meet the real service, this approach will choose a real service to customers
upon request characteristics corresponding group methods.
The default value is rr. "Threshold" parameter applies only to "first choice method" is lc circumstances,
as the threshold parameter method is applicable only group lc Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
111
The case.
slb group method <group_name> snmp [weight | cpu] [community] [oidcount] [oid1]
[oidweight1] [oid2] [oidweight2] [check_interval]
This command creates SLB group using snmp group methods.
In double parentheses.
weight | cpu mode value. CPU mode can meet most customer requirements; weight mode
Supports custom OID and inspection intervals. In the CPU mode, only
There are community parameters (community) needs to be set, check interval to be fixed
For 60 seconds.
community SNMP Community field server.
oidcount 1 or 2, with the number of weight mode specified OID.
The first OID oid1 weighting pattern.
oidweight1 weight mode Dir an OID weight.
The second OID oid2 weighting pattern.
oidweight2 weight mode second OID weight.
interval check interval weight mode SNMP inspection.
slb group method <group_name> ec <cookie_name> [rr | sr | lc] [threshold]
The first HTTP request without cookie may access the associated default policy groups, and AS device
may by selecting a "rr | lc | sr" method
Real service. When ASE device to get a response from the configuration of the server name of the
cookie, AS device will contain a real server information
String embedded cookie header. Then, after a revised response will be forwarded to the client.
Subsequent client request will contain the modified
cookie value, AS will be able to identify the device through its continuous real service. AS device
embedded real service will be removed from the cookie value information,
The original cookie value to forward the request to the server. Therefore, only the exchange occurs and
the cookie value on the client device between the AS, AS apparatus
And cookie values between services and no real change. "Rr | sr | lc" parameter can be called "first
choice method". The default value is rr.
"Threshold" parameter applies only to first choice method "is lc of the situation, with a threshold
parameter applies only group method is the same as the case lc.
slb group method <group_name> {sipcid | sipuid} [rr | sr | lc] [threshold] Chapter 7 server load
balancing (SLB)
2013 Teamsun
All rights reserved
112
This command is used to configure the SIP server SLB groups, including SIP Call ID persistence
(disaggregated Call ID header) or SIP user ID persistence
(Breakdown of user ID header) is a must. Please note: In addition to sipcid and sipuid methods outside,
SLB Group SIP real service may use other
Layer 4 methods, such as rr, lc, sr, etc. However, the group is not true for the SIP service can not be used
sipcid and sipuid methods.
Within double quotes.
rr | sr | lc for SIP call ID or user ID ongoing balance. "Rr | sr | lc" parameter
Can be called "first choice method". If the client request does not mean
Given actual service, the method will be used in accordance with the characteristics of the group
request method
Clients choose applicability for real services. The default value is rr.
threshold This parameter applies only to "first_choice_method" lc is the case with
Threshold parameter approach is the same situation applies to the group lc's.
slb group method <group_name> chh <header_name>
This command is used to add consistency hash header (chh) SLB group. "Chh" approach through the
application of the specified HTTP request header hash function to maintain
Continuity. "Chh" up to the specified HTTP request header three times Harry processing until a select
group of available real service. In case
Three hash value represents the real service is unavailable, you should use polling to choose a healthy
real service.

header_ name specified HTTP header name. HTTP header name is case sensitive, can
To contain printable ASCII characters (ASCII codes 33-126), but does not include
Enclosed spaces, double quotes and colon. The parameter value can be:
-Charset,
Accept-Language, Referer, User-Agent, or
X-Forwarded-For.
-standard header name.
Hashes.
For example, the hash HTTP request "path + query" string of the URL,
Need to run the command "slb group method 'group_name' chh Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
113
URL ".
slb group method <group_name> hq [rr | sr | lc]
This command is used to create a hash query (hq) SLB group. "Hq" HTTP query method specified by the
hash tag value way to maintain the consistency of the request.
This method must be used together with the consistency of a URL policy. Label defined within the
duration specified URL strategy. Parameters "rr | sr | lc" can be called
"First_choice_method", the default value is rr.
slb group method <group_name> hip [hash_bits]
This command is used to add SLB group, and specify the hash IP + port (hip) method for it. Hip method
by hashing the source IP address and port traffic
Receiving traffic mapped onto real service.
group_name Specifies the real service group name, which can support up to 40 characters.
In double quotes.
hash_bits optional parameters. This parameter specifies the number of digits for the source IP address
of Health
To hash data. The range of this parameter is 0-32, the default value is 32.
If a real service SLB group fails, the existing continuing to be
Aborted.
Description: This parameter work on IPv6 address poor performance.
slb group method <group_name> rdprt [rr | sr | lc]
This command is used to create using "rdprt" (RDP routing token) algorithm SLB group.
If the group name starts with numeric or non-alphabetic characters, the string should be placed
In double quotes.
rr | sr | lc This parameter can also be called "first choice method". If a customer
Request does not contain the specified real service, this method will be used for the election for the
client
Choose a real service. The default value is rr.
The following commands are used to set the Layer 2 SLB group. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
114
slb group method <group_name> {hi | rr | chi} [route | direct]
This command defines a Layer 2 SLB group. Layer 2 SLB supports three types of group methods: poll (rr),
hash IP (hi) and consistent hashing
IP (chi).
In double quotes.
route | direct specified route mode, which determines initiated by the real server data stream
How the amount is routed.
interface associated with Layer 2 virtual services.
Optional. The default setting using "direct" mode.

slb group method <group_name> radchu
This command is used to define the SLB group and specify "radchu" oriented set of load balancing
algorithm. "Radchu" hash recognize RADIUS client request
Permit the user name, then the user request will be sent to hit RADIUS server through a hashing
algorithm.
slb group method <group_name> radchs
This command is used to define the SLB group, and "radchs" designated as the load balancing algorithm
group. "Radchs" will hash client and RADIUS services
Connection between the session ID, then the user request will be sent to hit RADIUS server based on the
hash algorithm.
slb group method <group_name> persistence <session_id_type> [rr | sr | lc] [threshold]
This command is used to create the SLB group, the group uses the session ID and versatile continuousbased approach.
In double quotes.
session_id_type specified session ID type, which can be "ip", "ipport" or "string" and so on.
rr | sr | lc designated "first choice method." If the client requests to the real server is not shut
Union or request specified session ID does not carry, AS device will use "first
choice method "for the request to select a real server defaults Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
115
As "rr".
threshold of this parameter take effect only when the "lc" method is selected. The default value is 10.
slb group persistence request header <group_name> <header_name> [prefix] [delimiter]
[flag]
This command is used in the header for the session continue to get the session ID from the HTTP
request.
In double quotes.
header_name specified HTTP header name. HTTP header name is case sensitive, can
To contain printable ASCII characters (ASCII codes 33-126), but does not include
Enclosed spaces, double quotes and colon. This parameter can be chosen as follows:
Standard header name: Accept, Accept-Charset,
Accept-Language, Referer, User-Agent, and
X-Forwarded-For.
Any non-standard header name.
prefix optional parameters. This parameter specifies the HTTP header field will be hashed characters
String starting position. The parameter values contain up to 32 case-sensitive characters
Character, must be placed within double quotes. If this parameter value contains a double quote, the
Replaced with% q.
delimiter optional parameters. This parameter is used to specify a character that represents HTTP
Header fields start and end of the string. The parameter values to distinguish between large
Lowercase, must be placed within double quotes. If this parameter value contains a double quote,
Then use% q instead.
If you specify the parameter "prefix", and the parameter "flag" is 0, it must mean
Fixed "delimiter".
flag optional parameters. When the "prefix" is specified, this parameter value determines whether you
need
"Delimiter" parameter. The value can be 0 or 1. The default value is 0. Chapter 7 server load balancing
(SLB)
2013 Teamsun
All rights reserved
116
0 indicates the parameter "delimiter" is necessary parameters. However, when the parameter "prefix"
When directly with the HTTP header behind the name, the parameter "delimiter" can
Is an optional parameter.
1 shows the parameters "delimiter" non-essential parameters.

For example:
The implementation of "slb group persistence request header group1 Myheader username y 0"
command, if the HTTP request header
The header contains the following information string specified in the HTTP request from the client
matches the parameter "prefix":
l, the
HTTP request can be matched
"Prefix" specified string.
parameter specifies the request,
The string "prefix" and "delimiter" will be used between the session ID.
ID. This rule applies only to
"Slb group persistence request header" and "slb group persistence response header" command.
only a "prefix", and that match the specified HTTP request string and "prefix", then
"prefix" behind the word
String will be used as the session ID.
no slb group persistence request header <group_name>
This command is used to delete the specified group from the HTTP request header to get the
configuration session ID.
show slb group persistence request header [group_name]
This command is used to display the specified group from the HTTP request header to get the
configuration session ID. If the group is not specified, all groups will be displayed configuration.
clear slb group persistence request header
This command is used to clear all configurations to obtain the session ID from the HTTP request header.
slb group persistence request urlquery <group_name> <query_name>
This command is used for the session lasts from the HTTP request URL Query get the session ID. Chapter
7 server load balancing (SLB)
2013 Teamsun
All rights reserved
117
Description: If the group name starts with a number or non-alphabetic character, the string
Should be placed within double quotes.
query_name specify the URL Query name.
no slb group persistence request urlquery <group_name>
This command is used to delete a specified group from the HTTP request URL Query obtain
show slb group persistence request urlquery [group_name]
This command is used to display for a given group from the HTTP request URL Query obtain
configuration session ID. If the group is not specified, displays the
There are a group configuration.
clear slb group persistence request urlquery
This command is used to clear all configuration requests from HTTP Query URL to obtain the session ID.
slb group persistence request cookie <group_name> <cookie_name>
This command is used for the session cookie from the HTTP request to obtain continuous session ID.
cookie_name specify the cookie name.
no slb group persistence request cookie <group_name>
This command is used to delete the specified group from the HTTP request to get the configuration
session ID cookie.
show slb group persistence request cookie [group_name]
This command is used to display for a given group from the HTTP request to get the configuration
session ID cookie. If the group is not specified, displays all groups
Group configuration.
clear slb group persistence request cookie
This command is used to clear all configuration from the HTTP request to obtain the session ID cookie.
2013 Teamsun
All rights reserved
118
slb group persistence request body <group_name> <prefix> <delimiter> [flag]
This command is used for the session lasts from HTTP request body to obtain the session ID.
For the parameter description, refer to the command "slb group persistence request header
<group_name> <header_name> [prefix]
[delimiter] [flag] "description.
Description: When it only to follow the specified value "delimiter" If this command parameter "flag" is
set to 0, then the parameter value "prefix" setting
Will match.
no slb group persistence request body <group_name>
This command is used to delete a specified group from the HTTP request body to get the configuration
session ID.
show slb group persistence request body [group_name]
This command is used to display for a given group from the HTTP request body to get the configuration
session ID. If the group is not specified, all groups will be displayed
Configuration.
clear slb group persistence request body
This command is used to clear all configuration from the HTTP request body to obtain the session ID.
slb group persistence response header <group_name> <header_name> [prefix] [delimiter]
[flag]
This command is used for the session continued access to the session ID from the HTTP response
header.
For the parameter description, refer to the "slb group persistence request header <group_name>
<header_name> [prefix]
[delimiter] [flag] "command description.
no slb group persistence response header <group_name>
This command is used to delete a specified group for a response from the HTTP header to get the
show slb group persistence response header [group_name]

This command is used to display the group in response to a specified HTTP header to get the
configuration from the session ID. If the group is not specified, displays all groups with
Position.
clear slb group persistence response header
This command is used to clear the acquisition session ID from the HTTP response header of all
configurations. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
119
slb group persistence response cookie <group_name> <cookie_name>
This command is used for the session lasts from HTTP response cookie obtain the session ID.
Should be placed in double quotes.
cookie_name specify the cookie name.
no slb group persistence response cookie <group_name>
This command is used to delete a group in response to a given session ID cookie to get the configuration
from HTTP.
show slb group persistence response cookie [group_name]
This command is used to display for a given group from the HTTP response to obtain the configuration
session ID cookie. If the group is not specified, displays all groups
Group configuration.
clear slb group persistence response cookie
This command is used to clear all configurations to get the session ID from the HTTP response to the
cookie.
slb group persistence response body <group_name> <prefix> <delimiter> [flag]
This command is used for the session lasts from HTTP response body to get the session ID.
For the parameter description, refer to the command "slb group persistence request header
<group_name> <header_name> [prefix]
[delimiter] [flag] "description.
no slb group persistence response body <group_name>

This command is used to delete a specified group for a response from the HTTP body to get the
show slb group persistence response body [group_name]
This command is used to display the body in response to a specified group configuration session ID
obtained from HTTP. If the group is not specified, displays all groups with
Position.
clear slb group persistence response body
This command is used to clear all configurations in response to the main session ID from the HTTP Get.
2013 Teamsun
All rights reserved
120
slb group persistence value <group_name> <offset> [session_id_length]
This command is used to specify the real value of the service group to obtain the session ID obtained
from a string. Only group session ID type is configured as "string"
When this command is applicable.
Get the starting position offset specified session ID. The value of this parameter is
0-32.
session_id_length specify the length of the session ID. The value of this parameter is 0-64. Default
A value of 0 indicates to the parameter "offset" to specify a location for the session ID, and
Get all the strings that position after.
no slb group persistence value <group_name>
This command is used to remove the real value of the specified service group acquired the session ID
from the specified string.
show slb group persistence value [group_name]
This command displays the true value for the specified service group obtained the session ID from the
specified string.
clear slb group persistence value

This command is used to delete all the values obtained from the string session ID.
slb group persistence session static <group_name> <static_session_id> <real_name>
[port]
This command is used to configure a static session continued. Carry the specified session ID of the client
request is sent directly to the relevant real server. Each group of up to
256 can be configured to a static session ID.
If the group name starts with a number or non-alphabetic character string should be placed
Double quotes.
static_session_id static session for a specified session ID. The parameter value can be an IP address
Or the specified string. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
121
real_name specify the actual service name.
port specify the source port client requests. Parameter values in the range of 0-65535.
show slb group persistence session static [group_name]
This command is used to display a group of continuous static session configuration. If the group is not
specified, displays all groups continued to configure static session.
In double quotes.
no slb group persistence session static <group_name> <static_session_id> [port]
Static Session This command is used to delete a group of persistent configuration.
static_session_id static session for a specified session ID. Parameter values can be an IP address,
Can also be specified string.

port optional parameters. Specify the source port for client requests. Parameter ranges
0-65535.
clear slb group persistence session static [group_name]
All static session this command is used to clear a group of persistent configuration. If the group is not
specified, then remove static session continued with all groups
Position.
7.7 Add IP address pool
[no] slb proxyip global <pool_name>
This command is used for all SLB real server specified predefined IP address pool, and as a global IP
address pool. "No" version of this command with
To clear the specified global IP address pool. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
122
pool_name IP address pool name, through the "ip pool <pool_name> <start_ip>
[end_ip] "predefined input address pool name must be in uppercase or lowercase
English character begins.
[no] slb proxyip group <group_name> <pool_name>
This command is used to specify a predefined IP address for the specified SLB group. "No" version of this
command to clear the specified group IP address pool for SLB.
Description: The group IP address pool takes precedence over the global IP address pool.
clear slb proxyip [group_name]
This command is used to clear the specified group IP address pool configuration. If the group name is
not specified, it will clear all SLB group's IP address pool configuration.
show slb proxyip [group_name]
This command is used to display the specified group IP address pool configuration. If the group name is
not specified, the group will display all SLB IP address pool configuration.
show statistics slb proxyip [group_name]
This command is used to display the IP address pool statistics for the specified group. If the group name
is not specified, the group will display all SLB IP address pool
Statistics.
clear statistics slb proxyip [group_name]
This command is used to clear the specified group IP address pool statistics. If the group name is not
specified, it will clear all SLB group's IP address pool
Statistics.
7.8 for the group to add real service
slb group member <group_name> <real_name> [weight | cookie | url] [priority]
This command is used to add a real service to the SLB group.
group_name designated SLB group for real services.
real_name specify the actual service name.
weight | cookie | url Weight: Specify weights. The default value is 1. "Weight" parameter only when the
group
When you use the following method to be effective: rr, lc, hi, chi, pi, ph, hh,
hq, hc, ic, rc, ec, sslsid, radchs, radchu. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
123
Cookie: Specifies the cookie in the association continued cookie (PC) Strategy
Name (see "slb policy persistent cookie" command). "Cookie"
Groups using parameters only when sustained cookie (pc) method will be effective.
Url: In association "url-tag", specify "<tag> =" string after (cf.
See "slb policy persistent url" command). Only when the group continued to use
When url (pu) method, "url" parameter is valid.
priority Specifies the priority group members. The value of this parameter, the higher the priority.
The default value is 0.
The parameter "slb group activation <group_name>
<num_of_rs> "used in conjunction. If the parameter" less num_of_rs "value
Real number of groups in the health service, the highest priority of the N
Health real service will be enabled (N is determined by the "num_of_rs" parameter value).
no slb group member <group_name> <real_name>

This command is used to clear the real services from the group.
show slb group member [group_name]
All members of the designated group command for display. If the group name is not specified, displays
all group members.
clear slb group member
This command is used to delete all group members.
7.9 Other SLB group command
no slb group method <group_name>
This command is used to delete the specified group. This command can also delete all associated
policies and group members.
show slb group method [group_name]
This command is used to display the group information, including balancing method specified group.
clear slb group method
This command is used to delete all defined groups, including all relationships with real and virtual
service-related. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
124
show slb group protocol <group_name>
NetFOS will be allocated based on user configuration (TCP, HTTP, etc.) an agreement to a real group, to
prevent real service is assigned to an incompatible
Yung group. This command allows the user to see which protocol has been assigned to the specified
group.
slb group flush <group_name>
This command allows the administrator to remove a persistent connection table specifies the group.
This command will delete any persistent connections currently established, so the use of
This command should be especially cautious. Has established an ongoing connection users will be forced
to re-establish a continuous connection. Parameters "group_name"
Must represent hc, hh, ph or pi group.
slb group activation <group_name> <num_of_rs>
This command allows the user to enable health check real service in a group according to priority. In an
actual service group health check, only the
Actual service with the highest priority in order to be enabled. If you have the highest priority health
checks will be less than the true number of services to enable real service
Quantity, the second highest priority health check actual service is enabled.
group_name service name specified for the group, specifically in the form of a string. Note: If
If the configuration name beginning with numbers or other non-alphabetic character, the string will
Shall be placed within double quotes.
the true number of services num_of_rs need to enable. If this parameter is set to 2, then a
Having the highest priority service to the two's health check within a group
Is enabled, the received request can be assigned to both the true service activities
Works.
no slb group activation <group_name>
This command allows the user to cancel the opening of the real number of services configuration.
show slb group activation <group_name>
This command is used to display the opening of the group's services and specify all the real status of the
service.
For example:
7.10 SLB policy settings

In SLB, one strategy would be connected to a virtual service in accordance with specific rules of a group.
A virtual service type of each of a plurality of
Strategies associated (with a few exceptions). Like with the policy type, the policy also priorities. Use
policy-based virtual cookie service (eg, plug
The cookie, cookie rewriting, etc.) needs to be specified as the default group to configure a group, so
that the cookie can be set to an initial request for a client.
Multiple SLB policy priorities can be set. The default order between policy type as follows (italics order
strategy can be configured):
1. redirect
2. static
3. qos client port
4. qos network
5. persistent url
6. rewrite cookie
7. insert cookie
8. persistent cookie
9. qos cookie
10. qos hostname
11. qos url
12. qos body
13. regex
14. header
15. hash url
16. radius session id
17. radius user name
18. default
19. backup
When viewing a designated VIP strategies for each type in the order given above to be checked. For
each type, the system will collect for the Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
126
All possible matches situation. Match has the highest priority within this group will be used as an
associated group. Given below is used to configure the AS device built
Available commands legislation balanced strategy.

show slb policy all
This command allows the user to display all the policies within the device is currently configured AS.
slb policy order <order_template_name> <policy_type> <precedence>
This command is used to set the order of the specified policy, the order by "order_template_name"
parameter named template OK. If you specify the order of the mold
Board name already exists, this command will overwrite the name; otherwise, this command will create
a new order based on the default template sequence. You can create up to
Built 100 order templates. If a policy is transferred to a place, after all the policy shift between the two
positions will be transferred all backwards. This
In addition, if a policy is transferred back to a place, then move all the policies are within the distance to
move forward. For the first four layers SLB, the only
There are five strategies can be used for policy order template (static, qos clientport, qos network,
default and backup strategies).
order_template_name custom order template name; may contain 1-64 characters; Up
100 sequence is defined templates.
policy_type policy type, such as header, ic, qos-cookie so on.
precedence order, 1-13.
no slb policy order <order_template_name>
This command is used to clear the specified sequence SLB policy template.
clear slb policy order
This command is used to clear the sequence template for all SLB policy.
show slb policy order [order_template_name] [policy_type]
If you specify a policy type, is displayed in the order specified template strategy index; otherwise, this
template in order to configure the order of all the policies will be displayed.
If the order template name is not specified, displays all defined policy templates in all configurations
sequential order, the default order of priority will be displayed.
slb vlink <vlink_name>
This command is used to create vlink.
vlink_name designated vlink name. Whether uppercase or lowercase name entered vlink
Says the system can not be reserved words - "default", "all" or Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
127
"Global" and so on.
show slb vlink [vlink_name]
This command is used to display one or all of the defined vlink.
no slb vlink <vlink_name>
This command is used to clear the specified vlink.
clear slb vlink
This command is used to delete all vlink already defined.
show statistics slb vlink [vlink_name]
This command is used to display statistics or all defined a vlink vlink's.
clear statistics slb vlink [vlink_name]
This command is used to clear statistical information or a vlink vlink of all defined.
slb policy static <virtual_name> <real_name>
This command allows the user to create a static connection between virtual services and real service, so
any request for access to virtual services will be transferred to the appropriate
The real service. You can both create a static policy for each virtual service.
virtual_name virtual server name.
real_name real server name.
For example:
no slb policy static <virtual_name>

This command is used to delete the virtual service static policy.
show slb policy static [virtual_name]
This command is used to display a static connection to the specified virtual service and the associated
real services. If the virtual service is not specified, all defined static display
State policies. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved

128
clear slb policy static
This command is used to clear all the static connections between virtual services and real servers.
Between clear virtual services and real server if the user wishes
Certain a static connection, you should use the "no slb policy static" commands.
slb policy persistent url <policy_name> {virtual_name | vlink_name} <group_name>
<url_tag> <precedence>
This command allows the user to set the URL strategy continued to associate with the virtual service or
vlink sustained URL (pu) group.
policy_name user-specified name for the policy being configured.
virtual_name | vlink_na
me
The name of the virtual service or vlink.
group_name group name.
"tag" string url_tag device matching.
precedence to a value between 0-65535 (including both inclusive). And other holders
URL policy strategy corresponding sequence continued.
no slb policy persistent url <policy_name>
This command is used to remove persistent URL strategy.
show slb policy persistent url [policy_name]
This command is used to display a specific Persistent URL and strategies related; If no name is specified,
displays all Persistent URL strategy.
clear slb policy persistent url
Clear all Persistent URL strategy.
slb policy rcookie <policy_name> {virtual_name | vlink_name} <group_name> <precedence>
This command allows the user to set Rewrite Cookie policy, the virtual service or vlink associate with a
group.
me
The name of the virtual service or vlink. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
129
group_name The group should use Rewrite Cookie (rc) method and Embed
Cookie (ec) method configuration.
between a value precedence 0-65535 (including both endpoints). Order strategy
Correspondence with other Rewrite Cookie Policy.
no slb policy rcookie <policy_name>
This command is used to clear the specified SLB policy from the running configuration.
show slb policy rcookie [policy_name]
This command is used to display the current running configuration for all Rewrite Cookie policy
definitions.
clear slb policy rcookie
This command is used to clear all Rewrite Cookie policy from the current running SLB configuration.
slb policy icookie <policy_name> {virtual_name | vlink_name} <group_name> <precedence>
This command allows the user to set the Insert Cookie policy, or the virtual service vlink associated with
a group.
me
group_name The group must be configured with Insert Cookie (ic) method.
between a value precedence 0-65535 (with two endpoints). The sequence strategy
Insert Cookie associated with other strategies.
no slb policy icookie <policy_name>
This command is used to clear the specified SLB policy from the current running configuration.
show slb policy icookie [policy_name]
This command is used to display all Insert Cookie Policy.

clear slb policy icookie Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
130
This command is used to clear all Insert Cookie policy from the current running SLB configuration.
slb policy persistent cookie <policy_name> {virtual_name | vlink_name} <group_name>
<cookie_name> <precedence>
This command allows the user to set the Persistent Cookie policy or virtual service vlink associated with
a group. This strategy can only be used Hash
Persistent Cookie Cookie or group equalization method.
me
cookie_name specified cookie name.
between a value precedence 0-65535 (including both endpoints). Shun this strategy
Order and other continuing cookie policy related.
no slb policy persistent cookie <policy_name>
This command is used to delete the specified duration Cookie Policy.
show slb policy persistent cookie [policy_name]
Specified duration Cookie Policy This command displays. If no name is specified, displays all sustained
Cookie Policy.
clear slb policy persistent cookie
This command is used to clear all persistent Cookie Policy.
slb policy qos clientport <policy_name> {virtual_name | vlink_name}
{group_name | vlink_name} <network_ip> {netmask | prefix} <low_port> <high_port>
<precedence>
This command is used to create the QoS Client Port Strategy, the associated virtual service or vlink to a
group or another vlink. When a data packet
Enabling a virtual service, the source IP port and source packets are checked. If the source IP subnets are
defined, and the source port falls within the definition of the end
Port range, the packet will enable the policy.
policy_name user-specified name for the policy being configured. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
131
me
group_name | vlink_na
me
The name of the group or vlink.
network_ip specified network IP address. Can be IPv4 or IPv6 address format.
netmask | prefix length prefix subnet mask, or specify the network IP addresses.
-128.
low_port port range low.
high_port port range of high value.
And other policies related to QoS Client Port.
no slb policy qos clientport <policy_name>
This command is used to delete the specified QoS Client Port strategies.
show slb policy qos clientport [policy_name]
QoS Client Port strategies associated with this command is used to display.
clear slb policy qos clientport
This command is used to clear all QoS Client Port policy configuration.
slb policy qos cookie <policy_name> {virtual_name | vlink_name} {group_name | vlink_name}

<cookie_name = cookie_value> <precedence>
This command is used to create QoS Cookie policy, the virtual service or vlink with one group or another
vlink association.
virtual_name | Name vlink_name virtual service or vlink's. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
132
group_name | Name vlink_name group or vlink's.
cookie_name = cookie_va
lue
Bind to a specified number of designated cookie name.
between a value precedence 0-65535 (including both endpoints). Shun strategy
Sequence with other QoS Cookie policy related.
no slb policy qos cookie <policy_name>
This command is used to delete the specified QoS Cookie policy.
show slb policy qos cookie [policy_name]
QoS Cookie policy specifies that this command is used to display.
clear slb policy qos cookie
This command is used to clear all QoS Cookie Policy.
slb policy qos hostname <policy_name> {virtual_name | vlink_name}
{group_name | vlink_name} <host_name> <precedence>
This command allows the user to set up the server load balancing strategy, the virtual service or vlink
associate with one group or another vlink. In addition to
Outside Persistent Cookie and Persistent URL, the command also any equalization method used.
me

me
host name host_name configuration.
And other policies related to QoS Host Name.
no slb policy qos hostname <policy_name>
This command is used to clear the QoS Host Name policies specify. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
133
show slb policy qos hostname [policy_name]
QoS Host Name associated with the policy of this command to display.
clear slb policy qos hostname
This command is used to clear all QoS Host Name policy configuration.
slb policy qos network <policy_name> {virtual_name | vlink_name} {group_name | vlink_name}
<network_ip> {netmask | prefix} <precedence>
This command is used to create a QoS Network strategy, the associated virtual service or vlink to a
group or another vlink.
me
me
network_ip specified network IP address. Can be IPv4 or IPv6 format.
netmask | subnet mask or prefix length prefix specify the network IP addresses.
uld be a dotted IP address.

-128.
between a value precedence 0-65535 (including both endpoints). Shun this strategy
Order and other policies related to QoS Network.
no slb policy qos network <policy_name>
This command is used to clear the specified QoS Network strategy.
show slb policy qos network [policy_name]
This command is used to display the associated QoS Network strategy.
clear slb policy qos network
This command is used to clear all QoS Network policy configuration. Chapter 7 server load balancing
(SLB)
2013 Teamsun
All rights reserved
134
slb policy qos url <policy_name> {virtual_name | vlink_name} {group_name | vlink_name}
<qos_string> <precedence>
This command is used to create QoS URL policy to associate a virtual service or vlink to a group or
another vlink.
policy_name policy name being configured user-specified.
me
me
URL matching string qos_string with the request.
between a value precedence 0-65535 (including two endpoints), specify the policy phase
To order other QoS URL policy. The smaller numerical order, strategy
Higher.
no slb policy qos url <policy_name>

This command is used to delete the specified QoS URL policy.
show slb policy qos url [policy_name]
QoS URL policy specifies that this command is used to display.
clear slb policy qos url
This command is used to clear all QoS URL policy.
slb policy qos body <policy_name> {virtual_name | vlink_name} {group_name | vlink_name}
<prefix> <delimiter> <flag> <precedence>
This command is used to set the QoS main strategy, with a virtual service or vlink vlink group or another
associate. If the request body and
"Prefix" string match command specified, the request would enable the policy, the value between
"prefix" and "delimiter" string is used as a constant connection
Session ID.
policy_name Specifies the policy name, which can be from 1 to 20 alphanumeric characters
String. If the first character is a numeric policy name, the policy name
Said must be placed in double brackets. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
135
me
Vlink virtual service or the specified name.
me
Specify a name for the group or vlink.
prefix specify the starting location for the HTTP body field to be hashed string. The reference
The number of values can contain up to 32 characters, case sensitive, and must be put
Within double quotes. If this parameter value contains a double quote, use% q generation
Behalf.
delimiter character is specified HTTP body field to be hashed string that represents
Start and end position of the string. The parameter values are case-sensitive, must put
Within double quotes. If this parameter value contains a double quote, then use to replace% q.
If you specify a "prefix", and "flag" is 0, you must specify the parameters
Number of "delimiter" value.
This parameter value determines the flag when the "prefix" is specified, "delimiter" whether
Necessary parameters. The value can be 0 or 1. The default value is 0.
y the parameters "delimiter". Only when the HTTP request with the
With the string "prefix" value to match and directly with the
After the "delimiter" specified string, HTTP request parameters before and
"Prefix" match.
sary parameters.
When precedence when multiple QoS main policy exists, then specify a QoS policy body
Abbreviated sequence. Parameter value is an integer between 0-65535. Parameter values
, The lower order.
show slb policy qos body [policy_name]
This command is used to configure QoS policies body display. If you do not specify the policy name, then
display the configuration of all the main QoS policies.
policy_name Specifies the policy name, can be a letter from 1-20 characters
Numeric string. If the first character of the policy name is a number, the word
String must be enclosed in double quotes. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
136
no slb policy qos body <policy_name>
This command is used to remove the QoS main strategy.
policy_name Specifies the policy name, can be a by-character alphanumeric 1-20
String form. If the first character of the policy name is a number, the word
String must be enclosed in double quotes.
clear slb policy qos body

This command is used to clear all the main QoS policies.
slb policy regex <policy_name> {virtual_name | vlink_name} {group_name | vlink_name}
<regex> <precedence>
This command allows the user to create a Regular Expression policy, the virtual service or vlink associate
with one group or another vlink.
me
me
regex form: [^] string1 [* string2 [* stringN]] [$] of string
"^" And the corresponding beginning of the URL, "*" indicates the order of zero or more characters, "$"
Corresponds to the end of the URL.
Description: This string is case sensitive. Administrators can command "slb
mode regexcase {on | off} "configuration This command is case-sensitive.
between a value precedence 0-65535 (both inclusive). Shun strategy
Regex sequence with other relevant policies.
no slb policy regex <policy_name>
This command is used to delete the specified Regex strategy.
show slb policy regex [policy_name] Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
137
The command specified Regex strategy for display.
clear slb policy regex
This command is used to clear all Regex strategy.
slb policy header <policy_name> {virtual_name | vlink_name} {group_name | vlink_name}

<header_name> <header_pattern> <precedence>
This command is used to create the Header strategy, virtual services or virtual connection with one
group or another vlink association. Header strategy can be applied
To receive the HTTP request header. If the parameter Header strategy "header_name" and HEEP
request headers of the same name, the request
The header value parameter "header_pattern" specified pattern matching, the Header strategy matches
the request.
policy_name policy name. Can be an alphanumeric string of 1-20
Characters. If the first character is a number of the name, the name must
Enclosed in double quotes.
me
Virtual services or vlink name.
me
Groups or vlink name.
header_name HTTP header name that matches the request. Header name is case sensitive,
In addition to spaces, double quotes and colons, but can contain printable ASCII characters
(ASCII code 33-126).
header_pattern This parameter specifies the desired header value model, which has been configured
with the strategy phase
Match. Parameters of the form "[^] string1 [* string2 [* stringN]] [$]",
The "^" header string representation of the initial value, the "*" indicates 0 or in any word
More strings arranged in order of "$" indicates the end of the string header value.
Description: This string is case sensitive. Administrators can command "slb
mode regexcase {on | off} "configuration is to distinguish between the size of the command
Write.
order of precedence of the strategy with other Header strategies have the same virtual service
Turn off.
no slb policy header <policy_name> Chapter 7 server load balancing (SLB)

2013 Teamsun
All rights reserved
138
This command is used to delete the specified Header strategy.
show slb policy header [policy_name]
This command is used to display the Header policy specifies the name, if you do not specify the policy
name, then displays all the configured Header strategy.
clear slb policy header
This command is used to delete all Header policies.
slb policy hashurl <policy_name> {virtual_name | vlink_name} {group_name | vlink_name}
This command allows the user to create SLB Hash URL strategy, virtual services or vlink associate with
one group or another vlink. SLB
Hash URL policy supports persistent connections recoverable. When disconnecting the real service to reenable it original customer service will be redistributed back to
Seeking balance. Hash URL policy priority just above the default policy. Requests for virtual services will
be allocated to virtual servers via some hash function
A group associated with the service. If the hash group's services are not available, the default group.
policy_name policy name. Can be an alphanumeric string containing 1-20
Characters. If the first character of the policy name for the number, then the name should
In double quotes.
me
me
slb policy raduname <policy_name> <virtual_name> <group_name>
This command is used to configure RADIUS Username strategies associated with the use of virtual
services "radchu" algorithm to create an SLB group.

virtual_name virtual name of the service.
group_name use "radchu" group name algorithm created.
no slb policy raduname <policy_name>
This command is used to delete the specified RADIUS Username strategy.
show slb policy raduname [policy_name] Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
139
A specified RADIUS Username strategies of the command for display. If you do not specify the policy
name, then display all RADIUS Username
Strategy.
clear slb policy raduname
This command is used to clear all RADIUS Username strategy.
slb policy radsid <policy_name> <virtual_name> <group_name>
This command is used to set the RADIUS Session ID strategy, associate SLB virtual service groups and use
"radchs" algorithm created.
group_name using the group name "radchs" created.
no slb policy radsid <policy_name>
This command is used to delete a specific RADIUS Session ID strategy.
show slb policy radsid [policy_name]
Specified RADIUS Session ID Policy This command displays. If you do not specify the policy name, then
displays all the defined RADIUS
Session ID strategy.
clear slb policy radsid
This command is used to clear all RADIUS Session ID strategy.
show statistics slb policy raduname [policy_name]
This command is used to display the specified statistical information "raduname" strategy. If you do not
specify the policy name, displays statistics for all "raduname" strategy
Information.
show statistics slb policy radsid [policy_name]
This command is used to display the specified statistical information "radsid" strategy. If you do not
specify the policy name, the statistics about all the "radsid" strategy.
slb policy default {virtual_name | vlink_name} {group_name | vlink_name}
This command allows users to set the default policy, the virtual service or vlink associate with one group
or another vlink. For virtual services or
vlink, can set a default policy. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
140
me
me
The name of the group or vlink. Persistent Cookie (pc) and
Persistent URL (pu) method can not be specified as the default group policy.
no slb policy default {virtual_name | vlink_name}
This command is used to specify the default policy removed from the virtual service.
show slb policy default [virtual_name | vlink_name]
This command is used to display the default group of virtual services.
clear slb policy default
This command is used to clear the default policy from all the virtual service.
slb policy backup {virtual_name | vlink_name} {group_name | vlink_name}
This command allows the user to set a backup strategy, the virtual service or vlink with a group or
another vlink associate. For each virtual server
Service or vlink, you can only specify a backup strategy. When using a backup policy to assign a group of
virtual services or vlink, there is at least one of the priority policy
A successful match, but all matches are all true service failure or overflow.
me
me
no slb policy backup {virtual_name | vlink_name}
This command is used to clear a backup policy from the virtual service.
show slb policy backup [virtual_name | vlink_name]
This command is used to display the backup group for a virtual service.
clear slb policy backup
This command is used to clear all backup strategy. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
141
slb policy redirect <policy_name> <virtual_name> <group_name> <redirected_from_host>
This command allows the user to create redirection policies between virtual services and groups. URL
redirection policy for the host receiving process HTTP requests.
If redirection policy of "redirected_from_host" parameter with the same host name of the HTTP request
URL, the redirection policy matches the request.
policy_name policy name. The name is an alphanumeric string from 1 to 20 form. As
If the first character of the name is a number, the name must be placed in double quotes
The number.
redirected_from_host HTTP request from the host name of the URL.
Description: This string is case sensitive. Administrators can "slb mode
regexcase {on | off} "command to configure this command is case sensitive.

show slb policy redirect [policy_name]
This command is used to display the specified name redirection policy, if you do not specify the policy
name, then displays all redirection policy configuration.
no slb policy redirect <policy_name>
This command is used to delete the specified redirection policy.
clear slb policy redirect
This command is used to delete all redirection policy.
show slb policy group <group_name>
All policies associated with a specified group of this command is used to display. SLB policy map for SLB
virtual service to the group. SLB group can
Through multiple policies mapped to one or more virtual services. This command can find all the policies
specified SLB group.
clear slb policy group <group_name>
This command is used to clear all the policies specified SLB group. After running this command, all have
been mapped SLB virtual service available from the specified SLB
Group Unmap.
[no] slb virtual order <virtual_service> <order_template_name>
This command is used to associate the specified sequence template onto SLB virtual service. Strategies
order virtual service order templates defined order execution. Each Chapter 7 server load balancing
(SLB)
2013 Teamsun
All rights reserved
142
A SLB virtual service can have a sequence template. If the sequence template is not specified, the
default order. If another sequence template has
Were set for the virtual service, the command will it be modified.
show slb virtual order [order_template_name]
This command is used to show the association between the virtual service and configure the order
specified policy template. If the order template name is not specified, this command displays the virtual
All the proposed association between the service and order configuration template.
clear slb virtual order [order_template_name]
This command is used to clear the association between the virtual service and configure the order
specified policy template. If the order template name is not specified, remove from the system
All associated virtual service between the template and order.
slb policy filetype <policy_name> <vs_name> <group> <filetype>
This command allows the user to establish policy or file types rules.
vs_name virtual name of the service.
group_name Name of the group.
filetype file extension.
no slb policy filetype <policy_name>
This command is used to specify the name of the file type clear strategy.
show slb policy filetype [policy_name]
Specify the name of the file type strategies of the command displays. If you do not specify a file name,
file type display all defined strategy.
7.11 Other SIP command
sip nat <virtual_ip> <virtual_port> <real_ip> <real_port> [udp | tcp] [timeout]
[persistence_mode]
This command allows the user to configure the SIP NAT rules for SIP real service. All packets from the
real services were to convert to the virtual service to
Address.
virtual_ip source IP will be transferred to the IP. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
143
virtual_port source port will be transferred to this port. 0 using the original source port.
Source IP real_ip packet.
Source port real_port packets, 0 means all ports.
udp | tcp packet protocol to be converted. Optional parameter, the default value is "udp".
timeout timeout parameter value in seconds. Optional parameter, the default value is 60.
persistence_mode SIP NAT session persistence mode. Can be "callid" or "userid". Can
The default value is selected "callid".

no sip nat <real_ip> <real_port> [udp | tcp]
This command is used to delete the specified real service SIP NAT rules.
clear sip nat
This command is used to delete all the SIP NAT rules.
show sip nat
This command is used to display all SIP NAT rule configuration.
show statistics sip nat
This command displays statistics for all SIP NAT rules.
clear statistics sip nat
This command is used to clear all SIP NAT rule statistics.
sip multireg {on | off}
This command is used to enable or disable SIP registration packet forwarding function. When "multireg"
enabled, registered users will be able to request only through real server
Achieved, but the same SIP server in the group to all other servers in the real registration data from the
AS devices to forward a copy of the same synchronization acquisition
Customer requests. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
144
7.12 Compatibility Check
There are different types of system services and virtual reality services. Furthermore, there are different
types of policies and group SLB. We can they call it
For "SLB object." All relationships between objects SLB quite complex. Not all SLB object can be
connected with all other objects. Depending on the object,
The different categories and types, there are some compatibility problems between these objects. The
following command will help clear compatibility issues.
show slb group compatible real <real_name>
This command is used to display the current service is compatible with a specified true for all groups. If
true service is compatible with the SLB group, the real service
Is defined as a member of the group for that.
For example:
show slb group compatible virtual <virtual_name>

This command is used to display a specified virtual service is compatible with all groups. If an SLB virtual
service is compatible with a group, you can
Some types of this group SLB contact strategy.
show slb policy compatible <group_name> <virtual_name>
This command is used to specify the display can be used to connect and specify the SLB SLB virtual
service groups all policy types.
For example:
show slb real compatible groups <group_name>

This command is used to display the currently compatible with the specified group all true service. If
true service is compatible with the SLB group, newcomers it can be defined as
A member of that group.
show slb virtual compatible groups <group_name> Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
145
This command is used to display the current compatible with the specified group all virtual services. If
the virtual service is compatible with the SLB group, it can pass certain classes
SLB type of strategy to establish a connection with the group.
show slb real compatible healthcheck <real_type>
This command is compatible with a given type of real service health check type for display. If the
parameter "real_type" is set to "all", then natal
Order will display the actual service is compatible with all types of health check type AS device supports.
For example:
-tcp / none
cript-tcps / none
-tcp / none
-tcps / none
-udp / none
-tcp / none
-udp / radius-auth / radius-acct / none
-tcp / script-tcp / none

-tcp / script-tcp / none
-udp / script-udp / none
7.13 proxy mode

system mode reverse [virtual_name]
If the optional parameter "virtual_name", then this command proxy mode virtual service can be set to
reverse mode. Otherwise, the global mode
Into reverse mode.
system mode transparent [virtual_name]
If the optional parameter "virtual_name", then this command will proxy mode virtual service is set to
transparent mode. Otherwise, the global proxy mode
Formula will change to transparent mode.

system mode triangle [virtual_name]
If the optional parameter "virtual_name", then this command will set the proxy mode virtual services
triangular transfer mode. Otherwise, the global generation
Management model will be transformed into a triangular transmission mode. Triangle mode only
supports TCP, UDP and IP virtual services.
[no] show system mode [virtual_name]
If the optional parameter "virtual_name", then this command will display the proxy mode virtual service
settings. Otherwise, it will display the global proxy mode
Settings.
clear system mode
Proxy mode this command is used to remove all virtual service settings.
7.14 Statistics
The following series of commands allow the user to poll a variety of statistical information related to
server load balancing. Each command set query a SLB Agreement
Specific elements.
show statistics slb real
{dns | ftp | http | https | ip | l2ip | l2mac | rdp | rtsp | siptcp | sipudp | tcp | tcps | udp | all}
[real_name]
This command is used to display one or all of the actual service of the current statistics.
clear statistics slb real
{dns | ftp | http | https | ip | l2ip | l2mac | rdp | rtsp | siptcp | sipudp | tcp | tcps | udp | all}
[real_name]
This command is used for one or all of the real service statistics reset.
show statistics slb group [group_name]
This command displays the current real service group statistics. For SNMP SLB group, for monitoring
purposes, will be displayed each real service
The MIB values.
clear statistics slb group [group_name]
This command is used to reset the real service group's current statistics.
show statistics slb virtual
{dns | ftp | ftps | http | https | ip | l2ip | rdp | rtsp | siptcp | sipudp | tcp | tcps | udp | all}
[virtual_name]
This command is used to display the statistics of one or more virtual services.
clear statistics slb virtual
{dns | ftp | ftps | http | https | ip | l2ip | rdp | rtsp | siptcp | sipudp | tcp | tcps | udp | all}
[virtual_name]
This command is used to clear one or all of the statistics defined virtual services.
show statistics slb policy static [virtual_name]
This command is used to display a static policy specifies the number of matches a virtual service
requests. If the virtual service name is not specified, this command displays
Number of matches all configured static virtual services strategy. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
147
show statistics slb policy virtual [virtual_name | vlink_name]
All statistical information policy virtual service or Vlink This command is used to display and define the
association.
show statistics slb policy filetype [policy_name]
RTSP request certain file types policy matches the number specified by this command is used to display.
If you do not specify the policy name, the command will display
RTSP file type matching the number of all defined policies.
clear statistics slb policy filetype [policy_name]
RTSP file types policy matches the number specified by this command is used to reset. If the specified
policy name, the command will reset all set
RTSP defined strategy to match the number of file types.
show statistics slb policy header [policy_name]
show statistics slb policy redirect [policy_name]
show statistics slb policy default [virtual_name]
show statistics slb policy backup [virtual_name]
show statistics slb policy persistent url [policy_name]
show statistics slb policy persistent cookie [policy_name]
show statistics slb policy icookie [policy_name]

show statistics slb policy rcookie [policy_name]
show statistics slb policy qos url [policy_name]
show statistics slb policy qos hostname [policy_name]
show statistics slb policy qos cookie [policy_name]
show statistics slb policy regex [policy_name]
show statistics slb policy qos network [policy_name]
show statistics slb policy qos network [policy_name]
These commands are used to match the number of different types of policies are displayed. For the
"show statistics slb policy default" and "show statistics
slb policy backup "command, if the virtual service name is not specified, the command will show all
configured virtual service default or backup policy
Slightly the number of matches. For other commands, if you do not specify the policy name, these
commands will show the type of policy that matches all the specified number of times. Chapter 7 server
load balancing (SLB)
2013 Teamsun
All rights reserved
148
clear statistics slb policy header [policy_name]
clear statistics slb policy redirect [policy_name]
clear statistics slb policy default [virtual_name]
clear statistics slb policy backup [virtual_name]
clear statistics slb policy persistent url [policy_name]
clear statistics slb policy persistent cookie [policy_name]
clear statistics slb policy icookie [policy_name]
clear statistics slb policy rcookie [policy_name]
clear statistics slb policy qos url [policy_name]
clear statistics slb policy qos hostname [policy_name]
clear statistics slb policy qos cookie [policy_name]
clear statistics slb policy regex [policy_name]
clear statistics slb policy qos network [policy_name]

clear statistics slb policy qos network [policy_name]
The above command will be used to reset to match the number of different types of policies.
7.15 URL Rewrite / Redirect HTTP / HTTPS
http redirect url <virtual_name> <policy_name> <priority> <orig_host> <path_regex>
<new_protocol> <new_host> <path_replacement> <response_code>
This command allows the user to redirect the URL path specified host matches the specified regular
expression matching a URL request and include new host and a new path.
Complete redirection need to generate 301 or 302 times in response to local header containing modified
through URL.
The maximum number of changes with the system memory HTTP redirection rules: 1G or 2G memory
devices can configure up to 200 rules; memory
4G or 8G devices can configure up to 400 rules.
virtual_name specified virtual service name. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
149
policy_name HTTP redirection policy name.
priority rules of priority; larger the value, the higher the priority.
original_host "Host:" header string intact. This parameter supports partial match mode,
Ie the user can enter only part of the host name. For example, if the user of this
Parameter is set to "example", the request (to respond) contains the string
"Example" of all host names will be replaced. This parameter supports "^"
"*" And "$" three kinds of wildcard match the host name. "^" Match the hostname
Said at the beginning, "*" denotes zero or more characters in any order, and "$" matches the master
The end of the machine name.
path_regex the request path that matches the regular expression.
new_protocol redirect response to the program, which can be HTTP or HTTPS.
new_host redirect host part of the response.
path_replacement replacement string Path Regex part of the match.
response_code return required to respond to HTTP status code, which can be 301 or 302.
For example:
10 "www.teamsun.com.cn" "/ market" https
"Teamsun.com.cn" "/ support" 301
In this command, the matching substring is "/ market", replace the string "/ support". Thus, the end of
the original URL,
http://www.teamsun.com.cn/market/faq/index.html will be redirected to https: //
teamsun.com.cn/support/faq/index.html.
no http redirect url <virtual_name> <policy_name>
This command is used to clear the specified HTTP redirection policy from the HTTP virtual service
configuration.
show http redirect url [virtual_name]
This command is used to display a specified virtual service or all virtual services HTTP redirection policy.
clear http redirect url <virtual_name> Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
150
This command is used for a specified virtual service to clear all HTTP redirection policy, or clear all HTTP
redirection policy.
http redirect https <virtual_name>
This command is used to configure virtual HTTP to HTTPS redirection service. It allows the user to any
virtual service requests are redirected to "http" is
"Https" instead of the URL. Redirect by generating 301 or 302 response to be achieved, in response to
the address in the header contains a modified URL. Full
Ministry redirection rule does not exist restrictions, but the number of virtual services is limited.
no http redirect https <virtual_name>
This command is used to clear the specified HTTP-HTTPS redirection policy from the configuration HTTP
virtual service.
show http redirect https
HTTP-HTTPS This command is used to display all virtual service redirection policy.
clear http redirect https
This command is used to clear all HTTP-HTTPS redirection policy.

http redirect error <error_code> <vs_name> <redirect_url> [prefix] [encoding_mode]
When an error code is specified, this command is used to request access to virtual services redirected to
the specified URL.
error_code specify an error code. Currently, support for the following error codes:
ent certificate;
vs_name specify the name of the SLB virtual service.

This order applies only HTTPS types of virtual services. While there may be a
Power configure other types of virtual services, but the configuration will not take effect.
redirect_url specify the request will be redirected to the URL. The maximum length of the URL 255
Characters. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
151
prefix optional parameters. If this parameter is not specified, the original URL is not for passengers
Client display. If this parameter is set to abc, the new URL will be
"Redirect_url? Abc = original_url" format. This parameter refers to the most
Great length of 40 characters and is case sensitive and can only be "az" big
Lowercase.
encoding_mode optional parameters. This parameter specifies how the new URL in the URL of the
original series
Yards. Fixed value of the parameter "base64", said the original URL will root
According to base64 encoding algorithm.
Only in the parameter "prefix" is specified, this parameter is to be effective. If you do not
Specify this parameter, the original URL will be displayed in uncoded form.
Note: If the HTTP 1.0 client request does not contain a host of information, the HTTP redirect error
setting does not work.
no http redirect error <error_code> <vs_name>
This command clears the redirection settings specified virtual services according to the specified error
code.
show http redirect error [vs_name]
This command is used to display error redirection settings specified virtual service. If the parameter
"vs_name" is not specified, an error is displayed for all virtual services reDirectional setting.
clear http redirect error [vs_name]
This command is used to clear the error specified virtual service redirection settings. If "vs_name"
parameter is not specified, then remove all the virtual service errors heavy
Directional setting.
http rewrite request url <virtual_name> <policy_name> <priority> <orig_host> <path_regex>
<new_host> <path_replacement>
This command allows the user to modify the "Host:" header and the HTTP method line path, which
would be in the request is sent back to rewrite the request stage.
The maximum number of HTTP requests to rewrite the rules change with the system memory: 1G or 2G
memory devices can configure up to 200 rules; memory
To 4G or 8G devices can configure up to 400 rules.
virtual_name name specified for the virtual service.
policy_name HTTP rewrite policy name. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
152
priority rule priority, the greater the value, the higher the priority.
original_host "Host:" header string intact. This parameter supports partial match mode,
That is, users simply enter the part of the host name. For example, if the user of this reference
The number is set to "example", the request (to respond to) contain "example" word
All host names are strings will be replaced. This parameter supports wildcard
"^", "*" And "$" to match the host name. "^" Matches the host name
Beginning, "*" matches any sequence of zero or more characters, "$" matches the host
The end of the name.
path_regex request path matching regular expression.
Description: This string is case sensitive. Administrators can run "slb mode
regexcase {on | off} "command to configure whether to distinguish between the size of the command
Write.
string matches the host name portion of the requested new_host replacement. The "% r" as the new
Host name, said the request for a partial match the host name will be rewritten as selected
The real service "ip: port". If the selected service is a real port Fan
Wai real service (port number is 0), then the device will use the end of the AS
Port is connected to the real service.
path_replacement replacement string Path Regex partial match.
no http rewrite request url <virtual_name> <policy_name>
This command is used to clear the specified HTTP request URL rewrite policy from the HTTP virtual
service configuration.
show http rewrite request url [virtual_name]
This command is used to display the specified virtual service or all virtual services HTTP request URL
rewriting strategies.
clear http rewrite request url <virtual_name>
All HTTP rewrite this command clears the specified virtual service request URL policy, or clear all HTTP
request URL rewriting strategies.
http rewrite response url <virtual_name> <policy_name> <priority> <orig_protocol>
<orig_host> <path_regex> <new_protocol> <new_host> <path_replacement>
This command allows the user to get the "Location:" header from backstage content, or be rewritten.
2013 Teamsun
All rights reserved
153
The maximum number of rewrite rules allow HTTP response with the system memory size and change:
the device memory is 1G or 2G, the maximum configuration of 200; set
Preparation for 4G or 8G memory, the maximum configuration 400.
Virtual Service Name virtual_name configuration.
policy_name HEEP redirection policy name.
priority rule priority, the greater the value, the higher the priority.
original_protocol original response to the program, which can be http, https or both.
original_host responded "Location:" header complete string. This parameter supports partial matches
Mode, that is, users simply enter the part of the host name. For example, if the user
This parameter is set to "example", the request (to respond to) contain
"Example" all the host name of the string will be replaced. This parameter
Supports wildcards "^", "*" and "$" to match the host name. "^"
Matches the beginning of a host name, the "*" matches any sequence of zero or more characters,
"$" Matches the host name ending.
Description: This parameter does not accept regular expressions, which do not need to configure the
port number.
path_regex match "Location:" header path regular expression.
Description: This string is case sensitive. Administrators can "slb mode
regexcase {on | off} "command to configure whether to distinguish between command-sensitive.
new_protocol redirect response to the program, which can be http or https.
new_host redirect response to the host part. The use of special format "% h" indicates that the client
Requesting host.
path_replacement replacement string Path Regex partial match.
For example:
no http rewrite response url <virtual_name> <policy_name>

This command is used to clear the specified HTTP URL rewriting in response to the policy from the HTTP
virtual service configuration. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
154
show http rewrite response url [virtual_name]
This command is used to display the specified virtual service or all virtual services HTTP rewrite response
strategy.
clear http rewrite response url <virtual_name>
This command is used to clear all HTTP virtual service specified URL rewriting strategies to respond, or to
respond to clear all HTTP URL rewriting strategies.
http rewrite response https <virtual_name>
This command is used to override the virtual service configuration from HTTP to HTTPS redirection. Each
will respond to rewrite this as a virtual service
HTTPS response, HTTPS response to each one will be rewritten as HTTP response.
no http rewrite response https <virtual_name>
This command is used to remove from the HTTP virtual service configuration specified HTTP-HTTPS
rewrite strategy.
show http rewrite https
HTTP-HTTPS This command is used to display all virtual service rewrite strategy.
clear http rewrite https
This command is used to clear all HTTP-HTTPS rewrite strategy.
http rewrite request removeheader <virtual_service> <header_name>
This command is used to add HTTP rewrite policies for all client requests services from the specified
virtual cleared HTTP header field.
virtual_service HTTP or HTTPS virtual service.
header_name header fields will be cleared. Header names are not case sensitive.
no http rewrite request removeheader <virtual_service>
This command is used to clear the Override policy HTTP header field from the specified virtual service.
show http rewrite request removeheader [virtual_service]
This command is used to display the virtual service from a designated clearing all HTTP client request
HTTP header field rewrite strategy. If the parameter
"Virtual_service" is empty, it shows all the virtual services from all client HTTP requests to clear a HTTP
header field rewrite strategy.
clear http rewrite request removeheader [virtual_service] Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
155
This command is used to clear the HTTP request header field of an HTTP rewrite policy from a specified
virtual service all clients. If the parameter
"Virtual_service" is empty, all client requests from all virtual services in a clear HTTP rewrite HTTP
header field strategy.
http rewrite response removeheader <virtual_service> <header_name>
This command is used to add HTTP rewrite policy for the specified virtual service to clear a HTTP header
field from all the server response.
virtual_service HTTP or HTTPS virtual service.
header_name header field to be deleted. Header names are not case sensitive.
no http rewrite response removeheader <virtual_service>
This command is used to specify the virtual service from all servers in response to delete HTTP header
field of HTTP rewrite policies.
show http rewrite response removeheader [virtual_service]
This command is used to display a specified virtual service from all servers HTTP response to delete an
HTTP header field rewrite strategy. If the parameter
"Virtual_service" is empty, then displays all HTTP server to respond to delete an HTTP header field to
rewrite the policy from all the virtual services.
clear http rewrite response removeheader [virtual_service]
This command is used to delete all servers HTTP response header field of an HTTP rewrite policy from a
specified virtual service. If not specified
"Virtual_service", then delete all virtual services to all HTTP header field in a HTTP server response
rewrite strategy.
7.16 URL Filtering
NetFOS also provides additional security mechanisms, including URL filtering, buffer overflow attack
protection, the parser escape attacks, directory traversal attacks,
And other hacker protection strategy. Execution NetFOS URL filtering protocol commands listed below.
Note: URL filtering mechanism must Layer 7
SLB co-operation.
filter vip [virtual_service_name]
This command allows the user to create URL filtering function for a specified virtual service. Parameters
"virtual_service_name" The default value is "global",
Said the global setting.
virtual_service_name specify a URL filtering applies virtual services. By default, the
Parameter is set to "global", said URL filtering applies to all virtual services.
filter mode {passive | active} [virtual_service_name]
This command allows the user to set if NetFOS receive a bad URL request, AS device what action to take.
"Passive" setting allows your Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
156
Seeking through this device, while retaining an illegal communication records. "Active" setting will guide
device according to user-configured URL filtering protocol violations, please discard
Requirements. Default active mode. Parameters "virtual_service_name" The default setting is "global",
said the global setting.
[no] filter url character <start_ascii_value> <end_ascii_value> [virtual_service_name]
This command allows the user to set various ASCII value, refused to back-end server access. Parameters
"virtual_service_name" The default setting is
"Global", said the global setting.
filter url keyword match <string> [virtual_service_name]
N This command is used to check whether the string and URL filtering rules configured regular
expression matching. The configuration parameters to ensure the rule of writing regular expressions
Correctly matched string is indeed deny or allow the customer wants. Parameters
"virtual_service_name" The default value is "global", said the whole
Bureau settings.
filter url keyword default {permit | deny} [virtual_service_name]
This command allows the user to set the default virtual service URL filtering rules. If you specify a virtual
service is denied access, the AS will return "403
Forbidden "message. Combined" filter url keyword "command, this command provides a flexibility to
define a blacklist of URL keyword filtering
And whitelists. As the command to "filter url keyword" command is based, when users modify the
default filtering settings (the default permission), shall not start
By URL keyword filtering to deny or allow rules. Parameters "virtual_service_name" The default value is
"global", said the global settings.
permit | deny to specify the default URL filtering rules.
virtual_service_name specify the applicable virtual URL filtering service. By default, this parameter
Is set to "global", said the URL is set to global settings.
[no] filter url keyword {permit | deny} <string> [virtual_service_name]
This command allows the user to set a specific keyword or string to remind AS equipment beware of
potential accidents server requests. The command and "filter url
keyword default "command with the work.
"deny" option. This
A configuration will reject the configuration keyword matching URL requests.
"permit" option.
Unless specified URL and keyword matching, otherwise, all requests will be rejected.
permit | deny to allow or deny a specific keyword.
string parameter "string" can accept PERL compatible regular expressions. Said
Ming: "*" indicates subexpression matches 0 or n times, and wildcard expressions
The "*" is different. If you need to match the "*" character, "\ *" to meet the requirements of Chapter 7
2013 Teamsun
All rights reserved
157
"\ *" Is used to turn back. A typical format is: "/ upload /" matches any include
"/ Upload /" keyword in URL, "\. Exe" match all exe files
"/image/.""*\.jpg" Match "/ image /." All jpg files directory.
If two or more matching rules match the same URL, cache too
The most frequently selected filter matching rule.
Description: URL parameter can only support compatible with PERL regular expressions.
Regular "*" "*" meaning different expressions and wildcard expressions. In
Cache filter must avoid a single "*." A single "*" in regular expressions
Has no meaning. (Example: cache filter rules www.sina.com.cn, "*",
"Cache = yes" is not allowed). In NetFOS system. "*" Is
As a wildcard, matching all URL. Regular expressions. "*" Means
The same meaning as the expression wildcard "*" is.
virtual_service_name virtual name of the service. The default is "global", said the global setting.
[no] filter type {integer | string} <variable_name> [virtual_service_name]
This command allows the user to press the URL query variable types (URL in the "?" Later in this section)
to configure filtering requests. AS device will be based on parameters
URL query variable "variable_name" whether the value provided for "integer" or "string", to allow or
disallow the request. Parameters
"Virtual_service_name" The default value is "global", said the global settings.
filter length {url | query | queryvariable | querydata | header | request} <length>
[virtual_service_name]
This command allows the user to set various filter parameters from different aspects of the request for
access to the network. Parameters "virtual_service_name" default value
"Global", said the global settings. The default length of the filter as follows:
filter alert <email_address> <threshold> [virtual_service_name]

This command allows the user to specify a virtual service to enable or disable email notifications or
reminders. "Email_address" parameter must be enclosed in double quotes,
This e-mail address and DNS name queries to "ip nameserver <ip>" command is based. "Threshold"
parameter is used to set an email reminder Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
158
Process the number of requests to be dropped. Parameters "virtual_service_name" The default value is
"global", said the global settings.
filter request controlchar {on | off}
This command is used to enable or disable the control character filtering features. By default, the
control character filtering function is enabled. When this feature is enabled,
All characters back with "%" (the escape character) will be converted. However, if the conversion fails,
the entire URL will be rejected. When this function is disabled,
Followed by '%' (the escape character) All characters must be converted. And "on" mode is different
when the conversion fails, the conversion will be ignored, the entire URL
Be accepted.
Allows the use of the escape mode include:
% XX: XX is 00 ~ FF, but does not include the 00 ~ 1F and 7F
% uXXXX: XXXX is 0000 ~ FFFF
The following table provides some conversion examples:
URL \ Mode On Off
http://abc.com http://abc.com http://abc.com
http://abc.com/%30 http://abc.com/0 (successful conversion) http://abc.com/0 (successful conversion)
http://abc.com/%00
......
http://abc.com/%1F
Deny. (Conversion failed because% 00 ~% 1F
A control character)
http://abc.com/%00
http://abc.com/%1F
(Conversion failed, but retains the character)
http://abc.com/%7F Deny. (conversion failed because% 7F is controlled
System character)
http://abc.com/%7F (conversion loss
Defeat, but to save the character)
http://abc.com/%p Deny. (conversion failed, because the "%" only with

A HEX byte, for example,% 5B e)
http://abc.com/%p (conversion loss
Defeated, but retained the character)
http://abc.com/%u1234
(% u is a special character, followed by two
A HEX bytes, for example,% u5B5B.
There is no need to convert. )
http://abc.com/%upq Deny. (conversion failed) http://abc.com/%upq (Conversion
Fail, but retains the character)
http://abc.com http://abc.com http://abc.com
http: //abc%30.com http://abc0.com (successful conversion) http://abc0.com (successful conversion)
http: //abc%00.com
......
http: //abc%1F.com
Deny. (Conversion failed because% 00 ~% 1F
A control character)
http: //abc%00.com
http: //abc%1F.com
(Conversion failed, but retains the character)
http: //abc%7F.com Deny (conversion failed because% 7F is one.
Control characters. )
http: //abc%7F.com (conversion loss
http: //abc%p.com Deny (conversion failed, because the "%" can not now.
A HEX byte, for example,% 5B)
http: //abc%p.com (conversion loss

http: //abc%u1234.com
http: //abc%u1234.com
(% u is a special character, need to talk to two
A HEX bytes, for example,% u5B5B.
There is no need to convert. )
http: //abc%u1234.com Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
159
URL \ Mode On Off
http: //abc%upq.com Deny (conversion failed) http:. //abc%upq.com (conversion loss
show filter all
This command is used to display each URL filtering protocol global settings and the current
configuration.
show filter mode [virtual_service_name]
This command is used to display or record in the discard problem with the network query terms AS
device is running in passive or active mode. Parameters
"Virtual_service_name" The default value is "all", all of the filtering system mode setting will be
displayed, "global", said the Global URL Filtering display mode
Style setting.
show filter vip [virtual_service_name]
show filter length [virtual_service_name]
show filter type {interger | string} [virtual_service_name]
show filter url keyword [virtual_service_name]
show filter url character [virtual_service_name]
show filter alert [virtual_service_name]
These commands are used to display specific configuration parameters related to filtering. Parameters
"virtual_service_name" default value "all", will display all related equipment
Home; "global" indicates displays global settings.

clear filter vip [virtual_service_name]
This command is used to clear the virtual URL filtering service settings, including global settings.
Parameters "virtual_service_name" default value "all", the table
Shows all relevant clearing system configurations; "global" clears the global configuration.
clear filter mode [virtual_service_name]
clear filter length [virtual_service_name]
These commands are used to filter the length of URL filtering mode and reset to default settings,
respectively. Parameters "virtual_service_name" The default value is "all",
The full URL filtering settings to their default values; "global" indicates the global settings to their default
values.
clear filter type {interger | string} [virtual_service_name]
clear filter url keyword [virtual_service_name] Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
160
clear filter url character [virtual_service_name]
clear filter alert [virtual_service_name]
These commands are used to clear the relevant URL filtering settings.
show statistics filter url keyword default [virtual_service_name]
This command is used to display a specific virtual IP address overall default hit situation. Parameters
"virtual_service_name" default value "all", was
Shows all relevant statistical information; "global" then display relevant global statistics.
show statistics filter url keyword {deny | permit} [keyword] [virtual_service_name]
This command is used to display filtering statistics for a specific keyword.
clear statistics filter url keyword default [virtual_service_name]
This command is used especially hit all the default statistics.
clear statistics filter url keyword {deny | permit} [keyword] [virtual_service_name]
This command is used to clear a specific keyword string keyword filtering statistics.
show connection [protocol] [content_type] [ip]
This command is used to display to the protocol, content type and IP address filtering criteria for a
positive connection.
protocol positive connection protocol type: TCP, UDP, or All (containing both TCP
And UDP). This parameter is optional and defaults to "all".
content_type data or count. Data are expressed connection details match. Count indicates
The number of mating connector to display.
ip IP address matches the local or remote IP address of the active connection.
For example:
------------------------------------------------- ----------------------
2013 Teamsun
All rights reserved
161
no connection <protocol> [local_ip] [local_port] [remote_ip] [remote_port]
This command is used to clear the configuration of the active connection protocol, IP and port filtering:
protocol TCP, UDP, or All (TCP and UDP both).
local_ip local IP. Optional parameter, the default value is 0.0.0.0, this means all the IP
Address.
local_port local port. Optional parameter, the default value is 0, indicating that all port values.
remote_ip remote IP. Optional parameter, the default value is 0.0.0.0, this means all the IP
Address.
remote_port remote port. Optional parameter, the default value is 0, indicating that all port values.
2013 Teamsun
All rights reserved
162
7.17 SLB summary

SLB Type Priority
(1 is highest)
Virtual
Service
Real
Service
Health
check Scenarios
Layer 7
HTTP / HTTP
S
2
IP + Port
+ Proto
(HTTP,
HTTPS)
IP + Port +
proto
(HTTP,
HTTPS)
None
HTTP
HTTPS
TCP
TCPS
ICMP
Additional
Script
1 in accordance with the application protocol standard

Head implementing balanced flow,
For example, HTTP headers.
2. need caching feature.
Layer 7
DNS 2
IP + Port
+ Proto
(DNS)
IP + Port +
proto
(DNS)
None
DNS
ICMP
Additional
Script
DNS requests
DNS cache function may
Better applications.
Layer 7 FTP 2
IP + Port
+ Proto
(FTP)
IP + Port +
proto
(FTP)
None
TCP
ICMP
Additional
Script
FTP traffic
Layer 7 SIP 2
IP + Port
+ Proto
(SIP-TCP
,
SIP-UDP
)
IP + Port +
proto
(SIP-TCP,
SIP-UDP)
None
TCP
TCPS
ICMP
Additional
Script
SIP-TCP
SIP-UDP
VOIP flow balance
Layer 7
RTSP 2
IP + Port
+ Proto
(RTSP)
IP + Port +
proto
(RTSP)
None
TCP
ICMP
Additional
Script
RTSP-TCP
Real-time media flow balance.
Layer 4 2 IP + port IP + Port
None
TCP
TCPS
ICMP
Additional
Script
1 based on TCP / UDP standard
Head balance traffic.
2 Specify the TCP port or
UDP port decides that a
Specific services.
Port range
(for Layer 7) 3
Layer 7
VS + Port
range
Layer 7 RS
Layer 7 RS
(0 port)
Non-zero
port RS:
Layer 7
health
In addition to Layer 7 SLB, also support
Holding cross-port and dynamic port
Application traffic balancing. Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
163
SLB Type Priority
(1 is highest)
Virtual
Service
Real
Service
Health
check Scenarios
check
Zero port
RS:
ICMP
Additional
Port range
(for Layer 4) 3
Layer 4
VS + Port
range
Layer 4 RS
Layer 4 RS
(0 port)
Non-zero
port RS:
Layer 4
health
check
Zero port
RS:
ICMP
Additional
In addition to Layer 4 SLB, also supports
Holding cross-port and dynamic port
Application traffic balancing.
Layer 3 4 IP IP
None
ICMP
Additional
In addition to a range of ports SLB, also
Support cross-protocol application traffic
Balance. Currently, only
TCP and UDP protocols.
Layer 2 1 IP + port
ranges IP, MAC
ARP
Additional
(only
ICMP)
1 Background services not true

IP addresses are available, the
Order flow can not be based on IP
Address achieve balance.
2 background service is not true
Destination input flow
(For example, a virus scanner
Check each packet, then
The data is then forwarded to the true
Real destination. ) Chapter 7 server load balancing (SLB)
2013 Teamsun
All rights reserved
164
Description: DirectFWD not support Shortest Response (sr). Chapter 8 reverse proxy cache
2013 Teamsun
All rights reserved
165
Chapter 8 reverse proxy cache
This chapter describes the reverse proxy cache configuration commands.
8.1 Cache command
cache {on | off} [virtual_service]
This command is used to enable or disable the HTTP caching feature. HTTP caching feature is disabled by
default. If you do not specify a virtual service name, this command
Enable or disable HTTP caching feature for the specified virtual service. If you do not specify a virtual
service, the command to set the global HTTP caching feature.
Only when the global HTTP caching feature and per-virtual-service HTTP caching features are enabled,
AS devices will cache a virtual service
HTTP data.
Disable HTTP caching does not change the current system cache configuration or content.
virtual_service optional parameters. This parameter specifies the HTTP caching feature to enable or
disable virtual
Proposed service. By default, the global HTTP caching feature is enabled or disabled.
show cache status
The current status (enabled or disabled) This command is used to display the cache function.
cache settings objectsize <size>
This command is used as the object of a need to set the maximum cache buffer value. Cache values
must be specified in kilobytes. The default is 5120KB. The minimum value is
1KB. The maximum value depends AS device memory size.
Maximum system memory cache object
4GB 10240KB (10MB)
8GB 20480KB (20MB)
16GB 40960KB (40MB)
cache settings expire {hh: mm: ss | seconds}
This command is used to set the global failure time (all cached objects). The default is 82,800 seconds
(23 hours). Must be specified expiration time, format
Be "hh: mm: ss", or enclosed in double quotes.
Only in the use of Section 13.2 RFC2616 specified expiration time Expiration Model can not be
calculated, to be used as a global failure time
Failure time an object.
If the expiration time, in seconds, allowed values 0-2147483646 seconds. "0" indicates that failure
immediately after the object is stored in the cache. Chapter 8 reverse proxy cache
2013 Teamsun
All rights reserved
166
Cache design process three types of cache expiration time:
ings expire" command to configure;
Three kinds of failure time priority is as follows:
1. "cache filter rule" was first used to configure the expiration time.
2 If you do not specify the "ttl" parameter, will use the global specified by the "cache settings expire"
expiration time.
3 For any cache does not cache content filtering rule matching for HTTP header defined expiration time.
4 If the HTTP header is not used to define the expiration time of "Expires" field, press the "cache settings
expire" Configuration
Carried out.
show cache settings
This command displays the current configuration of the cache, including the expiration time of the
cached object (cache configuration failure) and the maximum number of cached objects (object
The size of the cache configuration).
show statistics cache [virtual_service]
This command is used to display all current statistics HTTP cache. If you specify a virtual service, display
cache statistics of the virtual service
Information.
Description: Cache statistics apply only to HTTP and HTTPS virtual services.
For example:
ts redirected to HTTPS: 0
2013 Teamsun
All rights reserved
167
gex match: 0
e miss, create new entry: 0
g in low cache hit ratio.)
-cache": 0
-cache": 0
o IMS mismatched: 0
d caching: 0
-store": 0
2013 Teamsun
All rights reserved
168
nd url and host: 0
old us not to cache
-store": 0
-cookie": 0
Following is the explanation of the output information items.
Output Item Description

Requests received AS device receives all the requests.
All GET Requests with GET method AS device receives the request.
All HEAD Requests with HEAD method AS device receives the request.
Number of open client connections and opening up the total number of client connections.
Number of open server connections open server connection totals.
Requests with PURGE method AS PURGE total number of requests received by the device.
Requests with POST method AS POST total number of requests received by the device.
Requests with HEAD method AS HEAD total number of requests received by the device. Chapter 8
reverse proxy cache
2013 Teamsun
All rights reserved
169
Requests redirected based on regex
match requested by the user to configure the rules redirection.
Requests forwarded with rewritten url rewrite request URL
Cache miss, new entry created.
The number of cache table to be searched and found no matching entry, create a
New entry. However, please note that sometimes creates an entry only temporary
(I.e., is used as IMS (if_modified-source) the request, generates a
A 304 results), is deleted (delay after sending data to the client
Later deleted).
Cache miss, noncacheable requests
Request does not result in the cache table search. Request certain parameters allow AS
Equipment considers the request does not have the cache (ie, very long URL,
"Cache-Control: no-store" standard first class. )
Cache revalidate
Request object has been found in the cache. However, the request for re-examination request
Card (due to re-authenticate the client to produce re-inspection agents produced
Forced generated proxy card or deletions).
Cache hit, reply using cache
AS equipment is required to find the URL in the cache. Object for the new,
AS device without re-authentication. Object caching get through our clothes

Works.
Cache hit, reply with "Not Modified"
AS device receives a request that contains a IMS
(If_modified-source) header. AS equipment validation stamp,
Determine the client is sent to the new object. AS device generates a 304
Reply, concurrent to the client.
Cache hit, reply with "Precondition
Failed "
When a request headers (such as if-match) cache does not match the current
, You can not access the current cache.
Cache miss, create new entry, resp
When noncacheable first request, create a new cache file.
cache skip, cache off to skip caching feature.
Hit ratio using the cache hit reply + use "not modified" Hit Reply
Locations rewritten to HTTPS HTTP response be rewritten as HTTPS reply. Chapter 8 reverse proxy cache
2013 Teamsun
All rights reserved
170
Locations rewritten based on regex
match response to be rewritten

The number of network cache frame buffer cache to use.
Number of cache frames
AS equipment has been searching the cache table and find the number of problems. Note that,
This is not tantamount to a cache hit. AS device may have found a
An expired object; request may have cookie, etc., lead us not
It has been found using the object in the cache.

Cache revalidate, request with
"No-cache"
Request object has been found in the cache, but there is a request for
"Cache-Control: no-cache" header. AS device will request transfer
Sent to the backend server to receive a reply to update the cache.
Cache revalidate, client IMS forward
Request has an IMS (if_modified-source) header right
As has been found in the cache, but it has been expired. AS original equipment
Starting forwards the request to the backend server and update the cache when replying to return
Object (Note: If we do not get a 304 Not Modified back
Complex, may require us to update the timestamp on the cached response).
Cache revalidate, proxy IMS forward
Request is not an IMS (if_modified-source) header for
As has been found in the cache, it has expired. Therefore, AS devices
IMS requests to insert a header (if the device is able to collect AS
Other requests information contained in the header, we put it as a slow
Keep missing), the request and then return the backend server. When a return
Complex returns, AS device will update our cache entries.
Cache revalidate, not modified
When AS device receives a "304 Not Modified" request, AS
This will increase the count of the device (whether the request is to generate the reply to the source
Since an IMS client or a request generated by us).
Cache miss, requests with cookies request object has been found in the cache. However, the request
contains a cookie.
We will forward the request to the backend server. The cache is not updated.
Cache miss, requests with range
The requested object has been found in the cache, but the request contains a range of
Wai header. We will forward the request to the backend server. Cache not more
New.
Cache miss, HTTP version mismatch of the counter is always zero.
Cache miss, IMS mismatch
AS device receives a request that contains a IMS
(If_modified-source) header. AS equipment validation stamp,
A copy of the object to determine whether the client is expired. AS device will turn this request
Sent to the backend server (importantly, we will this event as a
A cache miss). Chapter 8 reverse proxy cache
2013 Teamsun
All rights reserved
171
Cache miss, server driven negotiation
The requested object has been found in the cache. However, the package cache Reply
Containing a "vary" header, hydroxyl value of certain request headers for comparison.
If the comparison fails, AS equipment will lack the event as a cache
Loss. AS device forwards the request to the backend server. Cache not more
New.
Cache miss, negative entry hit
Request results in a negative cache click. AS said negative caching device
HTTP error code cache responses, for example, 404,302,503
And so on.
Requests redirected to HTTPS has been redirected to HTTPS requests.
Requset with "maxage = 0" contain "maxage = 0" request field.
Cached object had "no-cache" contains the request "no-cache" field.
Cache object expired cache file failure.
Cache was filling when request was
When made the request is issued, the cache is filled.
Revalidation failed due to IMS
mismatched
If IMS data on the client device is greater than the LM AS date, the Department of
The system will force the manufacturer once cache is missing.
Client has newer copy, can not send
from cache
From the last-modified header judgment, the client copy than the cache time to
Early, so it will not send a cached copy.
Object in cache is chunked, can not
give to 1.0 client
Cache to cache block in the form of preservation, is compatible with HTTP 1.1 protocol, not
1.0 clients can access.
Network memory utilization was too
mbuf high enough allocated to the cache.
Cache filter denied caching cache filter refused cache.
Requests with "no-store" contains the request "no-store" field. Chapter 8 reverse proxy cache
2013 Teamsun
All rights reserved
172
Requests with "authorization" request containing "authorization" field.
Requests with cookies contain a cookie request fields.
Requests with range contains the request "range" field.
Requests non GET, non HEAD does not contain all remaining requests "GET" or "HEAD" field.
Requests URL too long URL is too long a request.
Host Name Requests host too long a request is too long.
Network memory shortage when cache
hit (200, 304) cache memory shortage hits (200,304)
Cache was not accessible buffer cache module is not ready to do.
Fail to send cache lookup to the communication between the client cache and cache module fails.
Fail to find url and host logic errors, host or URL information can not be extracted from the buffer.
Fail to parse cache specific http
request headers cache module error occurred while trying to analyze a request.
Fail to create a new cache object internal logic error, you can not add the cache object.
Noncacheble requests due to other
errors are not listed due to an error, the request can not perform caching operations.
HTTP response code not 200, 300 or
301 HTTP response code is not 200, 300 or 301. Chapter 8 reverse proxy cache
2013 Teamsun
All rights reserved
173
Response had a "no-store" reply contains "no-store" field.
Response had a "private" reply contains "private" field.
Response had a "set-cookie" response contains "set-cookie" field.
Response had a "vary" reply contains "vary" field.
We got cache miss for HEAD or
PURGE method HEAD or PURGE request will not be cached.
Could not revalidate with HEAD or
PURGE method can not be re-verified HEAD or PURGE Act request.
Response noncacheable too big files too large to be cached.
Cache storage limit exceeded based
on header data processing headers, mbuf inadequate.
Cache storage limit exceeded based
When on payload processing Replies subject, mbuf inadequate.
Network memory shortage when
When storing response body storage Reply body, insufficient network memory.
Cache object was deleted before
response arrived
When replying to feedback, the cache entry is deleted. Normal procedural requirements, first
Delete the cache entry, and then receive information.
Fail to parse cache specific http
When the response headers Analysis reply header, an error occurred.
Fail to store response headers in
cache to cache failed to send reply header.
Cache object was aborted due to
connection reset connection reset, causing the cache aborted. Chapter 8 reverse proxy cache
2013 Teamsun
All rights reserved
174
Noncacheble responses due to other
error due to not enumerated error, reply cache operation can not be performed.
Fail to store response body in cache to cache the body fails to send a reply.
clear statistics cache [virtual_service | all]
This command is used to clear the cache statistics, including the number of cache hits and the number of
requests. If you specify a virtual service, ease of the virtual service
Keep statistics will be cleared. If you use the keyword "all", will clear the virtual service statistics for all
HTTP and HTTPS. If not specified
Virtual services, clear the global cache statistics.
show cache content <host_name> <url_regex>
This command is used to cache object information display with the specified host name and URL regular
expression matching.
host_name Specifies the host name of the object.
url_regex specified object URL regex.
clear cache content
This command is used to clear all cached objects from the cache. The operating system does not change
the current cache configuration.
cache filter {on | off}
This command is used to enable or disable the cache filtering. By default, the cache filter off.
cache filter rule <host_name> <url> {cache | urlquery | ttl}
This command is used to create a cache filter rules that define AS equipment for "host name" and "url"
matching object caching behavior. Parameters "host
name "and" url "define the host and URL address, and runs on cache filter host name does not accept
regular expressions, and must be a complete
Keywords. In the "url" parameter, you can use any suitable PERL compatible regular expressions, and
create a more powerful regular expressions.
Parameters "cache" request "cache = yes" or "cache = no" type of input to determine whether the cache
matching object. Parameters "urlquery" requirements
"Urlquery = yes" or "urlquery = no" input, to decide whether to ignore the user requests the URL query
string. Parameters "ttl" (Time to
Live) The length of time the cache object.
host_name parameter "host_name" and "url" is used to define us want to run slow
Memory address filtering rules. Chapter 8 reverse proxy cache
Chapter 8 reverse proxy cache

2013 Teamsun
All rights reserved
176
Control key configuration behavior
response with cache-control no-store
response with cache-control no-cache
response with cache-control private
response with set-cookie
response with vary
no such match is forced to not cache.
not set cache control headers perform configuration inside.
urlquery
yes cache will ignore the url query string.
no cache will not ignore the url query string.

not set the cache will not ignore the url query string.
ttl
Cache object new_ttl_value match will use new_ttl_value.
not set the default TTL "cache setting expire" configuration, or use
Cache control field specifies the TTL.
Additional configuration and use:
"Cache = yes" said that even with these cache control fields, the request will use the cache services:
-control no-store
-control no-cache
Cache control fields have the following responses can be cached:

-control no-store
-control no-cache
-control private
-cookie
"Cache = no", said regardless of whether the header allows objects to be cached, the user can force the
object will not be cached.
If you do not specify a "cache", cache filter will cache control field configuration execution.
In the cache filtering, TTL can use the following two forms:
e
2013 Teamsun
All rights reserved
177
In this example, the host name and the object of all matching URL regular expression will be forced
caching TTL seconds. TTL in seconds after arrival, AS equipment
Must refresh or validate the object again, and then in order to be used again.
In this example, if the object contains a TTL control instructions relating to all objects matching the host
name and URL regular expression should first comply with
Object refresh time. Otherwise, the object will use the TTL value specified in the rule.
For example:
1 cache specified file type; other documents to comply with the instruction cache server.
filter rule www.xyz.com ". * \. Jpg" "cache = yes"
2 for the host www.xyz.com cache all "jpg" file.
\. Gif" "cache = yes" "ttl = 200000"
Host www.xyz.com cache all "gif" file. Its TTL value is rewritten as 200,000 seconds.
3 cache specified type of file; other documents should not be cached.
\. Jpg" "cache = yes"
\. Gif" "cache = yes" "ttl = 200000"
S (config) #cache filter rule www.xyz.com ". * \. Html" "cache = yes" "ttl = 200000"
4 Do not specify the type of file caching; other documents executed by the server's cache directive.
(config) #cache filter rule www.xyz.com ". * \. Jpg" "cache = no"
\. Gif" "cache = no"
5 Do not cache specific types of files; other files should be cached.
. * \. Jpg" "cache = no"
\. Gif" "cache = no"
6 Specify a file type. This type of file cache filter will comply with the definition of GGL; other types of
files will comply
TTL cache control header definition.
\. Jpg" "ttl = 200000"
\. Gif" "ttl = 200000"
.xyz.com "/" "cache = yes"
7 Specify a file type. This type of file will ignore cache query string of the URL; other files using the entire
URL.
\. Html *" "urlquery = yes" in Chapter 8 reverse proxy

cache
2013 Teamsun
All rights reserved
178
show cache filter status
This command allows the user to display cache filter configuration.
show cache filter hostname <host_name>
This command is used to display all the cache host name associated with the specified filter
configuration.
show cache filter all
This command is used to display all cache filter rules.
cache filter match <host_name> <url_regex>
This command is used to display all cache filter rules match the host name and URL regex configuration.
Administrators can use this command to test early with
Correctness of the position of each cache filter rules.
no cache filter rule <host_name> <url>
This command is used to clear the matching designated "host name" and "url" cache filter configuration.
clear cache filter hostname <host_name>
This command is used to clear the cache host name matches the specified filter configuration.
clear cache filter all
This command is used to clear all cache filter configuration.
show statistics cachefilter <host_name> <url_regex>
This command is used to display the specified host name and URL regular expression filtering
configuration cache related statistics.
clear statistics cachefilter [host_name | all]
This command is used to clear the cache filter statistics. If you specify a host name, about the host's
cache filter statistics will be cleared. "All"
Clears all cache filter statistics. If you do not specify a value, the clear global cache filter statistics.
8.2 HTTP command
Some commands can be configured AS equipment HTTP traffic and how to deal with special requests.
The first function processor "X-Forwarding", in the process
Users can configure an option, an "X-Forwarded-For" header insert all HTTP and HTTPS requests. This
allows the client IP
Can be displayed in real server. The second function is to allow users to configure an option for NetFOS,
resolve non-ASCII characters or more than in words
Festival of similar character. Xforwardedfor command support HTTP header, URL parameters, or both,
will be transferred to the client IP address backstage clothes Chapter 8 reverse proxy cache
2013 Teamsun
All rights reserved
179
Service unit. Based on the implementation of virtual service configuration process. Details of the two
commands are described below:
http xforwardedfor on [vs_name] [mode] [customized_name]
This command is used to enable the host IP address into the HTTP header of the function, as well as the
URL request or HTTPcookie forwarded to the backend server
Function. Command parameter is optional. If no argument, this command is global. For this function, the
default setting, the whole
Council set to disable, configure each virtual service was enabled.
Setting behavior
http xforwardedfor off
http xforwardedfor on vs1
(Which is the default setting)
When the global setting is disabled, the host IP address does not insert vsl of HTTP headers
Head, forwarded to the backend server URL requests and HTTPcookie.
http xforwardedfor on
http xforwardedfor on vs1
The host IP address will be inserted vsl HTTP headers, forwarded to the background
URL requests to the server and HTTPcookie. Only when global settings and
Each virtual service settings enabled, the host's IP address to be inserted vsl
HTTP header, URL request and HTTP cookie.
http xforwardedfor on
http xforwardedfor off vs1
When a single virtual service settings to disable the host IP address will not insert vsl
HTTP headers, forwarded to the backend server and HTTP URL request
cookie.
vs_name SLB virtual service name.
mode can be a header, url, cookie or all. All said the HTTP header,
URL request and HTTP cookie will contain the client IP address.
customized_name HTTP header for the IP address, URL request and HTTP cookie
Specify a new name.
http xforwardedfor off [vs_name]
This command is used to disable the host's IP address into the HTTP header, URL request and forwarded
to the backend server's HTTP cookie. If there is no means
Given parameter, the command will be global.
show http xforwardedfor
This command is used to display the Insert forwarded to the backend server request X-Forwarded-For
header current status (enabled or disabled).
http xclientcert virtual <virtual_service> [insert_mode] [content_type]
When you enable SSL client authentication, AS device can use this command to client certificates
received by the HTTP header or HTTP cookie
Forwarded to the backend server. Only "ssl settings clientauth" command has been successfully
configured after, AS device to the client certificate forwarded to the background in Chapter 8 reverse
proxy cache
2013 Teamsun
All rights reserved
180
Server.
insert_mode This parameter includes two modes: "header" and a "cookie". In case
"Insert_mode" is the header, the client certificate will be forwarded to the server is inserted
Header request. The default insert mode "header".
content_type The command has two certificates encoded content format: "PEM" and "body".
"Body" said AS device BASE64 encoded value of digital certificates forwarded
To the backend server, and "PEM" said AS device client certificate
The encoded value is forwarded to the backend server to OpenSSL internal code form.
OpenSSL internal code format has a header row start and abort
("----- BEGIN CERTIFICATE -----" and "----- END
CERTIFICATE ----- "), each have a 64 digit separator";. "
This parameter defaults to "body". (Note: OpenSSL internal code format allows
By ";" as a separator, cookie also to ";" as separator, so make sure
AS encoding device can use the certificate is forwarded to the backend server. )
show http xclientcert virtual
This command displays the server forwards the request to enable insertion X-Client-Cert header
features all the virtual services.
no http xclientcert virtual <virtual_service>
This command is used to enable the X-Client-Cert header at the specified virtual service forwards
requests to the server insertion.
clear http xclientcert virtual
This command is used to disable all virtual services X-Client-Cert header insert function when forwarding
the request to the server.
http xclientcert header [header_name]
This command is used to configure the client certificate header name. The default name is X-Client-Cert.
show http xclientcert header
This command is used to display the name of the client certificate header.
http xclientcert plaintext <mode> <field_name> <virtual_service> [customized_name]
[format_opt]
This command is used to enable or disable the insert certificate fields in the HTTP header, URL request
and HTTP cookie, and then to customize the header name Chapter 8 reverse proxy cache
2013 Teamsun
All rights reserved
181
Specify the certificate will be forwarded to the backend server field functions. Administrators can use
the "customized_name" option to customize the backend server can be accepted
The field name. If a custom name is empty, the system will use the default value of the field. Supported
fields include: subject (theme), issuer (hair
Sender), validity (validity), serial (serial number), NotBefore (start date), NotAfter (termination date),
CommonName
(Common name), PublicKey (public key) and custom RDN.
mode client certificate information transmission methods; supports the following methods:
field_name a certificate field name. Supports the following field names:

subject DN of a client certificate is transferred to the background
Server.
Servers.
<NotBefore> To <NotAfter> ". For example," From Dec 19

5:54:42 2007 GMT To Dec 19 5:54:42 2008
GMT ".
Server.
ission format is
Hexadecimal. For example, public key "0x00 0x43 0x78 0xed" to "0043
78 ed "form (ASCII value) is transferred to the backend server. Says
Description: When the file name specified in the way public key, only the public key modulus
Transferred to the backend server.
Transferred to the backend server. Chapter 8 reverse proxy cache

2013 Teamsun
All rights reserved
182
When defining RDN sent to the back-end server, the official format should be:
<scope>. <symbol or OID>
Or
<OID expression>
Range:
Range Description
Symbolic value or specify OID Subject Search client certificate subject DN's.
Issuer client certificate issued OID party symbol values or specify the DN.
Symbolic value or specify OID Ext client certificate external field to search. Versions require client
certificates should be 2 or 3.
OID or <null> Search client certificate TBS specified OID value. TBS said customer information certificate.
When the search for
Empty, the point should not appear in the official format.
Symbol:
OID symbol standard name
2.5.4.6 C Country Name
2.5.4.8 ST State or province name
2.5.4.7 L location name
2.5.4.10 O Organization Name
2.5.4.11 OU organizational unit name
2.5.4.3 CN Common Name
2.5.4.5 SN Serial Number
2.5.4.46 dnQualifier DN Qualifier
2.5.4.65 Pseudonym alias

2.5.4.12 Title Title
2.5.4.44 GQ produce qualifier
2.5.4.43 Initials acronym
2.5.4.41 Name Name
2.5.4.42 givenName name
2.5.4.4 Surname Surname
0.9.2342.19200300.100.1.25 DC domain components
1.2.840.113549.1.9.1 emailAddress mail address
{OID expression} OID information, such as: 1.2.3.4
Description: When a symbol within a specific range has another value, AS equipment will be transferred
to all the values of all the backend server, from the second symbol
Started, the system will add a custom name after a number. This number starts at 1 and increase
sequentially. Chapter 8 reverse proxy cache
2013 Teamsun
All rights reserved
183
For example:
AS a configuration on the device:
Client certificate with the following topics DN:
emailAddress=online@teamsun.com.cn
Backend server receives the following cookie:
virtual_service specify predefined SLB virtual service name.

customized_name optional parameters. Specify a name for the field, before replacing a parameter
definition
The standard field names.
format_opt
Optional. Specify forwarded to the backend server "field" format.

Subject and Issuer: sequential format options:
proxy cache
2013 Teamsun
All rights reserved
184
Subject formatting options, for example:
If a client certificate with the following topics DN:
ss=online@teamsun.com.cn
If "format_opt" to "positive", the theme will be delivered in the following order:
EmailAddress = online @ teamsun.com.cn, CN = abc, OU = NetF, O =
Teamsun, ST = BJ, C = CN
If "format_opt" to "reverse", the theme will be delivered in the following order:
C = CN, ST = BJ, O = Teamsun, OU = TM, CN = abc, EmailAddress = on
line@teamsun.com.cn
If "format_opt" as "original", the theme will be delivered in the following order:
C = CN, O = Teamsun, OU = TM, ST = BJ, CN = abc, EmailAddress = on
line@teamsun.com.cn
Validity, NotBefore, NotAfter: date and time format options should be:
2013 Teamsun
All rights reserved
185
Time values are in digital form.
Room.
Validity of formatting options, for example:
2009 GMT
-01-01 20:01:01 GMT to 2010-0101
20:01:00 GMT
-01-31T15: 35: 05Z To
2009-01-30T15: 35: 05Z
ext <OID>:. formatting options should be: unresolved or resolved ext <OID>.
Extended format definition X509 certificate as follows:
Extension :: = SEQUENCE {
extnID OBJECT IDENTIFIER,
critical BOOLETS DEFAULT FALSE,
extnValue OCTET STRING}
Among them:
extnID: The OID of the extension;
critical: The criticality flag;
extnValue: The extension value.
: unresolved :( default) only complete extnValue
Values are forwarded to the backend server. For DER, an object by
Three parts, said: type, length and value. extnValue with DER
Coding. Thus, extnValue including the type, length, and value.
tnValue equally to DER encoded, so it also contains three
Parts: the type, length and value. When this option is enabled, only
Numerical extnValue will be forwarded to the backend server.
When extnValue belonging to a numeric type one of the following, whether this option is not in Chapter
8 reverse proxy cache
2013 Teamsun
All rights reserved

186
Resolved or resolved, the value of extnValue will be forwarded to the backend server:
SEQUENCE
SET
Untagged data
For example, in the following extension, the type of values is SEQUENCE:
404 30 31: SEQUENCE {
406 06 3: OBJECT IDENTIFIER issuerAltName (2 5 29 18)
411 04 24: OCTET STRING, encapsulates {
413 30 22: SEQUENCE {
415 86 20: [6] 'http://www.nist.gov/'
:}
:}
:}
Command "http xclientcert plaintext header" ext.2.5.29.18 "vs1
"url1" "parsed" "and" http xclientcert plaintext header
"ext.2.5.29.18" vs1 "url1" "unparsed" "have the same result" 0x30
0x22 0x86 0x20 ... ", the results will be sent to the backend server.
When extnValue numeric type is the time when numeric string, NetFOS the parameters
Content into DIGITAL format:
Generalized Time
UTC tim
. ext <OID> format options, for example:
In this example, OID extension is 0.1.2.3, extnValue value is "0x0c 0x06
0x36 0x35 0x34 0x33 0x32 0x31 "." 0c "indicates the value extnValue
Type "06" indicates the value of the length extnValue.
If "format_opt" is "unparsed", "0x0c 0x06 0x36 0x35 0x34
0x33 0x32 0x31 "will be forwarded.
If "format_opt" is "parsed", "0x36 0x35 0x34 0x33 0x32

0x31 "will be forwarded Chapter 8 reverse proxy cache
2013 Teamsun
All rights reserved
187
http xclientcert dnencoding <virtual_service> [encoding]
This command is used to specify the client certificate DN forwarded to the backend server when
encoding format from the specified SLB virtual service.
virtual_service designated SLB virtual service name.
encoding optional parameters. Specify the encoding format for multi-byte characters. Support for UTF-8,
GB2312, GBK and GB18030 format. The default format is UTF-8.
show http xclientcert dnencoding [virtual_service]
This command is used to display the DN encoding configurations.
virtual_service designated SLB virtual service name. Optional. If you do not specify a virtual
Proposed service will be displayed DN encode all SLB virtual service configuration.
no http xclientcert dnencoding <virtual_service>
This command is used to specify the encoding DN configured virtual services to their default values.
virtual_service designated SLB virtual service name.
clear http xclientcert dnencoding
This command is used for all virtual service restoration DN encoding scheme.
http owa {on | off}
This command is used to enable or disable a subsystem that is inserted Outlook Web Access (OWA)
header in the request and
FRONT-END-HTTPS: on the parameters, and then forwarded to the backend server. When the subsystem
is enabled, only the header is inserted using "http owa virtual"
Command to configure a virtual service. When this subsystem is disabled, there is a timely use of "http
owa virtual" command to configure a virtual service, it will not insert
The header. The default setting is disabled.
show http owa status
This command is used to display the status of OWA subsystem (enable / disable).
http owa virtual <virtual_service>

This command is used to forward the request to the backend server for the specified virtual services
enable insertion FRONT-END-HTTPS: on header function. Chapter 8 reverse proxy cache
2013 Teamsun
All rights reserved
188
show http owa virtual
This command is used to display the request is forwarded to the backend server to enable insertion
FRONT-END-HTTPS: on header features all the virtual services.
no http owa virtual <virtual_service>
This command is used to disable the specified virtual service forwards the request to the backend server
is disabled FRONT-END-HTTPS: on header insertion function.
clear http owa virtual
This command is used for all virtual service forwards the request to the backend server is disabled
FRONT-END-HTTPS: on header insertion.
http mask server {on | off}
This command allows the user to the client "hide" backend server status. If the command is set to "on",
"Server" header will be removed. The default is
"Off".
http mask via {on | off}
This command allows the user organization to understand the client Web browser reply by AS device
settings proxy. If the parameter is set to "on", "Via" header
Will be cleared. The default is "off".
show http mask
The current status (on / off) This command is used to display the HTTP server and HTTP mask via mask
function.
http serverconnreuse {on | off}
This command is used to enable / disable various transaction server connection reuse feature. If set to
"off", each server is stopped only after connecting for a single
Affairs. If set to "on", each server connection can be used for multiple transactions. The default is "on".
[no] http serverconnreuse real <real_name> off
This command is used to specify the actual service mandatory for each server connection for a single
transaction.
real_name real name as a string in the form of service configuration. Note: If the configuration
Names begin with a number, the string should be enclosed in double quotes.
[show | clear] http serverconnreuse
This command is used to display or remove the application server connection number of the current
state of affairs (on / off).
http serverpersist {on | off} Chapter 8 reverse proxy cache
2013 Teamsun
All rights reserved
189
This command is used to enable or disable continuous connectivity background communication server.
By default, persistent connections enabled. When the connection re-use power
After the energy is enabled, enable persistent connections to ensure that all transactions from the same
client connection can be forwarded to the same backend server. If the connection is enabled
Reuse but disable persistent connections, connections from the same client transaction may be
forwarded to a different backend server connection.
[no] http serverpersist real <real_name> off
This command is used to specify the actual service backend server to disable persistent connections
communications.
real_name real name service configuration, in the form of a string. Note: If equipped
Name set begins with a number, string should be enclosed in double quotes.
[show | clear] http serverpersist
This command is used to display or remove persistent backend server connection status (enable /
disable).
http shuntreset {on | off}
This command is used to enable or disable the reset function can not be reused server connections.
Enabling this feature will force the AS recharge not reusable server connected device
Pick. This option is disabled by default.
show http shuntreset
This command is used to display the status of non-reusable handle server connections.
http buffer nomsglen {on | off}
This command is used to enable (on) or disabled (off) cache and cache handling accept certain non-RFCcompliant response function. When you enable this command, in a letter
Interest is returned to the client before, the header does not "end of response" HTTP response message
length indicator still be cached. This feature is enabled by default.
show http buffer nomsglen
This command is used to display the status of the reply no cache "end of response" message length
indicator.
http rewrite request insertheader <virtual_service> <header_string>
This command is used to specify the virtual service received insert arbitrary HTTP request header
information. Except for the escape of the% character, the header string needs
Verbatim input. % n represents a line separator (by \ r \ n replace),% q is a double quotation mark
("),%% indicates the percent sign. header string maximum
Length of 500 bytes. For example, the header string FRONT-END-HTTPS: on% n, when the administrator
input via CLI
"FRONT-END-HEADER: on% n", we should include the double quotes; through the WebUI input string,
do not enter the quotes.
no http rewrite request insertheader <virtual_service>
This command is used to disable the insert custom HTTP headers specified virtual service. Chapter 8
reverse proxy cache
2013 Teamsun
All rights reserved
190
show http rewrite request insertheader [virtual_service]
This command is used to display the virtual service to insert arbitrary HTTP headers state. If you specify
the keyword "all", will display all virtual services insert
HTTP header configuration. The default is "all".
clear http rewrite request insertheader <virtual_service>
HTTP headers specified in this command is used to clear the insertion of virtual services. If you specify
the keyword is "all", will clear all HTTP virtual service
Header insertion.
http rewrite response cookie secure {on | off} [vs_name]
This command is used to enable or disable the HTTP header is placed within the Set-Cookie security
clause, preventing the client through insecure connection forwarding cookie.
The default state is "on". Parameters "vs_name" is used to enable or disable this feature in the specified
virtual service. If you do not set this parameter, the command
Globally enabled or disabled.
If the global configuration is "off", all configuration for each virtual services are "off". Only global
configuration is "on", the configuration will each virtual services
Effective.
http rewrite response cookie secure icookie {on | off} [vs_name]
This command is used to enable or disable the HTTPS client security cookie support functions. The
default state is "on". The purpose of this command to add is that when life
Order "http rewrite response cookie secure" when it is enabled, do not insert a "secure" label in SetCookie header. Parameters
"Vs_name" is used to enable or disable this feature in the specified virtual service. If you do not set this
parameter, this command will globally enable or disable.
If the global configuration is that all configurations are "off" "off", each virtual services. Only in global
configuration is "on", each virtual service configuration will
Effective.
show http rewrite response cookie secure
This command is used to display the reply security cookie running.
clear http rewrite response cookie
This command is used to rewrite the return to its default settings "on".
http rewrite response port <virtual_service> <modify_action>
This command modifies the specified virtual service receives an HTTP request port number in the
Location response header contains.
virtual_service specify the virtual service name.
modify_action designated modify behavior. Currently, only "remove" behavior. Chapter 8 reverse proxy
cache
2013 Teamsun
All rights reserved
191
no http rewrite response port <virtual_service>
This command is disabled for the specified virtual service port number modification.
show http rewrite response port [virtual_service]
This command displays the port number to modify settings for all virtual services. If you specify a
particular virtual service, this command displays only the virtual port services
Modify settings situation.
clear http rewrite response port <virtual_service>
This command will specify the virtual service port number to modify the settings to their default values.
virtual_service specify the virtual service name. If you specify the keyword "all", then reset the
Virtual service port number to modify the settings.
http rewrite response https <virtual_service>
This command allows the user to specify the HTTP or HTTPS virtual service to redirect from HTTP to
HTTPS rewrite configuration. This process requires
Rewrite HTTP location header content for use HTTPS scheme in the URL.
show http rewrite response https
This command displays the HTTP redirect rewrite HTTPS redirection for all virtual service configuration.
no http rewrite response https <virtual_service>
This command disables the specified virtual service to redirect from HTTP to HTTPS redirection rewrite
function.
clear http rewrite response https
This command disables all virtual service to redirect from HTTP to HTTPS redirection rewrite function.
http import error <error_code> <virtual_service> <url>
This command allows the user to import a custom HTTP error page from a remote server. "error_code"
refers to the HTTP error code,
"Virtual_service" refers to an error of the intended destination, "url" refers to the location of the custom
error page. Import custom error page support HTTP
The error code is 400 (Bad Request), 403 (ban), 412 (prerequisite error), 502 (Bad Gateway) and 503 (no
available services).
show http import error [error_code] [virtual_service]
This command displays the custom error code and error page list of host names to import. If you specify
"error_code" and "virtual_service", then
Import content error page is displayed (if any). Chapter 8 reverse proxy cache
2013 Teamsun
All rights reserved
192
clear http import error [error_code] [virtual_service]
This command clears all error pages to import. If you specify "error_code" and "virtual_service", will
clear the appropriate error page.
http error <error_code> <virtual_service>
The command for the specified "error_code" and "virtual_service", to enable error pages to import.
show http error [error_code] [virtual_service]
This command displays a custom error page to enable all HTTP error codes and host name. If you specify
"error_code" and
"Virtual_service" parameter is enabled error page is displayed (if present).
clear http error [error_code] [virtual_service]
This command disables all enabled error page. If you specify "error_code" and "virtual_service"
parameter, just disable the corresponding error page.
http permit host <host_name>
This command adds the specified host name to the list of host names allowed. The default allows all
host names. The command to configure at least one host name, only by
Over the hostname configuration are allowed, others are rejected.
show http permit host
This command displays a list of host names are allowed.
no http permit host <host_name>
This command clears the specified host name from the list of host names of allowed. After this host
name is cleared, if the list no other host name, the
There are host names are allowed.
clear http permit host
This command removes all host names from being allowed to host names list. After executing this
command, all host names are allowed.
[no] http permit method <method> [vip]
This command adds HTTP methods to be allowed or removed from the specified method. The method
can be used are, get, post, put, delete, trace,
connect, options, head, propfind, proppatch, mkcol, copy, move, lock, unlock, purge, rpc_in_data and
rpc_out_data. By default, allow all methods, but did not configure any command. Use this command to
configure at least one method, only the
Method configuration in order to be allowed, the remaining were rejected. If the "vip" parameter is null
or 0.0.0.0, this command is configured as a global. Otherwise, the command
VIP configuration.
show http permit method [vip] Chapter 8 reverse proxy cache
2013 Teamsun
All rights reserved
193
This command displays were allowed and rejected the list of methods HTTP. If the "vip" parameter is
0.0.0.0, this command displays the global configuration. If you do not
Specify "vip" parameter, this command displays all settings, including global settings and all per-vip
settings. If you specify a VIP parameter is only displayed
VIP setting.
clear http permit method [vip]
This command removes all the way from the list of methods allowed in HTTP. After executing this
command, all HTTP methods will be allowed. If the "vip"
Parameter is specified as 0.0.0.0, this command will clear the global permitted methods. If you do not
specify a "vip" parameter, this command will clear all allowed methods
Including global settings and all per-VIP setting. If you specify a VIP parameters, remove only the
specified VIP permitted methods.
http modifyheader http10 {on | off}
This command allows the user to change HTTP response version from 1.1 to 1.0, while adding a header
to restore the "connection: keep-alive". If the HTTP
Version 1.1, AS device to convert it to 1.0. If the "connection" field does not exist or is connected field is
"connection: close", AS
Equipment will add this field or be amended to "connection: keep-alive". The default setting is "off".
show http modifyheader http10
This command displays the modified header configuration.
[no] http acl url <virtual_service> <path> [level_0 | 1 | 2]
This command is an SLB virtual service network resource definition an ACL rule.
The maximum number of ACL configuration rules depends on system memory size:
on of system memory for 4G or 8G, ACL rules for 1000.

virtual_service SLB virtual memory specified name is already defined.
path according to the access level of protection to define a URL-based network resources
Sources. If SSL received a request does not meet the access level "0 | 1 | 2",
Returns "HTTP 403" error. Network Resource Name supports wildcards
"^", "*" And "$." For example, "^ abc" matches the name to "abc" at the beginning of the
Network resources; "abc *" matches the name contains "abc" all network
Resources; ". Txt $" matches the name to ".txt" at the end of all network resources.
level_0 | 1 | 2 The following table explains the various situations: Chapter 8 reverse proxy cache
2013 Teamsun
All rights reserved
194
Parameter Value Description
0 resources can be accessed via HTTP and HTTPS.
A resource can only be accessed via HTTPS, may have, but also there is no client authentication.
However, if you set
SSL is compulsory certification, the client certificate authentication required "2" implementation.
Two resources can only access via HTTPS, forcing client certificate authentication.
http serverconnip <virtual_service> [header_name]
The command for a virtual service settings specified a server connection IP rules. Tell AS IP server
connection settings from the specified HTTP equipment
Header seeking to obtain an IP address, and backend server as the source IP connection. IP address of
the HTTP request header can be IPv4 or IPv6.
virtual_service for a specified HTTP or HTTPS virtual service name.
header_name an HTTP request header name is not case sensitive (not a standard
HTTP header). This is an optional parameter, the default value
"X-Forwarded-For". The maximum length is 100 characters. Header name
Not case sensitive.
Description: This command is only transparent mode configuration to take effect.
no http serverconnip <virtual_service>

The command for a specified virtual service to clear a server connection IP settings.
virtual_service for a specified HTTP or HTTPS virtual service name.
show http serverconnip [virtual_service]
This command displays a specified virtual service IP server connection settings. If you do not specify a
virtual service, then displays all server connection IP settings.
clear http serverconnip
This command clears all server connection IP settings.
http turbo <virtual_name>
The command for a specified virtual service enables HTTP request processing acceleration. This
configuration applies only HTTP types of virtual services.
Note: If the object of this configuration is a type of virtual service HTTP compression and caching
features will be unavailable. Chapter 8 reverse proxy cache
2013 Teamsun
All rights reserved
195
no http turbo <virtual_name>
This command is disabled for a specified virtual service HTTP request processing acceleration.
show http turbo [virtual_name]
This command displays the configuration enabled HTTP request processing acceleration specified virtual
service. If you do not specify a virtual service, the display is enabled
All virtual service HTTP requests acceleration configuration.
clear http turbo
This command disables all virtual services HTTP request processing acceleration. Chapter 9 rewrite HTTP
content
2013 Teamsun
All rights reserved
196
Chapter 9 rewrite HTTP content
This chapter describes the HTTP content rewrite command.
http rewrite body {on | off} [virtual_name]

The command to enable or disable the HTTP content rewriting function.
virtual_service this parameter is specified to enable / disable HTTP virtual server content rewrite
function
Service name.
Optional. If this parameter is not set, HTTP content rewrite function
Globally for all virtual services will be enabled / disabled.
Description:
By 1 default, HTTP content rewriting capabilities for disabled globally, but enabled by default for each
virtual service.
2 is enabled only when the global HTTP content rewriting function rewrite HTTP content for each virtual
service functions to enable and configure will work.
show http rewrite body status
This command displays the status of each virtual global or HTTP content rewrite function (enable /
disable).
http rewrite body rule <rule> [flags]
This command defines an HTTP content rewrite rules. AS device will be based on data "rule"
Configuration Check reply, and then rewrite this rule matches
String.
This parameter is used to specify a rule to rewrite the rules. Supports two types of rewriting regulations
Then:
-pattern to-pattern"
Only rewritten URL HTML tag. "From-pattern" is used to specify
Rewrite the string. Such rewrite rule only applies to HTML and XHTML
Overwrite the file.
-pattern / to-pattern /"
Rewrite the URL HTML tags and beyond. "From-pattern" is used to specify
Source string. "To-pattern" is used to specify a string to be rewritten. Chapter 9 rewrite HTTP content
2013 Teamsun
All rights reserved
197
Source string contains the character "/" will result in an error, because the parameter
"Substitute s / from-pattern / to-pattern /" already exists in the
Characters. In this case, we should use the "Substitute
s \ | from-pattern \ | to-pattern \ | ".
This parameter is used to specify the flags string matching mode can be set to "-R" or
"-i". This is an optional parameter, the default value is null.
-R", as long as partial match "from-pattern"
Defined string, AS device will be rewritten.
et to "-i", matching "from-pattern" string does not zone
Case-sensitive.
-pattern" definition
When the strings match exactly, AS device will rewrite them.
Description:
1 parameter "rule" configuration string must be placed in double quotes.
2. "ProxyHTMLURLMap" and "Substitute" configuration string strict compliance with capitalization
requirements.
3 When "ProxyHTMLURLMap" and "Substitute" rules are configured, the first to use
"ProxyHTMLURLMap" rule, then
Then use the "Substitute" rule. If "ProxyHTMLURLMap" and "Substitute" rules were configured and
mapped to phase
Far from the expression, "Substitute" rule will rewrite "ProxyHTMLURLMap" rule.
4 If you want to modify the rewrite rule, run the day to rewrite operation will stop, AS will reset the
relevant connections. Therefore, when the device is processing network AS
When the network communication, it is recommended not to change the rewrite rules.
5 If you enable HTTP content rewriting functions, and configure the content rewrite rule, return each
row length can not exceed 1MB; otherwise,
AS device to the client sends a RST packet, terminates the TCP connection.
no http rewrite body rule <rule> [flags]
The command to remove a specified HTTP content rewrite rules.
show http rewrite body rule

This command displays the contents of all the defined HTTP rewrite rules.
clear http rewrite body rule
This command removes all existing HTTP content rewrite rules.
http rewrite body mimetype <mime_type> Chapter 9 rewrite HTTP content
2013 Teamsun
All rights reserved
198
This command specifies the need to rewrite the file type. AS device only specific types of files in the
string rewriting. Administrators can assign a file each time only
Types. If you need a variety of file types, administrators can according to different "mime_type"
configuration value, repeat this command.
Supported file types are as follows:
text / richtext
mime_type This parameter specifies the file types to be rewritten. Type parameter can be set are:
html, plain, richtext, xml, xhtml, css or js.
By default, AS equipment rewrite only "text / html" type files.
no http rewrite body mimetype <mime_type>
This command is used to delete a configuration file to specify the type.
show http rewrite body mimetype
This command is used to display the current configuration of all file types.
clear http rewrite body mimetype

This command will restore the default file type configuration value "text / html". (Please refer to the
command "http rewrite body mimetype <mime_type>")
http rewrite body url list <url_list> <url_regex>
This command creates a URL list, the URL regular expression added to the URL list. Regular expressions
can be a URL extension, file
Or part of the file name. Then, the administrator needs further through an allow / deny rules, the URL
list and a virtual service off
Linked together. After the completion of these operations, the document lists the URL regular
expression matches any URL will be associated with the allow / deny rules change
Write. Chapter 9 rewrite HTTP content
2013 Teamsun
All rights reserved
199
You can be more than one URL regular expressions to "OR" logic added to a URL list. That is, only
extension, file name or the file
When the contents of the URL regular expression matching, allow / deny rules will work.
Administrator every time you add a URL to the URL list only regular expressions. If you need more than
one URL regular expressions, an administrator can configure
With the "url_regex" value, and then repeat this command.
url_list This parameter specifies the URL list name, in the form of an alphanumeric string,
Up to 40 characters in length.
Special characters "!?, \ T: + & #% $ ^ () @ ~ *" <> = | \\ / \ "can not be used in this reference
Number.
URL url_regex This parameter is used to specify the URL to be added to the list of regular expressions
Style. Regular expressions can be an alphanumeric string with a maximum length of
1024 characters.
no http rewrite body url list <url_list> <url_regex>
This command removes the specified configuration URL regular expression.
show http rewrite body url list [url_list]
This command displays a list of all the URL and associated URL regular expressions. If you specify the
parameters "url_list", this command will display only the specified URL column
Table of regular expressions.
clear http rewrite body url list [all | url_list]
This command removes all existing URL lists and related regular expressions.
all of the parameters used to delete a list of all current and relevant URL regular expression
Style.
URL list and related url_list This parameter is used to delete the specified regular expression.
http rewrite body url permit <virtual_service> <url_list>
This command allows you to specify a URL according to a list of specified virtual service content
rewritten. Only the specified URL list contains the string matching network
Page file to be overwritten. Other files can not be overwritten.
virtual_service This parameter is used to specify a virtual service. Chapter 9 rewrite HTTP content
2013 Teamsun
All rights reserved
200
url_list This parameter is used to specify a list of predefined URL. (Please refer to the command
"Http rewrite body url list <url_list> <url_regex>")
no http rewrite body url permit <virtual_service> <url_list>
This command is used to delete a list of configuration allows the URL specified.
show http rewrite body url permit [virtual_service]
This command is used to display a list of all allowed URL configuration. Parameters "virtual_service" URL
list is used to display the license specified virtual service configuration.
clear http rewrite body url permit <virtual_service>
This command is used to delete the specified list of all virtual service allows configuration of the URL.
virtual_service This parameter is used to specify the virtual service. If this parameter is set to "all", will
Delete a list of all virtual service allows configuration of the URL.
http rewrite body url deny <virtual_service> <url_list>
This command to disable the specified URL rewriting the list of specific virtual service content. All
contain a list of matching the specified URL string
Page file will not be overwritten. Other files will be overwritten.

virtual_service This parameter is used to specify a virtual service.
url_list This parameter is used to specify a list of predefined URL. (Please refer to the command
"Http rewrite body url list <url_list> <url_regex>". )
Description: a virtual service can only be associated with a URL list.
no http rewrite body url deny <virtual_service> <url_list>
This command is used to delete the specified configuration URL reject list.
show http rewrite body url deny [virtual_service]
This command displays a list of all rejected URL. URL parameter is used to display a list of configuration
specified virtual refuse service.
clear http rewrite body url permit <virtual_service> Chapter 9 rewrite HTTP content
2013 Teamsun
All rights reserved
201
This command is used to delete the specified virtual service all refused URL list configuration.
virtual_service This parameter is used to specify the virtual service. If this parameter is set to "all", will
Delete all virtual service list refusal URL configuration.
http rewrite body statuscode <response_code>
This command is used to specify an HTTP response status code. Only pages that contain the specified
status code files to be overwritten. By default, AS
Equipment can only be rewritten with "200" HTTP response status code page file.
no http rewrite body statuscode <response_code>
This command is used to delete the specified HTTP response status code configuration.
show http rewrite body statuscode
This command displays all configured HTTP response status code.
clear http rewrite body statuscode
This command will return HTTP status code configuration to its default value of "200." (Please refer to
the command "http rewrite body statuscode
<response_code> ".) Chapter 10 DNS cache
2013 Teamsun
All rights reserved

202
Chapter 10 DNS cache
This chapter describes the DNS cache configuration commands.
dns cache {on | off}
This command is used to enable / disable the DNS cache. The default value is off.
dns cache expire <min_seconds> <max_seconds>
This command is used to configure the DNS minimum and maximum expiration time. If the DNS
response time to live (TTL) DNS cache than the minimum time to failure
Short after the minimum DNS cache expiration time of arrival, DNS cache will be invalidated. If the DNS
cache DNS reply TTL greater than the maximum loss
Onset time, the largest in the DNS cache expiration time after arrival, DNS cache will be invalidated. If
the DNS reply TTL DNS cache at a minimum
And between the maximum expiration time, in the TTL time of arrival, DNS cache will be invalidated.
min_seconds minimum specified DNS cache expiration time (in seconds). The default is 60 seconds. "0"
DNS cache represents the minimum time to failure without limitation, the maximum
"Max_seconds" for 999,999 seconds.
max_seconds specified maximum cache expiration time (in seconds) DNS. This parameter ranges
To 0-999999 seconds. "0" indicates "max_seconds" the maximum value,
999,999 seconds. "Max_seconds" must be greater than "min_seconds"
Value.
dns cache host <host_name> <ip>
This command is used to add static entries to the cache.
no dns host <host_name>
This command is used to remove a static entry from the cache.
show dns cache setting
This command is used to display the DNS cache settings, including the "dns cache on | off" and "dns
cache expire" state.
show dns cache host
This command is used to display all the static DNS cache entries.
show statistics dns cache DNS cache Chapter 10

2013 Teamsun
All rights reserved
203
This command is used to display the DNS cache statistics.
clear dns cache content
This command is used to clear all the dynamic DNS cache entries.
clear dns host
This command is used to clear all static DNS cache entries.
clear dns all
This command is used to clear the DNS cache configuration, the AS device reverts to its default state.
clear statistics dns cache
This command is used to clear all DNS cache statistics. Chapter 11 HTTP Compression
2013 Teamsun
All rights reserved
204
Chapter 11 HTTP Compression
This chapter describes the HTTP compression configuration commands.
http compression {on | off} [virtual_name]
This command allows the user to enable or disable the HTTP gzip data compression functions. HTTP
compression feature is disabled by default. If you specify a virtual service
Name, this command for the specified virtual service to enable or disable HTTP compression. If you do
not specify a virtual service, this command sets the global HTTP
Compression. Only global HTTP compression and HTTP compression for each virtual service features are
enabled, AS device will compress a virtual service
HTTP data.
show http compression settings
This command is used to display the current status of the compression function (enable / disable).
[no] http compression policy useragent <user_agent_string> {js | css | pdf | ppt | xls | doc}
This command allows the user to configure JavaScript, CSS, PDF, PPT, XLS and DOC files to configure the
user agent. Parameters
"User_agent_string" must be placed in double quotes, for example, http compression strategy User
Agent "IE 5.5" pdf file. However, TEXT, XML and
HTTP compression of HTML as the default, so there is no need to use the command "http compression
policy useragent" configuration. Parameters
"User_agent_string" AS device only for a sub-string comparison purposes.
"No" version of this command will clear the configuration (no http compression strategies user agent).
http compression advanced useragent on
This command enables Java Script and CSS compression, apply the following four objects are browser
(user agent): IE 6, IE 7, IE 8 and Mozilla
5.0
http compression policy urlexclude <vhost> <wildcard_expression>
The command for a virtual service to add a url-exclude compression rules. URL configuration if a client
sends a request to the virtual service
The "wildcard_expression" match, even if HTTP compression is enabled, the text of the reply will not be
compressed. This command than "http
compression policy useragent "command higher priority.
show http compression policy urlexclude [vhost]
This command displays all HTTP "vhost" parameter specifies the virtual services compression strategy
urlexclude rules. If you do not specify a virtual service name,
All HTTP compression strategy urlexclude rules.
no http compression policy urlexclude <vhost> <wildcard_expression>
This command is used to clear a specified by the virtual service name and wildcard expressions HTTP
compression strategy urlexclude rules. Chapter 11 HTTP Compression
2013 Teamsun
All rights reserved
205
clear http compression policy urlexclude [vhost]
This command clears a specified virtual service or all virtual services to all HTTP compression strategy
urlexclude rules.
show http compression policy useragent
This command displays the configuration of the user agent HTTP compression strategy.
clear http compression policy useragent
Users of this command to delete all the HTTP proxy has been configured compression strategy.
show statistics compression [virtual_name]
This command displays various statistics compressed. Specify a virtual service name, display statistics for
a SLB virtual service. To view the first seven
All statistics virtual service layer configured to not need to specify the name of the virtual run the above
command.
For example:
ent to compression
transactions
The following is the content of the explanation of the output information items.
Statistics Description
Total bytes sent to
compression of all the compressed data, in bytes, is the result of the length compressed by software and
hardware.
Total bytes recvd from
compression of all the raw data to be compressed bytes that can be software or hardware compression.
Sent bytes / second in the last one second compressed all the data. The argument before the current
one second
total_bytes_sent_out - total_bytes_sent_out calculations.
Rcvd bytes / second of raw data the total past a second compressed. The calculated parameter is the
current yield :(
To the total bytes) - (total bytes received a second ago)
Peak Sent bytes / second
Up to now, the maximum number of bytes per second sent from the beginning. If you recently sent
bytes per second
Number> peak number of bytes sent per second, the peak number of bytes sent per second = recently
sent per second
Bytes.
Peak Rcvd
bytes / second
The maximum number of bytes from the beginning to now received per second. If the number of bytes
per second received recently
> Word peak number of bytes received per second, the peak number of bytes received per second per
second = newly
Sessions.
Currently active
transactions
HTTP connections need to use active response data compression, this value should be equal to or
Greater than 0.
HTML's compressed HTTP compression total response type is HTML.
TEXT's compressed HTTP compression total response of type TEXT.
XML's compressed HTTP compression total response type is XML.
DOC's compressed HTTP compression total response type for DOC.
PPT's compressed HTTP compression total response, type PPT.
XLS's compressed HTTP compression total response, type XLS.
CSS's compressed HTTP compression total response type for CSS.
JS's compressed HTTP compression total response type for JS.
PDF's compressed HTTP compression total response types to PDF.
The total number of requests attempted HTTP compression response, equivalent to the sum of all types
of compressed response.
content length
The total number of transactions HTTP compression in response to HTTP length calculation.
chunk encoding
The total number of transactions HTTP compression response, respond with a block coding header.
fin terminated
The total number of transactions HTTP compression response, responded to Fin terminated. Chapter 11
HTTP Compression
2013 Teamsun
All rights reserved
207
Http 1.0 response HTTP 1.0 compression total response.
Http 1.1 response HTTP 1.1 compression total response.
clear statistics compression [virtual_name]
This command is used to clear the compression statistics. Specify a virtual name can clear the statistics
for a particular SLB virtual service. If you want to clear
In addition to Layer 7 virtual service statistics of all configurations, run the above command does not
develop in the virtual name of the premise. Chapter 12 Secure Sockets Layer (SSL)
2013 Teamsun
All rights reserved
208
Chapter 12 Secure Sockets Layer (SSL)
This chapter describes the Secure Sockets Layer (SSL) configuration commands.
show ssl status
This command is used to display the current status of the already configured SSL virtual host and all the
real host.
show ssl host
This command is used to display all currently configured SSL host and its matching SLB services.
show statistics ssl [host_name]
This command is used to display the current statistics for SSL connections and specify a host session. If
you do not specify a host, the host has been configured to display all
Statistics.
For example:
ions: 43
Description: SSL statistics in the "Resumed SSL sessions", "Resumable SSL sessions" and "Session Misses"
Are cumulative value. Among them, "Resumable SSL sessions" value will not be reduced, even when SSL
session times out, it will not be reduced.
clear statistics ssl [host_name]
This command is used to clear all the relevant statistical information specified host. If you do not specify
a host, then remove all configured hosts statistics.
[no] ssl host {real | virtual} <host_name> <slb_service>
This command creates an SSL host, and then bind to a specific host SLB services, regardless of whether
the service is virtual or real. Points
Rationing an SSL host SLB services must belong to HTTPS, TCPS, FTPS type. SLB services need to create
an SSL Host
Before the establishment. Please note SLB services by different names to activate the command mode,
you can assign a multiple SLB service host. For now,
Up to 64 SLB services share the same SSL virtual host. "No" version of this command will release the
relationship between the host and the SLB service. Chapter 12 Secure Sockets Layer (SSL)
2013 Teamsun
All rights reserved
209
real | virtual remind NetFOS, in an SSL service between the host and an SLB
The binding is configured virtual connection, or real connection. If an SSL
Host SLB virtual service associated with a newly created virtual SSL Main
Machine will play the role of SSL server. If a host with an SSL
Associated with a SLB real service, SSL real host will play the newly created
Role SSL client. An SSL host, if the virtual and SLB
Related services, from now on will be referred to an SSL real host.
SSL virtual host and SSL real host are two different entities, with
Have different configuration parameters. These options will be further solution in each command
Release.
Specify a name host_name SSL host. The name can be a number of letters
Character string, beginning can be underlined. The maximum length of a host name
255 bytes.
slb_service SSL hosts create and bind the SLB host name.
ssl csr <virtual_host_name> [key_length]
Create a virtual host specified CSR (Certificate Signing Request) this command. After running this
command, the system prompts the user to enter a range of information,
Ensure proper reception CSR. The administrator can choose to export the key and protect the exported
key with an encrypted password for future use.
In addition, the command also creates a "test" certificate for a virtual host. When you enable virtual
host for this test certificate, the console will be a
Warning message to remind you that the certificate chain is not complete.
virtual_host_name SSL virtual host name.
key_length generated SSL key pair for a specified length. SSL key lengths
Are 1024, 2048 and 4096. The default value is 1024.
Prompting the requested data as follows:
into your certificate
2013 Teamsun
All rights reserved
210
N)?:
For the above information, "State or province", "Location or local city", "Email address of administrator"
and so subject field is
Selected parameters. You can specify up to three values for "Organizational Unit" field. Once the above
information has been provided, AS device users to send Bianxiang
A data information. Users can copy the information to the e-mail, sent to a verification mechanism. CSR
in the subject field length should comply
Observe the following restrictions:
-character country code: 2 bytes
Organization Name: 64 bytes
Warning: The command "ssl csr" produce test certificate is not used in the production system should
only be used for testing purposes. The private key inputs support all types
Character, the key length is also not limited. However, the key length can not be 0 bytes.
show ssl csr <virtual_host_name>

CSR specified virtual host This command is used to display.
no ssl csr <virtual_host_name>
This command is used for a specific virtual hosts clear the existing CSR.
ssl backup certificate <host_name> <file_name> <password>
This command allows the user to specify the SSL certificate and private key host backup for a PFX file. If
necessary, the command can be PFX text
Pieces forwarded to the specified TFTP server. If someone wants to access the PFX file, you must enter
the correct password.
host_name is the name of the specified SSL host configuration.
file_name file names alphanumeric string. Local Format: Specified
Effective local file name in the local store. TFTP format: Chapter 12 Secure Sockets Layer (SSL)
2013 Teamsun
All rights reserved
211
tftp: // server / filename.
password allows access to a string of the specified file. If you want to use strike
Key symbols, such as "!" Or "$", the entire password must be placed within double quotes.
show ssl backup certificate <host_name>
This command displays the backup file specified host certificate and private key.
no ssl backup certificate <host_name> <file_name>
This command is used to clear the file specified host backup certificate and private key.
ssl import certificate <host_name> [cert_index] [tftp_ip] [file_name]
This command is used to import a SSL certificate host, then it is associated with a certificate index.
Administrators can import up to three certificates. Import
The certificate can be via the command "ssl activate certificate <host_name> [cert_index]" to activate.
If the administrator wants to import a certificate through CLI, just run this command, and then "cut and
paste" certificate information into the CLI, the premise is positive
Style format for PEM. The command also supports importing PEM and DER format certificate and IIS 5,
IIS 4, Netscape iPlanet, Apache Web
Certificate servers via TFTP use.

host_name SSL host name.
cert_index certificate to import the certificate associated index. Value can be set to 1, 2, 3.
The default is 1.
tftp_ip optional parameter can be used to specify the TFTP IP address, only certificates
TFTP will need to import.
file_name optional parameter in the TFTP server for the certificate specified file name. Default
The file name is "<hostname> .crt".
no ssl certificate <host_name> <cert_index>
This command is used to delete the specified host SSL certificate. Only Sleep certificate to be deleted. To
delete an active certificate, the administrator must be ordered
Order "ssl activate certificate <host_name> [cert_index]" activate another certificate.
host_name SSL host name. Chapter 12 Secure Sockets Layer (SSL)
2013 Teamsun
All rights reserved
212
cert_index will be deleted index certificates.
ssl activate certificate <host_name> [cert_index]
This command activates a host for a specified SSL certificate. Administrators only once to activate an SSL
host certificate. If you activate a certificate,
The original certificate will be active in a dormant state.
cert_index be indexed to activate the certificate. The parameter values can be set to 1,2,3. Default
Is 1.
show ssl certificate <host_name> [display_mode] [cert_index]
This command allows the user to view the SSL certificate is used to specify the host name of the import.
display_mode optional parameter that specifies the display mode of the certificate. May be "complete"
mode
Type or "simple" mode. The default is "complete" mode.
cert_index optional parameter is used to display the specified certificate. Parameter value can be 0, 1, 2,
3 Mo
Default is 0. If this parameter is null or 0, only the specified SSL host
Active certificate.
ssl restore certificate <host_name> <file_name> <password>
This command allows the user to restore the host name to specify SSL certificate from a PFX file and
private key, the file can be stored on a local or remote TFTP
On the server. Password string must when using "ssl backup" command to generate the input file is the
same string.
Name host_name to the specified SSL host configuration.
filename file_name an alphanumeric string. Local Format: Specified
Local valid filename, stored locally. TFTP format:
tftp: // server / filename.
string password allows access to the specified file. If the user wishes to use the keys breaks
Number, for example, "!" Or "$", the entire password must be placed within double quotes. Chapter 12
Secure Sockets Layer (SSL)
2013 Teamsun
All rights reserved
213
ssl import key <host_name> [cert_index] [tftp_ip] [file_name]
This command is used to import a SSL host key, then it is associated with the certificate index.
Administrators can import up to three keys.
If the administrator wants to import a key by CLI, he can "cut and paste", will be a key input CLI. The
command also supports TFTP
Importing IIS 5, IIS 4, Netscape iPlanet and Apache Web server key. Description: This command can also
be PEM TFTP
Unencrypted private key import format, but doing so is not safe, you should try to avoid.
cert_index import the key associated with a certificate for the index. It can be set to 1,2,3.
The default value is 1.
tftp_ip optional parameter is used to specify the TFTP IP address only key by
TFTP import when needed.

file_name optional parameter on the TFTP server for the key specified file name. Default
File named "<host_name> .key".
ssl export key <host_name>
This command allows the user to export the private key is only produced when generating a CSR
specified host from NetFOS, or exported encrypted by the customer to import PEM
Format key.
show ssl rootca [virtual_host_name] [display_mode]
This command is used to view the original virtual host certificate issued by a trusted CA.
virtual_host_name specify the SSL virtual host name. If you specify "ALL", then display the global
Root directory CA. The default is "ALL".
display_mode display can be "complete" mode or "simple" mode, the default is
"Complete".
no ssl rootca <virtual_host_name> [certificate_number]
This command is used to delete the specified virtual host originally specified certificate issued by a
trusted CA.
virtual_host_name specify the SSL virtual host name. If you specify the parameter "ALL", said
Clear the global root directory CA. Chapter 12 Secure Sockets Layer (SSL)
2013 Teamsun
All rights reserved
214
certificate_number certificate serial number to be deleted. Users can command "show ssl
certificate "to find the certificate's serial number.
Note: Before you delete a CA certificate from the specified SSL virtual host command, first run the
command "ssl stop", so that SSL virtual
Host into hibernation.
ssl import rootca [virtual_host_name] [tftp_ip] [filename]
If you enable SSL client authentication for a SSL virtual host, you must provide a trusted CA certificate.
This command allows the user to
TFTP server or CLI trusted Certificate Authority import the certificate. NetFOS have a list of pre-installed
CA default, this command mad Confucianism new certificate, and then additional
Existing lists. This operation is used only for SSL virtual host. If the certificate format to PEM, the user
simply by "cut and paste", the root directory of the CA
Copy the certificate to the CLI. NetFOS have the ability to import PEM and DER format certificate by a
Certificate Authority TFTP.
virtual_host_name optional parameters. This parameter is used to specify the SSL virtual host name. If
that
Set to "ALL", the new certificate will import the root CA Global list. This parameter
The default is "ALL".
tftp_ip optional parameter is used to specify TFTP IP address, only in the key by
Will be used when TFTP import.
filename optional parameter used in the TFTP server for the key specified file name.
The default file name is <hostname> .crt.
Note: When you run a trusted CA certificate to import the specified SSL virtual host command, first run
the command "ssl stop", so that SSL virtual
Intends to host into hibernation.
ssl import interca <virtual_host_name> [tftp_ip] [filename]
This command allows the user to import an intermediate certificate authority issued certificates. When
the user needs on the TFTP server or CLI as a host with SSL
When setting a certificate chain, will use this command. This operation is used only for SSL virtual host.
Once the user via an e-mail receive a certificate, such as
If the certificate format for PEM, simply provide a certificate authority certificates to "cut and paste"
approach copied to the CLI. NetFOS have the ability to
PEM and DER format certificate issued by an intermediate Certificate Authority TFTP import.
virtual_host_name specify the SSL virtual host name.
tftp_ip optional parameter is used to specify TFTP IP address, only the key via TFTP
Will be used when importing.
filename This command is used to specify the intermediate CA certificate file on the TFTP server
Names. The default file name is <hostname> .crt. Chapter 12 Secure Sockets Layer (SSL)
2013 Teamsun
All rights reserved
215
show ssl interca <virtual_host_name> [display_mode]
This command is used to view the intermediate CA certificate is issued to specify SSL virtual host.
virtual_host_name specified SSL virtual host name. If this parameter is specified as "ALL", shows the
global
Of the root directory CA. The default is "ALL".
display_mode display mode can be "complete" or "simple", the default is
"Complete".
no ssl interca <virtual_host_name> [certificate_number]
This command is used to clear the specified intermediate CA certificate issued for the specified SSL host.
virtual_host_name specify an SSL virtual host name.
certificate_number specify the serial number of the certificate needs to be cleared.
ssl import clientkey [virtual_host_name] [url]
The command for the specified SSL virtual host to import a SSL client private key, customer
authentication with other SSL server links. For example,
Customer authentication, OCSP responder contact with the SSL server. That is, the private key is not
limited to OCSP, the client can also be

NetF Cli

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

NetF Cli

Uploaded by

Copyright:

Available Formats

About Teamsun:

7.10 SLB policy settings .............................................. .................................................. ...... 125

15.2 SDNS members ............................................... .................................................. .......... 256

Chapter 19 log .............................................. .................................................. .............................. 301

Italics CLI parameter using italics.

In enable mode (Enable Mode), users can access only view

Configuration Mode (Config Mode) is the last model. At this level,

Password. By default, the password is blank (no password).

clear interface mac

resses in the range of 0-128.

All rights reserved

2aa: ff: fe28: 9c5a 0 0 0 0 06/21/12 14:37

clear statistics ip [ip_address]

interface_id default port ID NetFOS physical interface is port1, port2, port3,

Then return TCP RST.

system tune udp pktdropopt <packet_drop_option>

Only after a few Windw Scale option is enabled in order to use.

system tune dispatcher numa

Then the source IP address. The default transparent mode.

system timezone [timezone_string] Chapter 2 Basic System Operation

clear system timezone

ail.teamsun.com.cn over TLS secured channel with Microsoft

The following strings can be used to "host_string" parameter configuration.

This chapter describes the commands related to advanced system configuration.

Combined interface name. )

local_ip local IP address for forwarding. Can be IPv4 or IPv6 address.

uting gateway. If the "gateway" is set to the default value of

All rights reserved

Address or integer. If it is an integer which ranges

destination_ip implementation of network switching network IP, can be IPv4 or IPv6.

ng gateway (router gateway using "ip route

no nat protocol pptp

rough 172.16.2.11 (35940) to 172.16.2.226 (1723)

rip {on | off}

ipv6 ospf drpriority <interface_name> <priority>

show ipv6 ospf status

This command is used to display OSPFv3 status (on / off).

bond name <bond_id> <bond_name>

cluster virtual {on | off} [cluster_id | 0] [interface_name]

1 implementation of "cluster virtual ffo off" command to disable FFO function.

5 reinsert the control cable control port.

uster virtual priority "port2" 1 200

Authentication type required to enter a simple text password.

show cluster virtual transition [interface_name]

ACK -> MAST] Timeout.

-> BACK] Receive a VRRP advertisement of priority 0.

-used for quick transition)

#ha link network secondary u2 1 192.168.1.2 65521

All rights reserved

Enable all floating IP group of local units.

Parameter ranges 5000-1000,000 default value is 5000.

Check the condition.

apter 6 line availability (HA)

unit_name designated HA unit name. If this parameter is not specified, or is set

Group_Failover ORT_10 Group_Failover roup_Failover -

- Chapter 6 rows high availability (HA)

Contact state, and so on.

ha ssf off [virtual_service]

show statistics ssf

| https | script-tcps | ldap | n

real_name real service name is represented by an alphanumeric string, can support up to 40

slb real l2mac <real_name> <real_mac> <output_interface>

show slb real {l2ip | l2mac} [real_name]