Cisco ACE-4710-K9 Administration Guide - Page 164
Configuring a Layer 7 Policy Map - tcp timeout
View all Cisco ACE-4710-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 164 highlights
Configuring a Layer 7 Policy Map Chapter 4 Configuring Class Maps and Policy Maps • parameter-map type udp-Combines all UDP connection related configuration parameters. See the Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide for details. To specify the SSL session parameters that the ACE uses in an SSL proxy service, you can create an SSL parameter map. Use the parameter-map type ssl command to specify SSL termination parameters. Refer to the Cisco 4700 Series Application Control Engine Appliance SSL Configuration Guide for details. For example, to specify the parameter-map type connection command to combine TCP connection-related parameters in a parameter map, enter: host1/Admin(config)# parameter-map type connection TCP_MAP host1/Admin(config-parammap-conn)# reserved-bit allow host1/Admin(config-parammap-conn)# exceed-mss allow host1/Admin(config-parammap-conn)# nagle host1/Admin(config-parammap-conn)# set conn-max 64 host1/Admin(config-parammap-conn)# set tcp queue-limit 10 host1/Admin(config-parammap-conn)# set tcp syn-retry 3 host1/Admin(config-parammap-conn)# set tcp timeout embryonic 60 host1/Admin(config-parammap-conn)# exit host1/Admin(config)# host1/Admin(config)# policy-map multi-match L4_SLB_POLICY host1/Admin(config-pmap)# class VIP_CLASS host1/Admin(config-pmap-c)# loadbalance policy L7_SLB_POLICY host1/Admin(config-pmap-c)# loadbalance vip inservice host1/Admin(config-pmap-c)# connection advanced-options TCP-MAP host1/Admin(config-pmap-c)# exit host1/Admin(config-pmap)# exit host1/Admin(config)# Configuring a Layer 7 Policy Map To use a Layer 7 policy map, you must first create the Layer 7 policy map. For a Layer 7 traffic classification, you create a policy map with actions to configure the following tasks: • HTTP content load-balancing decisions • Application acceleration and optimization • Deep packet inspection of the HTTP protocol • FTP command inspection 4-50 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01