SeProperties

Description

API


    PUT /api/seproperties
    GET /api/seproperties
    GET /api/seproperties

CLI


    configure serviceengineproperties
    show serviceengineproperties

Data

SeProperties

uuid

Type
string
Category
required
Description
Default
default

se_bootup_properties

Type
SeBootupProperties
Category
optional
Description

se_runtime_properties

Type
SeRuntimeProperties
Category
optional
Description

se_agent_properties

Type
SeAgentProperties
Category
optional
Description

SeBootupProperties

tcp_syncache_hashsize

Type
uint32
Category
optional
Description
Default
8192

log_agent_trace_enabled

Type
bool
Category
optional
Description
Default
True

log_agent_debug_enabled

Type
bool
Category
optional
Description
Default
False

se_emulated_cores

Type
uint32
Category
optional
Description
Default
0

se_tx_batch_size

Type
uint32
Category
optional
Description
Default
64

l7_conns_per_core

Type
uint32
Category
optional
Description
Default
16384

ssl_sess_cache_per_vs

Type
uint32
Category
optional
Description
Default
4096

l7_resvd_listen_conns_per_core

Type
uint32
Category
optional
Description
Default
256

ssl_sess_cache_timeout

Type
uint32
Category
optional
Description
Default
86400

se_lro

Type
uint32
Category
optional
Description
Default
1

se_rum_sampling_nav_percent

Type
uint32
Category
optional
Description
Default
1

se_rum_sampling_res_percent

Type
uint32
Category
optional
Description
Default
100

se_rum_sampling_nav_interval

Type
uint32
Category
optional
Description
Default
1

se_rum_sampling_res_interval

Type
uint32
Category
optional
Description
Default
2

se_dp_compression

Type
SeBootupCompressionProperties
Category
optional
Description

se_dpdk_pmd

Type
uint32
Category
optional
Description
Default
0

se_tunnel_mode

Type
uint32
Category
optional
Description
Default
0

se_use_dpdk

Type
uint32
Category
optional
Description
Default
0

se_log_buffer_chunk_count

Type
uint32
Category
optional
Description
Default
1024

se_log_buffer_applog_size

Type
uint32
Category
optional
Description
Default
4096

se_log_buffer_connlog_size

Type
uint32
Category
optional
Description
Default
1024

se_log_buffer_events_size

Type
uint32
Category
optional
Description
Default
512

se_ip_encap_ipc

Type
uint32
Category
optional
Description
Default
0

se_log_buffer_app_blocking_dequeue

Type
bool
Category
optional
Description
Default
False

se_log_buffer_conn_blocking_dequeue

Type
bool
Category
optional
Description
Default
False

se_log_buffer_events_blocking_dequeue

Type
bool
Category
optional
Description
Default
True

se_pcap_pkt_sz

Type
uint32
Category
optional
Description
Default
65536

se_pcap_pkt_count

Type
uint32
Category
optional
Description
Default
256

fair_queueing_enabled

Type
bool
Category
optional
Description
Default
True

docker_backend_portstart

Type
uint32
Category
optional
Description
Default
20480

docker_backend_portend

Type
uint32
Category
optional
Description
Default
30720

distribute_vnics

Type
bool
Category
optional
Description
Distributes vnic ownership among cores so multiple cores handle dispatcher duties.
Default
False

SeBootupCompressionProperties

buf_num

Type
int32
Category
optional
Description
Default
128

buf_size

Type
int32
Category
optional
Description
Default
4096

level_normal

Type
int32
Category
optional
Description
Default
1

level_aggressive

Type
int32
Category
optional
Description
Default
5

window_size

Type
int32
Category
optional
Description
Default
4096

hash_size

Type
int32
Category
optional
Description
Default
16384

SeRuntimeProperties

persistence_mem_max

Type
uint32
Category
optional
Description
Maximum memory in bytes allocated for persistence entries
Default
0

persistence_entries_low_watermark

Type
uint32
Category
optional
Description
Default
20000

upstream_keepalive

Type
bool
Category
optional
Description
Default
False

flow_table_max_entries_deprecated

Type
uint32
Category
optional
Description
Default
100000000

flow_table_new_syn_max_entries

Type
uint32
Category
optional
Description
Default
40000

tcp_syn_cache_max

Type
uint32
Category
optional
Description
Default
32768

se_packet_buffer_max

Type
uint32
Category
optional
Description
Default
0

se_malloc_thresh

Type
uint32
Category
optional
Description
Default
0

tcp_syncache_max_retransmit_default

Type
uint32
Category
optional
Description
Default
4

log_agent_file_sz_debug

Type
uint32
Category
optional
Description
Default
4

log_agent_file_sz_conn

Type
uint32
Category
optional
Description
Default
4

log_agent_file_sz_appl

Type
uint32
Category
optional
Description
Default
4

log_agent_file_sz_event

Type
uint32
Category
optional
Description
Default
4

log_agent_min_storage_per_vs

Type
uint32
Category
optional
Description
Default
10

log_agent_max_storage_ignore_percent

Type
float
Category
optional
Description
Default
10

log_agent_max_storage_excess_percent

Type
uint32
Category
optional
Description
Default
110

se_random_tcp_drops

Type
bool
Category
optional
Description
Default
False

log_agent_max_active_adf_files_per_vs

Type
uint32
Category
optional
Description
Default
2

log_agent_max_logmessage_proto_sz

Type
uint32
Category
optional
Description
Default
4096

se_dp_log_nf_enqueue_percent

Type
uint32
Category
optional
Description
Default
70

se_dp_log_udf_enqueue_percent

Type
uint32
Category
optional
Description
Default
90

log_agent_compress_logs

Type
bool
Category
optional
Description
Default
True

upstream_connpool_enable

Type
bool
Category
optional
Description
Default
True

upstream_connpool_strategy

Type
int32
Category
optional
Description
Default
-1

upstream_connpool_server_max_cache

Type
int32
Category
optional
Description
Default
-1

upstream_connpool_conn_max_reuse

Type
int32
Category
optional
Description
Default
-1

upstream_connpool_conn_idle_tmo

Type
int32
Category
optional
Description
Default
-1

upstream_connpool_core_max_cache

Type
int32
Category
optional
Description
Default
-1

upstream_connpool_cache_thresh

Type
int32
Category
optional
Description
Default
-1

upstream_connpool_conn_idle_thresh_tmo

Type
int32
Category
optional
Description
Default
-1

upstream_connpool_conn_life_tmo

Type
int32
Category
optional
Description
Default
-1

lb_fail_max_time

Type
int32
Category
optional
Description
Default
5

log_agent_sleep_interval

Type
uint32
Category
optional
Description
Default
10

ngx_free_connection_stack

Type
bool
Category
optional
Description
Default
False

se_mac_error_threshold_to_disable_promiscious

Type
uint32
Category
optional
Description
Default
1000

se_metrics_rt_interval

Type
uint32
Category
optional
Description
Default
1000

se_metrics_rt_enabled

Type
bool
Category
optional
Description
Default
True

app_headers

Type
AppHdr
Category
repeated
Description

connections_lossy_log_rate_limiter_threshold

Type
int32
Category
optional
Description
Rate limit on maximum adf lossy log to pushper second
Default
1000

connections_udfnf_log_rate_limiter_threshold

Type
int32
Category
optional
Description
Rate limit on maximum adf udf or nf log to pushper second
Default
1000

http_rum_console_log

Type
bool
Category
optional
Description
Default
False

http_rum_min_content_length

Type
uint32
Category
optional
Description
Default
64

se_dp_compression

Type
SeRuntimeCompressionProperties
Category
optional
Description

se_dp_hm_drops

Type
int32
Category
optional
Description
Default
0

spdy_fwd_proxy_parse_enable

Type
bool
Category
optional
Description
Default
True

mcache_enabled

Type
bool
Category
optional
Description
enables mcache - controls fetch/store/store_out

mcache_fetch_enabled

Type
bool
Category
optional
Description
enables mcache_fetch

mcache_store_in_enabled

Type
bool
Category
optional
Description
enables mcache_store

mcache_store_out_enabled

Type
bool
Category
optional
Description
enables mcache_store_out

mcache_max_cache_size

Type
uint64
Category
optional
Description
max cache size

mcache_store_in_min_size

Type
uint32
Category
optional
Description
min object size

mcache_store_in_max_size

Type
uint32
Category
optional
Description
max object size

mcache_store_se_max_size

Type
uint64
Category
optional
Description
Default
0

upstream_connect_timeout

Type
uint32
Category
optional
Description
Default
3600000

upstream_send_timeout

Type
uint32
Category
optional
Description
Default
3600000

upstream_read_timeout

Type
uint32
Category
optional
Description
Default
3600000

dp_hb_frequency

Type
uint32
Category
optional
Description
Default
100

dp_hb_timeout_count

Type
uint32
Category
optional
Description
Default
10

dupip_frequency

Type
uint32
Category
optional
Description
Default
0

dupip_timeout_count

Type
uint32
Category
optional
Description
Default
5

max_throughput

Type
uint32
Category
optional,readonly
Description
Default
10000

se_hb_persist_fudge_bits

Type
uint32
Category
optional
Description
Default
3

log_agent_unknown_vs_timer

Type
uint32
Category
optional
Description
Default
1800

global_mtu

Type
uint32
Category
optional
Description
Default
0

log_agent_export_wait_time

Type
uint32
Category
optional
Description
Default
100

log_agent_export_msg_buffer_size

Type
uint32
Category
optional
Description
Default
524288

log_agent_conn_send_buffer_size

Type
uint32
Category
optional
Description
Default
16384

log_agent_pause_interval

Type
uint32
Category
optional
Description
Default
0

log_agent_max_concurrent_rsync

Type
uint32
Category
optional
Description
Default
1024

downstream_send_timeout

Type
uint32
Category
optional
Description
Default
3600000

se_auth_ldap_cache_size

Type
uint32
Category
optional
Description
Default
100000

se_auth_ldap_conns_per_server

Type
uint32
Category
optional
Description
Default
1

se_auth_ldap_connect_timeout

Type
uint32
Category
optional
Description
Default
10000

se_auth_ldap_reconnect_timeout

Type
uint32
Category
optional
Description
Default
10000

se_auth_ldap_bind_timeout

Type
uint32
Category
optional
Description
Default
5000

se_auth_ldap_request_timeout

Type
uint32
Category
optional
Description
Default
10000

dos_profile

Type
DosThresholdProfile
Category
optional
Description

se_auth_ldap_servers_failover_only

Type
bool
Category
optional
Description
enables ldap servers into failover mode
Default
False

se_memory_poison

Type
bool
Category
optional
Description
enables poisoning of freed memory blocks
Default
True

dp_aggressive_hb_frequency

Type
uint32
Category
optional
Description
Heartbeat check interval between ServiceEngines
Default
100

dp_aggressive_hb_timeout_count

Type
uint32
Category
optional
Description
Number of failed heartbeats before reporting an error
Default
5

se_rate_limiters

Type
SeRateLimiters
Category
optional
Description
SE rate limiters

se_metrics_interval

Type
uint32
Category
optional
Description
Default
60000

service_port_ranges

Type
PortRange
Category
repeated
Description
Port ranges on which there may be virtual services (for configuring iptables)

se_handle_interface_routes

Type
bool
Category
optional
Description
Default
False

services_accessible_all_interfaces

Type
bool
Category
optional
Description
Make service ports accessible on all Host interfaces in addition to East/West VIP and/or bridge IP
Default
False

feproxy_vips_enable_proxy_arp

Type
bool
Category
optional
Description
Enable proxy ARP from Host interface for Front End proxies
Default
True

baremetal_dispatcher_handles_flows

Type
bool
Category
optional
Description
Control if dispatcher core also handles TCP flows in baremetal SE.
Default
False

log_agent_log_storage_min_sz

Type
uint32
Category
optional
Description
Minimum storage allocated for logs irrespective of memory and cores.
Default
1024

AppHdr

hdr_name

Type
string
Category
required
Description

hdr_match_case

Type
enum
Category
required
Description
Choices
SENSITIVE, INSENSITIVE

hdr_string_op

Type
enum
Category
required
Description
Choices
REGEX_MATCH, DOES_NOT_END_WITH, ENDS_WITH, CONTAINS, EQUALS, DOES_NOT_BEGIN_WITH, DOES_NOT_EQUAL, REGEX_DOES_NOT_MATCH, DOES_NOT_CONTAIN, BEGINS_WITH

SeRuntimeCompressionProperties

min_length

Type
int32
Category
optional
Description
Default
128

max_low_rtt

Type
int32
Category
optional
Description
Default
10

min_high_rtt

Type
int32
Category
optional
Description
Default
200

mobile_str

Type
RepeatableString
Category
repeated
Description

RepeatableString

str

Type
string
Category
required
Description

DosThresholdProfile

thresh_period

Type
int32
Category
required
Description
Timer value in seconds to collect DoS attack metrics based on threshold on the Service Engine for this Virtual Service.
Default
5

thresh_info

Type
DosThreshold
Category
repeated
Description
Attack type, min and max values for DoS attack detection.

DosThreshold

attack

Type
enum
Category
required
Description
Attack type.
Choices
DOS_REQ_IP_URI_RL_DROP_BAD, DOS_REQ_CIP_SCAN_BAD_RL_DROP, MALFORMED_FLOOD, POLICY_DROPS, IP_FRAG_INCOMPLETE, DOS_CONN_IP_RL_DROP, FAKE_SESSION, DOS_HTTP_ABORT, SMURF, IP_FRAG_TOOSMALL, ICMP_PING_FLOOD, DOS_REQ_CIP_SCAN_UNKNOWN_RL_DROP, DOS_REQ_IP_URI_RL_DROP, LAND, UNKOWN_PROTOCOL, DOS_REQ_IP_RL_DROP_BAD, TCP_NON_SYN_FLOOD, ZERO_WINDOW_STRESS, IP_FRAG_FULL, DOS_REQ_RL_DROP, SMALL_WINDOW_STRESS, BAD_RST_FLOOD, DOS_APP_ERROR, DOS_SSL_ERROR, IP_FRAG_OVERRUN, PORT_SCAN, DOS_REQ_IP_RL_DROP, DOS_REQ_URI_RL_DROP_BAD, TCP_NON_SYN_FLOOD_OLD, DOS_REQ_URI_SCAN_BAD_RL_DROP, DOS_SLOW_URL, DOS_REQ_URI_RL_DROP, SYN_FLOOD, DOS_HTTP_ERROR, TEARDROP, DOS_REQ_URI_SCAN_UNKNOWN_RL_DROP, DOS_HTTP_TIMEOUT, DOS_CONN_RL_DROP

min_value

Type
int32
Category
required
Description
Minimum number of packets or connections or requests in a given interval of time to be deemed as attack.

max_value

Type
int32
Category
required
Description
Maximum number of packets or connections or requests in a given interval of time to be deemed as attack.

SeRateLimiters

icmp_rl

Type
uint32
Category
optional
Description
Rate limiter for ICMP requests in pps.
Default
100

icmp_rsp_rl

Type
uint32
Category
optional
Description
Rate limiter for ICMP response in pps.
Default
500

arp_rl

Type
uint32
Category
optional
Description
Rate limiter for ARP packets in pps.
Default
100

rst_rl

Type
uint32
Category
optional
Description
Rate limiter for number RST pkts sent in pps.
Default
100

flow_probe_rl

Type
uint32
Category
optional
Description
Rate limiter for number of flow probes in pps.
Default
250

default_rl

Type
uint32
Category
optional
Description
Default Rate limiter in pps.
Default
100

PortRange

start

Type
Port
Category
required
Description
TCP/UDP port range start (inclusive).

end

Type
Port
Category
required
Description
TCP/UDP port range end (inclusive).

Port

port

Type
uint32
Category
required
Description
TCP/UDP port number.

SeAgentProperties

debug_mode

Type
bool
Category
optional
Description
Default
False

controller_registration_timeout_sec

Type
uint32
Category
optional
Description
Default
10

controller_heartbeat_timeout_sec

Type
uint32
Category
optional
Description
Default
12

headless_timeout_sec

Type
uint32
Category
optional
Description
Default
0

controller_heartbeat_miss_limit

Type
uint32
Category
optional
Description
Default
6

dp_enq_interval_msec

Type
uint32
Category
optional
Description
Default
20

dp_deq_interval_msec

Type
uint32
Category
optional
Description
Default
20

dp_batch_size

Type
uint32
Category
optional
Description
Default
100

dp_max_wait_rsp_time_sec

Type
uint32
Category
optional
Description
Default
12

cpustats_interval

Type
uint32
Category
optional
Description
Default
5

controller_rpc_timeout

Type
uint32
Category
optional
Description
Default
10

controller_echo_rpc_timeout

Type
uint32
Category
optional
Description
Timeout used for se health check
Default
2000

controller_echo_miss_limit

Type
uint32
Category
optional
Description
Count of HB misses for se health check failure
Default
4

vnic_probe_interval

Type
uint32
Category
optional
Description
Probe vnic interval
Default
5

vnic_ip_delete_interval

Type
uint32
Category
optional
Description
wait interval before deleting IP
Default
5

ctrl_reg_pending_max_wait_time

Type
uint32
Category
optional
Description
Max time to wait for ctrl registration before assert
Default
150

dp_reg_pending_max_wait_time

Type
uint32
Category
optional
Description
Max time to wait for dp registration before assert
Default
75

vnic_dhcp_ip_check_interval

Type
uint32
Category
optional
Description
DHCP ip check interval
Default
6

vnic_dhcp_ip_max_retries

Type
uint32
Category
optional
Description
DHCP ip max retries
Default
10

dp_aggressive_enq_interval_msec

Type
uint32
Category
optional
Description
Default
1

dp_aggressive_deq_interval_msec

Type
uint32
Category
optional
Description
Default
1

sdb_scan_count

Type
uint32
Category
optional
Description
SDB scan count
Default
1000

sdb_pipeline_size

Type
uint32
Category
optional
Description
SDB pipeline size
Default
100

sdb_flush_interval

Type
uint32
Category
optional
Description
SDB pipeline flush interval
Default
100

controller_echo_rpc_aggressive_timeout

Type
uint32
Category
optional
Description
Aggressive Timeout used for se health check
Default
500

controller_echo_miss_aggressive_limit

Type
uint32
Category
optional
Description
Aggressive Count of HB misses for se health check failure
Default
2

References

Sub Objects