Manual Chapter : Other Profiles

Applies To:

Show Versions Show Versions


  • 11.2.1


  • 11.2.1
Manual Chapter
For each profile type, Local Traffic Manager provides a pre-configured profile with default settings. In most cases, you can use these default profiles as is. If you want to change these settings, you can configure profile settings when you create a profile, or after profile creation by modifying the profiles settings.
To configure and manage these profiles, log in to the BIG-IP Configuration utility, and on the Main tab, expand Local Traffic, and click Other.
The OneConnect profile is a configuration tool for enabling connection pooling on a BIG-IP system. Connection pooling optimizes the way that the BIG-IP system handles connections. When connection pooling is enabled on a BIG-IP system, client requests can utilize existing, server-side connections, thus reducing the number of server-side connections that a server must open to service those requests.
For example, when a client makes a new connection to a BIG-IP virtual server configured with a OneConnect profile, the BIG-IP parses the HTTP request, selects a server using the load-balancing method defined in the pool, and creates a connection to that server. When the client's initial HTTP request is complete, the BIG-IP system temporarily holds the connection open, and makes the idle TCP connection to the pool member available for reuse. If the virtual server references a SNAT, address translation is performed on the client IP address prior to the creation of the server-side connection. The reuse eligibility of open connections with SNAT is based on the translated source address.
The BIG-IP system can pool connections from multiple virtual servers if those virtual servers reference the same OneConnect profile and the same pool.
Important: To enable connection pooling, you must also enable a related feature known as the OneConnect Transformations feature. You enable this feature from within an HTTP profile. The OneConnect Transformations HTTP profile setting applies to HTTP/1.0 connections, and when enabled, causes the system to transform the value of the Connection header in an HTTP request to Keep-Alive, to keep the connection open.
The standard address translation mechanism on the BIG-IP system translates only the destination IP address in a request and not the source IP address (that is, the client nodes IP address). However, when the OneConnect feature is enabled, allowing multiple client nodes to re-use a server-side connection, the source IP address in the header of each client nodes request is always the IP address of the specific client node that initiated the server-side connection. Although this does not affect traffic flow, you might see evidence of this when viewing certain types of system output.
Table 13.1 lists and describes the settings of a OneConnect profile type.
This setting specifies the profile that you want to use as the parent profile. Your new profile inherits all non-custom settings and values from the parent profile specified.
The BIG-IP system applies the value of this setting to the server-side source address to determine its eligibility for reuse. A mask of 0 causes the BIG-IP system to share reused connections across all source addresses. A host mask of /32 (that is, all 1 values in binary) causes the BIG-IP system to share only those reused connections originating from the same source address. When you are using a SNAT or SNAT pool, the server-side source address is translated first and then the OneConnect mask is applied to the translated address.
The setting defines the maximum number of connections that the BIG-IP system holds in the connection reuse pool. If the pool is already full, then a server-side connection closes after the response is completed.
This setting defines the maximum number of seconds allowed for a connection in the connection re-use pool. For any connection with an age higher than this value, the BIG-IP system removes that connection from the re-use pool.
This setting specifies the maximum number of times that a server-side connection can be re-used.
This setting specifies the number of seconds that a connection is idle before the connection flow is eligible for deletion. You can use this setting to increase the timeout value for connections once they are pooled for re-use. Possible values are Disabled, Indefinite, or Specify (a numeric value that you specify).
The SIP OneConnect feature allows connection flow reuse between inbound and outbound virtual servers for UDP connections. This feature addresses common SIP client behavior where source and destination ports are both 5060.
Unlike other OneConnect profiles, the SIP OneConnect profile is activated through SIP protocol settings on the BIG-IP system. See Activating SIP OneConnect for activation information.
NT Lan Manager (NTLM) is an industry-standard technology that uses an encrypted challenge/response protocol to authenticate a user without sending the user's password over the network. Instead, the system requesting authentication performs a calculation to prove that the system has access to the secured NTLM credentials. NTLM credentials are based on data such as the domain name and user name, obtained during the interactive logon process.
The NTLM profile within BIG-IP Local Traffic Manager optimizes network performance when the system is processing NT LAN Manager traffic. When both an NTLM profile and a OneConnect profile are associated with a virtual server, the local traffic management system can take advantage of server-side connection pooling for NTLM connections.
Table 13.2 lists and describes the settings of an NTLM profile type.
This setting specifies the profile that you want to use as the parent profile. Your new profile inherits all non-custom settings and values from the parent profile specified.
Specifies a cookie passphrase that the system inserts in the cookie. The default is blank, indicating that no passphrase is inserted.
The Statistics profile provides user-defined statistical counters. Each profile contains 32 settings (Field1 through Field32), which define named counters. Using a Tcl-based iRule command, you can use the names to manipulate the counters while processing traffic.
For example, you can create a profile named my_stats, which assigns the counters tot_users, cur_users, and max_users to the profile settings Field1, Field2, and Field3 respectively. You can then write an iRule named track_users, and then assign the my_stats profile and the track_users iRule to a virtual server named stats-1. Figure 13.1 shows this configuration.
In this example, the counter tot_users counts the total number of connections, the counter cur_users counts the current number of connections, and the counter max_users retains the largest value of the counter cur_users.
Note that list types are case-sensitive for pattern strings. For example, the system treats the pattern string differently from the pattern string You can override this case sensitivity by using the Linux regexp command.
Table 13.3 lists and describes the settings of a Stream profile type.
This setting specifies the profile that you want to use as the parent profile. Your new profile inherits all non-custom settings and values from the parent profile specified.
A request logging profile gives you the ability to configure data within a log file for HTTP requests and responses, according to parameters that you specify.
For more information, see the guide titled BIG-IP® Local Traffic ManagerTM: Implementations or BIG-IP® TMOS® : Implementations.