Citrix ADC 12.1 NITRO API Reference

lsntransportprofile

Configuration for LSN Transport Profile resource.

Properties

(click to see Operations)

Name Data Type Permissions Description
transportprofilename Read-write Name for the LSN transport profile. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the LSN transport profile is created. The following requirement applies only to the Citrix ADC CLI: If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, “lsn transport profile1” or ‘lsn transport profile1’).
Minimum length = 1
Maximum length = 127
transportprotocol Read-write Protocol for which to set the LSN transport profile parameters.
Possible values = TCP, UDP, ICMP
sessiontimeout Read-write Timeout, in seconds, for an idle LSN session. If an LSN session is idle for a time that exceeds this value, the Citrix ADC removes the session.

This timeout does not apply for a TCP LSN session when a FIN or RST message is received from either of the endpoints. .
Default value: 120
Minimum value = 60
finrsttimeout Read-write Timeout, in seconds, for a TCP LSN session after a FIN or RST message is received from one of the endpoints.

If a TCP LSN session is idle (after the Citrix ADC receives a FIN or RST message) for a time that exceeds this value, the Citrix ADC ADC removes the session.

Since the LSN feature of the Citrix ADC does not maintain state information of any TCP LSN sessions, this timeout accommodates the transmission of the FIN or RST, and ACK messages from the other endpoint so that both endpoints can properly close the connection.
Default value: 30
stuntimeout Read-write STUN protocol timeout.
Default value: 600
Minimum value = 120
Maximum value = 1200
synidletimeout Read-write SYN Idle timeout.
Default value: 60
Minimum value = 30
Maximum value = 120
portquota Read-write Maximum number of LSN NAT ports to be used at a time by each subscriber for the specified protocol. For example, each subscriber can be limited to a maximum of 500 TCP NAT ports. When the LSN NAT mappings for a subscriber reach the limit, the Citrix ADC does not allocate additional NAT ports for that subscriber.
Default value: 0
Minimum value = 0
Maximum value = 65535
sessionquota Read-write Maximum number of concurrent LSN sessions allowed for each subscriber for the specified protocol.
When the number of LSN sessions reaches the limit for a subscriber, the Citrix ADC does not allow the subscriber to open additional sessions.
Default value: 0
Minimum value = 0
Maximum value = 65535
groupsessionlimit Read-write Maximum number of concurrent LSN sessions(for the specified protocol) allowed for all subscriber of a group to which this profile has bound. This limit will get split across the Citrix ADCs packet engines and rounded down. When the number of LSN sessions reaches the limit for a group in packet engine, the Citrix ADC does not allow the subscriber of that group to open additional sessions through that packet engine.
Default value: 0
portpreserveparity Read-write Enable port parity between a subscriber port and its mapped LSN NAT port. For example, if a subscriber initiates a connection from an odd numbered port, the Citrix ADC allocates an odd numbered LSN NAT port for this connection.
You must set this parameter for proper functioning of protocols that require the source port to be even or odd numbered, for example, in peer-to-peer applications that use RTP or RTCP protocol.
Default value: DISABLED
Possible values = ENABLED, DISABLED
portpreserverange Read-write If a subscriber initiates a connection from a well-known port (0-1023), allocate a NAT port from the well-known port range (0-1023) for this connection. For example, if a subscriber initiates a connection from port 80, the Citrix ADC can allocate port 100 as the NAT port for this connection.

This parameter applies to dynamic NAT without port block allocation. It also applies to Deterministic NAT if the range of ports allocated includes well-known ports.

When all the well-known ports of all the available NAT IP addresses are used in different subscriber’s connections (LSN sessions), and a subscriber initiates a connection from a well-known port, the Citrix ADC drops this connection.
Default value: DISABLED
Possible values = ENABLED, DISABLED
syncheck Read-write Silently drop any non-SYN packets for connections for which there is no LSN-NAT session present on the Citrix ADC.

If you disable this parameter, the Citrix ADC accepts any non-SYN packets and creates a new LSN session entry for this connection.

Following are some reasons for the Citrix ADC to receive such packets:

* LSN session for a connection existed but the Citrix ADC removed this session because the LSN session was idle for a time that exceeded the configured session timeout.
* Such packets can be a part of a DoS attack.
Default value: ENABLED
Possible values = ENABLED, DISABLED
__count Read-only count parameter

Operations

(click to see Properties)

ADD DELETE UPDATE UNSET GET (ALL) GET COUNT

Some options that you can use for each operations:

  • Getting warnings in response:NITRO allows you to get warnings in an operation by specifying the "warning" query parameter as "yes". For example, to get warnings while connecting to the Citrix ADC appliance, the URL is as follows:

    http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/login?warning=yes

    If any, the warnings are displayed in the response payload with the HTTP code "209 X-NITRO-WARNING".

  • Authenticated access for individual NITRO operations:NITRO allows you to logon to the Citrix ADC appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,

    To do this, you must specify the username and password in the request header of the NITRO request as follows:

    X-NITRO-USER:<username>

    X-NITRO-PASS:<password>

    Note:In such cases, make sure that the request header DOES not include the following:

    Cookie:NITRO_AUTH_TOKEN=<tokenvalue>

*Note:*

Mandatory parameters are marked in redand placeholder content is marked in <green>.

add

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/lsntransportprofile

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:


{"lsntransportprofile":{
<b>"transportprofilename":<String_value>,
</b><b>"transportprotocol":<String_value>,
</b>"sessiontimeout":<Double_value>,
"finrsttimeout":<Double_value>,
"stuntimeout":<Double_value>,
"synidletimeout":<Double_value>,
"portquota":<Double_value>,
"sessionquota":<Double_value>,
"groupsessionlimit":<Double_value>,
"portpreserveparity":<String_value>,
"portpreserverange":<String_value>,
"syncheck":<String_value>
}}

<!--NeedCopy-->

Response:

HTTP Status Code on Success: 201 Created HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

delete

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/lsntransportprofile/transportprofilename_value<String>

HTTP Method:DELETE

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue>

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

update

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/lsntransportprofile

HTTP Method:PUT

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:


{"lsntransportprofile":{
<b>"transportprofilename":<String_value>,
</b>"sessiontimeout":<Double_value>,
"finrsttimeout":<Double_value>,
"stuntimeout":<Double_value>,
"synidletimeout":<Double_value>,
"portquota":<Double_value>,
"sessionquota":<Double_value>,
"groupsessionlimit":<Double_value>,
"portpreserveparity":<String_value>,
"portpreserverange":<String_value>,
"syncheck":<String_value>
}}

<!--NeedCopy-->

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

unset

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/lsntransportprofile?action=unset

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:


{"lsntransportprofile":{
<b>"transportprofilename":<String_value>,
</b>"sessiontimeout":true,
"finrsttimeout":true,
"stuntimeout":true,
"synidletimeout":true,
"portquota":true,
"sessionquota":true,
"groupsessionlimit":true,
"portpreserveparity":true,
"portpreserverange":true,
"syncheck":true
}}

<!--NeedCopy-->

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

get (all)

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/lsntransportprofile

Query-parameters:

attrs

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/lsntransportprofile?attrs=property-name1,property-name2

Use this query parameter to specify the resource details that you want to retrieve.

filter

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/lsntransportprofile?filter=property-name1:property-val1,property-name2:property-val2

Use this query-parameter to get the filtered set of lsntransportprofile resources configured on Citrix ADC. Filtering can be done on any of the properties of the resource.

view

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/lsntransportprofile?view=summary

Note:By default, the retrieved results are displayed in detail view (?view=detail).

pagination

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/lsntransportprofile?pagesize=#no;pageno=#no

Use this query-parameter to get the lsntransportprofile resources in chunks.

HTTP Method:GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Accept:application/json

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the errorResponse Headers:

Content-Type:application/json

Response Payload:


{ "lsntransportprofile": [ {
"transportprofilename":<String_value>,
"transportprotocol":<String_value>,
"sessiontimeout":<Double_value>,
"finrsttimeout":<Double_value>,
"stuntimeout":<Double_value>,
"synidletimeout":<Double_value>,
"portquota":<Double_value>,
"sessionquota":<Double_value>,
"groupsessionlimit":<Double_value>,
"portpreserveparity":<String_value>,
"portpreserverange":<String_value>,
"syncheck":<String_value>
}]}

<!--NeedCopy-->

get

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/lsntransportprofile/transportprofilename_value<String>

Query-parameters:

attrs

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/lsntransportprofile/transportprofilename_value<String>?attrs=property-name1,property-name2

Use this query parameter to specify the resource details that you want to retrieve.

view

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/lsntransportprofile/transportprofilename_value<String>?view=summary

Note:By default, the retrieved results are displayed in detail view (?view=detail).

HTTP Method:GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Accept:application/json

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the errorResponse Headers:

Content-Type:application/json

Response Payload:


{ "lsntransportprofile": [ {
"transportprofilename":<String_value>,
"transportprotocol":<String_value>,
"sessiontimeout":<Double_value>,
"finrsttimeout":<Double_value>,
"stuntimeout":<Double_value>,
"synidletimeout":<Double_value>,
"portquota":<Double_value>,
"sessionquota":<Double_value>,
"groupsessionlimit":<Double_value>,
"portpreserveparity":<String_value>,
"portpreserverange":<String_value>,
"syncheck":<String_value>
}]}

<!--NeedCopy-->

count

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/lsntransportprofile?count=yes

HTTP Method:GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Accept:application/json

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the errorResponse Headers:

Content-Type:application/json

Response Payload:


{ "lsntransportprofile": [ { "__count": "#no"} ] }

<!--NeedCopy-->
lsntransportprofile