Try SpotterConfiguration for TCP profile resource.
| "added in version" 2.0.0 of netscaler.adc"
Authors: Sumanth Lingappa (@sumanth-lingappa)
preview | supported by community
Install with ansible-galaxy collection install netscaler.adc:==2.5.1
collections:
- name: netscaler.adc
version: 2.5.1Configuration for TCP profile resource.
---
- name: Sample Playbook
hosts: localhost
gather_facts: false
tasks:
- name: Sample Task | nstcpProfile
delegate_to: localhost
netscaler.adc.nstcpprofile:
state: present
name: tcpprofile-mptcp
mptcp: ENABLED
ka:
choices:
- ENABLED
- DISABLED
description:
- Send periodic TCP keep-alive (KA) probes to check if peer is still up.
type: str
ws:
choices:
- ENABLED
- DISABLED
description:
- Enable or disable window scaling.
type: str
ecn:
choices:
- ENABLED
- DISABLED
description:
- Enable or disable TCP Explicit Congestion Notification.
type: str
mss:
description:
- Maximum number of octets to allow in a TCP data segment.
type: float
fack:
choices:
- ENABLED
- DISABLED
description:
- Enable or disable FACK (Forward ACK).
type: str
frto:
choices:
- ENABLED
- DISABLED
description:
- Enable or disable FRTO (Forward RTO-Recovery).
type: str
name:
description:
- Name for a TCP profile. Must begin with a letter, number, or the underscore \(_\)
character. Other characters allowed, after the first character, are the hyphen \(-\),
period \(.\), hash \(\#\), space \( \), at \(@\), colon \(:\), and equal \(=\) characters.
The name of a TCP profile cannot be changed after it is created.
- ''
- 'CLI Users: If the name includes one or more spaces, enclose the name in double
or single quotation marks \(for example, "my tcp profile" or ''my tcp profile''\).'
type: str
nsip:
description:
- The ip address of the NetScaler ADC appliance where the nitro API calls will be
made.
- The port can be specified with the colon (:). E.g. 192.168.1.1:555.
required: true
type: str
sack:
choices:
- ENABLED
- DISABLED
description:
- Enable or disable Selective ACKnowledgement (SACK).
type: str
dsack:
choices:
- ENABLED
- DISABLED
description:
- Enable or disable DSACK.
type: str
mptcp:
choices:
- ENABLED
- DISABLED
description:
- Enable or disable Multipath TCP.
type: str
nagle:
choices:
- ENABLED
- DISABLED
description:
- Enable or disable the Nagle algorithm on TCP connections.
type: str
state:
choices:
- present
- absent
- unset
default: present
description:
- The state of the resource being configured by the module on the NetScaler ADC node.
- When C(present), the resource will be added/updated configured according to the
module's parameters.
- When C(absent), the resource will be deleted from the NetScaler ADC node.
- When C(unset), the resource will be unset on the NetScaler ADC node.
type: str
wsval:
description:
- Factor used to calculate the new window size.
- This argument is needed only when window scaling is enabled.
type: float
flavor:
choices:
- Default
- Westwood
- BIC
- CUBIC
- Nile
description:
- Set TCP congestion control algorithm.
type: str
minrto:
description:
- Minimum retransmission timeout, in milliseconds, specified in 10-millisecond increments
(value must yield a whole number if divided by 10).
type: float
hystart:
choices:
- ENABLED
- DISABLED
description:
- Enable or disable CUBIC Hystart
type: str
maxcwnd:
description:
- TCP Maximum Congestion Window.
type: float
tcpmode:
choices:
- TRANSPARENT
- ENDPOINT
description:
- TCP Optimization modes C(TRANSPARENT) / C(ENDPOINT).
type: str
tcprate:
description:
- TCP connection payload send rate in Kb/s
type: float
api_path:
default: nitro/v1/config
description:
- Base NITRO API path.
- Define only in case of an ADM service proxy call
type: str
maxburst:
description:
- Maximum number of TCP segments allowed in a burst.
type: float
oooqsize:
description:
- Maximum size of out-of-order packets queue. A value of 0 means no limit.
type: float
rateqmax:
description:
- Maximum connection queue size in bytes, when BurstRateControl is used
type: float
ackonpush:
choices:
- ENABLED
- DISABLED
description:
- Send immediate positive acknowledgement (ACK) on receipt of TCP packets with PUSH
flag.
type: str
rstmaxack:
choices:
- ENABLED
- DISABLED
description:
- Enable or disable acceptance of RST that is out of window yet echoes highest ACK
sequence number. Useful only in proxy mode.
type: str
syncookie:
choices:
- ENABLED
- DISABLED
description:
- Enable or disable the SYNCOOKIE mechanism for TCP handshake with clients. Disabling
SYNCOOKIE prevents SYN attack protection on the Citrix ADC.
type: str
timestamp:
choices:
- ENABLED
- DISABLED
description:
- Enable or Disable TCP Timestamp option (RFC 1323)
type: str
buffersize:
description:
- TCP buffering size, in bytes.
type: float
delayedack:
description:
- Timeout for TCP delayed ACK, in milliseconds.
type: float
nitro_pass:
description:
- The password with which to authenticate to the NetScaler ADC node.
required: false
type: str
nitro_user:
description:
- The username with which to authenticate to the NetScaler ADC node.
required: false
type: str
pktperretx:
description:
- Maximum limit on the number of packets that should be retransmitted on receiving
a partial ACK.
type: float
initialcwnd:
description:
- Initial maximum upper limit on the number of TCP packets that can be outstanding
on the TCP link to the server.
type: float
kamaxprobes:
description:
- Number of keep-alive (KA) probes to be sent when not acknowledged, before assuming
the peer to be down.
type: float
save_config:
default: false
description:
- If C(true) the module will save the configuration on the NetScaler ADC node if it
makes any changes.
- The module will not save the configuration on the NetScaler ADC node if it made
no changes.
type: bool
tcpfastopen:
choices:
- ENABLED
- DISABLED
description:
- Enable or disable TCP Fastopen. When enabled, NS can receive or send Data in SYN
or SYN-ACK packets.
type: str
dupackthresh:
description:
- TCP dupack threshold.
type: float
maxpktpermss:
description:
- Maximum number of TCP packets allowed per maximum segment size (MSS).
type: float
sendbuffsize:
description:
- TCP Send Buffer Size
type: float
spoofsyndrop:
choices:
- ENABLED
- DISABLED
description:
- Enable or disable drop of invalid SYN packets to protect against spoofing. When
disabled, established connections will be reset when a SYN packet is received.
type: str
mpcapablecbit:
choices:
- ENABLED
- DISABLED
description:
- Set C bit in MP-CAPABLE Syn-Ack sent by Citrix ADC
type: str
mptcpfastopen:
choices:
- ENABLED
- DISABLED
description:
- Enable or disable Multipath TCP fastopen. When enabled, DSS data packets are accepted
before receiving the third ack of SYN handshake.
type: str
slowstartincr:
description:
- Multiplier that determines the rate at which slow start increases the size of the
TCP transmission window after each acknowledgement of successful transmission.
type: float
taillossprobe:
choices:
- ENABLED
- DISABLED
description:
- TCP tail loss probe optimizations
type: str
tcpsegoffload:
choices:
- AUTOMATIC
- DISABLED
description:
- Offload TCP segmentation to the NIC. If set to C(AUTOMATIC), TCP segmentation will
be offloaded to the NIC, if the NIC supports it.
type: str
ackaggregation:
choices:
- ENABLED
- DISABLED
description:
- Enable or disable ACK Aggregation.
type: str
kaconnidletime:
description:
- Duration, in seconds, for the connection to be idle, before sending a keep-alive
(KA) probe.
type: float
nitro_protocol:
choices:
- http
- https
default: https
description:
- Which protocol to use when accessing the nitro API objects.
type: str
validate_certs:
default: true
description:
- If C(false), SSL certificates will not be validated. This should only be used on
personally controlled sites using self-signed certificates.
required: false
type: bool
kaprobeinterval:
description:
- Time interval, in seconds, before the next keep-alive (KA) probe, if the peer does
not respond.
type: float
applyadaptivetcp:
choices:
- ENABLED
- DISABLED
description:
- Apply Adaptive TCP optimizations
type: str
burstratecontrol:
choices:
- DISABLED
- FIXED
- DYNAMIC
description:
- TCP Burst Rate Control C(DISABLED)/C(FIXED)/C(DYNAMIC). C(FIXED) requires a TCP
rate to be set.
type: str
nitro_auth_token:
description:
- The authentication token provided by a login operation.
type: str
version_added: 2.6.0
version_added_collection: netscaler.adc
clientiptcpoption:
choices:
- ENABLED
- DISABLED
description:
- Client IP in TCP options
type: str
rstwindowattenuate:
choices:
- ENABLED
- DISABLED
description:
- Enable or disable RST window attenuation to protect against spoofing. When enabled,
will reply with corrective ACK when a sequence number is invalid.
type: str
slowstartthreshold:
description:
- TCP Slow Start Threhsold Value.
type: float
establishclientconn:
choices:
- AUTOMATIC
- CONN_ESTABLISHED
- ON_FIRST_DATA
description:
- Establishing Client Client connection on First data/ Final-ACK / Automatic
type: str
mptcpsessiontimeout:
description:
- MPTCP session timeout in seconds. If this value is not set, idle MPTCP sessions
are flushed after vserver's client idle timeout.
type: float
dropestconnontimeout:
choices:
- ENABLED
- DISABLED
description:
- Silently drop tcp established connections on idle timeout
type: str
tcpfastopencookiesize:
description:
- TCP FastOpen Cookie size. This accepts only even numbers. Odd number is trimmed
down to nearest even number.
type: float
clientiptcpoptionnumber:
description:
- ClientIP TCP Option number
type: float
dynamicreceivebuffering:
choices:
- ENABLED
- DISABLED
description:
- Enable or disable dynamic receive buffering. When enabled, allows the receive buffer
to be adjusted dynamically based on memory and network conditions.
- 'Note: The buffer size argument must be set for dynamic adjustments to take place.'
type: str
mptcpdropdataonpreestsf:
choices:
- ENABLED
- DISABLED
description:
- Enable or disable silently dropping the data on Pre-Established subflow. When enabled,
DSS data packets are dropped silently instead of dropping the connection when data
is received on pre established subflow.
type: str
kaprobeupdatelastactivity:
choices:
- ENABLED
- DISABLED
description:
- Update last activity for the connection after receiving keep-alive (KA) probes.
type: str
sendclientportintcpoption:
choices:
- ENABLED
- DISABLED
description:
- Send Client Port number along with Client IP in TCP-Options. ClientIpTcpOption must
be C(ENABLED)
type: str
drophalfclosedconnontimeout:
choices:
- ENABLED
- DISABLED
description:
- Silently drop tcp half closed connections on idle timeout
type: str
changed:
description: Indicates if any change is made by the module
returned: always
sample: true
type: bool
diff:
description: Dictionary of before and after changes
returned: always
sample:
after:
key2: pqr
before:
key1: xyz
prepared: changes done
type: dict
diff_list:
description: List of differences between the actual configured object and the configuration
specified in the module
returned: when changed
sample:
- 'Attribute `key1` differs. Desired: (<class ''str''>) XYZ. Existing: (<class ''str''>)
PQR'
type: list
failed:
description: Indicates if the module failed or not
returned: always
sample: false
type: bool
loglines:
description: list of logged messages by the module
returned: always
sample:
- message 1
- message 2
type: list