CSS Command Reference (Software Version 7.40)
Service Configuration Mode Commands
Downloads: This chapterpdf (PDF - 322.0KB) The complete bookPDF (PDF - 5.06MB) | Feedback

Service Configuration Mode Commands

Table Of Contents

Service Configuration Mode Commands

(config-service) access

(config-service) active

(config-service) add ssl-proxy-list

(config-service) bypass-hosttag

(config-service) cache-bypass

(config-service) cookie

(config-service) domain

(config-service) ip address

(config-service) keepalive

keepalive frequency

keepalive hash

keepalive maxfailure

keepalive method

keepalive port

keepalive retryperiod

keepalive tcp-close

keepalive type

keepalive uri

(config-service) load

(config-service) max age

(config-service) max connections

(config-service) max content

(config-service) max usage

(config-service) no

(config-service) port

(config-service) prepend-http

(config-service) protocol

(config-service) publisher

(config-service) redirect-string

(config-service) redundant-index

(config-service) remove ssl-proxy-list

(config-service) session-cache-size

(config-service) slot

(config-service) string

(config-service) subscriber

(config-service) suspend

(config-service) transparent-hosttag

(config-service) type

(config-service) weight

(config-service) zero


Service Configuration Mode Commands

Service configuration mode allows you to configure a service on the CSS. A service is an entity that contains and provides Internet content. It is identified by a name, an IP address, and optimally, a protocol and a port number. When you create a service, you can apply content rules to it. The rules allow the CSS to direct or deny requests for content from the service.

To access service configuration mode, use the service command from global, circuit, IP, interface, and keepalive configuration modes. The prompt changes to (config-service [name]). You can also access another service from service configuration mode. For information about commands available in this mode, see the following commands.

Use the no form of this command to delete an existing service.

service service_name

no service service_name

Syntax Description

service_name

Name of a new service you want to create or an existing service you want to modify. Enter an unquoted text string with no spaces and a maximum length of 31 characters. To see a list of existing service names, enter:

service ? 

(config-service) access

To associate an FTP access mechanism with a service for moving content during publishing, subscribing, and demand-based replication activities, use the access command. Use the no form of this command to remove a service access mechanism.

access ftp ftp_record

no access ftp

Syntax Description

ftp_record

Name of an existing FTP record. Enter an unquoted text string with no spaces.


Usage Guidelines

You must use the access command for each service that offers publishing services. This command is optional for subscriber services; the subscriber service inherits the access mechanism from the publisher.

When you use this command to associate an FTP access mechanism to a service, the base directory of an existing FTP record becomes the tree root. To maintain coherent mapping between WWW daemons and FTP daemons, make the FTP access base directory equivalent to the WWW daemon root directory as seen by clients. For information on creating an FTP record, see the (config) ftp-record command.

Related Commands

(config) ftp-record

(config-service) active

To activate the specified service, use the active command. Activating a service puts it into the resource pool for load-balancing content requests.

active

Related Commands

(config-service) suspend

(config-service) add ssl-proxy-list

To include an SSL proxy list as part of an SSL service, use the add ssl-proxy-list command. You can only add an SSL to a service that is an ssl-accel type. Activating a service puts it into the resource pool for load-balancing content requests.

add ssl-proxy-list name

Syntax Description

name

Name of a previously configured SSL proxy list. To see a list of existing SSL proxy lists, enter:

#(config-service) add ssl-proxy-list ?

Related Commands

(config-service) remove ssl-proxy-list
(config-service) type ssl-accel

(config-service) bypass-hosttag

To allow the Client Side Accelerator (CSA) on the CSS to bypass a cache farm and establish a connection with the origin server to retrieve noncacheable content, use the bypass-hosttag command. The domain name from the host tag field is used to look up the origin IP address on the CSA. Use the no form of this command to disable the bypassing of cache for noncacheable content.

bypass-hosttag

no bypass-hosttag

Usage Guidelines

Before you can use this command, make sure that the service is suspended.

To bypass the cache farm for noncacheable content, you must also configure a service IP address of 0.0.0.0 and a keepalive type of none.

Related Commands

(config-service) ip address
(config-service)
keepalive type none
(config-service) type

(config-service) cache-bypass

To disable applying content rules to requests originating from a proxy or transparent-cache type service when the CSS processes the requests, use the cache-bypass command. By default, no content rules are applied to requests from a proxy or transparent-cache type service. Use the no form of this command to apply content rules to requests from a proxy or transparent-cache type service.

cache-bypass

no cache-bypass

Related Commands

(config-service) type

(config-service) cookie

To specify the HTTP cookie for the service, use the cookie command. This command is replaced by the (config-service) string command.

cookie cookie_name

Syntax Description

cookie_name

Name of the cookie. Enter a unquoted text string with no spaces and a maximum length of 15 characters.


(config-service) domain

To specify the domain name to prepend to a requested piece of content when an HTTP redirect service generates an "object moved" message for the service, use the domain command. Use the no form of this command to clear the redirect domain for the service.

domain domain_name

no domain

Syntax Description

domain_name

Name of the domain. Enter a unquoted text string with no spaces and a maximum length of 64 characters.

The CSS automatically prepends the domain name with http://. To disable the prepending of http:// to the domain name, use the (config-service) prepend-http command.


Usage Guidelines

The CSS uses the configured domain name in the redirect message as the new location for the requested content. The CSS prepends the domain name to the requested URL. If the domain name is not configured, the CSS uses the domain in the host-tag field from the original request. If no host tag is found, the CSS uses the IP address of the service to generate the redirect.

You can only use a service redirect domain on a service of type redirect.


Note The domain and (config-service) redirect-string commands are similar. The CSS returns the (config-service) redirect-string command string verbatim as configured. With the domain command, the CSS prepends the domain to the original requested URL. You cannot simultaneously configure the domain and (config-service) redirect-string commands on the same service.


Related Commands

show service
(config-service) prepend-http

(config-service) ip address

To specify the service IP address or a range of addresses, use the ip address command. Use the no form of this command to clear the IP address for a service and set it to its default value of 0.0.0.0.

ip address ip_address {range number}

no ip address

Syntax Description

ip_address

IP address for the service. Enter the address in dotted-decimal notation (for example, 192.168.11.1). The default is 0.0.0.0.

range number

(Optional) Allows you to specify a range of IP addresses starting with the IP address (ip_address). Enter a number from 1 to 65535. The default range is 1.

For example, if you enter an IP address of 203.1.1.1 with a range of 10, the IP addresses range from 203.1.1.1 through 203.1.1.10.


Usage Guidelines

Before you can change the address, make sure that the service is suspended.

Some services do not require an IP address. Services that does not require an IP address are:

Services configured with the ssl-accel service type

Services configured with the redirect service type

Services configured with the bypass-hosttag command

You must configure these services with a keepalive type of none.

Related Commands

(config-service) keepalive
(config-service) port
(config-service) type

(config-service) keepalive

To configure keepalive message parameters for the service, use the keepalive command. The options for this service mode command are:

keepalive frequency - Specifies the keepalive message frequency

keepalive hash - Specifies the MD5 hash for the keepalive

Specifies the response code expected from the HTTP daemon when the CSS issues a HEAD request

keepalive logging - Configures script keepalive logging

keepalive maxfailure - Specifies how many times the service can fail to respond to a keepalive message before it is considered offline

keepalive method - Specifies the HTTP method for the service

keepalive port - Specifies the keepalive port

keepalive retryperiod - Specifies the keepalive retry period for the service

keepalive tcp-close - Specifies the keepalive to close a TCP socket with a FIN or a RST

keepalive type - Specifies the type of keepalive message, if any, appropriate for the service

keepalive uri - Specifies the content information of the HTTP keepalive URI for the service

For more information on these options and associated variables, see the following commands.

Usage Guidelines

The CSS divides the keepalive types into two categories, Class A and Class B keepalives. The CSS supports a maximum of 2048 Class A keepalives. The CSS supports a maximum of 512 Class B keepalives. Table 2-3 lists the keepalive types in each class, the maximum number of each type, and the maximum number of each keepalive type that can execute concurrently.

Table 2-3 Keepalive Class, Types, and Limitations  

Class
Type
CSS Maximum
Concurrent Maximum

A

(The CSS limits 2048 keepalives per Class A.)

ICMP

2048

2048

HTTP-HEAD non-persistent

2048

2048

SSL (Hello)

2048

2048

TCP

2048

2048

B

(The CSS limits 512 keepalives per Class B.)

FTP

256

32

HTTP-GET persistent and non-persistent

256

32

HTTP-HEAD persistent

256

32

Script

256

16



Caution For an 11500 series CSS, do not configure more than 2048 total keepalives, including a total of 512 Class B keepalives. Any services assigned to keepalives over the supported total number will not be eligible for content rule selection.

Configure global keepalives through the (config) keepalive command. Regardless of the number of services you assign to a global keepalive through the (config-service) keepalive type named command, the CSS always counts it as one keepalive.

For more information on configuring keepalives, refer to the Cisco Content Services Switch Content Load-Balancing Configuration Guide.

keepalive frequency

To specify the keepalive message frequency, use the keepalive frequency command. Use the no form of this command to reset the frequency to its default value of 5.

keepalive frequency frequency

no keepalive frequency

Syntax Description

frequency

Time in seconds between sending keepalive messages to the service. Enter an integer from 2 to 255. The default is 5.


Usage Guidelines

For script keepalives, configure a higher frequency time value. A time interval of over 10 seconds ensures that the script keepalive has enough time to finish. Otherwise, state transitions may occur more often than usual.

If you configure more than 16 keepalives, the CSS automatically adjusts the keepalive frequency time to a value that best fits the resource usage. Note that this adjustment also affects the keepalive retry period value by adjusting that value to a number that is one-half the adjusted frequency time. If this occurs, you may observe in the running-configuration that your previously set keepalive frequency and retry period times change to a different value, as determined by the CSS.

The timeout for a keepalive is related to the configured keepalive frequency. In WebNS 5.1 and earlier versions, the timeout is equivalent to the keepalive frequency. In version 5.2, the timeout is one second less than the keepalive frequency.

Command Modes

Service

keepalive hash

To specify the MD5 hash for the keepalive, use the keepalive hash command. The keepalive process compares the hash with the computed hash of all HTTP GET responses. A successful comparison results in the keepalive maintaining an ALIVE state. Use the no form of this command to clear the hash value.

keepalive hash "object"

no keepalive hash

Syntax Description

"object"

Object containing the MD5 hash in hexadecimal value for the keepalive. To determine the value for the hash, use the show keepalive command after you configure the keepalive without the hash option. Enter a quoted text string up to 32 characters.


Command Modes

Service

Related Commands

show keepalive

keepalive http-rspcodeTo specify the response code expected from the HTTP daemon when the CSS issues a HEAD request, use the keepalive http-rspcode command. This command could be helpful for checking a redirect by specifying the 302 response code, or triggering another non-200 HTTP response code. Use the no form of the command to reset the response code to its default value of 200.

keepalive http-rspcode value

no keepalive http-rspcode

Syntax Description

value

Response code expected from the HTTP daemon. Enter the response code as an integer from 100 to 999. The default is 200.


Command Modes

Service

Related Commands

(config-keepalive) http-rspcode

Command Modes

Service

keepalive maxfailure

To specify the number of times the service can fail to respond to a keepalive message before being considered dead, use the keepalive maxfailure command. Use the no form of this command to reset the maximum failure number to its default value of 3.

keepalive maxfailure number

no keepalive maxfailure

Syntax Description

number

Maximum failure number. Enter an integer from 1 to 10. The default is 3.


Command Modes

Service

keepalive method

To specify the HTTP keepalive method for the service, use the keepalive method command.

keepalive method get|head

Syntax Description

get

Uses the get method. The CSS issues a HTTP GET method to the service, computes a hash value on the page, and stores the hash value as a reference hash. Subsequent GETs require a 200 OK status (HTTP command completed OK response) and the hash value to equal the reference hash value. If the 200 OK status is not returned, or if the 200 OK status is returned but the hash value is different from the reference hash value, the CSS considers the service down.

When you specify the content information of an HTTP Uniform Resource Identifier (URI) for an HTTP keepalive, the CSS calculates a hash value for the content. If the content information changes, the hash value no longer matches the original hash value and the CSS assumes that the service is down. To prevent the CSS from assuming that a service is down due to a hash value mismatch, specify the keepalive method as head.

head

Uses the head method (default). The CSS issues a HTTP HEAD method to the service and a 200 OK status is required. The CSS does not compute a reference hash value for this type of keepalive. If the 200 OK status is not returned, the CSS considers the service down.


Command Modes

Service

Usage Guidelines

If you change the keepalive method on an active service, suspend and reactivate the service for the change to take effect.

keepalive port

To define a port number for the keepalive, use the keepalive port command. Use the no form of this command to reset the keepalive port to its default setting.

keepalive port number

no keepalive port

Syntax Description

number

Port number for the keepalive. Enter the number as an integer from 0 to 65535. The default setting is based on the configured service port number. Otherwise, the default setting is based on the keepalive type. If the keepalive type is:

Not configured - The default port number is 0

HTTP or TCP - The default port number is 80

FTP - The default port number is 21


Command Modes

Service

Usage Guidelines

If you do not configure the port, the keepalive uses the service port configured with the (config-service) port command. If you do not configure either port, the keepalive is based on the configured keepalive type.

Related Commands

(config-service) keepalive type

keepalive retryperiod

To specify the keepalive retry period for the service, use the keepalive retryperiod command. Use the no form of this command to reset the retry period to its default value of 5.

keepalive retryperiod period

no keepalive retryperiod

Syntax Description

period

Time in seconds between sending retry messages to the service. Enter an integer from 2 to 255. The default is 5.


Command Modes

Service

Usage Guidelines

When a service has failed to respond to a given keepalive message (the service is now transitioned to the dying state), the retry period specifies how frequently the CSS tests the service to see if it is functional.

keepalive tcp-close

To specify the keepalive to close a TCP socket with a FIN or a RST, use the keepalive tcp-close command.

keepalive tcp-close [fin|rst]

Syntax Description

fin

Specifies that the keepalive closes the TCP socket with a FIN rather than a RST

rst

Specifies that the keepalive closes the TCP socket with a RST (default)


Command Modes

Service

Usage Guidelines

By default and in compliance with RFC 1122, the CSS sends a reset (RST) to close the socket on a server port for TCP keepalives. A RST is faster than a FIN, because a RST requires only one packet, while a FIN can take up to four packets. If your servers require a graceful closing of a socket using a FIN, use the keepalive tcp-close fin command.

The keepalive tcp-close fin and keepalive mode tcp-close fin commands may be applied to a total of 100 TCP keepalives.

Related Commands

(config-service) keepalive type

keepalive type

To specify the type of keepalive message, if any, appropriate for the service, use the keepalive type command.

keepalive type [ftp ftp_record|http {non-persistent}|icmp|none
|script script_name {"arguments"} {use-output}|ssl|tcp]

Syntax Description

ftp ftp_record

Defines a keepalive method in which the CSS logs in to an FTP server as defined in the FTP record file. Enter the name of an existing FTP record for the FTP server as an unquoted text string with no spaces. To create an FTP record, use the (config) ftp-record command.

http {non-persistent}

Defines an HTTP index page request. By default, HTTP keepalives attempt to use persistent connections. To disable this behavior, include the non-persistent option.

icmp

Defines an ICMP echo message (default).

named name

Defines a global keepalive defined in keepalive configuration mode. To view a list of defined keepalive names, enter:

keepalive type named ?

Before using this command, make sure that the keepalive is activated through the (config-service) active command.

Assigning this global keepalive to a service overrides any keepalive properties configured in service mode.

none

Do not send keepalive messages to the service.

script script_name

Defines a script keepalive is to be used by the service. The script is played every time the keepalive is issued. Enter the name of the script keepalive. To view a list of scripts, enter:

keepalive type script ?

"arguments"

(Optional) Arguments to pass into the keepalive script. Enter a quoted text string with a maximum of 128 characters including spaces.

use-output

(Optional) Allows the script to parse the output for each executed command. This optional keyword allows the use grep and file direction within a script. By default, the script does not parse the output.

ssl

SSL HELLO keepalives for this service. Use this keepalive for all backend services supporting SSL. The CSS sends a client HELLO to connect the SSL server. After the CSS receives a HELLO from the server, the CSS closes the connection with a TCP RST.

When the CSS is using an SSL module, use the keepalive type of none. The SSL module is an integrated device in the CSS and does not require the use of keepalive messages for the service.

tcp

Defines the TCP connection handshake request. To define a port for a TCP keepalive, use the (config-service) keepalive port command.


Usage Guidelines

The CSS divides the keepalive types into two categories, Class A and Class B keepalives. The CSS supports a maximum of 2048 Class A keepalives. The CSS supports a maximum of 512 Class B keepalives. Table 2-4 lists the keepalive types in each class, the maximum number of each type, and the maximum number of each keepalive type that can execute concurrently.

Table 2-4 Keepalive Class, Types, and Limitations  

Class
Type
CSS Maximum
Concurrent Maximum

A

(The CSS limits 2048 keepalives per Class A.)

ICMP

2048

2048

HTTP-HEAD non-persistent

2048

2048

SSL (Hello)

2048

2048

TCP

2048

2048

B

(The CSS limits 512 keepalives per Class B.)

FTP

256

32

HTTP-GET persistent and non-persistent

256

32

HTTP-HEAD persistent

256

32

Script

256

16



Caution For an 11500 series CSS, do not configure more than 2048 total keepalives, including a total of 512 Class B keepalives. Any services assigned to keepalives over the supported total number will not be eligible for content rule selection.

When the CSS is using an SSL module, use the keepalive type of none. The SSL module is an integrated device in the CSS and does not require the use of keepalive messages for the service.

The keepalive tcp-close fin and keepalive mode tcp-close fin commands may be applied to a total of 100 TCP keepalives.

Command Modes

Service

keepalive uri

To specify the HTTP keepalive content information for the service, use the keepalive uri command. Use the no form of this command to clear the content information of the URI for the service.

keepalive uri "uri"

no keepalive uri

Syntax Description

uri

The HTTP keepalive URI for the service. Enter the content information of the URI as a quoted text string with a maximum of 64 characters. Do not include the host information in the string. The CSS derives the host information from the service IP address and the keepalive port number.


Usage Guidelines

When you specify the content information of a URI for an HTTP keepalive, the CSS calculates a hash value for the content. If the content information changes, the hash value no longer matches the original hash value and the CSS assumes that the service is down. To prevent the CSS from assuming that a service is down due to a hash value mismatch, define keepalive method as head. The CSS does not compute a hash value for this type of keepalive.

If you specify a Web page with changeable content and do not specify the head keepalive method, you must suspend and reactivate the service each time the content changes.

Command Modes

Service

(config-service) load

To configure a load on a service and bypass the CSS load calculation method (relative or absolute), use the load command in service configuration mode. Use the no form of the command to reset the load value to the default of 2.

load number

no load

Syntax Description

number

Load value that you assign to a service. A service with a higher load number receives fewer hits than a service with a lower load number. The CSS considers a service with a load of 254 as unavailable, and, therefore, the service receives no hits. Enter an integer from 2 to 254. The default is 2.


Command Modes

Service

Usage Guidelines

To use the load command, you must disable global load reporting by entering the no load reporting command in global configuration mode. Do not reenable load reporting. If you do, the load value you entered with the load command will no longer apply to the service. To recover, you must then disable load reporting and reenter the load command on the service at the CLI.

Use the load command with the ACA load-balancing method when you want to take into account server load parameters, for example:

CPU utilization

Free memory

Application threads

Other server tasks

You can set the load command value with your application or server using SNMP or the CSS XML interface. For information about ACA, refer to the Cisco Content Services Switch Content Load-Balancing Configuration Guide. For information about SNMP and the XML interface, refer to the Cisco Content Services Switch Administration Guide.

Related Commands

(config-service) show load

(config-service) max age

To define the maximum age for replicated objects on services defined as type rep-cache-redir, rep-store, or rep-store-redir, use the max age command. The CSS deletes the dynamic content rule after the maximum age time elapses. Use the no form of this command to set the maximum age for replicated objects to its default value of 120.

max age minutes

no max age

Syntax Description

minutes

Maximum time in minutes. Enter a number from 1 to 1440. The default value is 120.


(config-service) max connections

To define the maximum number of TCP connections on the services, use the max connections command. Use the no form of this command to set the maximum TCP connections to the default of 65534.

max connections number

no max connections

Syntax Description

number

Maximum number of TCP connections on the service. Enter the maximum number of connections from 6 to 65534. The default is 65534, which indicates that there is no limit on the number of connections.


Usage Guidelines

Do not use service max connections on UDP content rules. The service connection counters do not increment and remain at 0 because UDP is a connectionless protocol.

(config-service) max content

To define the maximum pieces of content for replication on services defined as type rep-cache-redir, rep-store, or rep-store-redir, use the max content command. Use the no form of this command to set the maximum content to its default value of 100.

max content number

no max content

Syntax Description

number

Maximum content for replication. Enter a number from 1 to 65535. The default is 100.


(config-service) max usage

To define the maximum disk space allowed for replication on services defined as type rep-cache-redir, rep-store, or rep-store-redir, use the max usage command. Use the no form of this command to set the maximum disk space to its default value of 1 megabyte.

max usage mbytes

no max usage

Syntax Description

mbytes

Maximum disk space in megabytes. Enter a number from 1 to 1000. The default is 1.


(config-service) no

To negate a command or set it to its default, use the no command. For information on general no commands you can use in this mode, see the general no command. The following option is available in service mode.

Syntax Description

no access ftp

Removes the service access mechanism.

no acl index

Deletes an ACL.

no bypass-hosttag

Disables the bypassing of cache for noncacheable content.

no cache-bypass

Allows the applying of content rules to requests from a proxy or transparent cache service.

no domain

Clears the redirect domain for the service.

no ip address

Clears the IP address for the service and sets it to its default value of 0.0.0.0.

no keepalive frequency

Resets the keepalive frequency to its default value of 5 seconds.

no keepalive hash

Clears the keepalive MD5 hash object.

no keepalive http-rspcode

Resets the response code to its default value of 200.

no keepalive maxfailure

Resets the keepalive maximum failures to its default value of 3.

no keepalive port

Resets the keepalive port to its default setting based on the configured service port. Otherwise, the default setting is based on the configured keepalive type.

no keepalive retryperiod

Resets the keepalive retry period to its default value of 5 seconds.

no keepalive uri

Clears the content information for the HTTP keepalive URI.

no load

Resets the manually configured load value on a service to the default of 2.

no max age

Resets the maximum age for replicated content to the default of 120 minutes.

no max content

Resets the maximum content for replication to the default of 100 pieces.

no max usage

Resets the maximum disk space allowed for replication to the default of 1 megabyte.

no owner existing_owner_name

Deletes an existing owner.

no port

Resets the IP port for the service to the default of any.

no prepend-http

Disables the prepending of http:// on string configured through the (config-service) redirect-string and (config-service) domain commands for the service.

no protocol

Resets the IP protocol for the service to the default of any.

no publisher

Removes publishing on a service.

no publisher interval

Disables the publisher resynchronization interval by setting it to its default of 0.

no redirect-string

Removes the redirect string from the service.

no redundant-index

Disables redundancy on the service.

no string

Removes the cookie from the service.

no subscriber

Unsubscribes the service from a publishing service.

no transparent-hosttag

Disables destination NATing for the transparent cache service type.

no type

Resets the type for the service to its default setting of local.

no weight

Resets the service weight to its default setting of 1.


(config-service) port

To specify the service TCP/UDP port number or a range of port numbers, use the port command. Use the no form of this command to reset the port to any.

port number1 {range number2}

no port

Syntax Description

number1

TCP or UDP destination port number associated with a service. Enter the number from 0 to 65535. The default is any.

range number2

(Optional) Allows you to specify a range of ports starting with the port number1. Enter a number from 1 to 65535. The default range is 1.

For example, if you enter a port number of 101 with a range of 10, the ports range from 101 through 110.


Usage Guidelines

Before you can change the port, make sure that the service is suspended.

Related Commands

(config-service) ip address
(config-service) protocol

(config-service) prepend-http

To enable the prepending of http:// to a redirect string configured through the (config-service) redirect-string command, or a domain configured through the (config-service) domain command for the service. By default, prepending is enabled. Use the no form of this command to disable the prepending of http://.

prepend-http

no prepend-http

Related Commands

(config-service) domain
(config-service) redirect-string

(config-service) protocol

To specify the service IP protocol, use the protocol command. The default setting for this command is any, for any IP protocol. Use the no form of this command to reset the protocol to the default of any.

protocol tcp|udp

no protocol

Syntax Description

tcp

Uses the TCP protocol suite.

udp

Uses the UDP protocol suite.


Usage Guidelines

Before you can change the protocol, make sure that the service is suspended.

Related Commands

(config-service) ip address
(config-service)
keepalive type
(config-service) port

(config-service) publisher

To configure a service as a publishing service and define its synchronization interval, use the publisher command. Use the no form of this command to remove publishing on a service or disable the publisher resynchronization interval by setting it to its default of 0.

publisher {interval minutes {trigger_file}}

no publisher {interval}

Syntax Description

interval

(Optional) Defines a recurrent interval in minutes to synchronize content among the subscribers. You can only enter this command after you configure the service as a publishing service.

When this option is used with the no form of the command, it disables the publisher resynchronization interval by setting it to its default of 0

number

Synchronization interval in minutes. Enter the number from 0 to 3600. The default is 0 which disables the interval.

trigger_file

(Optional) Path and filename to a file, when modified, triggers the publishing service to synchronize the content among the subscribers. Enter an unquoted character string with a maximum of 64 characters.


Usage Guidelines

Use the publisher command to configure a service as a publishing service.

A publishing service can synchronize content among associated subscriber services. To move the content during publishing activities, configure an access mechanism by using the (config-service) access command.

When you define the interval to synchronize the subscriber, the interval begins at the time that you enter the command. Subscribers that are unavailable for synchronization are placed in an offline state and retried until the operation is completed.

The publisher service does not become active until it has at least one configured subscriber. You do not need to configure the publisher before configuring the subscriber, but the publisher must be configured before the subscriber can receive any content synchronization updates.

Related Commands

replicate
(config) ftp-record
(config-service) access
(config-service) subscriber

(config-service) redirect-string

To specify an HTTP redirect string to be used when an HTTP redirect service generates an "object moved" message for the service, use the redirect-string command. Use the no form of this command to remove the redirect string from the service.

redirect-string string

no redirect-string

Syntax Description

string

HTTP redirect string. Enter a quoted or an unquoted text string with no spaces and a maximum of 252 characters.

The CSS automatically prepends the string with http://. To disable the prepending of http:// to the string, use the (config-service) prepend-http command.


Usage Guidelines

The CSS uses the entire configured redirect string as the new location for the requested content. If no string is configured, the CSS prepends the domain configured with the (config-service) domain command to the original request. If neither the redirect string nor the domain name is configured, the CSS uses the domain in the host-tag field from the original request combined with the requested HTTP content URL. If no host tag is found, the CSS uses the IP address of the service to generate the redirect.


Note You can use a redirect string only on a service of type redirect.



Note The redirect-string and (config-service) domain commands are similar. The CSS returns the redirect-string command string verbatim as configured. However, the CSS prepends the domain configured with the (config-service) domain command to the original requested URL. You cannot simultaneously configure the redirect-string and (config-service) domain commands on the same service.


Related Commands

(config-service) prepend-http

(config-service) redundant-index

To configure the global content index for a redundant service, use the redundant-index command. A CSS uses the global content index to keep track of redundant services and associated flow state information. Use the no form of this command to disable redundancy on the service.

redundant-index number

no redundant-index

Syntax Description

number

Redundant index for the service. Enter a unique integer from 0 to 32767, where a value of 0 disables ASR for a service. The default is 0, but it does not appear in the running-config even if you configure it explicitly.


Usage Guidelines

If you enter the no redundant-index command on an active redundant service for live redundancy peers, the command automatically suspends the service. Flows already mapped by a CSS are not affected. However, if a failover occurs during the life of an active flow that matches on such a suspended service, the backup CSS cannot map the flow because it cannot find the service with the same global index as that on the original master.


Note For implicit or explicit Layer 5 rules, where there is delayed binding, binding is not complete until the CSS processes the SYN/ACK from the server. This means that, if a failover occurs in the middle of a spanned content request, the master CSS will not receive the SYN/ACK from the server and the flow will not be replicated on the backup CSS. No data is lost and users can simply refresh their browsers to restart the connection.


For information on redundant indexes and configuring Adaptive Session Redundancy (ASR) on 11500 series CSS peers, including requirements and restrictions that apply to both CSS peers in an ASR configuration, refer to the Cisco Content Services Switch Redundancy Configuration Guide.

Related Commands

(config-group) redundant-index
(config-owner-content) redundant-index 
(config-service) ip address

(config-service) remove ssl-proxy-list

To remove an SSL proxy list that is part of an SSL service, use the remove ssl-proxy-list command. Removing a service removes it from the resource pool for load-balancing content requests.

remove ssl-proxy-list name

Syntax Description

name

Name of a previously configured SSL proxy list.


Related Commands

(config-service) add ssl-proxy-list

(config-service) session-cache-size

To reconfigure the size of the SSL session ID cache for the service, use the session-cache-size command. The cache size is the maximum number of SSL session IDs that can be stored in a dedicated session cache on the SSL module. Use the no form of this command to reset the cache to its default value of 10000.

session-cache-size sessions

no session-cache-size

Syntax Description

sessions

Number of sessions in the SSL session ID cache. Enter a number from 0 to 100000. A value of 0 disables the cache.


Usage Guidelines

If you disable the SSL session cache by setting it to 0, ensure the following are properly configured to turn off the use of SSL session ID:

Set the ssl-server number session-cache timeout setting for the SSL proxy list to 0 (disabled).

Disable the advanced-balance ssl command in the content rule to disable SSL sticky.

The backend session ID cache is set to 4096 entries and is not configurable.

(config-service) slot

To specify the slot in a CSS in which the SSL Acceleration module is located, use the slot command. The SSL service requires the SSL module slot number to correlate the SSL proxy list to a specific module. The CSS 11501 supports a single integrated SSL module. The CSS 11503 and CSS 11506 support multiple SSL modules; a maximum of two in a CSS 11503 and a maximum of four in a CSS 11506.

slot number

Syntax Description

number

Slot number. The valid entry for the CSS 11501 is 2. The valid entries for the CSS 11503 are 2 and 3. The valid entries for the CSS 11506 CSS are 2 to 6. Slot 1 is reserved for the SCM.


Usage Guidelines

The CSS supports one active SSL service for each SSL module in the CSS (one SSL service per slot). You can configure more than one SSL service for a slot but only a single SSL service can be active at a time.

(config-service) string

To specify the HTTP cookie for the service, use the string command. Use the no form of this command to remove the cookie for the service.

string cookie_name

no string

Syntax Description

cookie_name

Name of the cookie. Enter a unquoted text string with no spaces and a maximum length of 15 characters.


(config-service) subscriber

To configure a service as a subscriber to a publishing service, use the subscriber command. Use the no form of this command to unsubscribe the service from a publishing service.

subscriber publisher

no subscriber

Syntax Description

publisher

Name of the publishing service


Usage Guidelines

By default, the subscriber inherits the access mechanism of the publisher for the movement of content. But if you want to configure an alternative mechanism, use the (config-service) access command.

You can define a maximum of 31 subscribers to a publisher.

Related Commands

(config) ftp-record
(config-service) access
(config-service) publisher

(config-service) suspend

To remove the service from the pool for future load-balancing content requests, use the suspend command. Suspending a service does not affect existing content flows, but it does prevent additional connections from accessing the service for its content.

suspend

Usage Guidelines

If you suspend a service, the CSS uses the failover command setting to handle content requests.

Related Commands

(config-service) active

(config-service) transparent-hosttag

To enable destination network address translation (NAT) for the transparent cache service type, use the transparent-hosttag command. Use the no form of this command to disable destination network address translation for the transparent cache service type.

transparent-hosttag

no transparent-hosttag

Usage Guidelines

Before you can use this command, make sure that the service is suspended.

Currently, you can use this command only in a CSA environment.

You do not need to configure source groups in a CSA environment. The transparent cache environment does not require the client source IP NATing that occurs as a result of a source group configuration.

Related Commands

(config-service) type

(config-service) type

To specify the type for the service, use the type command. If you do not define a type for the service, the default service type is local. Use the no form of this command to reset the type for the service to its default setting of local.

type nci-direct-return|nci-info-only|proxy-cache|redirect
|redundancy-up|rep-cache-redir|rep-store|rep-store-redir|ssl-accel
|ssl-accel-backend|ssl-init|transparent-cache

no type

Syntax Description

nci-direct-return

Specifies a NAT Channel Indication (NCI) service for NAT peering. NAT peering allows the building of forward TCP-switched connections between CSSs until the destination CSS is reached and the destination CSS performs the final transformations, which allows return traffic packets to flow to the client through any network path. This service type informs the CSS to include the NCI option in the TCP packet. This keyword indicates to the server-side CSS that NAT parameters are in use and contains the original source and destination IP addresses and TCP port numbers. If a Layer 5 rule is matched, the spoof bit in the NCI option is set to indicate that part of the flow has been spoofed and the rest of the forward path must be established before the destination CSS can use the information in the packet to perform the NAT transformations for the reverse path. Configure the VIP for the service to the VIP on the server-side CSS to indicate an endpoint for the connection.

You must create a source group for the client traffic. The CSS will translate the client IP address to the IP address defined in the source group.

nci-info-only

Specifies the service is NAT Channel indication for information only.

proxy-cache

Specifies the service is a proxy cache. This keyword bypasses content rules for requests from the cache. Bypassing content rules prevents a loop from forming between the cache server and the CSS. To allow the applying of content rules to requests, enter:

no cache-bypass

redirect

Specifies the service is not directly accessible and requires redirection. The CSS must use the HTTP redirect mechanism to direct the client request to the desired content.

redundancy-up

Designates one or more routers as type redundancy-up critical services. A typical configuration contains 10 or fewer routers. Within a redundant configuration, the CSS allows you to configure multiple redundancy uplink critical services (up to a maximum of 512).

This critical service type enables the master CSS to ping a router service using the default keepalive Internet Control Message Protocol (ICMP). If the master CSS fails or it detects that all router uplink critical services have failed, the backup CSS becomes the master.

In a redundant configuration that does not configure the routers as type redundancy-up critical services, a backup CSS becomes master only when the current master CSS fails. In this configuration, a switchover does not occur when the router services fail.

You cannot add redundancy uplink critical services to a content rule.

You cannot use this service type and the (config) ip redundancy master command simultaneously. Before you can specify a redundant uplink, you must enter the (config) no ip redundancy master command.

rep-cache-redir

Specifies the service is a replication cache with redirect. The CSS uses the replication cache as a redirect service instead of load balancing between the local service and the cache.

rep-store

Specifies the service is a replication store server for hot content. The service is a local overflow service used to load-balance content requests. The CSS moves hot content to the server, and then creates a dynamic content rule for the hot content automatically. The dynamic content rule inherits all the attributes of the existing rule with the following changes:

Specifically identifies the hot content

Changes the server type from replication-store to type local

The CSS deletes the dynamic content rule after the maximum age time elapses or the service keepalive indicates failure.

rep-store-redir

Specifies the service is a replication store to which content requests are redirected. The service is a remote overflow service. No content rules are applied to requests from this service type.

ssl-accel

Specifies that this is an SSL acceleration service. You add an active SSL proxy list to an ssl-accel type service to initiate the transfer of SSL configuration data for the SSL module. This allows you to:

Configure the service as an SSL acceleration service.

Add the SSL proxy list to an SSL service through the (config-service) add ssl-proxy-list command.

ssl-accel-backend

Specifies that this is a backend SSL service. You add an active SSL proxy list to an ssl-accel-backend type service to initiate the transfer of SSL configuration data for the SSL module. This allows you to:

Configure the service as a backend SSL service.

Add the SSL proxy list to an SSL service through the (config-service) add ssl-proxy-list command.

ssl-init

Specifies that this is an SSL initiation service. You add an active SSL proxy list to an ssl-init type service to initiate the transfer of SSL configuration data for the SSL module. This command allows you to:

Configure the service as an SSL initiation service.

Add the SSL proxy list to an SSL service through the (config-service) add ssl-proxy-list command.

transparent-cache

Specifies the service is a transparent cache. No content rules are applied to requests from the cache. Bypassing content rules prevents a loop from forming between the cache server and the CSS. To allow the applying of content rules to requests, enter:

no cache-bypass

Usage Guidelines

Before you can change the type, make sure that the service is suspended.

(config-service) weight

To specify the relative weight of the service, use the weight command. The weight is used in ArrowPoint Content Awareness (ACA) and weighted roundrobin load-balancing decisions. Use the no form of this command to reset the service weight to its default value of 1.

weight weight

no weight

Syntax Description

weight

Service weight used with load metrics to make load-allocation decisions. You can use the weight to bias flows toward the specified service. Enter an integer from 0 to 10. The default is 1.


Usage Guidelines

The weight for the service set through the (config-owner-content) add service command takes precedent over the (config-service) weight command. For information about using a service weight of 0 (graceful shutdown), refer to the Cisco Content Services Switch Content Load-Balancing Configuration Guide.

Related Commands

(config-owner-content) add service
(config-owner-content) balance

(config-service) zero

To set statistics counters for all or specified services on the CSS to zero, use the zero command. The show service command displays the counters.

zero total-connections|total-reused-connections|state-transitions {service name}

Syntax Description

total-connections

Sets the Total Connections counter for all services or a specified service to zero.

total-reused-connections

Sets the Total Reused Conns counter for all services or a specified service to zero.

state-transitions

Sets the State Transitions counter for all services or a specified service to zero.

service name

(Optional) Name of the service. Only the counter for the specified service is set to zero.


Command Modes

All modes

Related Commands

show service