CSS Advanced Configuration Guide (Software Version 7.10) - Index [Cisco CSS 11500 Series Content Services Switches]

Table Of Contents

A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - Q - R - S - T - U - V - W - Z

Index

A

accelerated domain4-13

access FTP

demand-based replication8-6

publishing and subscribing8-9

Adaptive Session Redundancy

configuration quick start6-34

configuration requirements and restrictions6-31

content rule, redundant6-37

displaying information6-40

index, redundant6-30

Inter-Switch Communications6-36

overview6-28

service, redundant6-37

source group, redundant6-38

administrative distance, configuring for firewall load balancing10-6

APP

configurations, displaying1-9

configuring1-6

frame size1-6

overview1-3

port1-7

Proximity Database5-21

Proximity Domain Name Server5-46

session between two CSSs1-7

session using RCMD1-9

using with Network Proximity5-16

Application Peering Protocol. See APP

Application Peering Protocol-User Datagram Protocol. See APP-UDP

APP-UDP

configurations, displaying5-20

configuring5-16

enabling5-16

options, configuring5-18

options, removing5-19

port5-19

Proximity Database5-21

Proximity Domain Name Server5-46

security5-17

A-record1-26

ASR. See Adaptive Session Redundancy

associating (SSL)

Diffie-Hellman parameter file9-32

DSA key pair9-31

RSA key pair9-30

SSL certificates9-29

audiencexxvi

B

BACKUP_IP variable6-18, 7-16

boomerang3-2

box-to-box redundancy. See IP redundancy

buffer count, DNS server1-17

C

cable, crossover for IP redundancy7-6

cache

domain, for Client Side Accelerator4-11

PDNS lookup5-49, 5-50, 5-51

certificates (SSL)

associating9-29

associations, viewing9-33, 9-40

certificate signing request, generating9-26

DSA certificate association, SSL proxy list9-48

file formats9-20

importing/exporting9-17, 9-19

overview9-3, 9-7

removing9-40

RSA certificate association, SSL proxy list9-47

self-signed certificate, generating9-27

storage9-9

verifying9-32

cipher suites (SSL)9-50

circuit IP interface, configuring for VIP redundancy6-8

circuits, redundant for IP redundancy7-10

Client Side Accelerator

configuration, displaying4-14

configuring4-1, 4-10

disabling4-11

DNS server forwarder4-12

DNS server zones4-14

domain cache4-11

domain cache statistics, displaying4-16

enabling4-10

information, displaying4-14

overview4-2

quick start4-7

configuration example

firewall load balancing10-8

SSL proxy configurations9-79

VIP and virtual IP interface redundancy6-26

configuration quick start

Adaptive Session Redundancy6-34

Client Side Accelerator4-7

Content Routing Agent3-4

DNS Sticky2-5

IP redundancy7-4

Network Proximity5-12

Proximity Database5-12

Proximity Domain Name Server5-13

RSA certificate and key generation9-10

RSA certificate and key import9-12

SSL proxy configuration list9-10

SSL proxy list9-13

SSL service9-14

VIP redundancy6-6

virtual IP interface redundancy6-6

configuration synchronization

BACKUP_IP variable6-18, 7-16

lock file6-17, 7-15

logging results6-19, 7-16

overview6-14, 7-12

script for IP redundancy7-12

script for VIP redundancy6-14, 6-15

content

displaying8-17

domain, creating using APP session1-7

router3-2

staging and replication8-8

Content Routing Agent

configuration quick start3-4

configuring3-5

CPU load threshold3-5

disabling3-5

displaying statistics3-10

domain alias3-8

domain records3-6

domain statistics, clearing3-9

enabling3-5

example3-3

overview3-2

content rule

hotlist8-3

redundant6-37, 6-42

replication and staging8-15

SSL rule quick start9-14

CRA. See Content Routing Agent

critical services

configuring for CSS-to-CSS redundancy7-17

configuring for VIP redundancy6-12

displaying for CSS-to-CSS redundancy7-19

displaying for VIP redundancy6-20

crossover cable pinouts for IP redundancy7-7

CSA. See Client Side Accelerator

D

database

global sticky 2-6, 2-9, 2-13

proximity2-4, 2-13, 5-4, 5-12, 5-15, 5-21, 5-37

demand-based replication

FTP access8-6

FTP record8-7

max age8-5

max content8-5

max usage8-6

service type8-4

Diffie-Hellman

associating key exchange file9-32

cipher suites9-50

generating key agreement file9-25

key exchange parameter file association, SSL proxy list9-49

overview9-4

parameter associations, viewing9-38

DNS

Client Side Accelerator4-2

content domain1-2

Content Routing Agent3-2

content rule-based1-41, 2-11

converting content rule-based to zone-based2-11

owner1-43

peer interval1-41

peer receive slots1-42

peer send slots1-42

proximity record statistics, displaying5-53

record statistics, resetting4-14

removing from content rule1-44

server forwarder1-18, 4-12

server zones1-14, 4-14

service, adding to content rule1-44

weighted roundrobin1-14, 1-15, 1-26, 1-29, 1-31, 1-34, 1-35, 1-40

zone-based1-14, 2-11

DNS peer

CSS, configuring as1-41

information, displaying1-43

DNS server

authoritative1-13

buffer count1-17

configuration, displaying1-19

database information, displaying1-21

domain records1-26, 1-36, 1-37

domain statistics, displaying1-22

forwarder1-18

forwarder statistics, displaying1-23

peer interval1-41

responder task count1-17

server and zone information, displaying1-19

zone1-14, 1-16, 1-24, 4-14

DNS Sticky

configuration quick start2-5

converting content rule-based DNS to zone-based2-11

displaying statistics2-16

domain load statistics2-19

domain records1-28, 1-33, 2-15

domain record statistics, displaying2-18

Global Sticky Database2-13

interface for GSDB2-14

overview2-2

TTL for GSDB2-15

with a GSDB2-3

with Network Proximity2-4

without GSDB2-3

documentation

audiencexxvi

chapter contentsxxvi

setxxvii

symbols and conventionsxxx

domain

accelerated4-13

cache4-11, 4-16

content1-7

load statistics2-19

names, configuring for server resolution1-45

name service, overview1-2

records1-26, 1-36, 1-37, 5-48

statistics, displaying1-22

summary information, displaying1-46

Domain Name Service. See DNS

domain records

configuring1-26

displaying information1-37

removing1-36

resetting statistics1-36

dormant flows6-29, 6-41

DSA

associating key pair9-31

certificate association, SSL proxy list9-48

cipher suites9-50

generating key pair9-24

key pair association, SSL proxy list9-49

key pair associations, viewing9-37, 9-39, 9-40

overview9-6

E

example

IP redundancy uplink services7-18

Network Proximity, operation5-8

Network Proximity tiers5-33

SSL proxy configurations9-79

stateless redundancy failover for IP redundancy7-25

stateless redundancy failover for VIP redundancy7-29

static route for firewall load balancing10-8

VIP and virtual IP interface redundancy configuration6-26

exporting SSL keys and certificates9-19

F

failover

stateful6-28

stateless7-20

firewall

caution when deleting10-4

load balancing10-2

RIP redistribute, configuring10-7

synchronization10-3

timeout10-5

firewall load balancing

configuring10-3

flow summaries, displaying10-16

IP information, displaying10-18

IP routes, displaying10-17

IP static route, configuring10-5

overview10-2

static route configuration example10-8

flows

displaying firewall configuration10-16

dormant6-29, 6-41

forwarder

DNS server1-18, 4-12

statistics, displaying1-23

frame size, configuring for APP1-6

FTP access

demand-based content replication8-6

publishing and subscribing8-9

FTP record

associating with replication services8-6, 8-9

demand-based content replication8-7

G

Global Sticky Database

configuration quick start2-6

enabling2-13

interface, configuring2-14

interface statistics, displaying2-17

interface statistics, resetting2-15

metrics2-21

statistics, displaying2-16

statistics, resetting2-14

TTL for entries2-15

GSDB. See Global Sticky Database

H

hotlist

disabling8-3

enabling8-3

I

importing SSL keys and certificates9-19

index, redundant6-30, 6-37

Inter-Switch Communications

configuring6-36

displaying information6-40

overview6-30

restrictions6-32

IP critical services

configuring for VIP redundancy6-12

displaying6-20

IP redundancy

cabling CSSs7-6

configuration quick start7-4

configurations, displaying7-33

configuring7-7

disabling7-9

overview7-1

protocol, configuring7-10

stateless failover7-20, 7-24

synchronizing configurations7-12

IP redundant interface

configuring for VIP redundancy6-10

displaying6-21

IP redundant VIP, configuring for VIP redundancy6-11

IP route

firewall load balancing, displaying10-17, 10-18

static, for firewall load balancing10-5

IP virtual router, configuring for VIP redundancy6-9

ISC. See Inter-Switch Communications

K

keepalive

disabling for SSL Acceleration Module9-63

IP critical services6-12

IP redundant uplink services7-17

script examples11-41

keys (SSL)

associating9-30, 9-31, 9-32

Diffie-Hellman key agreement file9-25

Diffie-Hellman key exchange parameter file association, SSL proxy list9-49

Diffie-Hellman parameter associations, viewing9-38

DSA key pair association, SSL proxy list9-49

DSA key pair associations, viewing9-37, 9-39, 9-40

DSA key pairs9-24

importing/exporting9-17, 9-19

overview9-3, 9-7

removing9-40

RSA certificate association, SSL proxy list9-48

RSA key pair, generating9-22

RSA key pair associations, viewing9-36, 9-40

storage9-9

L

license key

Enhanced feature set5-2

Proximity Database5-2

LifeTick6-30

load balancing

DNS records1-14

firewall, configuring10-3

firewall, overview10-2

weighted roundrobin1-14, 1-15, 1-26, 1-29, 1-31, 1-34, 1-35, 1-40

logging, configuration synchronization results6-19, 7-16

lookup cache

displaying statistics5-51

enabling5-49

removing entries5-50

lookup cache, PDNS5-51

M

master CSS, temporary7-17

max

age, demand-based replication8-5

content, demand-based replication8-5

usage, demand-based replication8-6

mesh, peer5-8

metrics, assigning proximity5-22

N

NAT10-2, 10-3

Network Address Translation. See NAT

Network Proximity

APP5-16

APP-UDP5-16

configuration quick start5-12

example5-8, 5-33

license keys5-2

overview5-1, 5-3

peer mesh5-8

Proximity Database5-4, 5-12, 5-15

Proximity Domain Name Server5-5, 5-13

tiers5-33

zones5-7, 5-47, 5-53

NS-record1-31

O

owner, DNS exchange policy1-43

P

password for imported certificates/keys9-20

PDB. See Proximity Database

PDNS. See Proximity Domain Name Server

peer

interval, configuring for DNS1-41

mesh5-8

receive slots, configuring for DNS1-42

send slots, configuring for DNS1-42

peering protocol, overview1-3

physical interfaces, configuring for IP redundancy7-19

physical link list7-19

probe module

ICMP delay interval5-31

ICMP requests5-30

methods5-29

metric weighting5-30

statistics5-44

TCP ports5-32

probes, resending proximity5-28

protocol

IP redundancy7-2, 7-10

VRRP6-2

proximity. See Network Proximity

Proximity Database

activity, displaying5-37

archiving5-25

assignments, displaying5-41

assignments, flushing5-23

clearing5-28

configuration quick start5-12

configuring5-15

DNS Sticky2-4, 2-13

enabling5-21

IP address1-15

metrics, assigning5-22

metrics, displaying5-38

metrics, refining5-27

overview5-4

probe module5-29

probe module statistics, displaying5-44

refinement, displaying5-41

reprobing5-28

retrieving5-26

statistics, displaying5-40

TTL, configuring5-24

zone statistics5-42, 5-43

Proximity Domain Name Server

APP5-46

APP-UDP5-46

A-record1-26

cache5-24

configuration overview5-46

configuration quick start5-13

configurations, displaying5-51

disabling5-48

DNS-record keepalives, displaying5-53

DNS-record proximity statistics, displaying5-53

DNS-record statistics, displaying5-53

DNS server information, displaying5-54

DNS server statistics, clearing5-49

DNS Sticky2-4

domain records1-36, 1-37, 5-48

enabling1-14, 5-47

lookup cache5-49, 5-50, 5-51

NS-record1-31

overview5-5

zones, displaying5-53

publisher

content replication8-16

displaying service configurations8-11

service8-10

Q

quick start

Adaptive Session Redundancy6-34

certificate management9-10

Content Routing Agent3-4

DNS Sticky2-5

IP redundancy7-4

Network Proximity5-12

Proximity Database5-12

Proximity Domain Name Server5-13

RSA certificate and key generation9-10

RSA certificate and key import9-12

SSL proxy configuration list9-10

SSL proxy list9-13

SSL service9-14

VIP redundancy6-6

virtual IP interface redundancy6-6

R

RCMD command1-8

records

address (A)1-26

configuring1-26

DNS Sticky1-28, 1-33

name server (NS)1-31

removing1-36

statistics1-37

statistics, resetting1-36, 4-14

weight, configuring1-29, 1-35

weight, displaying1-40

redundancy

configuration quick start6-6, 7-4

configurations, displaying7-33

critical services6-12

interfaces, displaying6-21

IP7-1

IP redundant VIP6-11

physical interfaces7-19

redundant VIPs, displaying6-23

session6-28

stateless failover7-20, 7-24, 7-28

synchronizing configurations6-14, 7-12

uplink configuration example7-18

uplink services7-17

VIP6-1, 6-2, 6-8

virtual IP interface6-1, 6-2, 6-5, 6-8, 6-10

redundancy protocol

configuring7-10

IP, overview7-2

redundant

circuits, configuring for IP redundancy7-10

index6-30, 6-37

replication

content rule8-15

content staging8-8

demand-based8-2

FTP access8-6

FTP record, creating8-7

hotlists8-3

max age8-5

max content8-5

max usage8-6

publisher8-16

publishing and subscribing8-9

service type8-4

replication and staging, configuring a content rule8-15

roundrobin, DNS weighted1-14, 1-15, 1-26, 1-29, 1-31, 1-34, 1-35, 1-40

round-trip time. See RTT

route

IP static, for firewall load balancing10-5

router

virtual6-9, 6-12, 6-24

VRID6-9

RSA

associating key pair9-30

certificate association, SSL proxy list9-47

certificate association in SSL proxy list9-48

cipher suites9-50

generating key pair9-22

key pair associations, viewing9-36

overview9-4

quick start9-10, 9-12

RTT5-3, 5-44

S

scripting language

!no echo command11-4

arithmetic operators11-8

arrays11-19

bitwise logical operators11-27

Boolean logic operators11-10

branch commands11-10

capturing user input11-23

command line arguments11-24

comments11-3

echo command11-3

functions11-25

grep command11-31

increment and decrement operators11-9

overview11-1

relational operators11-10

set and no set commands11-7

socket commands11-33

special variables11-13

syntax errors11-28

terminating a script11-28

variables11-5

scripts

commit_redundancy7-12

commit_vip_redundancy6-15

configuration synchronization6-15, 7-12

keepalive examples11-41

playing11-2

showtech11-39

upgrade considerations11-39

service

activating9-64

keepalive messages, disabling for SSL Acceleration Module9-63

publisher8-10

redundant6-37, 6-42

replication8-2

SSL Acceleration Module slot, specifying9-62

SSL acceleration type9-62

SSL proxy lists, adding9-61, 9-63

SSL service, creating9-61

SSL service quick start9-14

SSL session ID cache size9-63

subscriber8-13

service type

replication cache redirect8-4

replication-store8-4

replication-store redirect8-4

specifying for replication8-4

ssl-accel9-62

session redundancy

configuration quick start6-34

configuration requirements and restrictions6-31

content rule, redundant6-37

displaying information6-40

index, redundant6-30

Inter-Switch Communications6-36

overview6-28

service, redundant6-37

source group, redundant6-38

showtech script11-39

socket commands11-33

source group

configuring for domain name resolution1-45

redundant6-38, 6-42

SSL

acceleration service type9-62

certificate associations, viewing9-33, 9-40

certificates9-5, 9-17, 9-19, 9-27, 9-29, 9-40

certificate signing request, generating9-26

cipher suites, specifying9-50

configuration information, viewing9-68

cryptography capabilities9-7

Diffie-Hellman key agreement file9-4, 9-25, 9-32, 9-38

DSA digital signatures9-6

DSA key pairs9-24, 9-31

generating keys and certificates9-22

handshake negotation9-55

importing/exporting certificates and keys9-19

key pairs9-36, 9-37, 9-39, 9-40

overview9-2

processing of flows9-79

public key infrastructure9-3

quick start procedures9-10

RSA key pairs9-4, 9-22, 9-30

session cache9-54, 9-63

SSL Acceleration Module9-9, 9-62

SSL flows, viewing9-77

SSL proxy configurations, examples9-79

SSL proxy list, adding to SSL services9-61

SSL proxy list, creating9-43

SSL proxy list ssl-server, configuring9-44

statistics9-71, 9-76

TCP client-side connection options9-57

TCP server-side connection options9-58

termination9-1

SSL Acceleration Module

creating SSL service9-61

overview9-2, 9-9

specifying in SSL service9-62

SSL termination9-9

statistics, viewing9-71

SSL proxy configurations

full proxy example9-89

transparent example9-82, 9-85

SSL proxy list

adding to service9-63

adding to SSL services9-61

creating9-43

mode9-43

overview9-42

quick start9-13

ssl-server, configuring9-44

viewing9-68

ssl-server (SSL proxy list)

cipher suites, specifying9-50

creating9-45

Diffie-Hellman parameter file association, specifying9-49

DSA certificate association, specifying9-48

DSA key pair association, specifying9-49

RSA certificate association, specifying9-47

RSA key pair association, specifying9-48

SSL session cache timeout, configuring9-54

SSL session handshake renegotation, configuring9-55

SSL TCP client-side connection options, configuring9-57

SSL TCP server-side connection options, configuring9-58

version9-54

VIP address, specifying9-45

virtual TCP port, specifying9-46

staging and replication, configuring for content8-8

stateful failover6-28

stateless redundancy failover

configuration restrictions7-21

configuration synchronization7-23

CSS parameters, configuring7-22

example configuration for IP redundancy7-25

example for VIP redundancy7-29

IP redundancy configuration7-24

overview7-20

VIP and virtual IP interface redundancy7-28

sticky domain records1-28, 1-33

subscriber service

configuring8-13

displaying configurations8-14

synchronizing redundant configurations6-14

system configuration information script11-39

T

TCP port number, configuring for APP1-7

temporary master CSS, for IP redundancy7-17

tiers

example5-33

Network Proximity5-33, 5-47

TTL

proximity5-24

U

uplink services, configuring IP redundant7-17

V

VIP redundancy

circuit IP interface, configuring6-8

configuration quick start6-6

configurations, displaying6-20

critical services6-12

IP virtual router6-9

overview6-2

redundant interface6-10

redundant VIP, configuring6-11

stateless failover7-20, 7-28

synchronizing configurations6-14

VIPs, displaying6-23

with session redundancy6-31

virtual IP interface, configuring6-10

virtual IP interface redundancy

configuration quick start6-6

configuring6-8

overview6-5

virtual router

configurations, displaying6-24

configuring6-9

ID6-12

Virtual Router Redundancy Protocol. See VRRP

virtual ssl server, creating9-45

VRRP6-2, 6-14, 7-28

W

weight

configuring DNS record1-29, 1-35

displaying DNS record1-40

weighted roundrobin, DNS1-14, 1-15, 1-26, 1-29, 1-31, 1-34, 1-35, 1-40

Z

zones

Client Side Accelerator4-14

displaying data5-42

DNS server1-14

DNS server load1-16

information, displaying1-24

Network Proximity5-7, 5-47, 5-53

proximity statistics, displaying5-43

zone transfer, unsupported among DNS servers1-2

	CSS Advanced Configuration Guide (Software Version 7.10)
	Index
CSS Advanced Configuration Guide (Software Version 7.10) Index About This Guide Configuring the CSS Domain Name Service Configuring DNS Sticky Configuring a CSS as a Content Routing Agent Configuring a Client Side Accelerator Configuring Network Proximity Configuring VIP and Virtual IP Interface Redundancy Configuring Redundant Content Services Switches Configuring Content Replication Configuring SSL Termination on the CSS Configuring Firewall Load Balancing Using the CSS Scripting Language	Download this chapter Index Download the complete book Cisco Content Services Switch Advanced Configuration Guide (Version 7.10), Book-Length PDF (PDF - 3 MB) Table Of Contents A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - Q - R - S - T - U - V - W - Z Index A accelerated domain4-13 access FTP demand-based replication8-6 publishing and subscribing8-9 Adaptive Session Redundancy configuration quick start6-34 configuration requirements and restrictions6-31 content rule, redundant6-37 displaying information6-40 index, redundant6-30 Inter-Switch Communications6-36 overview6-28 service, redundant6-37 source group, redundant6-38 administrative distance, configuring for firewall load balancing10-6 APP configurations, displaying1-9 configuring1-6 frame size1-6 overview1-3 port1-7 Proximity Database5-21 Proximity Domain Name Server5-46 session between two CSSs1-7 session using RCMD1-9 using with Network Proximity5-16 Application Peering Protocol. See APP Application Peering Protocol-User Datagram Protocol. See APP-UDP APP-UDP configurations, displaying5-20 configuring5-16 enabling5-16 options, configuring5-18 options, removing5-19 port5-19 Proximity Database5-21 Proximity Domain Name Server5-46 security5-17 A-record1-26 ASR. See Adaptive Session Redundancy associating (SSL) Diffie-Hellman parameter file9-32 DSA key pair9-31 RSA key pair9-30 SSL certificates9-29 audiencexxvi B BACKUP_IP variable6-18, 7-16 boomerang3-2 box-to-box redundancy. See IP redundancy buffer count, DNS server1-17 C cable, crossover for IP redundancy7-6 cache domain, for Client Side Accelerator4-11 PDNS lookup5-49, 5-50, 5-51 certificates (SSL) associating9-29 associations, viewing9-33, 9-40 certificate signing request, generating9-26 DSA certificate association, SSL proxy list9-48 file formats9-20 importing/exporting9-17, 9-19 overview9-3, 9-7 removing9-40 RSA certificate association, SSL proxy list9-47 self-signed certificate, generating9-27 storage9-9 verifying9-32 cipher suites (SSL)9-50 circuit IP interface, configuring for VIP redundancy6-8 circuits, redundant for IP redundancy7-10 Client Side Accelerator configuration, displaying4-14 configuring4-1, 4-10 disabling4-11 DNS server forwarder4-12 DNS server zones4-14 domain cache4-11 domain cache statistics, displaying4-16 enabling4-10 information, displaying4-14 overview4-2 quick start4-7 configuration example firewall load balancing10-8 SSL proxy configurations9-79 VIP and virtual IP interface redundancy6-26 configuration quick start Adaptive Session Redundancy6-34 Client Side Accelerator4-7 Content Routing Agent3-4 DNS Sticky2-5 IP redundancy7-4 Network Proximity5-12 Proximity Database5-12 Proximity Domain Name Server5-13 RSA certificate and key generation9-10 RSA certificate and key import9-12 SSL proxy configuration list9-10 SSL proxy list9-13 SSL service9-14 VIP redundancy6-6 virtual IP interface redundancy6-6 configuration synchronization BACKUP_IP variable6-18, 7-16 lock file6-17, 7-15 logging results6-19, 7-16 overview6-14, 7-12 script for IP redundancy7-12 script for VIP redundancy6-14, 6-15 content displaying8-17 domain, creating using APP session1-7 router3-2 staging and replication8-8 Content Routing Agent configuration quick start3-4 configuring3-5 CPU load threshold3-5 disabling3-5 displaying statistics3-10 domain alias3-8 domain records3-6 domain statistics, clearing3-9 enabling3-5 example3-3 overview3-2 content rule hotlist8-3 redundant6-37, 6-42 replication and staging8-15 SSL rule quick start9-14 CRA. See Content Routing Agent critical services configuring for CSS-to-CSS redundancy7-17 configuring for VIP redundancy6-12 displaying for CSS-to-CSS redundancy7-19 displaying for VIP redundancy6-20 crossover cable pinouts for IP redundancy7-7 CSA. See Client Side Accelerator D database global sticky 2-6, 2-9, 2-13 proximity2-4, 2-13, 5-4, 5-12, 5-15, 5-21, 5-37 demand-based replication FTP access8-6 FTP record8-7 max age8-5 max content8-5 max usage8-6 service type8-4 Diffie-Hellman associating key exchange file9-32 cipher suites9-50 generating key agreement file9-25 key exchange parameter file association, SSL proxy list9-49 overview9-4 parameter associations, viewing9-38 DNS Client Side Accelerator4-2 content domain1-2 Content Routing Agent3-2 content rule-based1-41, 2-11 converting content rule-based to zone-based2-11 owner1-43 peer interval1-41 peer receive slots1-42 peer send slots1-42 proximity record statistics, displaying5-53 record statistics, resetting4-14 removing from content rule1-44 server forwarder1-18, 4-12 server zones1-14, 4-14 service, adding to content rule1-44 weighted roundrobin1-14, 1-15, 1-26, 1-29, 1-31, 1-34, 1-35, 1-40 zone-based1-14, 2-11 DNS peer CSS, configuring as1-41 information, displaying1-43 DNS server authoritative1-13 buffer count1-17 configuration, displaying1-19 database information, displaying1-21 domain records1-26, 1-36, 1-37 domain statistics, displaying1-22 forwarder1-18 forwarder statistics, displaying1-23 peer interval1-41 responder task count1-17 server and zone information, displaying1-19 zone1-14, 1-16, 1-24, 4-14 DNS Sticky configuration quick start2-5 converting content rule-based DNS to zone-based2-11 displaying statistics2-16 domain load statistics2-19 domain records1-28, 1-33, 2-15 domain record statistics, displaying2-18 Global Sticky Database2-13 interface for GSDB2-14 overview2-2 TTL for GSDB2-15 with a GSDB2-3 with Network Proximity2-4 without GSDB2-3 documentation audiencexxvi chapter contentsxxvi setxxvii symbols and conventionsxxx domain accelerated4-13 cache4-11, 4-16 content1-7 load statistics2-19 names, configuring for server resolution1-45 name service, overview1-2 records1-26, 1-36, 1-37, 5-48 statistics, displaying1-22 summary information, displaying1-46 Domain Name Service. See DNS domain records configuring1-26 displaying information1-37 removing1-36 resetting statistics1-36 dormant flows6-29, 6-41 DSA associating key pair9-31 certificate association, SSL proxy list9-48 cipher suites9-50 generating key pair9-24 key pair association, SSL proxy list9-49 key pair associations, viewing9-37, 9-39, 9-40 overview9-6 E example IP redundancy uplink services7-18 Network Proximity, operation5-8 Network Proximity tiers5-33 SSL proxy configurations9-79 stateless redundancy failover for IP redundancy7-25 stateless redundancy failover for VIP redundancy7-29 static route for firewall load balancing10-8 VIP and virtual IP interface redundancy configuration6-26 exporting SSL keys and certificates9-19 F failover stateful6-28 stateless7-20 firewall caution when deleting10-4 load balancing10-2 RIP redistribute, configuring10-7 synchronization10-3 timeout10-5 firewall load balancing configuring10-3 flow summaries, displaying10-16 IP information, displaying10-18 IP routes, displaying10-17 IP static route, configuring10-5 overview10-2 static route configuration example10-8 flows displaying firewall configuration10-16 dormant6-29, 6-41 forwarder DNS server1-18, 4-12 statistics, displaying1-23 frame size, configuring for APP1-6 FTP access demand-based content replication8-6 publishing and subscribing8-9 FTP record associating with replication services8-6, 8-9 demand-based content replication8-7 G Global Sticky Database configuration quick start2-6 enabling2-13 interface, configuring2-14 interface statistics, displaying2-17 interface statistics, resetting2-15 metrics2-21 statistics, displaying2-16 statistics, resetting2-14 TTL for entries2-15 GSDB. See Global Sticky Database H hotlist disabling8-3 enabling8-3 I importing SSL keys and certificates9-19 index, redundant6-30, 6-37 Inter-Switch Communications configuring6-36 displaying information6-40 overview6-30 restrictions6-32 IP critical services configuring for VIP redundancy6-12 displaying6-20 IP redundancy cabling CSSs7-6 configuration quick start7-4 configurations, displaying7-33 configuring7-7 disabling7-9 overview7-1 protocol, configuring7-10 stateless failover7-20, 7-24 synchronizing configurations7-12 IP redundant interface configuring for VIP redundancy6-10 displaying6-21 IP redundant VIP, configuring for VIP redundancy6-11 IP route firewall load balancing, displaying10-17, 10-18 static, for firewall load balancing10-5 IP virtual router, configuring for VIP redundancy6-9 ISC. See Inter-Switch Communications K keepalive disabling for SSL Acceleration Module9-63 IP critical services6-12 IP redundant uplink services7-17 script examples11-41 keys (SSL) associating9-30, 9-31, 9-32 Diffie-Hellman key agreement file9-25 Diffie-Hellman key exchange parameter file association, SSL proxy list9-49 Diffie-Hellman parameter associations, viewing9-38 DSA key pair association, SSL proxy list9-49 DSA key pair associations, viewing9-37, 9-39, 9-40 DSA key pairs9-24 importing/exporting9-17, 9-19 overview9-3, 9-7 removing9-40 RSA certificate association, SSL proxy list9-48 RSA key pair, generating9-22 RSA key pair associations, viewing9-36, 9-40 storage9-9 L license key Enhanced feature set5-2 Proximity Database5-2 LifeTick6-30 load balancing DNS records1-14 firewall, configuring10-3 firewall, overview10-2 weighted roundrobin1-14, 1-15, 1-26, 1-29, 1-31, 1-34, 1-35, 1-40 logging, configuration synchronization results6-19, 7-16 lookup cache displaying statistics5-51 enabling5-49 removing entries5-50 lookup cache, PDNS5-51 M master CSS, temporary7-17 max age, demand-based replication8-5 content, demand-based replication8-5 usage, demand-based replication8-6 mesh, peer5-8 metrics, assigning proximity5-22 N NAT10-2, 10-3 Network Address Translation. See NAT Network Proximity APP5-16 APP-UDP5-16 configuration quick start5-12 example5-8, 5-33 license keys5-2 overview5-1, 5-3 peer mesh5-8 Proximity Database5-4, 5-12, 5-15 Proximity Domain Name Server5-5, 5-13 tiers5-33 zones5-7, 5-47, 5-53 NS-record1-31 O owner, DNS exchange policy1-43 P password for imported certificates/keys9-20 PDB. See Proximity Database PDNS. See Proximity Domain Name Server peer interval, configuring for DNS1-41 mesh5-8 receive slots, configuring for DNS1-42 send slots, configuring for DNS1-42 peering protocol, overview1-3 physical interfaces, configuring for IP redundancy7-19 physical link list7-19 probe module ICMP delay interval5-31 ICMP requests5-30 methods5-29 metric weighting5-30 statistics5-44 TCP ports5-32 probes, resending proximity5-28 protocol IP redundancy7-2, 7-10 VRRP6-2 proximity. See Network Proximity Proximity Database activity, displaying5-37 archiving5-25 assignments, displaying5-41 assignments, flushing5-23 clearing5-28 configuration quick start5-12 configuring5-15 DNS Sticky2-4, 2-13 enabling5-21 IP address1-15 metrics, assigning5-22 metrics, displaying5-38 metrics, refining5-27 overview5-4 probe module5-29 probe module statistics, displaying5-44 refinement, displaying5-41 reprobing5-28 retrieving5-26 statistics, displaying5-40 TTL, configuring5-24 zone statistics5-42, 5-43 Proximity Domain Name Server APP5-46 APP-UDP5-46 A-record1-26 cache5-24 configuration overview5-46 configuration quick start5-13 configurations, displaying5-51 disabling5-48 DNS-record keepalives, displaying5-53 DNS-record proximity statistics, displaying5-53 DNS-record statistics, displaying5-53 DNS server information, displaying5-54 DNS server statistics, clearing5-49 DNS Sticky2-4 domain records1-36, 1-37, 5-48 enabling1-14, 5-47 lookup cache5-49, 5-50, 5-51 NS-record1-31 overview5-5 zones, displaying5-53 publisher content replication8-16 displaying service configurations8-11 service8-10 Q quick start Adaptive Session Redundancy6-34 certificate management9-10 Content Routing Agent3-4 DNS Sticky2-5 IP redundancy7-4 Network Proximity5-12 Proximity Database5-12 Proximity Domain Name Server5-13 RSA certificate and key generation9-10 RSA certificate and key import9-12 SSL proxy configuration list9-10 SSL proxy list9-13 SSL service9-14 VIP redundancy6-6 virtual IP interface redundancy6-6 R RCMD command1-8 records address (A)1-26 configuring1-26 DNS Sticky1-28, 1-33 name server (NS)1-31 removing1-36 statistics1-37 statistics, resetting1-36, 4-14 weight, configuring1-29, 1-35 weight, displaying1-40 redundancy configuration quick start6-6, 7-4 configurations, displaying7-33 critical services6-12 interfaces, displaying6-21 IP7-1 IP redundant VIP6-11 physical interfaces7-19 redundant VIPs, displaying6-23 session6-28 stateless failover7-20, 7-24, 7-28 synchronizing configurations6-14, 7-12 uplink configuration example7-18 uplink services7-17 VIP6-1, 6-2, 6-8 virtual IP interface6-1, 6-2, 6-5, 6-8, 6-10 redundancy protocol configuring7-10 IP, overview7-2 redundant circuits, configuring for IP redundancy7-10 index6-30, 6-37 replication content rule8-15 content staging8-8 demand-based8-2 FTP access8-6 FTP record, creating8-7 hotlists8-3 max age8-5 max content8-5 max usage8-6 publisher8-16 publishing and subscribing8-9 service type8-4 replication and staging, configuring a content rule8-15 roundrobin, DNS weighted1-14, 1-15, 1-26, 1-29, 1-31, 1-34, 1-35, 1-40 round-trip time. See RTT route IP static, for firewall load balancing10-5 router virtual6-9, 6-12, 6-24 VRID6-9 RSA associating key pair9-30 certificate association, SSL proxy list9-47 certificate association in SSL proxy list9-48 cipher suites9-50 generating key pair9-22 key pair associations, viewing9-36 overview9-4 quick start9-10, 9-12 RTT5-3, 5-44 S scripting language !no echo command11-4 arithmetic operators11-8 arrays11-19 bitwise logical operators11-27 Boolean logic operators11-10 branch commands11-10 capturing user input11-23 command line arguments11-24 comments11-3 echo command11-3 functions11-25 grep command11-31 increment and decrement operators11-9 overview11-1 relational operators11-10 set and no set commands11-7 socket commands11-33 special variables11-13 syntax errors11-28 terminating a script11-28 variables11-5 scripts commit_redundancy7-12 commit_vip_redundancy6-15 configuration synchronization6-15, 7-12 keepalive examples11-41 playing11-2 showtech11-39 upgrade considerations11-39 service activating9-64 keepalive messages, disabling for SSL Acceleration Module9-63 publisher8-10 redundant6-37, 6-42 replication8-2 SSL Acceleration Module slot, specifying9-62 SSL acceleration type9-62 SSL proxy lists, adding9-61, 9-63 SSL service, creating9-61 SSL service quick start9-14 SSL session ID cache size9-63 subscriber8-13 service type replication cache redirect8-4 replication-store8-4 replication-store redirect8-4 specifying for replication8-4 ssl-accel9-62 session redundancy configuration quick start6-34 configuration requirements and restrictions6-31 content rule, redundant6-37 displaying information6-40 index, redundant6-30 Inter-Switch Communications6-36 overview6-28 service, redundant6-37 source group, redundant6-38 showtech script11-39 socket commands11-33 source group configuring for domain name resolution1-45 redundant6-38, 6-42 SSL acceleration service type9-62 certificate associations, viewing9-33, 9-40 certificates9-5, 9-17, 9-19, 9-27, 9-29, 9-40 certificate signing request, generating9-26 cipher suites, specifying9-50 configuration information, viewing9-68 cryptography capabilities9-7 Diffie-Hellman key agreement file9-4, 9-25, 9-32, 9-38 DSA digital signatures9-6 DSA key pairs9-24, 9-31 generating keys and certificates9-22 handshake negotation9-55 importing/exporting certificates and keys9-19 key pairs9-36, 9-37, 9-39, 9-40 overview9-2 processing of flows9-79 public key infrastructure9-3 quick start procedures9-10 RSA key pairs9-4, 9-22, 9-30 session cache9-54, 9-63 SSL Acceleration Module9-9, 9-62 SSL flows, viewing9-77 SSL proxy configurations, examples9-79 SSL proxy list, adding to SSL services9-61 SSL proxy list, creating9-43 SSL proxy list ssl-server, configuring9-44 statistics9-71, 9-76 TCP client-side connection options9-57 TCP server-side connection options9-58 termination9-1 SSL Acceleration Module creating SSL service9-61 overview9-2, 9-9 specifying in SSL service9-62 SSL termination9-9 statistics, viewing9-71 SSL proxy configurations full proxy example9-89 transparent example9-82, 9-85 SSL proxy list adding to service9-63 adding to SSL services9-61 creating9-43 mode9-43 overview9-42 quick start9-13 ssl-server, configuring9-44 viewing9-68 ssl-server (SSL proxy list) cipher suites, specifying9-50 creating9-45 Diffie-Hellman parameter file association, specifying9-49 DSA certificate association, specifying9-48 DSA key pair association, specifying9-49 RSA certificate association, specifying9-47 RSA key pair association, specifying9-48 SSL session cache timeout, configuring9-54 SSL session handshake renegotation, configuring9-55 SSL TCP client-side connection options, configuring9-57 SSL TCP server-side connection options, configuring9-58 version9-54 VIP address, specifying9-45 virtual TCP port, specifying9-46 staging and replication, configuring for content8-8 stateful failover6-28 stateless redundancy failover configuration restrictions7-21 configuration synchronization7-23 CSS parameters, configuring7-22 example configuration for IP redundancy7-25 example for VIP redundancy7-29 IP redundancy configuration7-24 overview7-20 VIP and virtual IP interface redundancy7-28 sticky domain records1-28, 1-33 subscriber service configuring8-13 displaying configurations8-14 synchronizing redundant configurations6-14 system configuration information script11-39 T TCP port number, configuring for APP1-7 temporary master CSS, for IP redundancy7-17 tiers example5-33 Network Proximity5-33, 5-47 TTL proximity5-24 U uplink services, configuring IP redundant7-17 V VIP redundancy circuit IP interface, configuring6-8 configuration quick start6-6 configurations, displaying6-20 critical services6-12 IP virtual router6-9 overview6-2 redundant interface6-10 redundant VIP, configuring6-11 stateless failover7-20, 7-28 synchronizing configurations6-14 VIPs, displaying6-23 with session redundancy6-31 virtual IP interface, configuring6-10 virtual IP interface redundancy configuration quick start6-6 configuring6-8 overview6-5 virtual router configurations, displaying6-24 configuring6-9 ID6-12 Virtual Router Redundancy Protocol. See VRRP virtual ssl server, creating9-45 VRRP6-2, 6-14, 7-28 W weight configuring DNS record1-29, 1-35 displaying DNS record1-40 weighted roundrobin, DNS1-14, 1-15, 1-26, 1-29, 1-31, 1-34, 1-35, 1-40 Z zones Client Side Accelerator4-14 displaying data5-42 DNS server1-14 DNS server load1-16 information, displaying1-24 Network Proximity5-7, 5-47, 5-53 proximity statistics, displaying5-43 zone transfer, unsupported among DNS servers1-2
	© 1992-2009 Cisco Systems, Inc. All rights reserved. Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks of Cisco Systems, Inc.