Avi ApplicationProfile Object API

CLI ``` - configure applicationprofile - show applicationprofile ```
More information: https://avinetworks.com/contact-us
Contact Info: support@avinetworks.com
Version: 20.1.2
BasePath:/api
All rights reserved
http://apache.org/licenses/LICENSE-2.0.html

Access

  1. HTTP Basic Authentication

Methods

[ Jump to Models ]

Table of Contents

  1. get /applicationprofile
  2. post /applicationprofile
  3. delete /applicationprofile/{uuid}
  4. get /applicationprofile/{uuid}
  5. patch /applicationprofile/{uuid}
  6. put /applicationprofile/{uuid}
  7. get /applicationprofile/{uuid}/runtime/internal/
Up
get /applicationprofile
(applicationprofileGet)

Consumes

This API call consumes the following media types via the Content-Type request header:

Query parameters

name (optional)
Query Parameter — object name
refers_to (optional)
Query Parameter — Filter to request all objects that refers to another Avi resource. Its syntax is refers_to=<obj_type>:<obj_uuid>. Eg. get all virtual services referring to pool p1 will be refers_to=pool:pool_p1_uuid
referred_by (optional)
Query Parameter — Filter to request all objects that are referred by another Avi resource. Its syntax is referred_by=<obj_type>:<obj_uuid>. Eg. get all pools referred_by virtual service vs1 - referred_by=virtualservice:vs_vs1_uuid
fields (optional)
Query Parameter — List of fields to be returned for the resource. Some fields like name, URL, uuid etc. are always returned.
include_name (optional)
Query Parameter — All the Avi REST reference URIs have a name suffix as URI#name. It is useful to get the referenced resource name without performing get on that object.
skip_default (optional)
Query Parameter — Default values are not set.
join_subresources (optional)
Query Parameter — It automatically returns additional dependent resources like runtime. Eg. join_subresources=runtime.

Return type

ApplicationProfileApiResponse

Example data

Content-Type: application/json
{
  "next" : "aeiou",
  "count" : 123,
  "results" : [ {
    "dns_service_profile" : {
      "dns_zones" : [ {
        "domain_name" : "aeiou",
        "name_server" : "aeiou",
        "admin_email" : "aeiou"
      } ],
      "aaaa_empty_response" : true,
      "edns" : true,
      "edns_client_subnet_prefix_len" : 123,
      "ttl" : 123,
      "admin_email" : "aeiou",
      "domain_names" : [ "aeiou" ],
      "authoritative_domain_names" : [ "aeiou" ],
      "dns_over_tcp_enabled" : true,
      "negative_caching_ttl" : 123,
      "name_server" : "aeiou",
      "error_response" : "aeiou",
      "num_dns_ip" : 123,
      "ecs_stripping_enabled" : true
    },
    "tcp_app_profile" : {
      "pki_profile_ref" : "aeiou",
      "proxy_protocol_enabled" : true,
      "proxy_protocol_version" : "aeiou",
      "ssl_client_certificate_mode" : "aeiou"
    },
    "preserve_client_ip" : true,
    "description" : "aeiou",
    "preserve_client_port" : true,
    "preserve_dest_ip_port" : true,
    "sip_service_profile" : {
      "transaction_timeout" : 123
    },
    "type" : "aeiou",
    "created_by" : "aeiou",
    "uuid" : "aeiou",
    "url" : "aeiou",
    "_last_modified" : "aeiou",
    "http_profile" : {
      "secure_cookie_enabled" : true,
      "compression_profile" : {
        "filter" : [ {
          "level" : "aeiou",
          "ip_addrs_ref" : "aeiou",
          "devices_ref" : "aeiou",
          "match" : "aeiou",
          "name" : "aeiou",
          "index" : 123,
          "ip_addr_prefixes" : [ {
            "ip_addr" : {
              "addr" : "aeiou",
              "type" : "aeiou"
            },
            "mask" : 123
          } ],
          "ip_addrs" : [ "" ],
          "user_agent" : [ "aeiou" ],
          "ip_addr_ranges" : [ {
            "end" : "",
            "begin" : ""
          } ]
        } ],
        "remove_accept_encoding_header" : true,
        "compression" : true,
        "type" : "aeiou",
        "compressible_content_ref" : "aeiou"
      },
      "max_http2_control_frames_per_connection" : 123,
      "allow_dots_in_header_name" : true,
      "httponly_enabled" : true,
      "keepalive_header" : true,
      "cache_config" : {
        "query_cacheable" : true,
        "min_object_size" : 123,
        "default_expire" : 123,
        "max_cache_size" : 123456789,
        "max_object_size" : 123,
        "mime_types_list" : [ "aeiou" ],
        "enabled" : true,
        "mime_types_black_group_refs" : [ "aeiou" ],
        "uri_non_cacheable" : {
          "match_criteria" : "aeiou",
          "string_group_refs" : [ "aeiou" ],
          "match_str" : [ "aeiou" ],
          "match_case" : "aeiou"
        },
        "age_header" : true,
        "ignore_request_cache_control" : true,
        "xcache_header" : true,
        "date_header" : true,
        "mime_types_group_refs" : [ "aeiou" ],
        "aggressive" : true,
        "heuristic_expire" : true,
        "mime_types_black_list" : [ "aeiou" ]
      },
      "post_accept_timeout" : 123,
      "max_bad_rps_cip_uri" : 123,
      "max_bad_rps_uri" : 123,
      "max_rps_unknown_cip" : 123,
      "client_max_body_size" : 123456789,
      "reset_conn_http_on_ssl_port" : true,
      "ssl_everywhere_enabled" : true,
      "client_header_timeout" : 123,
      "x_forwarded_proto_enabled" : true,
      "client_max_header_size" : 123,
      "keepalive_timeout" : 123,
      "enable_fire_and_forget" : true,
      "client_max_request_size" : 123,
      "fwd_close_hdr_for_bound_connections" : true,
      "hsts_subdomains_enabled" : true,
      "ssl_client_certificate_action" : {
        "headers" : [ {
          "request_header" : "aeiou",
          "request_header_value" : "aeiou"
        } ],
        "close_connection" : true
      },
      "ssl_client_certificate_mode" : "aeiou",
      "disable_sni_hostname_check" : true,
      "http_to_https" : true,
      "spdy_enabled" : true,
      "client_body_timeout" : 123,
      "max_rps_uri" : 123,
      "max_http2_empty_data_frames_per_connection" : 123,
      "xff_alternate_name" : "aeiou",
      "spdy_fwd_proxy_mode" : true,
      "use_app_keepalive_timeout" : true,
      "websockets_enabled" : true,
      "respond_with_100_continue" : true,
      "server_side_redirect_to_https" : true,
      "connection_multiplexing_enabled" : true,
      "hsts_enabled" : true,
      "http_upstream_buffer_size" : 123,
      "disable_keepalive_posts_msie6" : true,
      "http2_enabled" : true,
      "max_http2_queued_frames_to_client_per_connection" : 123,
      "max_http2_concurrent_streams_per_connection" : 123,
      "max_rps_cip" : 123,
      "max_response_headers_size" : 123,
      "xff_enabled" : true,
      "http2_profile" : {
        "max_http2_control_frames_per_connection" : 123,
        "max_http2_header_field_size" : 123,
        "max_http2_queued_frames_to_client_per_connection" : 123,
        "max_http2_concurrent_streams_per_connection" : 123,
        "max_http2_requests_per_connection" : 123,
        "max_http2_empty_data_frames_per_connection" : 123,
        "http2_initial_window_size" : 123
      },
      "enable_request_body_buffering" : true,
      "enable_request_body_metrics" : true,
      "max_rps_cip_uri" : 123,
      "pki_profile_ref" : "aeiou",
      "max_bad_rps_cip" : 123,
      "max_rps_unknown_uri" : 123,
      "max_keepalive_requests" : 123,
      "enable_chunk_merge" : true,
      "hsts_max_age" : 123456789
    },
    "dos_rl_profile" : {
      "rl_profile" : {
        "client_ip_requests_rate_limit" : "",
        "client_ip_scanners_requests_rate_limit" : "",
        "client_ip_connections_rate_limit" : {
          "rate_limiter" : {
            "period" : 123,
            "count" : 123,
            "name" : "aeiou",
            "burst_sz" : 123
          },
          "period" : 123,
          "count" : 123,
          "action" : {
            "redirect" : {
              "keep_query" : true,
              "path" : "",
              "protocol" : "aeiou",
              "status_code" : "aeiou",
              "port" : 123,
              "host" : {
                "tokens" : [ {
                  "start_index" : 123,
                  "str_value" : "aeiou",
                  "end_index" : 123,
                  "type" : "aeiou"
                } ],
                "type" : "aeiou"
              }
            },
            "file" : {
              "file_content" : "aeiou",
              "content_type" : "aeiou"
            },
            "status_code" : "aeiou",
            "type" : "aeiou"
          },
          "burst_sz" : 123,
          "explicit_tracking" : true,
          "fine_grain" : true,
          "http_cookie" : "aeiou",
          "http_header" : "aeiou"
        },
        "client_ip_to_uri_requests_rate_limit" : "",
        "http_header_rate_limits" : [ "" ],
        "uri_scanners_requests_rate_limit" : "",
        "uri_requests_rate_limit" : "",
        "client_ip_to_uri_failed_requests_rate_limit" : "",
        "client_ip_failed_requests_rate_limit" : "",
        "custom_requests_rate_limit" : "",
        "uri_failed_requests_rate_limit" : ""
      },
      "dos_profile" : {
        "thresh_period" : 123,
        "thresh_info" : [ {
          "min_value" : 123,
          "attack" : "aeiou",
          "max_value" : 123
        } ]
      }
    },
    "tenant_ref" : "aeiou",
    "name" : "aeiou",
    "cloud_config_cksum" : "aeiou"
  } ]
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK ApplicationProfileApiResponse

401

log in failed

Up
post /applicationprofile
(applicationprofilePost)

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body (required)
Body Parameter — ApplicationProfile object creation

Return type

ApplicationProfile

Example data

Content-Type: application/json
{
  "dns_service_profile" : {
    "dns_zones" : [ {
      "domain_name" : "aeiou",
      "name_server" : "aeiou",
      "admin_email" : "aeiou"
    } ],
    "aaaa_empty_response" : true,
    "edns" : true,
    "edns_client_subnet_prefix_len" : 123,
    "ttl" : 123,
    "admin_email" : "aeiou",
    "domain_names" : [ "aeiou" ],
    "authoritative_domain_names" : [ "aeiou" ],
    "dns_over_tcp_enabled" : true,
    "negative_caching_ttl" : 123,
    "name_server" : "aeiou",
    "error_response" : "aeiou",
    "num_dns_ip" : 123,
    "ecs_stripping_enabled" : true
  },
  "tcp_app_profile" : {
    "pki_profile_ref" : "aeiou",
    "proxy_protocol_enabled" : true,
    "proxy_protocol_version" : "aeiou",
    "ssl_client_certificate_mode" : "aeiou"
  },
  "preserve_client_ip" : true,
  "description" : "aeiou",
  "preserve_client_port" : true,
  "preserve_dest_ip_port" : true,
  "sip_service_profile" : {
    "transaction_timeout" : 123
  },
  "type" : "aeiou",
  "created_by" : "aeiou",
  "uuid" : "aeiou",
  "url" : "aeiou",
  "_last_modified" : "aeiou",
  "http_profile" : {
    "secure_cookie_enabled" : true,
    "compression_profile" : {
      "filter" : [ {
        "level" : "aeiou",
        "ip_addrs_ref" : "aeiou",
        "devices_ref" : "aeiou",
        "match" : "aeiou",
        "name" : "aeiou",
        "index" : 123,
        "ip_addr_prefixes" : [ {
          "ip_addr" : {
            "addr" : "aeiou",
            "type" : "aeiou"
          },
          "mask" : 123
        } ],
        "ip_addrs" : [ "" ],
        "user_agent" : [ "aeiou" ],
        "ip_addr_ranges" : [ {
          "end" : "",
          "begin" : ""
        } ]
      } ],
      "remove_accept_encoding_header" : true,
      "compression" : true,
      "type" : "aeiou",
      "compressible_content_ref" : "aeiou"
    },
    "max_http2_control_frames_per_connection" : 123,
    "allow_dots_in_header_name" : true,
    "httponly_enabled" : true,
    "keepalive_header" : true,
    "cache_config" : {
      "query_cacheable" : true,
      "min_object_size" : 123,
      "default_expire" : 123,
      "max_cache_size" : 123456789,
      "max_object_size" : 123,
      "mime_types_list" : [ "aeiou" ],
      "enabled" : true,
      "mime_types_black_group_refs" : [ "aeiou" ],
      "uri_non_cacheable" : {
        "match_criteria" : "aeiou",
        "string_group_refs" : [ "aeiou" ],
        "match_str" : [ "aeiou" ],
        "match_case" : "aeiou"
      },
      "age_header" : true,
      "ignore_request_cache_control" : true,
      "xcache_header" : true,
      "date_header" : true,
      "mime_types_group_refs" : [ "aeiou" ],
      "aggressive" : true,
      "heuristic_expire" : true,
      "mime_types_black_list" : [ "aeiou" ]
    },
    "post_accept_timeout" : 123,
    "max_bad_rps_cip_uri" : 123,
    "max_bad_rps_uri" : 123,
    "max_rps_unknown_cip" : 123,
    "client_max_body_size" : 123456789,
    "reset_conn_http_on_ssl_port" : true,
    "ssl_everywhere_enabled" : true,
    "client_header_timeout" : 123,
    "x_forwarded_proto_enabled" : true,
    "client_max_header_size" : 123,
    "keepalive_timeout" : 123,
    "enable_fire_and_forget" : true,
    "client_max_request_size" : 123,
    "fwd_close_hdr_for_bound_connections" : true,
    "hsts_subdomains_enabled" : true,
    "ssl_client_certificate_action" : {
      "headers" : [ {
        "request_header" : "aeiou",
        "request_header_value" : "aeiou"
      } ],
      "close_connection" : true
    },
    "ssl_client_certificate_mode" : "aeiou",
    "disable_sni_hostname_check" : true,
    "http_to_https" : true,
    "spdy_enabled" : true,
    "client_body_timeout" : 123,
    "max_rps_uri" : 123,
    "max_http2_empty_data_frames_per_connection" : 123,
    "xff_alternate_name" : "aeiou",
    "spdy_fwd_proxy_mode" : true,
    "use_app_keepalive_timeout" : true,
    "websockets_enabled" : true,
    "respond_with_100_continue" : true,
    "server_side_redirect_to_https" : true,
    "connection_multiplexing_enabled" : true,
    "hsts_enabled" : true,
    "http_upstream_buffer_size" : 123,
    "disable_keepalive_posts_msie6" : true,
    "http2_enabled" : true,
    "max_http2_queued_frames_to_client_per_connection" : 123,
    "max_http2_concurrent_streams_per_connection" : 123,
    "max_rps_cip" : 123,
    "max_response_headers_size" : 123,
    "xff_enabled" : true,
    "http2_profile" : {
      "max_http2_control_frames_per_connection" : 123,
      "max_http2_header_field_size" : 123,
      "max_http2_queued_frames_to_client_per_connection" : 123,
      "max_http2_concurrent_streams_per_connection" : 123,
      "max_http2_requests_per_connection" : 123,
      "max_http2_empty_data_frames_per_connection" : 123,
      "http2_initial_window_size" : 123
    },
    "enable_request_body_buffering" : true,
    "enable_request_body_metrics" : true,
    "max_rps_cip_uri" : 123,
    "pki_profile_ref" : "aeiou",
    "max_bad_rps_cip" : 123,
    "max_rps_unknown_uri" : 123,
    "max_keepalive_requests" : 123,
    "enable_chunk_merge" : true,
    "hsts_max_age" : 123456789
  },
  "dos_rl_profile" : {
    "rl_profile" : {
      "client_ip_requests_rate_limit" : "",
      "client_ip_scanners_requests_rate_limit" : "",
      "client_ip_connections_rate_limit" : {
        "rate_limiter" : {
          "period" : 123,
          "count" : 123,
          "name" : "aeiou",
          "burst_sz" : 123
        },
        "period" : 123,
        "count" : 123,
        "action" : {
          "redirect" : {
            "keep_query" : true,
            "path" : "",
            "protocol" : "aeiou",
            "status_code" : "aeiou",
            "port" : 123,
            "host" : {
              "tokens" : [ {
                "start_index" : 123,
                "str_value" : "aeiou",
                "end_index" : 123,
                "type" : "aeiou"
              } ],
              "type" : "aeiou"
            }
          },
          "file" : {
            "file_content" : "aeiou",
            "content_type" : "aeiou"
          },
          "status_code" : "aeiou",
          "type" : "aeiou"
        },
        "burst_sz" : 123,
        "explicit_tracking" : true,
        "fine_grain" : true,
        "http_cookie" : "aeiou",
        "http_header" : "aeiou"
      },
      "client_ip_to_uri_requests_rate_limit" : "",
      "http_header_rate_limits" : [ "" ],
      "uri_scanners_requests_rate_limit" : "",
      "uri_requests_rate_limit" : "",
      "client_ip_to_uri_failed_requests_rate_limit" : "",
      "client_ip_failed_requests_rate_limit" : "",
      "custom_requests_rate_limit" : "",
      "uri_failed_requests_rate_limit" : ""
    },
    "dos_profile" : {
      "thresh_period" : 123,
      "thresh_info" : [ {
        "min_value" : 123,
        "attack" : "aeiou",
        "max_value" : 123
      } ]
    }
  },
  "tenant_ref" : "aeiou",
  "name" : "aeiou",
  "cloud_config_cksum" : "aeiou"
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK ApplicationProfile

401

log in failed

Up
delete /applicationprofile/{uuid}
(applicationprofileUuidDelete)

Path parameters

uuid (required)
Path Parameter — UUID of the object to fetch

Consumes

This API call consumes the following media types via the Content-Type request header:

Query parameters

name (optional)
Query Parameter — object name

Return type

String

Example data

Content-Type: application/json
"aeiou"

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

204

object deleted String

404

not found

Up
get /applicationprofile/{uuid}
(applicationprofileUuidGet)

Path parameters

uuid (required)
Path Parameter — UUID of the object to fetch

Consumes

This API call consumes the following media types via the Content-Type request header:

Query parameters

name (optional)
Query Parameter — object name
fields (optional)
Query Parameter — List of fields to be returned for the resource. Some fields like name, URL, uuid etc. are always returned.
include_name (optional)
Query Parameter — All the Avi REST reference URIs have a name suffix as URI#name. It is useful to get the referenced resource name without performing get on that object.
skip_default (optional)
Query Parameter — Default values are not set.
join_subresources (optional)
Query Parameter — It automatically returns additional dependent resources like runtime. Eg. join_subresources=runtime.

Return type

ApplicationProfile

Example data

Content-Type: application/json
{
  "dns_service_profile" : {
    "dns_zones" : [ {
      "domain_name" : "aeiou",
      "name_server" : "aeiou",
      "admin_email" : "aeiou"
    } ],
    "aaaa_empty_response" : true,
    "edns" : true,
    "edns_client_subnet_prefix_len" : 123,
    "ttl" : 123,
    "admin_email" : "aeiou",
    "domain_names" : [ "aeiou" ],
    "authoritative_domain_names" : [ "aeiou" ],
    "dns_over_tcp_enabled" : true,
    "negative_caching_ttl" : 123,
    "name_server" : "aeiou",
    "error_response" : "aeiou",
    "num_dns_ip" : 123,
    "ecs_stripping_enabled" : true
  },
  "tcp_app_profile" : {
    "pki_profile_ref" : "aeiou",
    "proxy_protocol_enabled" : true,
    "proxy_protocol_version" : "aeiou",
    "ssl_client_certificate_mode" : "aeiou"
  },
  "preserve_client_ip" : true,
  "description" : "aeiou",
  "preserve_client_port" : true,
  "preserve_dest_ip_port" : true,
  "sip_service_profile" : {
    "transaction_timeout" : 123
  },
  "type" : "aeiou",
  "created_by" : "aeiou",
  "uuid" : "aeiou",
  "url" : "aeiou",
  "_last_modified" : "aeiou",
  "http_profile" : {
    "secure_cookie_enabled" : true,
    "compression_profile" : {
      "filter" : [ {
        "level" : "aeiou",
        "ip_addrs_ref" : "aeiou",
        "devices_ref" : "aeiou",
        "match" : "aeiou",
        "name" : "aeiou",
        "index" : 123,
        "ip_addr_prefixes" : [ {
          "ip_addr" : {
            "addr" : "aeiou",
            "type" : "aeiou"
          },
          "mask" : 123
        } ],
        "ip_addrs" : [ "" ],
        "user_agent" : [ "aeiou" ],
        "ip_addr_ranges" : [ {
          "end" : "",
          "begin" : ""
        } ]
      } ],
      "remove_accept_encoding_header" : true,
      "compression" : true,
      "type" : "aeiou",
      "compressible_content_ref" : "aeiou"
    },
    "max_http2_control_frames_per_connection" : 123,
    "allow_dots_in_header_name" : true,
    "httponly_enabled" : true,
    "keepalive_header" : true,
    "cache_config" : {
      "query_cacheable" : true,
      "min_object_size" : 123,
      "default_expire" : 123,
      "max_cache_size" : 123456789,
      "max_object_size" : 123,
      "mime_types_list" : [ "aeiou" ],
      "enabled" : true,
      "mime_types_black_group_refs" : [ "aeiou" ],
      "uri_non_cacheable" : {
        "match_criteria" : "aeiou",
        "string_group_refs" : [ "aeiou" ],
        "match_str" : [ "aeiou" ],
        "match_case" : "aeiou"
      },
      "age_header" : true,
      "ignore_request_cache_control" : true,
      "xcache_header" : true,
      "date_header" : true,
      "mime_types_group_refs" : [ "aeiou" ],
      "aggressive" : true,
      "heuristic_expire" : true,
      "mime_types_black_list" : [ "aeiou" ]
    },
    "post_accept_timeout" : 123,
    "max_bad_rps_cip_uri" : 123,
    "max_bad_rps_uri" : 123,
    "max_rps_unknown_cip" : 123,
    "client_max_body_size" : 123456789,
    "reset_conn_http_on_ssl_port" : true,
    "ssl_everywhere_enabled" : true,
    "client_header_timeout" : 123,
    "x_forwarded_proto_enabled" : true,
    "client_max_header_size" : 123,
    "keepalive_timeout" : 123,
    "enable_fire_and_forget" : true,
    "client_max_request_size" : 123,
    "fwd_close_hdr_for_bound_connections" : true,
    "hsts_subdomains_enabled" : true,
    "ssl_client_certificate_action" : {
      "headers" : [ {
        "request_header" : "aeiou",
        "request_header_value" : "aeiou"
      } ],
      "close_connection" : true
    },
    "ssl_client_certificate_mode" : "aeiou",
    "disable_sni_hostname_check" : true,
    "http_to_https" : true,
    "spdy_enabled" : true,
    "client_body_timeout" : 123,
    "max_rps_uri" : 123,
    "max_http2_empty_data_frames_per_connection" : 123,
    "xff_alternate_name" : "aeiou",
    "spdy_fwd_proxy_mode" : true,
    "use_app_keepalive_timeout" : true,
    "websockets_enabled" : true,
    "respond_with_100_continue" : true,
    "server_side_redirect_to_https" : true,
    "connection_multiplexing_enabled" : true,
    "hsts_enabled" : true,
    "http_upstream_buffer_size" : 123,
    "disable_keepalive_posts_msie6" : true,
    "http2_enabled" : true,
    "max_http2_queued_frames_to_client_per_connection" : 123,
    "max_http2_concurrent_streams_per_connection" : 123,
    "max_rps_cip" : 123,
    "max_response_headers_size" : 123,
    "xff_enabled" : true,
    "http2_profile" : {
      "max_http2_control_frames_per_connection" : 123,
      "max_http2_header_field_size" : 123,
      "max_http2_queued_frames_to_client_per_connection" : 123,
      "max_http2_concurrent_streams_per_connection" : 123,
      "max_http2_requests_per_connection" : 123,
      "max_http2_empty_data_frames_per_connection" : 123,
      "http2_initial_window_size" : 123
    },
    "enable_request_body_buffering" : true,
    "enable_request_body_metrics" : true,
    "max_rps_cip_uri" : 123,
    "pki_profile_ref" : "aeiou",
    "max_bad_rps_cip" : 123,
    "max_rps_unknown_uri" : 123,
    "max_keepalive_requests" : 123,
    "enable_chunk_merge" : true,
    "hsts_max_age" : 123456789
  },
  "dos_rl_profile" : {
    "rl_profile" : {
      "client_ip_requests_rate_limit" : "",
      "client_ip_scanners_requests_rate_limit" : "",
      "client_ip_connections_rate_limit" : {
        "rate_limiter" : {
          "period" : 123,
          "count" : 123,
          "name" : "aeiou",
          "burst_sz" : 123
        },
        "period" : 123,
        "count" : 123,
        "action" : {
          "redirect" : {
            "keep_query" : true,
            "path" : "",
            "protocol" : "aeiou",
            "status_code" : "aeiou",
            "port" : 123,
            "host" : {
              "tokens" : [ {
                "start_index" : 123,
                "str_value" : "aeiou",
                "end_index" : 123,
                "type" : "aeiou"
              } ],
              "type" : "aeiou"
            }
          },
          "file" : {
            "file_content" : "aeiou",
            "content_type" : "aeiou"
          },
          "status_code" : "aeiou",
          "type" : "aeiou"
        },
        "burst_sz" : 123,
        "explicit_tracking" : true,
        "fine_grain" : true,
        "http_cookie" : "aeiou",
        "http_header" : "aeiou"
      },
      "client_ip_to_uri_requests_rate_limit" : "",
      "http_header_rate_limits" : [ "" ],
      "uri_scanners_requests_rate_limit" : "",
      "uri_requests_rate_limit" : "",
      "client_ip_to_uri_failed_requests_rate_limit" : "",
      "client_ip_failed_requests_rate_limit" : "",
      "custom_requests_rate_limit" : "",
      "uri_failed_requests_rate_limit" : ""
    },
    "dos_profile" : {
      "thresh_period" : 123,
      "thresh_info" : [ {
        "min_value" : 123,
        "attack" : "aeiou",
        "max_value" : 123
      } ]
    }
  },
  "tenant_ref" : "aeiou",
  "name" : "aeiou",
  "cloud_config_cksum" : "aeiou"
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK ApplicationProfile

401

log in failed

Up
patch /applicationprofile/{uuid}
(applicationprofileUuidPatch)

Path parameters

uuid (required)
Path Parameter — UUID of the object to fetch

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body (required)
Body Parameter — ApplicationProfile object creation

Query parameters

name (optional)
Query Parameter — object name

Return type

ApplicationProfile

Example data

Content-Type: application/json
{
  "dns_service_profile" : {
    "dns_zones" : [ {
      "domain_name" : "aeiou",
      "name_server" : "aeiou",
      "admin_email" : "aeiou"
    } ],
    "aaaa_empty_response" : true,
    "edns" : true,
    "edns_client_subnet_prefix_len" : 123,
    "ttl" : 123,
    "admin_email" : "aeiou",
    "domain_names" : [ "aeiou" ],
    "authoritative_domain_names" : [ "aeiou" ],
    "dns_over_tcp_enabled" : true,
    "negative_caching_ttl" : 123,
    "name_server" : "aeiou",
    "error_response" : "aeiou",
    "num_dns_ip" : 123,
    "ecs_stripping_enabled" : true
  },
  "tcp_app_profile" : {
    "pki_profile_ref" : "aeiou",
    "proxy_protocol_enabled" : true,
    "proxy_protocol_version" : "aeiou",
    "ssl_client_certificate_mode" : "aeiou"
  },
  "preserve_client_ip" : true,
  "description" : "aeiou",
  "preserve_client_port" : true,
  "preserve_dest_ip_port" : true,
  "sip_service_profile" : {
    "transaction_timeout" : 123
  },
  "type" : "aeiou",
  "created_by" : "aeiou",
  "uuid" : "aeiou",
  "url" : "aeiou",
  "_last_modified" : "aeiou",
  "http_profile" : {
    "secure_cookie_enabled" : true,
    "compression_profile" : {
      "filter" : [ {
        "level" : "aeiou",
        "ip_addrs_ref" : "aeiou",
        "devices_ref" : "aeiou",
        "match" : "aeiou",
        "name" : "aeiou",
        "index" : 123,
        "ip_addr_prefixes" : [ {
          "ip_addr" : {
            "addr" : "aeiou",
            "type" : "aeiou"
          },
          "mask" : 123
        } ],
        "ip_addrs" : [ "" ],
        "user_agent" : [ "aeiou" ],
        "ip_addr_ranges" : [ {
          "end" : "",
          "begin" : ""
        } ]
      } ],
      "remove_accept_encoding_header" : true,
      "compression" : true,
      "type" : "aeiou",
      "compressible_content_ref" : "aeiou"
    },
    "max_http2_control_frames_per_connection" : 123,
    "allow_dots_in_header_name" : true,
    "httponly_enabled" : true,
    "keepalive_header" : true,
    "cache_config" : {
      "query_cacheable" : true,
      "min_object_size" : 123,
      "default_expire" : 123,
      "max_cache_size" : 123456789,
      "max_object_size" : 123,
      "mime_types_list" : [ "aeiou" ],
      "enabled" : true,
      "mime_types_black_group_refs" : [ "aeiou" ],
      "uri_non_cacheable" : {
        "match_criteria" : "aeiou",
        "string_group_refs" : [ "aeiou" ],
        "match_str" : [ "aeiou" ],
        "match_case" : "aeiou"
      },
      "age_header" : true,
      "ignore_request_cache_control" : true,
      "xcache_header" : true,
      "date_header" : true,
      "mime_types_group_refs" : [ "aeiou" ],
      "aggressive" : true,
      "heuristic_expire" : true,
      "mime_types_black_list" : [ "aeiou" ]
    },
    "post_accept_timeout" : 123,
    "max_bad_rps_cip_uri" : 123,
    "max_bad_rps_uri" : 123,
    "max_rps_unknown_cip" : 123,
    "client_max_body_size" : 123456789,
    "reset_conn_http_on_ssl_port" : true,
    "ssl_everywhere_enabled" : true,
    "client_header_timeout" : 123,
    "x_forwarded_proto_enabled" : true,
    "client_max_header_size" : 123,
    "keepalive_timeout" : 123,
    "enable_fire_and_forget" : true,
    "client_max_request_size" : 123,
    "fwd_close_hdr_for_bound_connections" : true,
    "hsts_subdomains_enabled" : true,
    "ssl_client_certificate_action" : {
      "headers" : [ {
        "request_header" : "aeiou",
        "request_header_value" : "aeiou"
      } ],
      "close_connection" : true
    },
    "ssl_client_certificate_mode" : "aeiou",
    "disable_sni_hostname_check" : true,
    "http_to_https" : true,
    "spdy_enabled" : true,
    "client_body_timeout" : 123,
    "max_rps_uri" : 123,
    "max_http2_empty_data_frames_per_connection" : 123,
    "xff_alternate_name" : "aeiou",
    "spdy_fwd_proxy_mode" : true,
    "use_app_keepalive_timeout" : true,
    "websockets_enabled" : true,
    "respond_with_100_continue" : true,
    "server_side_redirect_to_https" : true,
    "connection_multiplexing_enabled" : true,
    "hsts_enabled" : true,
    "http_upstream_buffer_size" : 123,
    "disable_keepalive_posts_msie6" : true,
    "http2_enabled" : true,
    "max_http2_queued_frames_to_client_per_connection" : 123,
    "max_http2_concurrent_streams_per_connection" : 123,
    "max_rps_cip" : 123,
    "max_response_headers_size" : 123,
    "xff_enabled" : true,
    "http2_profile" : {
      "max_http2_control_frames_per_connection" : 123,
      "max_http2_header_field_size" : 123,
      "max_http2_queued_frames_to_client_per_connection" : 123,
      "max_http2_concurrent_streams_per_connection" : 123,
      "max_http2_requests_per_connection" : 123,
      "max_http2_empty_data_frames_per_connection" : 123,
      "http2_initial_window_size" : 123
    },
    "enable_request_body_buffering" : true,
    "enable_request_body_metrics" : true,
    "max_rps_cip_uri" : 123,
    "pki_profile_ref" : "aeiou",
    "max_bad_rps_cip" : 123,
    "max_rps_unknown_uri" : 123,
    "max_keepalive_requests" : 123,
    "enable_chunk_merge" : true,
    "hsts_max_age" : 123456789
  },
  "dos_rl_profile" : {
    "rl_profile" : {
      "client_ip_requests_rate_limit" : "",
      "client_ip_scanners_requests_rate_limit" : "",
      "client_ip_connections_rate_limit" : {
        "rate_limiter" : {
          "period" : 123,
          "count" : 123,
          "name" : "aeiou",
          "burst_sz" : 123
        },
        "period" : 123,
        "count" : 123,
        "action" : {
          "redirect" : {
            "keep_query" : true,
            "path" : "",
            "protocol" : "aeiou",
            "status_code" : "aeiou",
            "port" : 123,
            "host" : {
              "tokens" : [ {
                "start_index" : 123,
                "str_value" : "aeiou",
                "end_index" : 123,
                "type" : "aeiou"
              } ],
              "type" : "aeiou"
            }
          },
          "file" : {
            "file_content" : "aeiou",
            "content_type" : "aeiou"
          },
          "status_code" : "aeiou",
          "type" : "aeiou"
        },
        "burst_sz" : 123,
        "explicit_tracking" : true,
        "fine_grain" : true,
        "http_cookie" : "aeiou",
        "http_header" : "aeiou"
      },
      "client_ip_to_uri_requests_rate_limit" : "",
      "http_header_rate_limits" : [ "" ],
      "uri_scanners_requests_rate_limit" : "",
      "uri_requests_rate_limit" : "",
      "client_ip_to_uri_failed_requests_rate_limit" : "",
      "client_ip_failed_requests_rate_limit" : "",
      "custom_requests_rate_limit" : "",
      "uri_failed_requests_rate_limit" : ""
    },
    "dos_profile" : {
      "thresh_period" : 123,
      "thresh_info" : [ {
        "min_value" : 123,
        "attack" : "aeiou",
        "max_value" : 123
      } ]
    }
  },
  "tenant_ref" : "aeiou",
  "name" : "aeiou",
  "cloud_config_cksum" : "aeiou"
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK ApplicationProfile

401

log in failed

Up
put /applicationprofile/{uuid}
(applicationprofileUuidPut)

Path parameters

uuid (required)
Path Parameter — UUID of the object to fetch

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body (required)
Body Parameter — ApplicationProfile object creation

Query parameters

name (optional)
Query Parameter — object name

Return type

ApplicationProfile

Example data

Content-Type: application/json
{
  "dns_service_profile" : {
    "dns_zones" : [ {
      "domain_name" : "aeiou",
      "name_server" : "aeiou",
      "admin_email" : "aeiou"
    } ],
    "aaaa_empty_response" : true,
    "edns" : true,
    "edns_client_subnet_prefix_len" : 123,
    "ttl" : 123,
    "admin_email" : "aeiou",
    "domain_names" : [ "aeiou" ],
    "authoritative_domain_names" : [ "aeiou" ],
    "dns_over_tcp_enabled" : true,
    "negative_caching_ttl" : 123,
    "name_server" : "aeiou",
    "error_response" : "aeiou",
    "num_dns_ip" : 123,
    "ecs_stripping_enabled" : true
  },
  "tcp_app_profile" : {
    "pki_profile_ref" : "aeiou",
    "proxy_protocol_enabled" : true,
    "proxy_protocol_version" : "aeiou",
    "ssl_client_certificate_mode" : "aeiou"
  },
  "preserve_client_ip" : true,
  "description" : "aeiou",
  "preserve_client_port" : true,
  "preserve_dest_ip_port" : true,
  "sip_service_profile" : {
    "transaction_timeout" : 123
  },
  "type" : "aeiou",
  "created_by" : "aeiou",
  "uuid" : "aeiou",
  "url" : "aeiou",
  "_last_modified" : "aeiou",
  "http_profile" : {
    "secure_cookie_enabled" : true,
    "compression_profile" : {
      "filter" : [ {
        "level" : "aeiou",
        "ip_addrs_ref" : "aeiou",
        "devices_ref" : "aeiou",
        "match" : "aeiou",
        "name" : "aeiou",
        "index" : 123,
        "ip_addr_prefixes" : [ {
          "ip_addr" : {
            "addr" : "aeiou",
            "type" : "aeiou"
          },
          "mask" : 123
        } ],
        "ip_addrs" : [ "" ],
        "user_agent" : [ "aeiou" ],
        "ip_addr_ranges" : [ {
          "end" : "",
          "begin" : ""
        } ]
      } ],
      "remove_accept_encoding_header" : true,
      "compression" : true,
      "type" : "aeiou",
      "compressible_content_ref" : "aeiou"
    },
    "max_http2_control_frames_per_connection" : 123,
    "allow_dots_in_header_name" : true,
    "httponly_enabled" : true,
    "keepalive_header" : true,
    "cache_config" : {
      "query_cacheable" : true,
      "min_object_size" : 123,
      "default_expire" : 123,
      "max_cache_size" : 123456789,
      "max_object_size" : 123,
      "mime_types_list" : [ "aeiou" ],
      "enabled" : true,
      "mime_types_black_group_refs" : [ "aeiou" ],
      "uri_non_cacheable" : {
        "match_criteria" : "aeiou",
        "string_group_refs" : [ "aeiou" ],
        "match_str" : [ "aeiou" ],
        "match_case" : "aeiou"
      },
      "age_header" : true,
      "ignore_request_cache_control" : true,
      "xcache_header" : true,
      "date_header" : true,
      "mime_types_group_refs" : [ "aeiou" ],
      "aggressive" : true,
      "heuristic_expire" : true,
      "mime_types_black_list" : [ "aeiou" ]
    },
    "post_accept_timeout" : 123,
    "max_bad_rps_cip_uri" : 123,
    "max_bad_rps_uri" : 123,
    "max_rps_unknown_cip" : 123,
    "client_max_body_size" : 123456789,
    "reset_conn_http_on_ssl_port" : true,
    "ssl_everywhere_enabled" : true,
    "client_header_timeout" : 123,
    "x_forwarded_proto_enabled" : true,
    "client_max_header_size" : 123,
    "keepalive_timeout" : 123,
    "enable_fire_and_forget" : true,
    "client_max_request_size" : 123,
    "fwd_close_hdr_for_bound_connections" : true,
    "hsts_subdomains_enabled" : true,
    "ssl_client_certificate_action" : {
      "headers" : [ {
        "request_header" : "aeiou",
        "request_header_value" : "aeiou"
      } ],
      "close_connection" : true
    },
    "ssl_client_certificate_mode" : "aeiou",
    "disable_sni_hostname_check" : true,
    "http_to_https" : true,
    "spdy_enabled" : true,
    "client_body_timeout" : 123,
    "max_rps_uri" : 123,
    "max_http2_empty_data_frames_per_connection" : 123,
    "xff_alternate_name" : "aeiou",
    "spdy_fwd_proxy_mode" : true,
    "use_app_keepalive_timeout" : true,
    "websockets_enabled" : true,
    "respond_with_100_continue" : true,
    "server_side_redirect_to_https" : true,
    "connection_multiplexing_enabled" : true,
    "hsts_enabled" : true,
    "http_upstream_buffer_size" : 123,
    "disable_keepalive_posts_msie6" : true,
    "http2_enabled" : true,
    "max_http2_queued_frames_to_client_per_connection" : 123,
    "max_http2_concurrent_streams_per_connection" : 123,
    "max_rps_cip" : 123,
    "max_response_headers_size" : 123,
    "xff_enabled" : true,
    "http2_profile" : {
      "max_http2_control_frames_per_connection" : 123,
      "max_http2_header_field_size" : 123,
      "max_http2_queued_frames_to_client_per_connection" : 123,
      "max_http2_concurrent_streams_per_connection" : 123,
      "max_http2_requests_per_connection" : 123,
      "max_http2_empty_data_frames_per_connection" : 123,
      "http2_initial_window_size" : 123
    },
    "enable_request_body_buffering" : true,
    "enable_request_body_metrics" : true,
    "max_rps_cip_uri" : 123,
    "pki_profile_ref" : "aeiou",
    "max_bad_rps_cip" : 123,
    "max_rps_unknown_uri" : 123,
    "max_keepalive_requests" : 123,
    "enable_chunk_merge" : true,
    "hsts_max_age" : 123456789
  },
  "dos_rl_profile" : {
    "rl_profile" : {
      "client_ip_requests_rate_limit" : "",
      "client_ip_scanners_requests_rate_limit" : "",
      "client_ip_connections_rate_limit" : {
        "rate_limiter" : {
          "period" : 123,
          "count" : 123,
          "name" : "aeiou",
          "burst_sz" : 123
        },
        "period" : 123,
        "count" : 123,
        "action" : {
          "redirect" : {
            "keep_query" : true,
            "path" : "",
            "protocol" : "aeiou",
            "status_code" : "aeiou",
            "port" : 123,
            "host" : {
              "tokens" : [ {
                "start_index" : 123,
                "str_value" : "aeiou",
                "end_index" : 123,
                "type" : "aeiou"
              } ],
              "type" : "aeiou"
            }
          },
          "file" : {
            "file_content" : "aeiou",
            "content_type" : "aeiou"
          },
          "status_code" : "aeiou",
          "type" : "aeiou"
        },
        "burst_sz" : 123,
        "explicit_tracking" : true,
        "fine_grain" : true,
        "http_cookie" : "aeiou",
        "http_header" : "aeiou"
      },
      "client_ip_to_uri_requests_rate_limit" : "",
      "http_header_rate_limits" : [ "" ],
      "uri_scanners_requests_rate_limit" : "",
      "uri_requests_rate_limit" : "",
      "client_ip_to_uri_failed_requests_rate_limit" : "",
      "client_ip_failed_requests_rate_limit" : "",
      "custom_requests_rate_limit" : "",
      "uri_failed_requests_rate_limit" : ""
    },
    "dos_profile" : {
      "thresh_period" : 123,
      "thresh_info" : [ {
        "min_value" : 123,
        "attack" : "aeiou",
        "max_value" : 123
      } ]
    }
  },
  "tenant_ref" : "aeiou",
  "name" : "aeiou",
  "cloud_config_cksum" : "aeiou"
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK ApplicationProfile

401

log in failed

Up
get /applicationprofile/{uuid}/runtime/internal/
(applicationprofileUuidRuntimeInternalGet)

Path parameters

uuid (required)
Path Parameter — UUID of the object to fetch

Consumes

This API call consumes the following media types via the Content-Type request header:

Return type

String

Example data

Content-Type: application/json
"aeiou"

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK String

401

log in failed

Up

Models

[ Jump to Methods ]

Table of Contents

  1. ApplicationProfile
  2. ApplicationProfileApiResponse
  3. CompressionFilter
  4. CompressionProfile
  5. DnsServiceApplicationProfile
  6. DnsZone
  7. DosRateLimitProfile
  8. DosThreshold
  9. DosThresholdProfile
  10. HTTP2ApplicationProfile
  11. HTTPApplicationProfile
  12. HTTPLocalFile
  13. HTTPRedirectAction
  14. HttpCacheConfig
  15. IpAddr
  16. IpAddrPrefix
  17. IpAddrRange
  18. PathMatch
  19. RateLimiter
  20. RateLimiterAction
  21. RateLimiterProfile
  22. RateProfile
  23. SSLClientCertificateAction
  24. SSLClientRequestHeader
  25. SipServiceApplicationProfile
  26. TCPApplicationProfile
  27. URIParam
  28. URIParamToken

ApplicationProfile Up

_last_modified (optional)
String UNIX time since epoch in microseconds. Units(MICROSECONDS).
cloud_config_cksum (optional)
String Checksum of application profiles. Internally set by cloud connector. Field introduced in 17.2.14, 18.1.5, 18.2.1.
created_by (optional)
String Name of the application profile creator. Field introduced in 17.2.14, 18.1.5, 18.2.1.
description (optional)
String User defined description for the object.
dns_service_profile (optional)
DnsServiceApplicationProfile Specifies various DNS service related controls for virtual service.
dos_rl_profile (optional)
DosRateLimitProfile Specifies various security related controls for virtual service.
http_profile (optional)
HTTPApplicationProfile Specifies the HTTP application proxy profile parameters.
name
String The name of the application profile.
preserve_client_ip (optional)
Boolean Specifies if client IP needs to be preserved for backend connection. Not compatible with Connection Multiplexing.
preserve_client_port (optional)
Boolean Specifies if we need to preserve client port while preserving client IP for backend connections. Field introduced in 17.2.7.
preserve_dest_ip_port (optional)
Boolean Specifies if destination IP and port needs to be preserved for backend connection. Field introduced in 20.1.1.
sip_service_profile (optional)
SipServiceApplicationProfile Specifies various SIP service related controls for virtual service. Field introduced in 17.2.8, 18.1.3, 18.2.1.
tcp_app_profile (optional)
TCPApplicationProfile Specifies the TCP application proxy profile parameters.
tenant_ref (optional)
String It is a reference to an object of type Tenant.
type
String Specifies which application layer proxy is enabled for the virtual service. Enum options - APPLICATION_PROFILE_TYPE_L4, APPLICATION_PROFILE_TYPE_HTTP, APPLICATION_PROFILE_TYPE_SYSLOG, APPLICATION_PROFILE_TYPE_DNS, APPLICATION_PROFILE_TYPE_SSL, APPLICATION_PROFILE_TYPE_SIP.
url (optional)
String url
uuid (optional)
String UUID of the application profile.

ApplicationProfileApiResponse Up

count
Integer format: int32
results
next (optional)

CompressionFilter Up

devices_ref (optional)
String It is a reference to an object of type StringGroup.
index
Integer Number of index. format: int32
ip_addr_prefixes (optional)
array[IpAddrPrefix] Placeholder for description of property ip_addr_prefixes of obj type CompressionFilter field type str type object
ip_addr_ranges (optional)
array[IpAddrRange] Placeholder for description of property ip_addr_ranges of obj type CompressionFilter field type str type object
ip_addrs (optional)
array[IpAddr] Placeholder for description of property ip_addrs of obj type CompressionFilter field type str type object
ip_addrs_ref (optional)
String It is a reference to an object of type IpAddrGroup.
level
String Enum options - AGGRESSIVE_COMPRESSION, NORMAL_COMPRESSION, NO_COMPRESSION.
match (optional)
String Whether to apply Filter when group criteria is matched or not. Enum options - IS_IN, IS_NOT_IN.
name
String Name of the object.
user_agent (optional)
array[String] user_agent of CompressionFilter.

CompressionProfile Up

compressible_content_ref (optional)
String Compress only content types listed in this string group. Content types not present in this list are not compressed. It is a reference to an object of type StringGroup.
compression
Boolean Compress HTTP response content if it wasn't already compressed.
filter (optional)
array[CompressionFilter] Custom filters used when auto compression is not selected.
remove_accept_encoding_header
Boolean Offload compression from the servers to AVI. Saves compute cycles on the servers.
type
String Compress content automatically or add custom filters to define compressible content and compression levels. Enum options - AUTO_COMPRESSION, CUSTOM_COMPRESSION.

DnsServiceApplicationProfile Up

aaaa_empty_response (optional)
Boolean Respond to AAAA queries with empty response when there are only IPV4 records.
admin_email (optional)
String Email address of the administrator responsible for this zone . This field is used in SOA records (rname) pertaining to all domain names specified as authoritative domain names. If not configured, the default value 'hostmaster' is used in SOA responses. Field introduced in 18.2.5.
authoritative_domain_names (optional)
array[String] Domain names authoritatively serviced by this Virtual Service. These are configured as Ends-With semantics. Queries for FQDNs that are subdomains of this domain and do not have any DNS record in Avi are dropped or NXDomain response sent. . Field deprecated in 18.2.6. Field introduced in 17.1.6,17.2.2.
dns_over_tcp_enabled (optional)
Boolean Enable DNS query/response over TCP. This enables analytics for pass-through queries as well. Field introduced in 17.1.1.
dns_zones (optional)
array[DnsZone] DNS zones hosted on this Virtual Service. Field introduced in 18.2.6.
domain_names (optional)
array[String] Subdomain names serviced by this Virtual Service. These are configured as Ends-With semantics.
ecs_stripping_enabled (optional)
Boolean Enable stripping of EDNS client subnet (ecs) option towards client if DNS service inserts ecs option in the DNS query towards upstream servers. Field introduced in 17.1.5.
edns (optional)
Boolean Enable DNS service to be aware of EDNS (Extension mechanism for DNS). EDNS extensions are parsed and shown in logs. For GSLB services, the EDNS client subnet option can be used to influence Load Balancing. Field introduced in 17.1.1.
edns_client_subnet_prefix_len (optional)
Integer Specifies the IP address prefix length to use in the EDNS client subnet (ECS) option. When the incoming request does not have any ECS option and the prefix length is specified, an ECS option is inserted in the request passed to upstream server. If the incoming request already has an ECS option, the prefix length (and correspondingly the address) in the ECS option is updated, with the minimum of the prefix length present in the incoming and the configured prefix length, before passing the request to upstream server. Allowed values are 1-32. Field introduced in 17.1.3. format: int32
error_response (optional)
String Drop or respond to client when the DNS service encounters an error processing a client query. By default, such a request is dropped without any response, or passed through to a passthrough pool, if configured. When set to respond, an appropriate response is sent to client, e.g. NXDOMAIN response for non-existent records, empty NOERROR response for unsupported queries, etc. Enum options - DNS_ERROR_RESPONSE_ERROR, DNS_ERROR_RESPONSE_NONE.
name_server (optional)
String The <domain-name> of the name server that was the original or primary source of data for this zone. This field is used in SOA records (mname) pertaining to all domain names specified as authoritative domain names. If not configured, domain name is used as name server in SOA response. Field introduced in 18.2.5.
negative_caching_ttl (optional)
Integer Specifies the TTL value (in seconds) for SOA (Start of Authority) (corresponding to a authoritative domain owned by this DNS Virtual Service) record's minimum TTL served by the DNS Virtual Service. Allowed values are 0-86400. Field introduced in 17.2.4. Unit is SEC. format: int32
num_dns_ip (optional)
Integer Specifies the number of IP addresses returned by the DNS Service. Enter 0 to return all IP addresses. Allowed values are 1-20. Special values are 0- 'Return all IP addresses'. format: int32
ttl (optional)
Integer Specifies the TTL value (in seconds) for records served by DNS Service. Allowed values are 0-86400. Unit is SEC. format: int32

DnsZone Up

admin_email (optional)
String Email address of the administrator responsible for this zone. This field is used in SOA records as rname (RFC 1035). If not configured, it is inherited from the DNS service profile. Field introduced in 18.2.6.
domain_name
String Domain name authoritatively serviced by this Virtual Service. Queries for FQDNs that are sub domains of this domain and do not have any DNS record in Avi are dropped or NXDomain response sent. For domains which are present, SOA parameters are sent in answer section of response if query type is SOA. Field introduced in 18.2.6.
name_server (optional)
String The primary name server for this zone. This field is used in SOA records as mname (RFC 1035). If not configured, it is inherited from the DNS service profile. If even that is not configured, the domain name is used instead. Field introduced in 18.2.6.

DosRateLimitProfile Up

dos_profile (optional)
DosThresholdProfile Profile for DoS attack detection.
rl_profile (optional)
RateLimiterProfile Profile for Connections/Requests rate limiting.

DosThreshold Up

attack
String Attack type. Enum options - LAND, SMURF, ICMP_PING_FLOOD, UNKOWN_PROTOCOL, TEARDROP, IP_FRAG_OVERRUN, IP_FRAG_TOOSMALL, IP_FRAG_FULL, IP_FRAG_INCOMPLETE, PORT_SCAN, TCP_NON_SYN_FLOOD_OLD, SYN_FLOOD, BAD_RST_FLOOD, MALFORMED_FLOOD, FAKE_SESSION, ZERO_WINDOW_STRESS, SMALL_WINDOW_STRESS, DOS_HTTP_TIMEOUT, DOS_HTTP_ERROR, DOS_HTTP_ABORT, DOS_SSL_ERROR, DOS_APP_ERROR, DOS_REQ_IP_RL_DROP, DOS_REQ_URI_RL_DROP, DOS_REQ_URI_SCAN_BAD_RL_DROP, DOS_REQ_URI_SCAN_UNKNOWN_RL_DROP, DOS_REQ_IP_URI_RL_DROP, DOS_CONN_IP_RL_DROP, DOS_SLOW_URL, TCP_NON_SYN_FLOOD, DOS_REQ_CIP_SCAN_BAD_RL_DROP, DOS_REQ_CIP_SCAN_UNKNOWN_RL_DROP, DOS_REQ_IP_RL_DROP_BAD, DOS_REQ_URI_RL_DROP_BAD, DOS_REQ_IP_URI_RL_DROP_BAD, POLICY_DROPS, DOS_CONN_RL_DROP, DOS_REQ_RL_DROP, DOS_REQ_HDR_RL_DROP, DOS_REQ_CUSTOM_RL_DROP, DNS_ATTACK_REFLECTION.
max_value
Integer Maximum number of packets or connections or requests in a given interval of time to be deemed as attack. format: int32
min_value
Integer Minimum number of packets or connections or requests in a given interval of time to be deemed as attack. format: int32

DosThresholdProfile Up

thresh_info (optional)
array[DosThreshold] Attack type, min and max values for DoS attack detection.
thresh_period
Integer Timer value in seconds to collect DoS attack metrics based on threshold on the Service Engine for this Virtual Service. Unit is SEC. format: int32

HTTP2ApplicationProfile Up

http2_initial_window_size (optional)
Integer The initial flow control window size in KB for HTTP/2 streams. Allowed values are 64-32768. Field introduced in 18.2.10, 20.1.1. Unit is KB. format: int32
max_http2_concurrent_streams_per_connection (optional)
Integer The max number of concurrent streams over a client side HTTP/2 connection. Allowed values are 1-256. Field introduced in 18.2.10, 20.1.1. format: int32
max_http2_control_frames_per_connection (optional)
Integer The max number of control frames that client can send over an HTTP/2 connection. '0' means unlimited. Allowed values are 0-10000. Special values are 0- 'Unlimited control frames on a client side HTTP/2 connection'. Field introduced in 18.2.10, 20.1.1. format: int32
max_http2_empty_data_frames_per_connection (optional)
Integer The max number of empty data frames that client can send over an HTTP/2 connection. '0' means unlimited. Allowed values are 0-10000. Special values are 0- 'Unlimited empty data frames over a client side HTTP/2 connection'. Field introduced in 18.2.10, 20.1.1. format: int32
max_http2_header_field_size (optional)
Integer The maximum size in bytes of the compressed request header field. The limit applies equally to both name and value. Allowed values are 1-8192. Field introduced in 18.2.10, 20.1.1. Unit is BYTES. format: int32
max_http2_queued_frames_to_client_per_connection (optional)
Integer The max number of frames that can be queued waiting to be sent over a client side HTTP/2 connection at any given time. '0' means unlimited. Allowed values are 0-10000. Special values are 0- 'Unlimited frames can be queued on a client side HTTP/2 connection'. Field introduced in 18.2.10, 20.1.1. format: int32
max_http2_requests_per_connection (optional)
Integer The maximum number of requests over a client side HTTP/2 connection. Allowed values are 0-10000. Special values are 0- 'Unlimited requests on a client side HTTP/2 connection'. Field introduced in 18.2.10, 20.1.1. format: int32

HTTPApplicationProfile Up

allow_dots_in_header_name (optional)
Boolean Allow use of dot (.) in HTTP header names, for instance Header.app.special PickAppVersionX.
cache_config (optional)
HttpCacheConfig HTTP Caching config to use with this HTTP Profile.
client_body_timeout (optional)
Integer The maximum length of time allowed between consecutive read operations for a client request body. The value '0' specifies no timeout. This setting generally impacts the length of time allowed for a client to send a POST. Allowed values are 0-100000000. Unit is MILLISECONDS. format: int32
client_header_timeout (optional)
Integer The maximum length of time allowed for a client to transmit an entire request header. This helps mitigate various forms of SlowLoris attacks. Allowed values are 10-100000000. Unit is MILLISECONDS. format: int32
client_max_body_size (optional)
Long Maximum size for the client request body. This limits the size of the client data that can be uploaded/posted as part of a single HTTP Request. Default 0 => Unlimited. Unit is KB. format: int64
client_max_header_size (optional)
Integer Maximum size in Kbytes of a single HTTP header in the client request. Allowed values are 1-64. Unit is KB. format: int32
client_max_request_size (optional)
Integer Maximum size in Kbytes of all the client HTTP request headers. Allowed values are 1-256. Unit is KB. format: int32
compression_profile (optional)
CompressionProfile HTTP Compression settings to use with this HTTP Profile.
connection_multiplexing_enabled (optional)
Boolean Allows HTTP requests, not just TCP connections, to be load balanced across servers. Proxied TCP connections to servers may be reused by multiple clients to improve performance. Not compatible with Preserve Client IP.
disable_keepalive_posts_msie6 (optional)
Boolean Disable keep-alive client side connections for older browsers based off MS Internet Explorer 6.0 (MSIE6). For some applications, this might break NTLM authentication for older clients based off MSIE6. For such applications, set this option to false to allow keep-alive connections.
disable_sni_hostname_check (optional)
Boolean Disable strict check between TLS servername and HTTP Host name. Field introduced in 18.2.5.
enable_chunk_merge (optional)
Boolean Enable chunk body merge for chunked transfer encoding response. Field introduced in 18.2.7.
enable_fire_and_forget (optional)
Boolean Enable support for fire and forget feature. If enabled, request from client is forwarded to server even if client prematurely closes the connection. Field introduced in 17.2.4.
enable_request_body_buffering (optional)
Boolean Enable request body buffering for POST requests. If enabled, max buffer size is set to lower of 32M or the value (non-zero) configured in client_max_body_size.
enable_request_body_metrics (optional)
Boolean Enable HTTP request body metrics. If enabled, requests from clients are parsed and relevant statistics about them are gathered. Currently, it processes HTTP POST requests with Content-Type application/x-www-form-urlencoded or multipart/form-data, and adds the number of detected parameters to the l7_client.http_params_count. This is an experimental feature and it may have performance impact. Use it when detailed information about the number of HTTP POST parameters is needed, e.g. for WAF sizing. Field introduced in 18.1.5, 18.2.1.
fwd_close_hdr_for_bound_connections (optional)
Boolean Forward the Connection Close header coming from backend server to the client if connection-switching is enabled, i.e. front-end and backend connections are bound together. Field introduced in 18.2.3.
hsts_enabled (optional)
Boolean Inserts HTTP Strict-Transport-Security header in the HTTPS response. HSTS can help mitigate man-in-the-middle attacks by telling browsers that support HSTS that they should only access this site via HTTPS.
hsts_max_age (optional)
Long Number of days for which the client should regard this virtual service as a known HSTS host. Allowed values are 0-10000. format: int64
hsts_subdomains_enabled (optional)
Boolean Insert the 'includeSubdomains' directive in the HTTP Strict-Transport-Security header. Adding the includeSubdomains directive signals the User-Agent that the HSTS Policy applies to this HSTS Host as well as any subdomains of the host's domain name. Field introduced in 17.2.13, 18.1.4, 18.2.1.
http2_enabled (optional)
Boolean Enable HTTP2 for traffic from clients to the virtual service. Field deprecated in 20.1.1. Field introduced in 18.1.1.
http2_profile (optional)
HTTP2ApplicationProfile Specifies the HTTP/2 specific application profile parameters. Field introduced in 18.2.10, 20.1.1.
http_to_https (optional)
Boolean Client requests received via HTTP will be redirected to HTTPS.
http_upstream_buffer_size (optional)
Integer Size of HTTP buffer in kB. Allowed values are 1-256. Special values are 0- 'Auto compute the size of buffer'. Field introduced in 20.1.1. Unit is KB. format: int32
httponly_enabled (optional)
Boolean Mark HTTP cookies as HTTPonly. This helps mitigate cross site scripting attacks as browsers will not allow these cookies to be read by third parties, such as javascript.
keepalive_header (optional)
Boolean Send HTTP 'Keep-Alive' header to the client. By default, the timeout specified in the 'Keep-Alive Timeout' field will be used unless the 'Use App Keepalive Timeout' flag is set, in which case the timeout sent by the application will be honored.
keepalive_timeout (optional)
Integer The max idle time allowed between HTTP requests over a Keep-alive connection. Allowed values are 10-100000000. Unit is MILLISECONDS. format: int32
max_bad_rps_cip (optional)
Integer Maximum bad requests per second per client IP. Allowed values are 10-1000. Special values are 0- 'unlimited'. format: int32
max_bad_rps_cip_uri (optional)
Integer Maximum bad requests per second per client IP and URI. Allowed values are 10-1000. Special values are 0- 'unlimited'. format: int32
max_bad_rps_uri (optional)
Integer Maximum bad requests per second per URI. Allowed values are 10-1000. Special values are 0- 'unlimited'. format: int32
max_http2_concurrent_streams_per_connection (optional)
Integer The max number of concurrent streams over a client side HTTP/2 connection. Allowed values are 1-256. Field deprecated in 18.2.10, 20.1.1. Field introduced in 18.2.6. format: int32
max_http2_control_frames_per_connection (optional)
Integer The max number of control frames that client can send over an HTTP/2 connection. '0' means unlimited. Allowed values are 0-10000. Special values are 0- 'Unlimited control frames on a client side HTTP/2 connection'. Field deprecated in 18.2.10, 20.1.1. Field introduced in 18.2.6. format: int32
max_http2_empty_data_frames_per_connection (optional)
Integer The max number of empty data frames that client can send over an HTTP/2 connection. '0' means unlimited. Allowed values are 0-10000. Special values are 0- 'Unlimited empty data frames over a client side HTTP/2 connection'. Field deprecated in 18.2.10, 20.1.1. Field introduced in 18.2.6. format: int32
max_http2_queued_frames_to_client_per_connection (optional)
Integer The max number of frames that can be queued waiting to be sent over a client side HTTP/2 connection at any given time. '0' means unlimited. Allowed values are 0-10000. Special values are 0- 'Unlimited frames can be queued on a client side HTTP/2 connection'. Field deprecated in 18.2.10, 20.1.1. Field introduced in 18.2.6. format: int32
max_keepalive_requests (optional)
Integer The max number of HTTP requests that can be sent over a Keep-Alive connection. '0' means unlimited. Allowed values are 0-1000000. Special values are 0- 'Unlimited requests on a connection'. Field introduced in 18.2.5. format: int32
max_response_headers_size (optional)
Integer Maximum size in Kbytes of all the HTTP response headers. Allowed values are 1-256. Unit is KB. format: int32
max_rps_cip (optional)
Integer Maximum requests per second per client IP. Allowed values are 10-1000. Special values are 0- 'unlimited'. format: int32
max_rps_cip_uri (optional)
Integer Maximum requests per second per client IP and URI. Allowed values are 10-1000. Special values are 0- 'unlimited'. format: int32
max_rps_unknown_cip (optional)
Integer Maximum unknown client IPs per second. Allowed values are 10-1000. Special values are 0- 'unlimited'. format: int32
max_rps_unknown_uri (optional)
Integer Maximum unknown URIs per second. Allowed values are 10-1000. Special values are 0- 'unlimited'. format: int32
max_rps_uri (optional)
Integer Maximum requests per second per URI. Allowed values are 10-1000. Special values are 0- 'unlimited'. format: int32
pki_profile_ref (optional)
String Select the PKI profile to be associated with the Virtual Service. This profile defines the Certificate Authority and Revocation List. It is a reference to an object of type PKIProfile.
post_accept_timeout (optional)
Integer The max allowed length of time between a client establishing a TCP connection until Avi receives the first byte of the client's HTTP request. Allowed values are 10-100000000. Unit is MILLISECONDS. format: int32
reset_conn_http_on_ssl_port (optional)
Boolean If enabled, an HTTP request on an SSL port will result in connection close instead of a 400 response. Field introduced in 18.2.6.
respond_with_100_continue (optional)
Boolean Avi will respond with 100-Continue response if Expect 100-Continue header received from client. Field introduced in 17.2.8.
secure_cookie_enabled (optional)
Boolean Mark server cookies with the 'Secure' attribute. Client browsers will not send a cookie marked as secure over an unencrypted connection. If Avi is terminating SSL from clients and passing it as HTTP to the server, the server may return cookies without the secure flag set.
server_side_redirect_to_https (optional)
Boolean When terminating client SSL sessions at Avi, servers may incorrectly send redirect to clients as HTTP. This option will rewrite the server's redirect responses for this virtual service from HTTP to HTTPS.
spdy_enabled (optional)
Boolean This field is deprecated. Field deprecated in 18.2.8.
spdy_fwd_proxy_mode (optional)
Boolean This field is deprecated. Field deprecated in 18.2.8.
ssl_client_certificate_action (optional)
SSLClientCertificateAction Set of match/action rules that govern what happens when the client certificate request is enabled.
ssl_client_certificate_mode (optional)
String Specifies whether the client side verification is set to none, request or require. Enum options - SSL_CLIENT_CERTIFICATE_NONE, SSL_CLIENT_CERTIFICATE_REQUEST, SSL_CLIENT_CERTIFICATE_REQUIRE.
ssl_everywhere_enabled (optional)
Boolean Enable common settings to increase the level of security for virtual services running HTTP and HTTPS. For sites that are HTTP only, these settings will have no effect. Field deprecated in 18.2.7.
use_app_keepalive_timeout (optional)
Boolean Use 'Keep-Alive' header timeout sent by application instead of sending the HTTP Keep-Alive Timeout.
websockets_enabled (optional)
Boolean Enable Websockets proxy for traffic from clients to the virtual service. Connections to this VS start in HTTP mode. If the client requests an Upgrade to Websockets, and the server responds back with success, then the connection is upgraded to WebSockets mode. .
x_forwarded_proto_enabled (optional)
Boolean Insert an X-Forwarded-Proto header in the request sent to the server. When the client connects via SSL, Avi terminates the SSL, and then forwards the requests to the servers via HTTP, so the servers can determine the original protocol via this header. In this example, the value will be 'https'.
xff_alternate_name (optional)
String Provide a custom name for the X-Forwarded-For header sent to the servers.
xff_enabled (optional)
Boolean The client's original IP address is inserted into an HTTP request header sent to the server. Servers may use this address for logging or other purposes, rather than Avi's source NAT address used in the Avi to server IP connection.

HTTPLocalFile Up

content_type
String Mime-type of the content in the file.
file_content
String File content to used in the local HTTP response body.

HTTPRedirectAction Up

host (optional)
URIParam Host config.
keep_query (optional)
Boolean Keep or drop the query of the incoming request URI in the redirected URI.
path (optional)
URIParam Path config.
port (optional)
Integer Port to which redirect the request. Allowed values are 1-65535. format: int32
protocol
String Protocol type. Enum options - HTTP, HTTPS.
status_code (optional)
String HTTP redirect status code. Enum options - HTTP_REDIRECT_STATUS_CODE_301, HTTP_REDIRECT_STATUS_CODE_302, HTTP_REDIRECT_STATUS_CODE_307.

HttpCacheConfig Up

age_header (optional)
Boolean Add an Age header to content served from cache, which indicates to the client the number of seconds the object has been in the cache.
aggressive (optional)
Boolean Enable/disable caching objects without Cache-Control headers.
date_header (optional)
Boolean If a Date header was not added by the server, add a Date header to the object served from cache. This indicates to the client when the object was originally sent by the server to the cache.
default_expire (optional)
Integer Default expiration time of cache objects received from the server without a Cache-Control expiration header. This value may be overwritten by the Heuristic Expire setting. format: int32
enabled (optional)
Boolean Enable/disable HTTP object caching.When enabling caching for the first time, SE Group app_cache_percent must beset to allocate shared memory required for caching (A service engine restart is needed after setting/resetting the SE group value).
heuristic_expire (optional)
Boolean If a response object from the server does not include the Cache-Control header, but does include a Last-Modified header, the system will use this time to calculate the Cache-Control expiration. If unable to solicit an Last-Modified header, then the system will fall back to the Cache Expire Time value.
ignore_request_cache_control (optional)
Boolean Ignore client's cache control headers when fetching or storing from and to the cache. Field introduced in 18.1.2.
max_cache_size (optional)
Long Max size, in bytes, of the cache. The default, zero, indicates auto configuration. format: int64
max_object_size (optional)
Integer Maximum size of an object to store in the cache. format: int32
mime_types_black_group_refs (optional)
array[String] Blacklist string group of non-cacheable mime types. It is a reference to an object of type StringGroup.
mime_types_black_list (optional)
array[String] Blacklist of non-cacheable mime types.
mime_types_group_refs (optional)
array[String] Whitelist string group of cacheable mime types. If both Cacheable Mime Types string list and string group are empty, this defaults to */*. It is a reference to an object of type StringGroup.
mime_types_list (optional)
array[String] Whitelist of cacheable mime types. If both Cacheable Mime Types string list and string group are empty, this defaults to */*.
min_object_size (optional)
Integer Minimum size of an object to store in the cache. format: int32
query_cacheable (optional)
Boolean Allow caching of objects whose URI included a query argument. When disabled, these objects are not cached. When enabled, the request must match the URI query to be considered a hit.
uri_non_cacheable (optional)
PathMatch Non-cacheable URI configuration with match criteria. Field introduced in 18.1.2.
xcache_header (optional)
Boolean Add an X-Cache header to content served from cache, which indicates to the client that the object was served from an intermediate cache.

IpAddr Up

addr
String IP address.
type
String Enum options - V4, DNS, V6.

IpAddrPrefix Up

ip_addr
IpAddr Placeholder for description of property ip_addr of obj type IpAddrPrefix field type str type object
mask
Integer Number of mask. format: int32

IpAddrRange Up

begin
IpAddr Starting IP address of the range.
end
IpAddr Ending IP address of the range.

PathMatch Up

match_case (optional)
String Case sensitivity to use for the matching. Enum options - SENSITIVE, INSENSITIVE.
match_criteria
String Criterion to use for matching the path in the HTTP request URI. Enum options - BEGINS_WITH, DOES_NOT_BEGIN_WITH, CONTAINS, DOES_NOT_CONTAIN, ENDS_WITH, DOES_NOT_END_WITH, EQUALS, DOES_NOT_EQUAL, REGEX_MATCH, REGEX_DOES_NOT_MATCH.
match_str (optional)
array[String] String values.
string_group_refs (optional)
array[String] UUID of the string group(s). It is a reference to an object of type StringGroup.

RateLimiter Up

burst_sz (optional)
Integer Maximum number of connections, requests or packets to be let through instantaneously. If this is less than count, it will have no effect. Allowed values are 0-1000000000. Field introduced in 18.2.9. format: int32
count
Integer Maximum number of connections, requests or packets permitted each period. Allowed values are 1-1000000000. Field introduced in 18.2.9. format: int32
name (optional)
String Identifier for Rate Limit. Constructed according to context. Field introduced in 18.2.9.
period
Integer Time value in seconds to enforce rate count. Allowed values are 1-1000000000. Field introduced in 18.2.9. Unit is SEC. format: int32

RateLimiterAction Up

file (optional)
HTTPLocalFile File to be used for HTTP Local response rate limit action.
redirect (optional)
HTTPRedirectAction Parameters for HTTP Redirect rate limit action.
status_code (optional)
String HTTP status code for Local Response rate limit action. Enum options - HTTP_LOCAL_RESPONSE_STATUS_CODE_200, HTTP_LOCAL_RESPONSE_STATUS_CODE_204, HTTP_LOCAL_RESPONSE_STATUS_CODE_403, HTTP_LOCAL_RESPONSE_STATUS_CODE_404, HTTP_LOCAL_RESPONSE_STATUS_CODE_429, HTTP_LOCAL_RESPONSE_STATUS_CODE_501.
type (optional)
String Type of action to be enforced upon hitting the rate limit. Enum options - RL_ACTION_NONE, RL_ACTION_DROP_CONN, RL_ACTION_RESET_CONN, RL_ACTION_CLOSE_CONN, RL_ACTION_LOCAL_RSP, RL_ACTION_REDIRECT.

RateLimiterProfile Up

client_ip_connections_rate_limit (optional)
RateProfile Rate Limit all connections made from any single client IP address to the Virtual Service.
client_ip_failed_requests_rate_limit (optional)
RateProfile Rate Limit all requests from a client for a specified period of time once the count of failed requests from that client crosses a threshold for that period. Clients are tracked based on their IP address. Count and time period are specified through the RateProfile. Requests are deemed failed based on client or server side error status codes, consistent with how Avi Logs and Metrics subsystems mark failed requests. .
client_ip_requests_rate_limit (optional)
RateProfile Rate Limit all HTTP requests from any single client IP address to all URLs of the Virtual Service.
client_ip_scanners_requests_rate_limit (optional)
RateProfile Automatically track clients and classify them into 3 groups - Good, Bad, Unknown. Clients are tracked based on their IP Address. Clients are added to the Good group when the Avi Scan Detection system builds history of requests from them that complete successfully. Clients are added to Unknown group when there is insufficient history about them. Requests from such clients are rate limited to the rate specified in the RateProfile. Finally, Clients with history of failed requests are added to Bad group and their requests are rate limited with stricter thresholds than the Unknown Clients group. The Avi Scan Detection system automatically tunes itself so that the Good, Bad, and Unknown client IPs group membership changes dynamically with the changes in traffic patterns through the ADC.
client_ip_to_uri_failed_requests_rate_limit (optional)
RateProfile Rate Limit all requests from a client to a URI for a specified period of time once the count of failed requests from that client to the URI crosses a threshold for that period. Clients are tracked based on their IP address. Count and time period are specified through the RateProfile. Requests are deemed failed based on client or server side error status codes, consistent with how Avi Logs and Metrics subsystems mark failed requests. .
client_ip_to_uri_requests_rate_limit (optional)
RateProfile Rate Limit all HTTP requests from any single client IP address to any single URL.
custom_requests_rate_limit (optional)
RateProfile Rate Limit all HTTP requests that map to any custom string. Field introduced in 17.2.13,18.1.3,18.2.1.
http_header_rate_limits (optional)
array[RateProfile] Rate Limit all HTTP requests from all client IP addresses that contain any single HTTP header value. Field introduced in 17.1.1.
uri_failed_requests_rate_limit (optional)
RateProfile Rate Limit all requests to a URI for a specified period of time once the count of failed requests to that URI crosses a threshold for that period. Count and time period are specified through the RateProfile. Requests are deemed failed based on client or server side error status codes, consistent with how Avi Logs and Metrics subsystems mark failed requests. .
uri_requests_rate_limit (optional)
RateProfile Rate Limit all HTTP requests from all client IP addresses to any single URL.
uri_scanners_requests_rate_limit (optional)
RateProfile Automatically track URIs and classify them into 3 groups - Good, Bad, Unknown. URIs are added to the Good group when the Avi Scan Detection system builds history of requests to URIs that complete successfully. URIs are added to Unknown group when there is insufficient history about them. Requests for such URIs are rate limited to the rate specified in the RateProfile. Finally, URIs with history of failed requests are added to Bad group and requests to them are rate limited with stricter thresholds than the Unknown URIs group. The Avi Scan Detection system automatically tunes itself so that the Good, Bad, and Unknown URIs group membership changes dynamically with the changes in traffic patterns through the ADC.

RateProfile Up

action
RateLimiterAction Action to perform upon rate limiting.
burst_sz (optional)
Integer Maximum number of connections or requests or packets to be let through instantaneously. Allowed values are 10-2500. Special values are 0- 'automatic'. Field deprecated in 18.2.9. format: int32
count (optional)
Integer Maximum number of connections or requests or packets. Allowed values are 1-1000000000. Special values are 0- 'unlimited'. Field deprecated in 18.2.9. format: int32
explicit_tracking (optional)
Boolean Explicitly tracks an attacker across rate periods.
fine_grain (optional)
Boolean Enable fine granularity.
http_cookie (optional)
String HTTP cookie name. Field introduced in 17.1.1.
http_header (optional)
String HTTP header name. Field introduced in 17.1.1.
period (optional)
Integer Time value in seconds to enforce rate count. Allowed values are 1-300. Field deprecated in 18.2.9. Unit is SEC. format: int32
rate_limiter (optional)
RateLimiter The rate limiter configuration for this rate profile. Field introduced in 18.2.9.

SSLClientCertificateAction Up

close_connection (optional)
Boolean Placeholder for description of property close_connection of obj type SSLClientCertificateAction field type str type boolean
headers (optional)
array[SSLClientRequestHeader] Placeholder for description of property headers of obj type SSLClientCertificateAction field type str type object

SSLClientRequestHeader Up

request_header (optional)
String If this header exists, reset the connection. If the ssl variable is specified, add a header with this value.
request_header_value (optional)
String Set the request header with the value as indicated by this SSL variable. Eg. send the whole certificate in PEM format. Enum options - HTTP_POLICY_VAR_CLIENT_IP, HTTP_POLICY_VAR_VS_PORT, HTTP_POLICY_VAR_VS_IP, HTTP_POLICY_VAR_HTTP_HDR, HTTP_POLICY_VAR_SSL_CLIENT_FINGERPRINT, HTTP_POLICY_VAR_SSL_CLIENT_SERIAL, HTTP_POLICY_VAR_SSL_CLIENT_ISSUER, HTTP_POLICY_VAR_SSL_CLIENT_SUBJECT, HTTP_POLICY_VAR_SSL_CLIENT_RAW, HTTP_POLICY_VAR_SSL_PROTOCOL, HTTP_POLICY_VAR_SSL_SERVER_NAME, HTTP_POLICY_VAR_USER_NAME, HTTP_POLICY_VAR_SSL_CIPHER, HTTP_POLICY_VAR_REQUEST_ID.

SipServiceApplicationProfile Up

transaction_timeout (optional)
Integer SIP transaction timeout in seconds. Allowed values are 2-512. Field introduced in 17.2.8, 18.1.3, 18.2.1. Unit is SEC. format: int32

TCPApplicationProfile Up

pki_profile_ref (optional)
String Select the PKI profile to be associated with the Virtual Service. This profile defines the Certificate Authority and Revocation List. It is a reference to an object of type PKIProfile. Field introduced in 18.2.3.
proxy_protocol_enabled (optional)
Boolean Enable/Disable the usage of proxy protocol to convey client connection information to the back-end servers. Valid only for L4 application profiles and TCP proxy.
proxy_protocol_version (optional)
String Version of proxy protocol to be used to convey client connection information to the back-end servers. Enum options - PROXY_PROTOCOL_VERSION_1, PROXY_PROTOCOL_VERSION_2.
ssl_client_certificate_mode (optional)
String Specifies whether the client side verification is set to none, request or require. Enum options - SSL_CLIENT_CERTIFICATE_NONE, SSL_CLIENT_CERTIFICATE_REQUEST, SSL_CLIENT_CERTIFICATE_REQUIRE. Field introduced in 18.2.3.

URIParam Up

tokens (optional)
array[URIParamToken] Token config either for the URI components or a constant string.
type
String URI param type. Enum options - URI_PARAM_TYPE_TOKENIZED.

URIParamToken Up

end_index (optional)
Integer Index of the ending token in the incoming URI. Allowed values are 0-65534. Special values are 65535 - 'end of string'. format: int32
start_index (optional)
Integer Index of the starting token in the incoming URI. format: int32
str_value (optional)
String Constant string to use as a token.
type
String Token type for constructing the URI. Enum options - URI_TOKEN_TYPE_HOST, URI_TOKEN_TYPE_PATH, URI_TOKEN_TYPE_STRING, URI_TOKEN_TYPE_STRING_GROUP, URI_TOKEN_TYPE_REGEX.