netscaler.adc.lsnappsprofile module – Configuration for LSN Application Profile resource.

Note

This module is part of the netscaler.adc collection (version 2.6.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install netscaler.adc.

To use it in a playbook, specify: netscaler.adc.lsnappsprofile.

New in netscaler.adc 2.0.0

Synopsis

  • Configuration for LSN Application Profile resource.

Parameters

Parameter

Comments

api_path

string

Base NITRO API path.

Define only in case of an ADM service proxy call

Default: "nitro/v1/config"

appsprofilename

any

Name for the LSN application profile. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the LSN application profile is created. The following requirement applies only to the Citrix ADC CLI: If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, “lsn application profile1” or ‘lsn application profile1’).

filtering

any

Type of filter to apply to packets originating from external hosts.

Consider an example of an LSN mapping that includes the mapping of subscriber IP:port (X:x), NAT IP:port (N:n), and external host IP:port (Y:y).

Available options function as follows:

* ENDPOINT INDEPENDENT - Filters out only packets not destined to the subscriber IP address and port X:x, regardless of the external host IP address and port source (Z:z). The Citrix ADC forwards any packets destined to X:x. In other words, sending packets from the subscriber to any external IP address is sufficient to allow packets from any external hosts to the subscriber.

* ADDRESS DEPENDENT - Filters out packets not destined to subscriber IP address and port X:x. In addition, the ADC filters out packets from Y:y destined for the subscriber (X:x) if the client has not previously sent packets to Y:anyport (external port independent). In other words, receiving packets from a specific external host requires that the subscriber first send packets to that specific external host’s IP address.

* ADDRESS PORT DEPENDENT (the default) - Filters out packets not destined to subscriber IP address and port (X:x). In addition, the Citrix ADC filters out packets from Y:y destined for the subscriber (X:x) if the subscriber has not previously sent packets to Y:y. In other words, receiving packets from a specific external host requires that the subscriber first send packets first to that external IP address and port.

Choices:

  • "ENDPOINT-INDEPENDENT"

  • "ADDRESS-DEPENDENT"

  • "ADDRESS-PORT-DEPENDENT"

ippooling

any

NAT IP address allocation options for sessions associated with the same subscriber.

Available options function as follows:

* Paired - The Citrix ADC allocates the same NAT IP address for all sessions associated with the same subscriber. When all the ports of a NAT IP address are used in LSN sessions (for same or multiple subscribers), the Citrix ADC ADC drops any new connection from the subscriber.

* Random - The Citrix ADC allocates random NAT IP addresses, from the pool, for different sessions associated with the same subscriber.

This parameter is applicable to dynamic NAT allocation only.

Choices:

  • "PAIRED"

  • "RANDOM"

l2info

any

Enable l2info by creating natpcbs for LSN, which enables the Citrix ADC to use L2CONN/MBF with LSN.

Choices:

  • "ENABLED"

  • "DISABLED"

lsnappsprofile_lsnappsattributes_binding

dictionary

Bindings for lsnappsprofile_lsnappsattributes_binding resource

binding_members

list / elements=dictionary

List of binding members

Default: []

mode

string

The mode in which to configure the bindings.

If mode is set to desired, the bindings will be added or removed from the target NetScaler ADCs as necessary to match the bindings specified in the state.

If mode is set to bind, the specified bindings will be added to the resource. The existing bindings in the target ADCs will not be modified.

If mode is set to unbind, the specified bindings will be removed from the resource. The existing bindings in the target ADCs will not be modified.

Choices:

  • "desired" ← (default)

  • "bind"

  • "unbind"

lsnappsprofile_port_binding

dictionary

Bindings for lsnappsprofile_port_binding resource

binding_members

list / elements=dictionary

List of binding members

Default: []

mode

string

The mode in which to configure the bindings.

If mode is set to desired, the bindings will be added or removed from the target NetScaler ADCs as necessary to match the bindings specified in the state.

If mode is set to bind, the specified bindings will be added to the resource. The existing bindings in the target ADCs will not be modified.

If mode is set to unbind, the specified bindings will be removed from the resource. The existing bindings in the target ADCs will not be modified.

Choices:

  • "desired" ← (default)

  • "bind"

  • "unbind"

managed_netscaler_instance_id

string

added in netscaler.adc 2.6.0

The ID of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_ip

string

added in netscaler.adc 2.6.0

The IP of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_name

string

added in netscaler.adc 2.6.0

The name of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_password

string

added in netscaler.adc 2.6.0

The password of the managed NetScaler instance.

Define only in case of an ADM service proxy call

In Settings > Administration > System Configurations > Basic Settings,

if you select Prompt Credentials for Instance Login,

ensure to configure username and password of a managed instance.

managed_netscaler_instance_username

string

added in netscaler.adc 2.6.0

The username of the managed NetScaler instance.

Define only in case of an ADM service proxy call

In Settings > Administration > System Configurations > Basic Settings,

if you select Prompt Credentials for Instance Login,

ensure to configure username and password of a managed instance.

mapping

any

Type of LSN mapping to apply to subsequent packets originating from the same subscriber IP address and port.

Consider an example of an LSN mapping that includes the mapping of the subscriber IP:port (X:x), NAT IP:port (N:n), and external host IP:port (Y:y).

Available options function as follows:

* ENDPOINT-INDEPENDENT - Reuse the LSN mapping for subsequent packets sent from the same subscriber IP address and port (X:x) to any external IP address and port.

* ADDRESS-DEPENDENT - Reuse the LSN mapping for subsequent packets sent from the same subscriber IP address and port (X:x) to the same external IP address (Y), regardless of the external port.

* ADDRESS-PORT-DEPENDENT - Reuse the LSN mapping for subsequent packets sent from the same internal IP address and port (X:x) to the same external IP address and port (Y:y) while the mapping is still active.

Choices:

  • "ENDPOINT-INDEPENDENT"

  • "ADDRESS-DEPENDENT"

  • "ADDRESS-PORT-DEPENDENT"

netscaler_console_as_proxy_server

boolean

added in netscaler.adc 2.6.0

The IP address of the NetScaler ADC appliance acting as a proxy server.

Define only in case of an ADM service proxy call

Choices:

  • false ← (default)

  • true

nitro_auth_token

string

The authentication token provided by a login operation.

nitro_pass

string

The password with which to authenticate to the NetScaler ADC node.

nitro_protocol

string

Which protocol to use when accessing the nitro API objects.

Choices:

  • "http"

  • "https" ← (default)

nitro_user

string

The username with which to authenticate to the NetScaler ADC node.

nsip

string / required

The ip address of the NetScaler ADC appliance where the nitro API calls will be made.

The port can be specified with the colon (:). E.g. 192.168.1.1:555.

save_config

boolean

If true the module will save the configuration on the NetScaler ADC node if it makes any changes.

The module will not save the configuration on the NetScaler ADC node if it made no changes.

Choices:

  • false ← (default)

  • true

state

string

The state of the resource being configured by the module on the NetScaler ADC node.

When present, the resource will be added/updated configured according to the module’s parameters.

When absent, the resource will be deleted from the NetScaler ADC node.

When unset, the resource will be unset on the NetScaler ADC node.

Choices:

  • "present" ← (default)

  • "absent"

  • "unset"

tcpproxy

any

Enable TCP proxy, which enables the Citrix ADC to optimize the TCP traffic by using Layer 4 features.

Choices:

  • "ENABLED"

  • "DISABLED"

td

any

ID of the traffic domain through which the Citrix ADC sends the outbound traffic after performing LSN.

If you do not specify an ID, the ADC sends the outbound traffic through the default traffic domain, which has an ID of 0.

transportprotocol

string

Name of the protocol for which the parameters of this LSN application profile applies.

Choices:

  • "TCP"

  • "UDP"

  • "ICMP"

validate_certs

boolean

If false, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.

Choices:

  • false

  • true ← (default)

Notes

Note

Examples

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

changed

boolean

Indicates if any change is made by the module

Returned: always

Sample: true

diff

dictionary

Dictionary of before and after changes

Returned: always

Sample: {"after": {"key2": "pqr"}, "before": {"key1": "xyz"}, "prepared": "changes done"}

diff_list

list / elements=string

List of differences between the actual configured object and the configuration specified in the module

Returned: when changed

Sample: ["Attribute `key1` differs. Desired: (<class 'str'>) XYZ. Existing: (<class 'str'>) PQR"]

failed

boolean

Indicates if the module failed or not

Returned: always

Sample: false

loglines

list / elements=string

list of logged messages by the module

Returned: always

Sample: ["message 1", "message 2"]

Authors

  • Sumanth Lingappa (@sumanth-lingappa)