Home > Configuration > NS > addnstcpprofile

addnstcpprofile

Use this method to adds a TCP profile to the Citrix ADC.

Syntax



Parameters

name

Name for a TCP profile. Must begin with a letter, number, or the underscore \(_\) character. Other characters allowed, after the first character, are the hyphen \(-\), period \(.\), hash \(\#\), space \( \), at \(@\), colon \(:\), and equal \(=\) characters. The name of a TCP profile cannot be changed after it is created. CLI Users: If the name includes one or more spaces, enclose the name in double or single quotation marks \(for example, "my tcp profile" or 'my tcp profile'\).
This is mandatory parameter.

ws

Enable or disable window scaling.
Default value = ENABLED.

sack

Enable or disable Selective ACKnowledgement (SACK).
Default value = ENABLED.

wsval

Factor used to calculate the new window size. This argument is needed only when window scaling is enabled.
Default value = TCP_DEFAULT_WSVAL.
Maximum value = 14.

nagle

Enable or disable the Nagle algorithm on TCP connections.
Default value = DISABLED.

ackonpush

Send immediate positive acknowledgement (ACK) on receipt of TCP packets with PUSH flag.
Default value = ENABLED.

mss

Maximum number of octets to allow in a TCP data segment.
Default value = TCP_DEFAULT_CLIENT_MSS.
Maximum value = 9176.

maxburst

Maximum number of TCP segments allowed in a burst.
Default value = 6.
Minimum value = 1.
Maximum value = 255.

initialcwnd

Initial maximum upper limit on the number of TCP packets that can be outstanding on the TCP link to the server.
Default value = TCP_DEFAULT_INITIALCWND.
Minimum value = 1.
Maximum value = 44.

delayedack

Timeout for TCP delayed ACK, in milliseconds.
Default value = 100.
Minimum value = 10.
Maximum value = 300.

oooqsize

Maximum size of out-of-order packets queue. A value of 0 means no limit.
Default value = TCP_DEFAULT_MAX_OOO_PKTS.
Maximum value = 65535.

maxpktpermss

Maximum number of TCP packets allowed per maximum segment size (MSS).
Maximum value = 1460.

pktperretx

Maximum limit on the number of packets that should be retransmitted on receiving a partial ACK.
Default value = 1.
Minimum value = 1.
Maximum value = 512.

minrto

Minimum retransmission timeout, in milliseconds, specified in 10-millisecond increments (value must yield a whole number if divided by 10).
Default value = 1000.
Minimum value = 10.
Maximum value = 64000.

slowstartincr

Multiplier that determines the rate at which slow start increases the size of the TCP transmission window after each acknowledgement of successful transmission.
Default value = 2.
Minimum value = 1.
Maximum value = 100.

buffersize

TCP buffering size, in bytes.
Default value = TCP_DEFAULT_BUFFSIZE.
Minimum value = 8190.
Maximum value = 20971520.

syncookie

Enable or disable the SYNCOOKIE mechanism for TCP handshake with clients. Disabling SYNCOOKIE prevents SYN attack protection on the Citrix ADC.
Default value = ENABLED.

kaprobeupdatelastactivity

Update last activity for the connection after receiving keep-alive (KA) probes.
Default value = ENABLED.

flavor

Set TCP congestion control algorithm.
Default value = NS_TCP_BIC.

dynamicreceivebuffering

Enable or disable dynamic receive buffering. When enabled, allows the receive buffer to be adjusted dynamically based on memory and network conditions. Note: The buffer size argument must be set for dynamic adjustments to take place.
Default value = DISABLED.

ka

Send periodic TCP keep-alive (KA) probes to check if peer is still up.
Default value = DISABLED.

kaconnidletime

Duration, in seconds, for the connection to be idle, before sending a keep-alive (KA) probe.
Default value = NSTCP_KA_DEFAULT_CONN_IDLETIME.
Minimum value = 1.
Maximum value = 4095.

kamaxprobes

Number of keep-alive (KA) probes to be sent when not acknowledged, before assuming the peer to be down.
Default value = NSTCP_KA_DEFAULT_PROBE_COUNT.
Minimum value = 1.
Maximum value = 254.

kaprobeinterval

Time interval, in seconds, before the next keep-alive (KA) probe, if the peer does not respond.
Default value = NSTCP_KA_DEFAULT_INTERVAL.
Minimum value = 1.
Maximum value = 4095.

sendbuffsize

TCP Send Buffer Size
Default value = TCP_DEFAULT_SENDBUFFSIZE.
Minimum value = 8190.
Maximum value = 20971520.

mptcp

Enable or disable Multipath TCP.
Default value = DISABLED.

establishclientconn

Establishing Client Client connection on First data/ Final-ACK / Automatic
Default value = NS_CONN_AUTOMATIC.

tcpsegoffload

Offload TCP segmentation to the NIC. If set to AUTOMATIC, TCP segmentation will be offloaded to the NIC, if the NIC supports it.
Default value = ENABLED.

rfc5961compliance

Enable or disable RFC 5961 compliance to protect against tcp spoofing(RST/SYN/Data). When enabled, will be compliant with RFC 5961.
Default value = DISABLED.

rstwindowattenuate

Enable or disable RST window attenuation to protect against spoofing. When enabled, will reply with corrective ACK when a sequence number is invalid.
Default value = DISABLED.

rstmaxack

Enable or disable acceptance of RST that is out of window yet echoes highest ACK sequence number. Useful only in proxy mode.
Default value = DISABLED.

spoofsyndrop

Enable or disable drop of invalid SYN packets to protect against spoofing. When disabled, established connections will be reset when a SYN packet is received.
Default value = ENABLED.

ecn

Enable or disable TCP Explicit Congestion Notification.
Default value = DISABLED.

mptcpdropdataonpreestsf

Enable or disable silently dropping the data on Pre-Established subflow. When enabled, DSS data packets are dropped silently instead of dropping the connection when data is received on pre established subflow.
Default value = DISABLED.

mptcpfastopen

Enable or disable Multipath TCP fastopen. When enabled, DSS data packets are accepted before receiving the third ack of SYN handshake.
Default value = DISABLED.

mptcpsessiontimeout

MPTCP session timeout in seconds. If this value is not set, idle MPTCP sessions are flushed after vserver's client idle timeout.
Default value = 0.
Minimum value = 0.
Maximum value = 86400.

timestamp

Enable or Disable TCP Timestamp option (RFC 1323)
Default value = DISABLED.

dsack

Enable or disable DSACK.
Default value = ENABLED.

ackaggregation

Enable or disable ACK Aggregation.
Default value = DISABLED.

frto

Enable or disable FRTO (Forward RTO-Recovery).
Default value = ENABLED.

maxcwnd

TCP Maximum Congestion Window.
Default value = 524288.
Minimum value = 8190.
Maximum value = 20971520.

fack

Enable or disable FACK (Forward ACK).
Default value = ENABLED.

tcpmode

TCP Optimization modes TRANSPARENT / ENDPOINT.
Default value = NS_TCPOPTMODE_TRANSPARENT.

tcpfastopen

Enable or disable TCP Fastopen. When enabled, NS can receive or send Data in SYN or SYN-ACK packets.
Default value = DISABLED.

hystart

Enable or disable CUBIC Hystart
Default value = DISABLED.

dupackthresh

TCP dupack threshold.
Default value = 3.
Minimum value = 1.
Maximum value = 15.

burstratecontrol

TCP Burst Rate Control DISABLED/FIXED/DYNAMIC. FIXED requires a TCP rate to be set.
Default value = NS_BURSTRATECTRL_DISABLED.

tcprate

TCP connection payload send rate in Kb/s
Default value = 0.
Minimum value = 0.
Maximum value = 10000000.

rateqmax

Maximum connection queue size in bytes, when BurstRateControl is used
Default value = 0.
Minimum value = 0.
Maximum value = 1000000000.

drophalfclosedconnontimeout

Silently drop tcp half closed connections on idle timeout
Default value = DISABLED.

dropestconnontimeout

Silently drop tcp established connections on idle timeout
Default value = DISABLED.

applyadaptivetcp

Apply Adaptive TCP optimizations
Default value = DISABLED.

tcpfastopencookiesize

TCP FastOpen Cookie size. This accepts only even numbers. Odd number is trimmed down to nearest even number.
Default value = 8.
Minimum value = 4.
Maximum value = 16.

taillossprobe

TCP tail loss probe optimizations
Default value = DISABLED.

clientiptcpoption

Client IP in TCP options
Default value = DISABLED.

clientiptcpoptionnumber

ClientIP TCP Option number
Default value = DISABLED.
Minimum value = 1.
Maximum value = 254.

mpcapablecbit

Set C bit in MP-CAPABLE Syn-Ack sent by Citrix ADC
Default value = DISABLED.

sendclientportintcpoption

Send Client Port number along with Client IP in TCP-Options. ClientIpTcpOption must be ENABLED
Default value = DISABLED.

slowstartthreshold

TCP Slow Start Threhsold Value.
Default value = 524288.
Minimum value = 8190.
Maximum value = 20971520.

Return Value

Returns simpleResult

See Also

getnstcpprofile

rmnstcpprofile

setnstcpprofile_ackaggregation

setnstcpprofile_ackonpush

setnstcpprofile_applyadaptivetcp

setnstcpprofile_buffersize

setnstcpprofile_burstratecontrol

setnstcpprofile_clientiptcpoption

setnstcpprofile_delayedack

setnstcpprofile_dropestconnontimeout

setnstcpprofile_drophalfclosedconnontimeout

setnstcpprofile_dsack

setnstcpprofile_dupackthresh

setnstcpprofile_dynamicreceivebuffering

setnstcpprofile_ecn

setnstcpprofile_establishclientconn

setnstcpprofile_fack

setnstcpprofile_flavor

setnstcpprofile_frto

setnstcpprofile_hystart

setnstcpprofile_initialcwnd

setnstcpprofile_ka

setnstcpprofile_kaconnidletime

setnstcpprofile_kamaxprobes

setnstcpprofile_kaprobeinterval

setnstcpprofile_kaprobeupdatelastactivity

setnstcpprofile_maxburst

setnstcpprofile_maxcwnd

setnstcpprofile_maxpktpermss

setnstcpprofile_minrto

setnstcpprofile_mpcapablecbit

setnstcpprofile_mptcp

setnstcpprofile_mptcpdropdataonpreestsf

setnstcpprofile_mptcpfastopen

setnstcpprofile_mptcpsessiontimeout

setnstcpprofile_mss

setnstcpprofile_nagle

setnstcpprofile_oooqsize

setnstcpprofile_pktperretx

setnstcpprofile_rateqmax

setnstcpprofile_rfc5961compliance

setnstcpprofile_rstmaxack

setnstcpprofile_rstwindowattenuate

setnstcpprofile_sack

setnstcpprofile_sendbuffsize

setnstcpprofile_sendclientportintcpoption

setnstcpprofile_slowstartincr

setnstcpprofile_slowstartthreshold

setnstcpprofile_spoofsyndrop

setnstcpprofile_syncookie

setnstcpprofile_taillossprobe

setnstcpprofile_tcpfastopen

setnstcpprofile_tcpfastopencookiesize

setnstcpprofile_tcpmode

setnstcpprofile_tcprate

setnstcpprofile_tcpsegoffload

setnstcpprofile_timestamp

setnstcpprofile_ws

setnstcpprofile_wsval

unsetnstcpprofile_ackaggregation

unsetnstcpprofile_ackonpush

unsetnstcpprofile_applyadaptivetcp

unsetnstcpprofile_buffersize

unsetnstcpprofile_burstratecontrol

unsetnstcpprofile_clientiptcpoption

unsetnstcpprofile_clientiptcpoptionnumber

unsetnstcpprofile_delayedack

unsetnstcpprofile_dropestconnontimeout

unsetnstcpprofile_drophalfclosedconnontimeout

unsetnstcpprofile_dsack

unsetnstcpprofile_dupackthresh

unsetnstcpprofile_dynamicreceivebuffering

unsetnstcpprofile_ecn

unsetnstcpprofile_establishclientconn

unsetnstcpprofile_fack

unsetnstcpprofile_flavor

unsetnstcpprofile_frto

unsetnstcpprofile_hystart

unsetnstcpprofile_initialcwnd

unsetnstcpprofile_ka

unsetnstcpprofile_kaconnidletime

unsetnstcpprofile_kamaxprobes

unsetnstcpprofile_kaprobeinterval

unsetnstcpprofile_kaprobeupdatelastactivity

unsetnstcpprofile_maxburst

unsetnstcpprofile_maxcwnd

unsetnstcpprofile_maxpktpermss

unsetnstcpprofile_minrto

unsetnstcpprofile_mpcapablecbit

unsetnstcpprofile_mptcp

unsetnstcpprofile_mptcpdropdataonpreestsf

unsetnstcpprofile_mptcpfastopen

unsetnstcpprofile_mptcpsessiontimeout

unsetnstcpprofile_mss

unsetnstcpprofile_nagle

unsetnstcpprofile_oooqsize

unsetnstcpprofile_pktperretx

unsetnstcpprofile_rateqmax

unsetnstcpprofile_rfc5961compliance

unsetnstcpprofile_rstmaxack

unsetnstcpprofile_rstwindowattenuate

unsetnstcpprofile_sack

unsetnstcpprofile_sendbuffsize

unsetnstcpprofile_sendclientportintcpoption

unsetnstcpprofile_slowstartincr

unsetnstcpprofile_slowstartthreshold

unsetnstcpprofile_spoofsyndrop

unsetnstcpprofile_syncookie

unsetnstcpprofile_taillossprobe

unsetnstcpprofile_tcpfastopen

unsetnstcpprofile_tcpfastopencookiesize

unsetnstcpprofile_tcpmode

unsetnstcpprofile_tcprate

unsetnstcpprofile_tcpsegoffload

unsetnstcpprofile_timestamp

unsetnstcpprofile_ws

unsetnstcpprofile_wsval