netscaler.adc.nstcpprofile module – Configuration for TCP profile resource.

Note

This module is part of the netscaler.adc collection (version 2.6.2).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install netscaler.adc.

To use it in a playbook, specify: netscaler.adc.nstcpprofile.

New in netscaler.adc 2.0.0

Synopsis

• Configuration for TCP profile resource.

Parameters

Parameter	Comments
ackaggregation string	Enable or disable ACK Aggregation. Choices: "ENABLED" "DISABLED"
ackonpush string	Send immediate positive acknowledgement (ACK) on receipt of TCP packets with PUSH flag. Choices: "ENABLED" "DISABLED"
api_path string	Base NITRO API path. Define only in case of an ADM service proxy call Default: "nitro/v1/config"
applyadaptivetcp string	Apply Adaptive TCP optimizations Choices: "ENABLED" "DISABLED"
buffersize float	TCP buffering size, in bytes.
burstratecontrol string	TCP Burst Rate Control DISABLED/FIXED/DYNAMIC. FIXED requires a TCP rate to be set. Choices: "DISABLED" "FIXED" "DYNAMIC"
clientiptcpoption string	Client IP in TCP options Choices: "ENABLED" "DISABLED"
clientiptcpoptionnumber float	ClientIP TCP Option number
delayedack float	Timeout for TCP delayed ACK, in milliseconds.
dropestconnontimeout string	Silently drop tcp established connections on idle timeout Choices: "ENABLED" "DISABLED"
drophalfclosedconnontimeout string	Silently drop tcp half closed connections on idle timeout Choices: "ENABLED" "DISABLED"
dsack string	Enable or disable DSACK. Choices: "ENABLED" "DISABLED"
dupackthresh float	TCP dupack threshold.
dynamicreceivebuffering string	Enable or disable dynamic receive buffering. When enabled, allows the receive buffer to be adjusted dynamically based on memory and network conditions. Note: The buffer size argument must be set for dynamic adjustments to take place. Choices: "ENABLED" "DISABLED"
ecn string	Enable or disable TCP Explicit Congestion Notification. Choices: "ENABLED" "DISABLED"
establishclientconn string	Establishing Client Client connection on First data/ Final-ACK / Automatic Choices: "AUTOMATIC" "CONN_ESTABLISHED" "ON_FIRST_DATA"
fack string	Enable or disable FACK (Forward ACK). Choices: "ENABLED" "DISABLED"
flavor string	Set TCP congestion control algorithm. Choices: "Default" "Westwood" "BIC" "CUBIC" "Nile" "BBR"
frto string	Enable or disable FRTO (Forward RTO-Recovery). Choices: "ENABLED" "DISABLED"
hystart string	Enable or disable CUBIC Hystart Choices: "ENABLED" "DISABLED"
initialcwnd float	Initial maximum upper limit on the number of TCP packets that can be outstanding on the TCP link to the server.
ka string	Send periodic TCP keep-alive (KA) probes to check if peer is still up. Choices: "ENABLED" "DISABLED"
kaconnidletime float	Duration, in seconds, for the connection to be idle, before sending a keep-alive (KA) probe.
kamaxprobes float	Number of keep-alive (KA) probes to be sent when not acknowledged, before assuming the peer to be down.
kaprobeinterval float	Time interval, in seconds, before the next keep-alive (KA) probe, if the peer does not respond.
kaprobeupdatelastactivity string	Update last activity for the connection after receiving keep-alive (KA) probes. Choices: "ENABLED" "DISABLED"
managed_netscaler_instance_id string added in netscaler.adc 2.6.0	The ID of the managed NetScaler instance to which NetScaler Console has to configure as a proxy server. Define only in case of an ADM service proxy call
managed_netscaler_instance_ip string added in netscaler.adc 2.6.0	The IP of the managed NetScaler instance to which NetScaler Console has to configure as a proxy server. Define only in case of an ADM service proxy call
managed_netscaler_instance_name string added in netscaler.adc 2.6.0	The name of the managed NetScaler instance to which NetScaler Console has to configure as a proxy server. Define only in case of an ADM service proxy call
managed_netscaler_instance_password string added in netscaler.adc 2.6.0	The password of the managed NetScaler instance. Define only in case of an ADM service proxy call In Settings > Administration > System Configurations > Basic Settings, if you select Prompt Credentials for Instance Login, ensure to configure username and password of a managed instance.
managed_netscaler_instance_username string added in netscaler.adc 2.6.0	The username of the managed NetScaler instance. Define only in case of an ADM service proxy call In Settings > Administration > System Configurations > Basic Settings, if you select Prompt Credentials for Instance Login, ensure to configure username and password of a managed instance.
maxburst float	Maximum number of TCP segments allowed in a burst.
maxcwnd float	TCP Maximum Congestion Window.
maxpktpermss float	Maximum number of TCP packets allowed per maximum segment size (MSS).
minrto float	Minimum retransmission timeout, in milliseconds, specified in 10-millisecond increments (value must yield a whole number if divided by 10).
mpcapablecbit string	Set C bit in MP-CAPABLE Syn-Ack sent by Citrix ADC Choices: "ENABLED" "DISABLED"
mptcp string	Enable or disable Multipath TCP. Choices: "ENABLED" "DISABLED"
mptcpdropdataonpreestsf string	Enable or disable silently dropping the data on Pre-Established subflow. When enabled, DSS data packets are dropped silently instead of dropping the connection when data is received on pre established subflow. Choices: "ENABLED" "DISABLED"
mptcpfastopen string	Enable or disable Multipath TCP fastopen. When enabled, DSS data packets are accepted before receiving the third ack of SYN handshake. Choices: "ENABLED" "DISABLED"
mptcpsessiontimeout float	MPTCP session timeout in seconds. If this value is not set, idle MPTCP sessions are flushed after vserver’s client idle timeout.
mss float	Maximum number of octets to allow in a TCP data segment.
nagle string	Enable or disable the Nagle algorithm on TCP connections. Choices: "ENABLED" "DISABLED"
name string	Name for a TCP profile. Must begin with a letter, number, or the underscore \(_\) character. Other characters allowed, after the first character, are the hyphen \(-\), period \(.\), hash \(\#\), space \( \), at \(@\), colon \(:\), and equal \(=\) characters. The name of a TCP profile cannot be changed after it is created. CLI Users: If the name includes one or more spaces, enclose the name in double or single quotation marks \(for example, “my tcp profile” or ‘my tcp profile’\).
netscaler_console_as_proxy_server boolean added in netscaler.adc 2.6.0	The IP address of the NetScaler ADC appliance acting as a proxy server. Define only in case of an ADM service proxy call Choices: false ← (default) true
nitro_auth_token string	The authentication token provided by a login operation.
nitro_pass string	The password with which to authenticate to the NetScaler ADC node.
nitro_protocol string	Which protocol to use when accessing the nitro API objects. Choices: "http" "https" ← (default)
nitro_user string	The username with which to authenticate to the NetScaler ADC node.
nsip string / required	The ip address of the NetScaler ADC appliance where the nitro API calls will be made. The port can be specified with the colon (:). E.g. 192.168.1.1:555.
oooqsize float	Maximum size of out-of-order packets queue. A value of 0 means no limit.
pktperretx float	Maximum limit on the number of packets that should be retransmitted on receiving a partial ACK.
rateqmax float	Maximum connection queue size in bytes, when BurstRateControl is used
rfc5961compliance string	Enable or disable RFC 5961 compliance to protect against tcp spoofing(RST/SYN/Data). When enabled, will be compliant with RFC 5961. Choices: "ENABLED" "DISABLED"
rstmaxack string	Enable or disable acceptance of RST that is out of window yet echoes highest ACK sequence number. Useful only in proxy mode. Choices: "ENABLED" "DISABLED"
rstwindowattenuate string	Enable or disable RST window attenuation to protect against spoofing. When enabled, will reply with corrective ACK when a sequence number is invalid. Choices: "ENABLED" "DISABLED"
sack string	Enable or disable Selective ACKnowledgement (SACK). Choices: "ENABLED" "DISABLED"
save_config boolean	If true the module will save the configuration on the NetScaler ADC node if it makes any changes. The module will not save the configuration on the NetScaler ADC node if it made no changes. Choices: false ← (default) true
sendbuffsize float	TCP Send Buffer Size
sendclientportintcpoption string	Send Client Port number along with Client IP in TCP-Options. ClientIpTcpOption must be ENABLED Choices: "ENABLED" "DISABLED"
slowstartincr float	Multiplier that determines the rate at which slow start increases the size of the TCP transmission window after each acknowledgement of successful transmission.
slowstartthreshold float	TCP Slow Start Threhsold Value.
spoofsyndrop string	Enable or disable drop of invalid SYN packets to protect against spoofing. When disabled, established connections will be reset when a SYN packet is received. Choices: "ENABLED" "DISABLED"
state string	The state of the resource being configured by the module on the NetScaler ADC node. When present, the resource will be added/updated configured according to the module’s parameters. When absent, the resource will be deleted from the NetScaler ADC node. When unset, the resource will be unset on the NetScaler ADC node. Choices: "present" ← (default) "absent" "unset"
syncookie string	Enable or disable the SYNCOOKIE mechanism for TCP handshake with clients. Disabling SYNCOOKIE prevents SYN attack protection on the Citrix ADC. Choices: "ENABLED" "DISABLED"
taillossprobe string	TCP tail loss probe optimizations Choices: "ENABLED" "DISABLED"
tcpfastopen string	Enable or disable TCP Fastopen. When enabled, NS can receive or send Data in SYN or SYN-ACK packets. Choices: "ENABLED" "DISABLED"
tcpfastopencookiesize float	TCP FastOpen Cookie size. This accepts only even numbers. Odd number is trimmed down to nearest even number.
tcpmode string	TCP Optimization modes TRANSPARENT / ENDPOINT. Choices: "TRANSPARENT" "ENDPOINT"
tcprate float	TCP connection payload send rate in Kb/s
tcpsegoffload string	Offload TCP segmentation to the NIC. If set to AUTOMATIC, TCP segmentation will be offloaded to the NIC, if the NIC supports it. Choices: "AUTOMATIC" "DISABLED"
timestamp string	Enable or Disable TCP Timestamp option (RFC 1323) Choices: "ENABLED" "DISABLED"
validate_certs boolean	If false, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. Choices: false true ← (default)
ws string	Enable or disable window scaling. Choices: "ENABLED" "DISABLED"
wsval float	Factor used to calculate the new window size. This argument is needed only when window scaling is enabled.

Notes

Note

• For more information on using Ansible to manage NetScaler ADC Network devices see https://www.ansible.com/integrations/networks/citrixadc.

Examples

---
- name: Sample nstcpprofile playbook
  hosts: demo_netscalers
  gather_facts: false
  tasks:
    - name: Configure nstcpprofile
      delegate_to: localhost
      netscaler.adc.nstcpprofile:
        state: present
        name: nstcp_default_profile
        flavor: Westwood

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Description
changed boolean	Indicates if any change is made by the module Returned: always Sample: true
diff dictionary	Dictionary of before and after changes Returned: always Sample: {"after": {"key2": "pqr"}, "before": {"key1": "xyz"}, "prepared": "changes done"}
diff_list list / elements=string	List of differences between the actual configured object and the configuration specified in the module Returned: when changed Sample: ["Attribute `key1` differs. Desired: (<class 'str'>) XYZ. Existing: (<class 'str'>) PQR"]
failed boolean	Indicates if the module failed or not Returned: always Sample: false
loglines list / elements=string	list of logged messages by the module Returned: always Sample: ["message 1", "message 2"]

Authors

• Sumanth Lingappa (@sumanth-lingappa)

• Shiva Shankar Vaddepally (@shivashankar-vaddepally)

Collection links

• Issue Tracker
• Repository (Sources)