Traffic Management Shell (tmsh)Reference Guide

version 11.3.0

MAN-0306-04

Product VersionThis manual applies to version 11.3.0 of the BIG-IP product family.

Publication DateThis manual was published on November 14, 2012.

Legal Notices

CopyrightCopyright 11/14/12, F5 Networks, Inc. All rights reserved.

F5 Networks, Inc. (F5) believes the information it furnishes to be accurate and reliable. However, F5assumes no responsibility for the use of this information, nor any infringement of patents or other rights ofthird parties which may result from its use. No license is granted by implication or otherwise under anypatent, copyright, or other intellectual property right of F5 except as specifically described by applicableuser licenses. F5 reserves the right to change specifications at any time without notice.

TrademarksAccess Policy Manager, Advanced Client Authentication, Advanced Routing, APM, Application SecurityManager, ARX, AskF5, ASM, BIG-IP, BIG-IQ, Cloud Extender, CloudFucious, Cloud Manager,Clustered Multiprocessing, CMP, COHESION, Data Manager, DevCentral, DevCentral [DESIGN], DNSExpress, DSC, DSI, Edge Client, Edge Gateway, Edge Portal, ELEVATE, EM, Enterprise Manager,ENGAGE, F5, F5 [DESIGN], F5 Management Pack, F5 Networks, F5 World, Fast Application Proxy,Fast Cache, FirePass, Global Traffic Manager, GTM, GUARDIAN, IBR, Intelligent Browser Referencing,Intelligent Compression, IPv6 Gateway, iApps, iControl, iHealth, iQuery, iRules, iRules OnDemand,iSession, IT agility. Your way., L7 Rate Shaping, LC, Link Controller, Local Traffic Manager, LTM,Message Security Module, MSM, OneConnect, OpenBloX, OpenBloX [DESIGN], Packet Velocity,Policy Enforcement Manager, PEM, Protocol Security Module, PSM, Real Traffic Policy Builder, RosettaDiameter Gateway, ScaleN, Signaling Delivery Controller, SDC, SSL Acceleration, StrongBox,SuperVIP, SYN Check, TCP Express, TDR, TMOS, Traffic Management Operating System, TraffixDiameter Load Balancer, Traffix Systems, Traffix Systems (DESIGN), Transparent Data Reduction,UNITY, VAULT, VIPRION, vCMP, virtual Clustered Multiprocessing, WA, WAN OptimizationManager, WebAccelerator, WOM, and ZoneRunner, are trademarks or service marks of F5 Networks, Inc.,in the U.S. and other countries, and may not be used without F5's express written consent.

All other product and company names herein may be trademarks of their respective owners.

Export Regulation NoticeThis product may include cryptographic software. Under the Export Administration Act, the United Statesgovernment may consider it a criminal offense to export this product from the United States.

RF Interference WarningThis is a Class A product. In a domestic environment this product may cause radio interference, in whichcase the user may be required to take adequate measures.

FCC ComplianceThis equipment has been tested and found to comply with the limits for a Class A digital device pursuantto Part 15 of FCC rules. These limits are designed to provide reasonable protection against harmfulinterference when the equipment is operated in a commercial environment. This unit generates, uses, andcan radiate radio frequency energy and, if not installed and used in accordance with the instruction manual,may cause harmful interference to radio communications. Operation of this equipment in a residential areais likely to cause harmful interference, in which case the user, at his own expense, will be required to takewhatever measures may be required to correct the interference.

TMSH Reference i

Any modifications to this device, unless expressly approved by the manufacturer, can void the user'sauthority to operate this equipment under part 15 of the FCC rules.

Canadian Regulatory ComplianceThis class A digital apparatus complies with Canadian I CES-003.

Standards ComplianceThis product conforms to the IEC, European Union, ANSI/UL and Canadian CSA standards applicable toInformation Technology products at the time of manufacture.

AcknowledgmentsThis product includes software developed by Bill Paul.

This product includes software developed by Jonathan Stone.

This product includes software developed by Manuel Bouyer.

This product includes software developed by Paul Richards.

This product includes software developed by the NetBSD Foundation, Inc. and its contributors.

This product includes software developed by the Politecnico di Torino, and its contributors.

This product includes software developed by the Swedish Institute of Computer Science and itscontributors.

This product includes software developed by the University of California, Berkeley and its contributors.

This product includes software developed by the Computer Systems Engineering Group at the LawrenceBerkeley Laboratory.

This product includes software developed by Christopher G. Demetriou for the NetBSD Project.

This product includes software developed by Adam Glass.

This product includes software developed by Christian E. Hopps.

This product includes software developed by Dean Huxley.

This product includes software developed by John Kohl.

This product includes software developed by Paul Kranenburg.

This product includes software developed by Terrence R. Lambert.

This product includes software developed by Philip A. Nelson.

This product includes software developed by Herb Peyerl.

This product includes software developed by Jochen Pohl for the NetBSD Project.

This product includes software developed by Chris Provenzano.

This product includes software developed by Theo de Raadt.

This product includes software developed by David Muir Sharnoff.

This product includes software developed by SigmaSoft, Th. Lockert.

This product includes software developed for the NetBSD Project by Jason R. Thorpe.

This product includes software developed by Jason R. Thorpe for And Communications,http://www.and.com.

This product includes software developed for the NetBSD Project by Frank Van der Linden.

This product includes software developed for the NetBSD Project by John M. Vinopal.

This product includes software developed by Christos Zoulas.

This product includes software developed by the University of Vermont and State Agricultural College andGarrett A. Wollman.

This product includes software developed by Balazs Scheidler (bazsi@balabit.hu), which is protectedunder the GNU Public License.

This product includes software developed by Niels Mueller (nisse@lysator.liu.se), which is protectedunder the GNU Public License.

In the following statement,This softwarerefers to the Mitsumi CD-ROM driver: This software wasdeveloped by Holger Veit and Brian Moore for use with 386BSD and similar operating systems.Similaroperating systemsincludes mainly non-profit oriented systems for research and education, including butnot restricted to NetBSD, FreeBSD, Mach (by CMU).

This product includes software developed by the Apache Group for use in the Apache HTTP server project(http://www.apache.org/).

ii

This product includes software licensed from Richard H. Porter under the GNU Library General PublicLicense ( 1998, Red Hat Software), www.gnu.org/copyleft/lgpl.html.

This product includes the standard version of Perl software licensed under the Perl Artistic License (1997, 1998 Tom Christiansen and Nathan Torkington). All rights reserved. You may find the most currentstandard version of Perl at http://www.perl.com.

This product includes software developed by Jared Minch.

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit(http://www.openssl.org/).

This product includes cryptographic software written by Eric Young (eay@cryptsoft.com).

This product contains software based on oprofile, which is protected under the GNU Public License.

This product includes RRDtool software developed by Tobi Oetiker (http://www.rrdtool.com/index.html)and licensed under the GNU General Public License.

This product contains software licensed from Dr. Brian Gladman under the GNU General Public License(GPL).

This product includes software developed by the Apache Software Foundation (http://www.apache.org/).

This product includes Hypersonic SQL.

This product contains software developed by the Regents of the University of California, SunMicrosystems, Inc., Scriptics Corporation, and others.

This product includes software developed by the Internet Software Consortium.

This product includes software developed by Nominum, Inc. (http://www.nominum.com).

This product contains software developed by Broadcom Corporation, which is protected under the GNUPublic License.

This product contains software developed by MaxMind LLC, and is protected under the GNU LesserGeneral Public License, as published by the Free Software Foundation.

This product includes software licensed from Gerald Combs (gerald@wireshark.org) under the GNUGeneral Public License as published by the Free Software Foundation; either version 2 of the License, orany later version. Copyright 1998 Gerald Combs.

This product includes software developed by Thomas Williams and Colin Kelley. Copyright 1986 -1993, 1998, 2004, 2007

Permission to use, copy, and distribute this software and its documentation for any purpose with or withoutfee is hereby granted, provided that the above copyright notice appear in all copies and that both thatcopyright notice and this permission notice appear in supporting documentation. Permission to modify thesoftware is granted, but not the right to distribute the complete modified source code. Modifications are tobe distributed as patches to the released version. Permission to distribute binaries produced by compilingmodified sources is granted, provided you

1. distribute the corresponding source modifications from the released version in the form of a patch filealong with the binaries,

2. add special version identification to distinguish your version in addition to the base release versionnumber,

3. provide your name and address as the primary contact for the support of your modified version, and

4. retain our contact information in regard to use of the base software.

Permission to distribute the released version of the source code along with corresponding sourcemodifications in the form of a patch file is granted with same provisions 2 through 4 for binarydistributions. This software is provided "as is" without express or implied warranty to the extent permittedby applicable law.

source code distributions include the above copyright notice, this list of conditions and the followingdisclaimer;

binary distributions include the above copyright notice, this list of conditions and the followingdisclaimer in their documentation.

This software is provided as is with no explicit or implied warranties in respect of its operation,including, but not limited to, correctness and fitness for purpose.

This product contains software developed by Google, Inc. Copyright 2011 Google, Inc.

TMSH Reference iii

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associateddocumentation files (the "Software"), to deal in the Software without restriction, including withoutlimitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of theSoftware, and to permit persons to whom the Software is furnished to do so, subject to the followingconditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portionsof the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS ORIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALLTHE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OROTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHERDEALINGS IN THE SOFTWARE.

Redistributions of source code must retain the above copyright notice, this list of conditions and thefollowing disclaimer.

Redistributions in binary form must reproduce the above copyright notice, this list of conditions andthe following disclaimer in the documentation and/or other materials provided with the distribution.

Neither the name of Google Inc. nor the names of its contributors may be used to endorse or promoteproducts derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THEIMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULARPURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER ORCONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OROTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IFADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

iv

Table of Contents

Table of Contents

1Introducing the Traffic Management Shell

About the Traffic Management Shell ......................................................................................... 1-1Additional command line utilities and tools ............................................................................. 1-2Basic syntax conventions .............................................................................................................. 1-3

2Understanding and Using the Traffic Management Shell

Understanding the structure of tmsh ........................................................................................ 2-1Using tmsh ....................................................................................................................................... 2-2

Loading and saving the system configuration .................................................................. 2-2Working within the tmsh hierarchy ................................................................................. 2-3Using the scripting feature .................................................................................................. 2-6Using the command completion feature ......................................................................... 2-6Using the help feature .......................................................................................................... 2-8Using the context-sensitive help feature ......................................................................... 2-9Interrupting a command ...................................................................................................... 2-9Entering multiple commands ............................................................................................ 2-10Using the command glob feature .................................................................................... 2-10Using the command audit feature ................................................................................... 2-14Using the command aliases feature ................................................................................. 2-16Using the wildcard search feature ................................................................................... 2-18Using the statistics feature ................................................................................................ 2-18Using grep functionality in tmsh to filter output ......................................................... 2-21Creating batch mode transactions .................................................................................. 2-22Controlling tmsh ................................................................................................................. 2-23

Introduction to command syntax ............................................................................................. 2-26

3Global Commands

Introducing global commands ...................................................................................................... 3-1Alphabetical list of global commands ......................................................................................... 3-1cd ....................................................................................................................................................... 3-2cp ....................................................................................................................................................... 3-4create ................................................................................................................................................ 3-5delete ................................................................................................................................................ 3-6edit ..................................................................................................................................................... 3-7exit ..................................................................................................................................................... 3-9generate .......................................................................................................................................... 3-10help .................................................................................................................................................. 3-11install ............................................................................................................................................... 3-13list .................................................................................................................................................... 3-14load .................................................................................................................................................. 3-17modify ............................................................................................................................................. 3-18mv .................................................................................................................................................... 3-20publish ............................................................................................................................................. 3-21pwd .................................................................................................................................................. 3-22quit ................................................................................................................................................... 3-23reboot ............................................................................................................................................. 3-24reset-stats ...................................................................................................................................... 3-26restart ............................................................................................................................................. 3-28run ................................................................................................................................................... 3-29save .................................................................................................................................................. 3-32send-mail ........................................................................................................................................ 3-33

TMSH Reference iii

Table of Contents

show ................................................................................................................................................ 3-34start ................................................................................................................................................. 3-38stop .................................................................................................................................................. 3-39submit ............................................................................................................................................. 3-40time .................................................................................................................................................. 3-41tmsh ................................................................................................................................................. 3-44.......................................................................................................................................................... 3-52

4analytics Module Components

Introducing the analytics module ................................................................................................ 4-1Alphabetical list of components .................................................................................................. 4-1report ................................................................................................................................................ 4-2............................................................................................................................................................ 4-8

5analytics app.-security Module Components

Introducing the analytics application-security module .......................................................... 5-1Alphabetical list of components .................................................................................................. 5-1report ................................................................................................................................................ 5-2scheduled-report ............................................................................................................................ 5-7.......................................................................................................................................................... 5-10

6analytics dns Module Components

Introducing the analytics dns module ........................................................................................ 6-1Alphabetical list of components .................................................................................................. 6-1report ................................................................................................................................................ 6-2............................................................................................................................................................ 6-6

7analytics dns-dos Module Components

Introducing the analytics dns-dos module ................................................................................ 7-1Alphabetical list of components .................................................................................................. 7-1report ................................................................................................................................................ 7-2............................................................................................................................................................ 7-6

8analytics dns-protocol Module Components

Introducing the analytics dns-protocol module ...................................................................... 8-1Alphabetical list of components .................................................................................................. 8-1report ................................................................................................................................................ 8-2............................................................................................................................................................ 8-6

9analytics dos-l3 Module Components

Introducing the analytics dos-l3 module ................................................................................... 9-1Alphabetical list of components .................................................................................................. 9-1report ................................................................................................................................................ 9-2............................................................................................................................................................ 9-6

iv

Table of Contents

10analytics dos-l7 Module Components

Introducing the analytics dos-l7 module ................................................................................. 10-1Alphabetical list of components ................................................................................................ 10-1report .............................................................................................................................................. 10-2.......................................................................................................................................................... 10-6

11analytics http Module Components

Introducing the analytics http module ..................................................................................... 11-1Alphabetical list of components ................................................................................................ 11-1report .............................................................................................................................................. 11-2.......................................................................................................................................................... 11-8

12analytics network Module Components

Introducing the analytics network module ............................................................................ 12-1Alphabetical list of components ................................................................................................ 12-1report .............................................................................................................................................. 12-2.......................................................................................................................................................... 12-7

13analytics protocol-sec. Module Components

Introducing the analytics protocol-security module ............................................................ 13-1Alphabetical list of components ................................................................................................ 13-1report .............................................................................................................................................. 13-2.......................................................................................................................................................... 13-6

14apm Module Components

Introducing the apm module ..................................................................................................... 14-1Alphabetical list of components ................................................................................................ 14-1acl ..................................................................................................................................................... 14-2.......................................................................................................................................................... 14-6

15apm aaa Module Components

Introducing the apm aaa module .............................................................................................. 15-1Alphabetical list of components ................................................................................................ 15-1active-directory ............................................................................................................................ 15-2crldp ................................................................................................................................................ 15-5http .................................................................................................................................................. 15-8kerberos .......................................................................................................................................15-11kerberos-keytab-file ...................................................................................................................15-13ldap ................................................................................................................................................15-15oam ................................................................................................................................................15-18ocsp ...............................................................................................................................................15-22radius .............................................................................................................................................15-26securid ..........................................................................................................................................15-29tacacs .............................................................................................................................................15-31......................................................................................................................... 15-34

TMSH Reference v

Table of Contents

16apm epsec Module Components

Introducing the apm epsec module .......................................................................................... 16-1Alphabetical list of components ................................................................................................ 16-1epsec-package ............................................................................................................................... 16-2software-status ............................................................................................................................. 16-4........................................................................................................................... 16-5

17apm ntlm Module Components

Introducing the apm ntlm module ............................................................................................ 17-1Alphabetical list of components ................................................................................................ 17-1machine-account ........................................................................................................................... 17-2ntlm-auth ........................................................................................................................................ 17-5........................................................................................................................... 17-7

18apm policy Module Components

Introducing the apm policy module ......................................................................................... 18-1Alphabetical list of components ................................................................................................ 18-1access-policy .................................................................................................................................. 18-2customization-group .................................................................................................................... 18-3image-file ........................................................................................................................................ 18-4policy-item ..................................................................................................................................... 18-5windows-group-policy-file .......................................................................................................... 18-6........................................................................................................................... 18-7

19apm policy agent Module Components

Introducing the apm policy agent module .............................................................................. 19-1Alphabetical list of components ................................................................................................ 19-1aaa-active-directory ..................................................................................................................... 19-2aaa-client-cert ............................................................................................................................... 19-5aaa-crldp ......................................................................................................................................... 19-7aaa-http ........................................................................................................................................... 19-9aaa-ldap .........................................................................................................................................19-11aaa-ocsp ........................................................................................................................................19-14aaa-radius .....................................................................................................................................19-16aaa-securid ...................................................................................................................................19-18acct-radius ....................................................................................................................................19-20acct-tacacsplus ............................................................................................................................19-22decision-box ................................................................................................................................19-24dynamic-acl ..................................................................................................................................19-26ending-allow .................................................................................................................................19-28ending-deny .................................................................................................................................19-30ending-redirect ...........................................................................................................................19-32endpoint-check-av ......................................................................................................................19-34endpoint-check-fw .....................................................................................................................19-37endpoint-linux-check-file ..........................................................................................................19-40endpoint-linux-check-process .................................................................................................19-43endpoint-mac-check-file ...........................................................................................................19-45endpoint-mac-check-process ..................................................................................................19-48endpoint-windows-browser-cache-cleaner ..........................................................................19-50

vi

Table of Contents

endpoint-windows-check-file ..................................................................................................19-53endpoint-windows-check-machine-cert ................................................................................19-56endpoint-windows-check-process ..........................................................................................19-59endpoint-windows-check-registry ..........................................................................................19-61endpoint-windows-group-policy .............................................................................................19-64endpoint-windows-info-os .......................................................................................................19-66endpoint-windows-machine-info ............................................................................................19-68endpoint-windows-protected-workspace ............................................................................19-70external-logon-page ...................................................................................................................19-72irule-event ....................................................................................................................................19-74kerberos .......................................................................................................................................19-76logging ...........................................................................................................................................19-78logon-page ....................................................................................................................................19-80message-box ................................................................................................................................19-84oam ................................................................................................................................................19-86resource-assign ...........................................................................................................................19-88route-domain-selection ............................................................................................................19-90tacacsplus .....................................................................................................................................19-92variable-assign .............................................................................................................................19-94......................................................................................................................... 19-97

20apm profile Module Components

Introducing the apm profile module ........................................................................................ 20-1Alphabetical list of components ................................................................................................ 20-1access .............................................................................................................................................. 20-2connectivity ................................................................................................................................... 20-8remote-desktop ..........................................................................................................................20-13rewrite ..........................................................................................................................................20-14......................................................................................................................... 20-17

21apm resource Module Components

Introducing the apm resource module ................................................................................... 21-1Alphabetical list of components ................................................................................................ 21-1app-tunnel ...................................................................................................................................... 21-2client-rate-class ............................................................................................................................. 21-5client-traffic-classifier ................................................................................................................... 21-8ipv6-leasepool .............................................................................................................................21-11leasepool ......................................................................................................................................21-13network-access ...........................................................................................................................21-15portal-access ................................................................................................................................21-23webtop ..........................................................................................................................................21-26webtop-link ..................................................................................................................................21-29......................................................................................................................... 21-31

22apm resource remote-desktop Module Components

Introducing the apm resource remote-desktop module .................................................... 22-1Alphabetical list of components ................................................................................................ 22-1citrix ................................................................................................................................................ 22-2citrix-client-bundle ....................................................................................................................... 22-5citrix-client-package-file .............................................................................................................. 22-7

TMSH Reference vii

Table of Contents

rdp ................................................................................................................................................... 22-9......................................................................................................................... 22-14

23apm sso Module Components

Introducing the apm sso module .............................................................................................. 23-1Alphabetical list of components ................................................................................................ 23-1basic ................................................................................................................................................. 23-2form-based ..................................................................................................................................... 23-5form-basedv2 ................................................................................................................................. 23-9kerberos .......................................................................................................................................23-18ntlmv1 ...........................................................................................................................................23-22ntlmv2 ...........................................................................................................................................23-25......................................................................................................................... 23-28

24asm Module Components

Introducing the asm module ...................................................................................................... 24-1Alphabetical list of components ................................................................................................ 24-1device-sync ..................................................................................................................................... 24-2http-method .................................................................................................................................. 24-3httpclass-asm ................................................................................................................................. 24-5policy ............................................................................................................................................... 24-7predefined-policy ........................................................................................................................24-11response-code ............................................................................................................................24-12webapp-language ........................................................................................................................24-13......................................................................................................................... 24-14

25auth Module Components

Introducing the auth module ..................................................................................................... 25-1Alphabetical list of components ................................................................................................ 25-1cert-ldap ......................................................................................................................................... 25-2ldap .................................................................................................................................................. 25-7login-failures ................................................................................................................................25-12partition ........................................................................................................................................25-14password ......................................................................................................................................25-16password-policy ..........................................................................................................................25-17radius .............................................................................................................................................25-20radius-server ...............................................................................................................................25-23remote-role .................................................................................................................................25-26remote-user .................................................................................................................................25-30source ...........................................................................................................................................25-32tacacs .............................................................................................................................................25-34user ................................................................................................................................................25-38........................................................................................................................................................25-41

26cli Module Components

Introducing the cli module ......................................................................................................... 26-1Alphabetical list of components ................................................................................................ 26-1admin-partitions ............................................................................................................................ 26-2global-settings ................................................................................................................................ 26-3

viii

Table of Contents

history ............................................................................................................................................. 26-5preference ...................................................................................................................................... 26-6script .............................................................................................................................................26-12transaction ...................................................................................................................................26-28......................................................................................................................... 26-31

27cli alias Module Components

Introducing the cli alias module ................................................................................................ 27-1Alphabetical list of components ................................................................................................ 27-1private ............................................................................................................................................. 27-2shared ............................................................................................................................................. 27-5........................................................................................................................... 27-8

28cm Module Components

Introducing the cm module ....................................................................................................... 28-1Alphabetical list of components ................................................................................................ 28-1cert .................................................................................................................................................. 28-2config-sync ..................................................................................................................................... 28-5device .............................................................................................................................................. 28-7device-group ................................................................................................................................28-11failover-status ..............................................................................................................................28-14key .................................................................................................................................................28-15sniff-updates .................................................................................................................................28-18sync-status ...................................................................................................................................28-19traffic-group .................................................................................................................................28-20trust-domain ................................................................................................................................28-23watch-devicegroup-device ........................................................................................................28-26watch-sys-device .........................................................................................................................28-28watch-trafficgroup-device .........................................................................................................28-30......................................................................................................................... 28-32

29gtm Module Components

Introducing the gtm module ...................................................................................................... 29-1Alphabetical list of components ................................................................................................ 29-1datacenter ...................................................................................................................................... 29-2distributed-app .............................................................................................................................. 29-5iquery .............................................................................................................................................. 29-9ldns ................................................................................................................................................29-10link .................................................................................................................................................29-11listener ..........................................................................................................................................29-16path ................................................................................................................................................29-19persist ...........................................................................................................................................29-20pool ...............................................................................................................................................29-22prober-pool .................................................................................................................................29-34region ............................................................................................................................................29-37rule ................................................................................................................................................29-40server ............................................................................................................................................29-43topology .......................................................................................................................................29-50traffic .............................................................................................................................................29-53wideip ............................................................................................................................................29-54

TMSH Reference ix

Table of Contents

......................................................................................................................... 29-59

30gtm global-settings Module Components

Introducing the gtm global-settings module ........................................................................... 30-1Alphabetical list of components ................................................................................................ 30-1general ............................................................................................................................................ 30-2load-balancing ................................................................................................................................ 30-6metrics ............................................................................................................................................ 30-8metrics-exclusions .....................................................................................................................30-11......................................................................................................................... 30-13

31gtm monitor Module Components

Introducing the gtm monitor module ...................................................................................... 31-1Alphabetical list of components ................................................................................................ 31-1bigip ................................................................................................................................................. 31-2bigip-link ......................................................................................................................................... 31-6external ........................................................................................................................................... 31-9firepass ..........................................................................................................................................31-12ftp ...................................................................................................................................................31-16gateway-icmp ...............................................................................................................................31-20http ................................................................................................................................................31-23https ..............................................................................................................................................31-27imap ...............................................................................................................................................31-31ldap ................................................................................................................................................31-35mssql .............................................................................................................................................31-39mysql .............................................................................................................................................31-43nntp ...............................................................................................................................................31-47oracle ............................................................................................................................................31-51pop3 ..............................................................................................................................................31-55postgresql .....................................................................................................................................31-58radius .............................................................................................................................................31-62radius-accounting .......................................................................................................................31-66real-server ....................................................................................................................................31-70scripted .........................................................................................................................................31-73sip ...................................................................................................................................................31-76smtp ...............................................................................................................................................31-81snmp ..............................................................................................................................................31-84snmp-link ......................................................................................................................................31-88soap ...............................................................................................................................................31-92tcp ..................................................................................................................................................31-96tcp-half-open ............................................................................................................................ 31-100udp .............................................................................................................................................. 31-103wap ............................................................................................................................................. 31-107wmi ............................................................................................................................................. 31-111....................................................................................................................... 31-114

32ltm Module Components

Introducing the ltm module ....................................................................................................... 32-1Alphabetical list of components ................................................................................................ 32-1default-node-monitor .................................................................................................................. 32-2

x

Table of Contents

ifile ................................................................................................................................................... 32-4lsn-pool ........................................................................................................................................... 32-6nat ..................................................................................................................................................32-10node ..............................................................................................................................................32-13pool ...............................................................................................................................................32-17rule ................................................................................................................................................32-28snat ................................................................................................................................................32-32snat-translation ...........................................................................................................................32-36snatpool ........................................................................................................................................32-39traffic-class ...................................................................................................................................32-41virtual ............................................................................................................................................32-44virtual-address .............................................................................................................................32-56......................................................................................................................... 32-60

33ltm auth Module Components

Introducing the ltm auth module .............................................................................................. 33-1Alphabetical list of components ................................................................................................ 33-1crldp-server ................................................................................................................................... 33-2kerberos-delegation ..................................................................................................................... 33-5ldap .................................................................................................................................................. 33-8ocsp-responder ...........................................................................................................................33-13profile ............................................................................................................................................33-18radius .............................................................................................................................................33-21radius-server ...............................................................................................................................33-24ssl-cc-ldap .....................................................................................................................................33-27ssl-crldp ........................................................................................................................................33-32ssl-ocsp .........................................................................................................................................33-35tacacs .............................................................................................................................................33-38......................................................................................................................... 33-41

34ltm classification Module Components

Introducing the ltm classification module ............................................................................... 34-1Alphabetical list of components ................................................................................................ 34-1application ...................................................................................................................................... 34-2category .......................................................................................................................................... 34-5signature-update-schedule .......................................................................................................... 34-7signature-version .......................................................................................................................... 34-9update-signatures .......................................................................................................................34-11......................................................................................................................... 34-12

35ltm data-group Module Components

Introducing the ltm data-group module .................................................................................. 35-1Alphabetical list of components ................................................................................................ 35-1external ........................................................................................................................................... 35-2internal ............................................................................................................................................ 35-6........................................................................................................................... 35-9

36ltm dns analytics Module Components

Introducing the ltm dns analytics module ............................................................................... 36-1

TMSH Reference xi

Table of Contents

Alphabetical list of components ................................................................................................ 36-1global-settings ................................................................................................................................ 36-2........................................................................................................................... 36-4

37ltm dns cache Module Components

Introducing the ltm dns cache module .................................................................................... 37-1Alphabetical list of components ................................................................................................ 37-1global-settings ................................................................................................................................ 37-2resolver ........................................................................................................................................... 37-4transparent .................................................................................................................................... 37-8validating-resolver ......................................................................................................................37-11......................................................................................................................... 37-16

38ltm dns cache records Module Components

Introducing the ltm dns cache records module .................................................................... 38-1Alphabetical list of components ................................................................................................ 38-1key ................................................................................................................................................... 38-2msg ................................................................................................................................................... 38-4nameserver .................................................................................................................................... 38-6rrset ................................................................................................................................................. 38-8........................................................................................................................................................38-10

39ltm dns dns-express Module Components

Introducing the ltm dns dns-express module ........................................................................ 39-1Alphabetical list of components ................................................................................................ 39-1db ..................................................................................................................................................... 39-2tsig-key ............................................................................................................................................ 39-3zone ................................................................................................................................................. 39-5........................................................................................................................... 39-7

40ltm dns dnssec Module Components

Introducing the ltm dns dnssec module .................................................................................. 40-1Alphabetical list of components ................................................................................................ 40-1generation ...................................................................................................................................... 40-2key ................................................................................................................................................... 40-4zone ................................................................................................................................................. 40-8......................................................................................................................... 40-10

41ltm global-settings Module Components

Introducing the ltm global-settings module ............................................................................ 41-1Alphabetical list of components ................................................................................................ 41-1connection ..................................................................................................................................... 41-2general ............................................................................................................................................ 41-4traffic-control ................................................................................................................................ 41-6........................................................................................................................... 41-9

xii

Table of Contents

42ltm monitor Module Components

Introducing the ltm monitor module ....................................................................................... 42-1Alphabetical list of components ................................................................................................ 42-1diameter ......................................................................................................................................... 42-2dns ................................................................................................................................................... 42-7external .........................................................................................................................................42-12firepass ..........................................................................................................................................42-16ftp ...................................................................................................................................................42-20gateway-icmp ...............................................................................................................................42-24http ................................................................................................................................................42-28https ..............................................................................................................................................42-33icmp ...............................................................................................................................................42-38imap ...............................................................................................................................................42-42inband ............................................................................................................................................42-46ldap ................................................................................................................................................42-49module-score ..............................................................................................................................42-54mssql .............................................................................................................................................42-58mysql .............................................................................................................................................42-63nntp ...............................................................................................................................................42-68oracle ............................................................................................................................................42-72pop3 ..............................................................................................................................................42-77postgresql .....................................................................................................................................42-81radius .............................................................................................................................................42-86radius-accounting .......................................................................................................................42-90real-server ....................................................................................................................................42-94rpc ..................................................................................................................................................42-97sasp ............................................................................................................................................. 42-101scripted ...................................................................................................................................... 42-104sip ................................................................................................................................................ 42-108smb ............................................................................................................................................. 42-113smtp ............................................................................................................................................ 42-117snmp-dca ................................................................................................................................... 42-121snmp-dca-base .......................................................................................................................... 42-125soap ............................................................................................................................................ 42-128tcp ............................................................................................................................................... 42-133tcp-echo ..................................................................................................................................... 42-138tcp-half-open ............................................................................................................................ 42-142udp .............................................................................................................................................. 42-146virtual-location ......................................................................................................................... 42-151wap ............................................................................................................................................. 42-155wmi ............................................................................................................................................. 42-160....................................................................................................................... 42-163

43ltm persistence Module Components

Introducing the ltm persistence module ................................................................................. 43-1Alphabetical list of components ................................................................................................ 43-1cookie ............................................................................................................................................. 43-2dest-addr ........................................................................................................................................ 43-6global-settings ................................................................................................................................ 43-9hash ...............................................................................................................................................43-11msrdp ............................................................................................................................................43-15persist-records ............................................................................................................................43-18

TMSH Reference xiii

Table of Contents

sip ...................................................................................................................................................43-21source-addr .................................................................................................................................43-24ssl ...................................................................................................................................................43-28universal ........................................................................................................................................43-31......................................................................................................................... 43-34

44ltm profile Module Components

Introducing the ltm profile module .......................................................................................... 44-1Alphabetical list of components ................................................................................................ 44-1analytics .......................................................................................................................................... 44-2certificate-authority ...................................................................................................................44-11classification .................................................................................................................................44-13client-ssl ........................................................................................................................................44-15clientssl-proxy-cached-certs ....................................................................................................44-25diameter .......................................................................................................................................44-26dns .................................................................................................................................................44-31dns-logging ...................................................................................................................................44-35fasthttp ..........................................................................................................................................44-37fastl4 ..............................................................................................................................................44-42ftp ...................................................................................................................................................44-47http ................................................................................................................................................44-50http-compression .......................................................................................................................44-56httpclass ........................................................................................................................................44-61icap .................................................................................................................................................44-65iiop .................................................................................................................................................44-68mblb ...............................................................................................................................................44-71ntlm ...............................................................................................................................................44-74oneconnect ..................................................................................................................................44-77radius .............................................................................................................................................44-80ramcache ......................................................................................................................................44-83request-adapt ..............................................................................................................................44-85request-log ...................................................................................................................................44-88response-adapt ...........................................................................................................................44-92rtsp ................................................................................................................................................44-95sctp ................................................................................................................................................44-99server-ssl ................................................................................................................................... 44-103sip ................................................................................................................................................ 44-112smtp ............................................................................................................................................ 44-116statistics ..................................................................................................................................... 44-118stream ........................................................................................................................................ 44-121tcp ............................................................................................................................................... 44-124udp .............................................................................................................................................. 44-131wa-cache .................................................................................................................................... 44-134web-acceleration ..................................................................................................................... 44-135xml .............................................................................................................................................. 44-139....................................................................................................................... 44-142

45net Module Components

Introducing the net module ....................................................................................................... 45-1Alphabetical list of components ................................................................................................ 45-1arp .................................................................................................................................................... 45-2bwc-policy ...................................................................................................................................... 45-5

xiv

Table of Contents

cmetrics ........................................................................................................................................45-12fdb ..................................................................................................................................................45-14interface ........................................................................................................................................45-17ndp .................................................................................................................................................45-22packet-filter ..................................................................................................................................45-24packet-filter-trusted ...................................................................................................................45-29port-mirror ..................................................................................................................................45-32route .............................................................................................................................................45-34route-domain ..............................................................................................................................45-37rout