Citrix ADC 12.1 NITRO API Reference

nsip

Configuration for ip resource.

Properties

(click to see Operations)

Name Data Type Permissions Description
ipaddress Read-write IPv4 address to create on the Citrix ADC. Cannot be changed after the IP address is created.
Minimum length = 1
netmask Read-write Subnet mask associated with the IP address.
type Read-write Type of the IP address to create on the Citrix ADC. Cannot be changed after the IP address is created. The following are the different types of Citrix ADC owned IP addresses:
* A Subnet IP (SNIP) address is used by the Citrix ADC to communicate with the servers. The Citrix ADC also uses the subnet IP address when generating its own packets, such as packets related to dynamic routing protocols, or to send monitor probes to check the health of the servers.
* A Virtual IP (VIP) address is the IP address associated with a virtual server. It is the IP address to which clients connect. An appliance managing a wide range of traffic may have many VIPs configured. Some of the attributes of the VIP address are customized to meet the requirements of the virtual server.
* A GSLB site IP (GSLBIP) address is associated with a GSLB site. It is not mandatory to specify a GSLBIP address when you initially configure the Citrix ADC. A GSLBIP address is used only when you create a GSLB site.
* A Cluster IP (CLIP) address is the management address of the cluster. All cluster configurations must be performed by accessing the cluster through this IP address.
Default value: SNIP
Possible values = SNIP, VIP, NSIP, GSLBsiteIP, CLIP
arp Read-write Respond to ARP requests for this IP address.
Default value: ENABLED
Possible values = ENABLED, DISABLED
icmp Read-write Respond to ICMP requests for this IP address.
Default value: ENABLED
Possible values = ENABLED, DISABLED
vserver Read-write Use this option to set (enable or disable) the virtual server attribute for this IP address.
Default value: ENABLED
Possible values = ENABLED, DISABLED
telnet Read-write Allow Telnet access to this IP address.
Default value: ENABLED
Possible values = ENABLED, DISABLED
ftp Read-write Allow File Transfer Protocol (FTP) access to this IP address.
Default value: ENABLED
Possible values = ENABLED, DISABLED
gui Read-write Allow graphical user interface (GUI) access to this IP address.
Default value: ENABLED
Possible values = ENABLED, SECUREONLY, DISABLED
ssh Read-write Allow secure shell (SSH) access to this IP address.
Default value: ENABLED
Possible values = ENABLED, DISABLED
snmp Read-write Allow Simple Network Management Protocol (SNMP) access to this IP address.
Default value: ENABLED
Possible values = ENABLED, DISABLED
mgmtaccess Read-write Allow access to management applications on this IP address.
Default value: DISABLED
Possible values = ENABLED, DISABLED
restrictaccess Read-write Block access to nonmanagement applications on this IP. This option is applicable for MIPs, SNIPs, and NSIP, and is disabled by default. Nonmanagement applications can run on the underlying Citrix ADC Free BSD operating system.
Default value: DISABLED
Possible values = ENABLED, DISABLED
dynamicrouting Read-write Allow dynamic routing on this IP address. Specific to Subnet IP (SNIP) address.
Default value: DISABLED
Possible values = ENABLED, DISABLED
decrementttl Read-write Decrement TTL by 1 when ENABLED.This setting is applicable only for UDP traffic.
Default value: DISABLED
Possible values = ENABLED, DISABLED
ospf Read-write Use this option to enable or disable OSPF on this IP address for the entity.
Default value: DISABLED
Possible values = ENABLED, DISABLED
bgp Read-write Use this option to enable or disable BGP on this IP address for the entity.
Default value: DISABLED
Possible values = ENABLED, DISABLED
rip Read-write Use this option to enable or disable RIP on this IP address for the entity.
Default value: DISABLED
Possible values = ENABLED, DISABLED
hostroute Read-write Option to push the VIP to ZebOS routing table for Kernel route redistribution through dynamic routing protocols.
Possible values = ENABLED, DISABLED
advertiseondefaultpartition Read-write Advertise VIPs from Shared VLAN on Default Partition.
Default value: DISABLED
Possible values = ENABLED, DISABLED
networkroute Read-write Option to push the SNIP subnet to ZebOS routing table for Kernel route redistribution through dynamic routing protocol.
Possible values = ENABLED, DISABLED
tag Read-write Tag value for the network/host route associated with this IP.
Default value: 0
hostrtgw Read-write IP address of the gateway of the route for this VIP address.
Default value: -1
metric Read-write Integer value to add to or subtract from the cost of the route advertised for the VIP address.
Minimum value = -16777215
vserverrhilevel Read-write Advertise the route for the Virtual IP (VIP) address on the basis of the state of the virtual servers associated with that VIP.
* NONE - Advertise the route for the VIP address, regardless of the state of the virtual servers associated with the address.
* ONE VSERVER - Advertise the route for the VIP address if at least one of the associated virtual servers is in UP state.
* ALL VSERVER - Advertise the route for the VIP address if all of the associated virtual servers are in UP state.
* VSVR_CNTRLD - Advertise the route for the VIP address according to the RHIstate (RHI STATE) parameter setting on all the associated virtual servers of the VIP address along with their states.

When Vserver RHI Level (RHI) parameter is set to VSVR_CNTRLD, the following are different RHI behaviors for the VIP address on the basis of RHIstate (RHI STATE) settings on the virtual servers associated with the VIP address:
* If you set RHI STATE to PASSIVE on all virtual servers, the Citrix ADC always advertises the route for the VIP address.
* If you set RHI STATE to ACTIVE on all virtual servers, the Citrix ADC advertises the route for the VIP address if at least one of the associated virtual servers is in UP state.
*If you set RHI STATE to ACTIVE on some and PASSIVE on others, the Citrix ADC advertises the route for the VIP address if at least one of the associated virtual servers, whose RHI STATE set to ACTIVE, is in UP state.

Default value: ONE_VSERVER
Possible values = ONE_VSERVER, ALL_VSERVERS, NONE, VSVR_CNTRLD
vserverrhimode Read-write Advertise the route for the Virtual IP (VIP) address using dynamic routing protocols or using RISE
* DYNMAIC_ROUTING - Advertise the route for the VIP address using dynamic routing protocols (default)
* RISE - Advertise the route for the VIP address using RISE.
Default value: DYNAMIC_ROUTING
Possible values = DYNAMIC_ROUTING, RISE
ospflsatype Read-write Type of LSAs to be used by the OSPF protocol, running on the Citrix ADC, for advertising the route for this VIP address.
Default value: TYPE5
Possible values = TYPE1, TYPE5
ospfarea Read-write ID of the area in which the type1 link-state advertisements (LSAs) are to be advertised for this virtual IP (VIP) address by the OSPF protocol running on the Citrix ADC. When this parameter is not set, the VIP is advertised on all areas.
Default value: -1
Minimum value = 0
Maximum value = 4294967294LU
state Read-write Enable or disable the IP address.
Default value: ENABLED
Possible values = ENABLED, DISABLED
vrid Read-write A positive integer that uniquely identifies a VMAC address for binding to this VIP address. This binding is used to set up Citrix ADCs in an active-active configuration using VRRP.
Minimum value = 1
Maximum value = 255
icmpresponse Read-write Respond to ICMP requests for a Virtual IP (VIP) address on the basis of the states of the virtual servers associated with that VIP. Available settings function as follows:
* NONE - The Citrix ADC responds to any ICMP request for the VIP address, irrespective of the states of the virtual servers associated with the address.
* ONE VSERVER - The Citrix ADC responds to any ICMP request for the VIP address if at least one of the associated virtual servers is in UP state.
* ALL VSERVER - The Citrix ADC responds to any ICMP request for the VIP address if all of the associated virtual servers are in UP state.
* VSVR_CNTRLD - The behavior depends on the ICMP VSERVER RESPONSE setting on all the associated virtual servers.

The following settings can be made for the ICMP VSERVER RESPONSE parameter on a virtual server:
* If you set ICMP VSERVER RESPONSE to PASSIVE on all virtual servers, Citrix ADC always responds.
* If you set ICMP VSERVER RESPONSE to ACTIVE on all virtual servers, Citrix ADC responds if even one virtual server is UP.
* When you set ICMP VSERVER RESPONSE to ACTIVE on some and PASSIVE on others, Citrix ADC responds if even one virtual server set to ACTIVE is UP.
Default value: 5
Possible values = NONE, ONE_VSERVER, ALL_VSERVERS, VSVR_CNTRLD
ownernode Read-write The owner node in a Cluster for this IP address. Owner node can vary from 0 to 31. If ownernode is not specified then the IP is treated as Striped IP.
Default value: 255
arpresponse Read-write Respond to ARP requests for a Virtual IP (VIP) address on the basis of the states of the virtual servers associated with that VIP. Available settings function as follows:

* NONE - The Citrix ADC responds to any ARP request for the VIP address, irrespective of the states of the virtual servers associated with the address.
* ONE VSERVER - The Citrix ADC responds to any ARP request for the VIP address if at least one of the associated virtual servers is in UP state.
* ALL VSERVER - The Citrix ADC responds to any ARP request for the VIP address if all of the associated virtual servers are in UP state.
Default value: 5
Possible values = NONE, ONE_VSERVER, ALL_VSERVERS
ownerdownresponse Read-write in cluster system, if the owner node is down, whether should it respond to icmp/arp.
Default value: YES
Possible values = YES, NO
td Read-write Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0. TD id 4095 is used reserved for LSN use .
Minimum value = 0
Maximum value = 4095
flags Read-only The flags for this entry.
hostrtgwact Read-only Actual Gateway used for advertising host route.
ospfareaval Read-only The area ID of the area in which OSPF Type1 LSAs are advertised.
viprtadv2bsd Read-only Whether this route is advertised to FreeBSD.
vipvsercount Read-only Number of vservers bound to this VIP.
vipvserdowncount Read-only Number of vservers bound to this VIP, which are down.
vipvsrvrrhiactivecount Read-only Number of vservers that have RHI state ACTIVE.
vipvsrvrrhiactiveupcount Read-only Number of vservers that have RHI state ACTIVE, which are UP.
freeports Read-only Number of free Ports available on this IP.
riserhimsgcode Read-only The code indicating the rise rhi status.
iptype <String[]> Read-only .
Possible values = SNIP, VIP, NSIP, GSLBsiteIP, CLIP
__count Read-only count parameter

Operations

(click to see Properties)

ADD DELETE UPDATE UNSET ENABLE DISABLE GET (ALL) COUNT

Some options that you can use for each operations:

  • Getting warnings in response:NITRO allows you to get warnings in an operation by specifying the "warning" query parameter as "yes". For example, to get warnings while connecting to the Citrix ADC appliance, the URL is as follows:

    http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/login?warning=yes

    If any, the warnings are displayed in the response payload with the HTTP code "209 X-NITRO-WARNING".

  • Authenticated access for individual NITRO operations:NITRO allows you to logon to the Citrix ADC appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,

    To do this, you must specify the username and password in the request header of the NITRO request as follows:

    X-NITRO-USER:<username>

    X-NITRO-PASS:<password>

    Note:In such cases, make sure that the request header DOES not include the following:

    Cookie:NITRO_AUTH_TOKEN=<tokenvalue>

*Note:*

Mandatory parameters are marked in redand placeholder content is marked in <green>.

add

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nsip

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:


{"nsip":{
<b>"ipaddress":<String_value>,
</b><b>"netmask":<String_value>,
</b>"type":<String_value>,
"arp":<String_value>,
"icmp":<String_value>,
"vserver":<String_value>,
"telnet":<String_value>,
"ftp":<String_value>,
"gui":<String_value>,
"ssh":<String_value>,
"snmp":<String_value>,
"mgmtaccess":<String_value>,
"restrictaccess":<String_value>,
"dynamicrouting":<String_value>,
"decrementttl":<String_value>,
"ospf":<String_value>,
"bgp":<String_value>,
"rip":<String_value>,
"hostroute":<String_value>,
"advertiseondefaultpartition":<String_value>,
"networkroute":<String_value>,
"tag":<Double_value>,
"hostrtgw":<String_value>,
"metric":<Integer_value>,
"vserverrhilevel":<String_value>,
"vserverrhimode":<String_value>,
"ospflsatype":<String_value>,
"ospfarea":<Double_value>,
"state":<String_value>,
"vrid":<Double_value>,
"icmpresponse":<String_value>,
"ownernode":<Double_value>,
"arpresponse":<String_value>,
"ownerdownresponse":<String_value>,
"td":<Double_value>
}}

<!--NeedCopy-->

Response:

HTTP Status Code on Success: 201 Created HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

delete

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nsip/ipaddress_value<String>

HTTP Method:DELETE

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue>

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

update

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nsip

HTTP Method:PUT

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:


{"nsip":{
<b>"ipaddress":<String_value>,
</b>"td":<Double_value>,
"netmask":<String_value>,
"arp":<String_value>,
"icmp":<String_value>,
"vserver":<String_value>,
"telnet":<String_value>,
"ftp":<String_value>,
"gui":<String_value>,
"ssh":<String_value>,
"snmp":<String_value>,
"mgmtaccess":<String_value>,
"restrictaccess":<String_value>,
"decrementttl":<String_value>,
"dynamicrouting":<String_value>,
"ospf":<String_value>,
"bgp":<String_value>,
"rip":<String_value>,
"hostroute":<String_value>,
"advertiseondefaultpartition":<String_value>,
"networkroute":<String_value>,
"hostrtgw":<String_value>,
"metric":<Integer_value>,
"vserverrhilevel":<String_value>,
"vserverrhimode":<String_value>,
"ospflsatype":<String_value>,
"ospfarea":<Double_value>,
"tag":<Double_value>,
"vrid":<Double_value>,
"icmpresponse":<String_value>,
"arpresponse":<String_value>,
"ownerdownresponse":<String_value>
}}

<!--NeedCopy-->

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

unset

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nsip?action=unset

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:


{"nsip":{
<b>"ipaddress":<String_value>,
</b>"td":<Double_value>,
"ospfarea":true,
"hostrtgw":true,
"netmask":true,
"arp":true,
"icmp":true,
"vserver":true,
"telnet":true,
"ftp":true,
"gui":true,
"ssh":true,
"snmp":true,
"mgmtaccess":true,
"restrictaccess":true,
"decrementttl":true,
"dynamicrouting":true,
"ospf":true,
"bgp":true,
"rip":true,
"hostroute":true,
"advertiseondefaultpartition":true,
"networkroute":true,
"metric":true,
"vserverrhilevel":true,
"vserverrhimode":true,
"ospflsatype":true,
"tag":true,
"vrid":true,
"icmpresponse":true,
"arpresponse":true,
"ownerdownresponse":true
}}

<!--NeedCopy-->

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

enable

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nsip?action=enable

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:


{"nsip":{
<b>"ipaddress":<String_value>,
</b>"td":<Double_value>
}}

<!--NeedCopy-->

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

disable

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nsip?action=disable

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:


{"nsip":{
<b>"ipaddress":<String_value>,
</b>"td":<Double_value>
}}

<!--NeedCopy-->

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

get (all)

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nsip

Query-parameters:

args

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nsip?args=ipaddress:<String_value>,td:<Double_value>,type:<String_value>

Use this query-parameter to get nsip resources based on additional properties.

attrs

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nsip?attrs=property-name1,property-name2

Use this query parameter to specify the resource details that you want to retrieve.

filter

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nsip?filter=property-name1:property-val1,property-name2:property-val2

Use this query-parameter to get the filtered set of nsip resources configured on Citrix ADC. Filtering can be done on any of the properties of the resource.

view

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nsip?view=summary

Note:By default, the retrieved results are displayed in detail view (?view=detail).

pagination

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nsip?pagesize=#no;pageno=#no

Use this query-parameter to get the nsip resources in chunks.

HTTP Method:GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Accept:application/json

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the errorResponse Headers:

Content-Type:application/json

Response Payload:


{ "nsip": [ {
ipaddress:<String_value>,td:<Double_value>,type:<String_value>"netmask":<String_value>,
"flags":<Double_value>,
"arp":<String_value>,
"icmp":<String_value>,
"vserver":<String_value>,
"telnet":<String_value>,
"ssh":<String_value>,
"gui":<String_value>,
"snmp":<String_value>,
"ftp":<String_value>,
"mgmtaccess":<String_value>,
"restrictaccess":<String_value>,
"decrementttl":<String_value>,
"dynamicrouting":<String_value>,
"bgp":<String_value>,
"ospf":<String_value>,
"rip":<String_value>,
"hostroute":<String_value>,
"advertiseondefaultpartition":<String_value>,
"networkroute":<String_value>,
"tag":<Double_value>,
"hostrtgw":<String_value>,
"hostrtgwact":<String_value>,
"metric":<Integer_value>,
"ospfarea":<Double_value>,
"ospfareaval":<Double_value>,
"vserverrhilevel":<String_value>,
"vserverrhimode":<String_value>,
"viprtadv2bsd":<Boolean_value>,
"vipvsercount":<Double_value>,
"vipvserdowncount":<Double_value>,
"vipvsrvrrhiactivecount":<Double_value>,
"vipvsrvrrhiactiveupcount":<Double_value>,
"ospflsatype":<String_value>,
"state":<String_value>,
"freeports":<Double_value>,
"vrid":<Double_value>,
"riserhimsgcode":<Integer_value>,
"iptype":<String[]_value>,
"icmpresponse":<String_value>,
"ownernode":<Double_value>,
"arpresponse":<String_value>,
"ownerdownresponse":<String_value>
}]}

<!--NeedCopy-->

count

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nsip?count=yes

HTTP Method:GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Accept:application/json

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the errorResponse Headers:

Content-Type:application/json

Response Payload:


{ "nsip": [ { "__count": "#no"} ] }

<!--NeedCopy-->
nsip