Applying the tcp profile to vip for ssl terminate – Brocade Communications Systems ServerIron ADX 12.4.00a User Manual

Page 196

Advertising
background image

182

ServerIron ADX Security Guide

53-1002440-03

Configuration Examples for SSL Termination and Proxy Modes

6

Disabling Nagle’s Algorithm
You can disable Nagle’s algorithm within a TCP profile as shown in the following example.

ServerIronADX(config)# tcp profile tcpprofile1

ServerIronADX(config-tcp-profile-tcpprofile1)# nagle off

Syntax: [no] nagle off

Disabling the delayed ACK algorithm
You can disable the delayed ACK algorithm within a TCP profile as shown in the following example.

ServerIronADX(config)# tcp profile tcpprofile1

ServerIronADX(config-tcp-profile-tcpprofile1)# delayed-ack off

Syntax: [no] delayed-ack off

Disabling PUSH flag in outgoing data packets from the TCP transmit queue
You can disable setting PUSH flag in all outgoing data packets except when emptying the TCP
transmit queue, as shown in the following example.

ServerIronADX(config)# tcp profile tcpprofile1

ServerIronADX(config-tcp-profile-tcpprofile1)# push-bit off

Syntax: [no] push-bit off

Modifying TCP receive queue size
You can modify the TCP receive queue size, as shown in the following example. The default value is
28000 bytes.

ServerIronADX(config)# tcp profile tcpprofile1

ServerIronADX(config-tcp-profile-tcpprofile1)# rxbuf-size <size-in-bytes>

Syntax: [no] rxbuf-size <size-in-bytes>

Modifying TCP transmit queue size
You can modify the TCP transmit queue size, as shown in the following example. The default value
is 20000 bytes.

ServerIronADX(config)# tcp profile tcpprofile1

ServerIronADX(config-tcp-profile-tcpprofile1)# txbuf-size <size-in-bytes>

Syntax: [no] txbuf-size <size-in-bytes>

Applying the TCP profile to VIP for SSL terminate

In a SSL Terminate configuration, the TCP profile can be applied either to the port ssl ssl-terminate
command in the Virtual Server configuration, or to the SSL profile that is being applied to the
Virtual Server.

In the following example, the TCP profile is applied to the port ssl ssl-terminate command in the
Virtual Server configuration

ServerIronADX(config)# server virtual-name-or-ip vip1

ServerIronADX(config-vs-vip1)# port ssl ssl-terminate sslprofile myprofile

Syntax: [no] port ssl ssl-terminate <ssl-proxy> [tcp-proxy]

Advertising
Popular Brands
Popular manuals