-
CSS Command Reference (Software Version 7.40)
-
Preface
-
Using the Command-Line Interface
-
General Commands (A through R)
-
General Commands (S through Z)
-
Global Configuration Mode Commands (A through K)
-
Global Configuration Mode Commands (L through Z)
-
ACL Configuration Mode Commands
-
Boot Configuration Mode Commands
-
Circuit and IP Configuration Mode Commands
-
DQL Configuration Mode Commands
-
EQL Configuration Mode Commands
-
Group Configuration Mode Commands
-
Header-Field Group Configuration Mode Commands
-
Interface Configuration Mode Commands
-
Keepalive Configuration Mode Commands
-
NQL Configuration Mode Commands
-
Owner and Content Configuration Mode Commands
-
Reporter Configuration Mode Commands
-
RMON Alarm, Event, and History Configuration Mode Commands
-
Service Configuration Mode Commands
-
SSL-Proxy-List Configuration Mode Commands
-
URQL Configuration Mode Commands
-
Table Of Contents
Service Configuration Mode Commands
(config-service) add ssl-proxy-list
(config-service) bypass-hosttag
(config-service) max connections
(config-service) redirect-string
(config-service) redundant-index
(config-service) remove ssl-proxy-list
(config-service) session-cache-size
(config-service) transparent-hosttag
Service Configuration Mode Commands
Service configuration mode allows you to configure a service on the CSS. A service is an entity that contains and provides Internet content. It is identified by a name, an IP address, and optimally, a protocol and a port number. When you create a service, you can apply content rules to it. The rules allow the CSS to direct or deny requests for content from the service.
To access service configuration mode, use the service command from global, circuit, IP, interface, and keepalive configuration modes. The prompt changes to (config-service [name]). You can also access another service from service configuration mode. For information about commands available in this mode, see the following commands.
Use the no form of this command to delete an existing service.
service service_name
no service service_name
Syntax Description
(config-service) access
To associate an FTP access mechanism with a service for moving content during publishing, subscribing, and demand-based replication activities, use the access command. Use the no form of this command to remove a service access mechanism.
access ftp ftp_record
no access ftp
Syntax Description
Usage Guidelines
You must use the access command for each service that offers publishing services. This command is optional for subscriber services; the subscriber service inherits the access mechanism from the publisher.
When you use this command to associate an FTP access mechanism to a service, the base directory of an existing FTP record becomes the tree root. To maintain coherent mapping between WWW daemons and FTP daemons, make the FTP access base directory equivalent to the WWW daemon root directory as seen by clients. For information on creating an FTP record, see the (config) ftp-record command.
Related Commands
(config-service) active
To activate the specified service, use the active command. Activating a service puts it into the resource pool for load-balancing content requests.
active
Related Commands
(config-service) add ssl-proxy-list
To include an SSL proxy list as part of an SSL service, use the add ssl-proxy-list command. You can only add an SSL to a service that is an ssl-accel type. Activating a service puts it into the resource pool for load-balancing content requests.
add ssl-proxy-list name
Syntax Description
name
Name of a previously configured SSL proxy list. To see a list of existing SSL proxy lists, enter:
#(config-service) add ssl-proxy-list ?
Related Commands
(config-service) remove ssl-proxy-list
(config-service) type ssl-accel(config-service) bypass-hosttag
To allow the Client Side Accelerator (CSA) on the CSS to bypass a cache farm and establish a connection with the origin server to retrieve noncacheable content, use the bypass-hosttag command. The domain name from the host tag field is used to look up the origin IP address on the CSA. Use the no form of this command to disable the bypassing of cache for noncacheable content.
bypass-hosttag
no bypass-hosttag
Usage Guidelines
Before you can use this command, make sure that the service is suspended.
To bypass the cache farm for noncacheable content, you must also configure a service IP address of 0.0.0.0 and a keepalive type of none.
Related Commands
(config-service) ip address
(config-service) keepalive type none
(config-service) type(config-service) cache-bypass
To disable applying content rules to requests originating from a proxy or transparent-cache type service when the CSS processes the requests, use the cache-bypass command. By default, no content rules are applied to requests from a proxy or transparent-cache type service. Use the no form of this command to apply content rules to requests from a proxy or transparent-cache type service.
cache-bypass
no cache-bypass
Related Commands
(config-service) cookie
To specify the HTTP cookie for the service, use the cookie command. This command is replaced by the (config-service) string command.
cookie cookie_name
Syntax Description
cookie_name
Name of the cookie. Enter a unquoted text string with no spaces and a maximum length of 15 characters.
(config-service) domain
To specify the domain name to prepend to a requested piece of content when an HTTP redirect service generates an "object moved" message for the service, use the domain command. Use the no form of this command to clear the redirect domain for the service.
domain domain_name
no domain
Syntax Description
domain_name
Name of the domain. Enter a unquoted text string with no spaces and a maximum length of 64 characters.
The CSS automatically prepends the domain name with http://. To disable the prepending of http:// to the domain name, use the (config-service) prepend-http command.
Usage Guidelines
The CSS uses the configured domain name in the redirect message as the new location for the requested content. The CSS prepends the domain name to the requested URL. If the domain name is not configured, the CSS uses the domain in the host-tag field from the original request. If no host tag is found, the CSS uses the IP address of the service to generate the redirect.
You can only use a service redirect domain on a service of type redirect.
Note
The domain and (config-service) redirect-string commands are similar. The CSS returns the (config-service) redirect-string command string verbatim as configured. With the domain command, the CSS prepends the domain to the original requested URL. You cannot simultaneously configure the domain and (config-service) redirect-string commands on the same service.
Related Commands
show service
(config-service) prepend-http(config-service) ip address
To specify the service IP address or a range of addresses, use the ip address command. Use the no form of this command to clear the IP address for a service and set it to its default value of 0.0.0.0.
ip address ip_address {range number}
no ip address
Syntax Description
Usage Guidelines
Before you can change the address, make sure that the service is suspended.
Some services do not require an IP address. Services that does not require an IP address are:
•
•
•
You must configure these services with a keepalive type of none.
Related Commands
(config-service) keepalive
(config-service) port
(config-service) type(config-service) keepalive
To configure keepalive message parameters for the service, use the keepalive command. The options for this service mode command are:
•
•
•
•
•
•
•
•
•
•
•
For more information on these options and associated variables, see the following commands.
Usage Guidelines
The CSS divides the keepalive types into two categories, Class A and Class B keepalives. The CSS supports a maximum of 2048 Class A keepalives. The CSS supports a maximum of 512 Class B keepalives. Table 2-3 lists the keepalive types in each class, the maximum number of each type, and the maximum number of each keepalive type that can execute concurrently.
Caution
Configure global keepalives through the (config) keepalive command. Regardless of the number of services you assign to a global keepalive through the (config-service) keepalive type named command, the CSS always counts it as one keepalive.
For more information on configuring keepalives, refer to the Cisco Content Services Switch Content Load-Balancing Configuration Guide.
keepalive frequency
To specify the keepalive message frequency, use the keepalive frequency command. Use the no form of this command to reset the frequency to its default value of 5.
keepalive frequency frequency
no keepalive frequency
Syntax Description
frequency
Time in seconds between sending keepalive messages to the service. Enter an integer from 2 to 255. The default is 5.
Usage Guidelines
For script keepalives, configure a higher frequency time value. A time interval of over 10 seconds ensures that the script keepalive has enough time to finish. Otherwise, state transitions may occur more often than usual.
If you configure more than 16 keepalives, the CSS automatically adjusts the keepalive frequency time to a value that best fits the resource usage. Note that this adjustment also affects the keepalive retry period value by adjusting that value to a number that is one-half the adjusted frequency time. If this occurs, you may observe in the running-configuration that your previously set keepalive frequency and retry period times change to a different value, as determined by the CSS.
The timeout for a keepalive is related to the configured keepalive frequency. In WebNS 5.1 and earlier versions, the timeout is equivalent to the keepalive frequency. In version 5.2, the timeout is one second less than the keepalive frequency.
Command Modes
Service
keepalive hash
To specify the MD5 hash for the keepalive, use the keepalive hash command. The keepalive process compares the hash with the computed hash of all HTTP GET responses. A successful comparison results in the keepalive maintaining an ALIVE state. Use the no form of this command to clear the hash value.
keepalive hash "object"
no keepalive hash
Syntax Description
"object"
Object containing the MD5 hash in hexadecimal value for the keepalive. To determine the value for the hash, use the show keepalive command after you configure the keepalive without the hash option. Enter a quoted text string up to 32 characters.
Command Modes
Service
Related Commands
keepalive http-rspcodeTo specify the response code expected from the HTTP daemon when the CSS issues a HEAD request, use the keepalive http-rspcode command. This command could be helpful for checking a redirect by specifying the 302 response code, or triggering another non-200 HTTP response code. Use the no form of the command to reset the response code to its default value of 200.
keepalive http-rspcode value
no keepalive http-rspcode
Syntax Description
value
Response code expected from the HTTP daemon. Enter the response code as an integer from 100 to 999. The default is 200.
Command Modes
Service
Related Commands
(config-keepalive) http-rspcode
Command Modes
Service
keepalive maxfailure
To specify the number of times the service can fail to respond to a keepalive message before being considered dead, use the keepalive maxfailure command. Use the no form of this command to reset the maximum failure number to its default value of 3.
keepalive maxfailure number
no keepalive maxfailure
Syntax Description
Command Modes
Service
keepalive method
To specify the HTTP keepalive method for the service, use the keepalive method command.
keepalive method get|head
Syntax Description
Command Modes
Service
Usage Guidelines
If you change the keepalive method on an active service, suspend and reactivate the service for the change to take effect.
keepalive port
To define a port number for the keepalive, use the keepalive port command. Use the no form of this command to reset the keepalive port to its default setting.
keepalive port number
no keepalive port
Syntax Description
Command Modes
Service
Usage Guidelines
If you do not configure the port, the keepalive uses the service port configured with the (config-service) port command. If you do not configure either port, the keepalive is based on the configured keepalive type.
Related Commands
(config-service) keepalive type
keepalive retryperiod
To specify the keepalive retry period for the service, use the keepalive retryperiod command. Use the no form of this command to reset the retry period to its default value of 5.
keepalive retryperiod period
no keepalive retryperiod
Syntax Description
period
Time in seconds between sending retry messages to the service. Enter an integer from 2 to 255. The default is 5.
Command Modes
Service
Usage Guidelines
When a service has failed to respond to a given keepalive message (the service is now transitioned to the dying state), the retry period specifies how frequently the CSS tests the service to see if it is functional.
keepalive tcp-close
To specify the keepalive to close a TCP socket with a FIN or a RST, use the keepalive tcp-close command.
keepalive tcp-close [fin|rst]
Syntax Description
fin
Specifies that the keepalive closes the TCP socket with a FIN rather than a RST
rst
Specifies that the keepalive closes the TCP socket with a RST (default)
Command Modes
Service
Usage Guidelines
By default and in compliance with RFC 1122, the CSS sends a reset (RST) to close the socket on a server port for TCP keepalives. A RST is faster than a FIN, because a RST requires only one packet, while a FIN can take up to four packets. If your servers require a graceful closing of a socket using a FIN, use the keepalive tcp-close fin command.
The keepalive tcp-close fin and keepalive mode tcp-close fin commands may be applied to a total of 100 TCP keepalives.
Related Commands
(config-service) keepalive type
keepalive type
To specify the type of keepalive message, if any, appropriate for the service, use the keepalive type command.
keepalive type [ftp ftp_record|http {non-persistent}|icmp|none
|script script_name {"arguments"} {use-output}|ssl|tcp]Syntax Description
ftp ftp_record
Defines a keepalive method in which the CSS logs in to an FTP server as defined in the FTP record file. Enter the name of an existing FTP record for the FTP server as an unquoted text string with no spaces. To create an FTP record, use the (config) ftp-record command.
http {non-persistent}
Defines an HTTP index page request. By default, HTTP keepalives attempt to use persistent connections. To disable this behavior, include the non-persistent option.
icmp
Defines an ICMP echo message (default).
named name
Defines a global keepalive defined in keepalive configuration mode. To view a list of defined keepalive names, enter:
keepalive type named ?Before using this command, make sure that the keepalive is activated through the (config-service) active command.
Assigning this global keepalive to a service overrides any keepalive properties configured in service mode.
none
Do not send keepalive messages to the service.
script script_name
Defines a script keepalive is to be used by the service. The script is played every time the keepalive is issued. Enter the name of the script keepalive. To view a list of scripts, enter:
keepalive type script ?"arguments"
(Optional) Arguments to pass into the keepalive script. Enter a quoted text string with a maximum of 128 characters including spaces.
use-output
(Optional) Allows the script to parse the output for each executed command. This optional keyword allows the use grep and file direction within a script. By default, the script does not parse the output.
ssl
SSL HELLO keepalives for this service. Use this keepalive for all backend services supporting SSL. The CSS sends a client HELLO to connect the SSL server. After the CSS receives a HELLO from the server, the CSS closes the connection with a TCP RST.
When the CSS is using an SSL module, use the keepalive type of none. The SSL module is an integrated device in the CSS and does not require the use of keepalive messages for the service.
tcp
Defines the TCP connection handshake request. To define a port for a TCP keepalive, use the (config-service) keepalive port command.
Usage Guidelines
The CSS divides the keepalive types into two categories, Class A and Class B keepalives. The CSS supports a maximum of 2048 Class A keepalives. The CSS supports a maximum of 512 Class B keepalives. Table 2-4 lists the keepalive types in each class, the maximum number of each type, and the maximum number of each keepalive type that can execute concurrently.
Caution
When the CSS is using an SSL module, use the keepalive type of none. The SSL module is an integrated device in the CSS and does not require the use of keepalive messages for the service.
The keepalive tcp-close fin and keepalive mode tcp-close fin commands may be applied to a total of 100 TCP keepalives.
Command Modes
Service
keepalive uri
To specify the HTTP keepalive content information for the service, use the keepalive uri command. Use the no form of this command to clear the content information of the URI for the service.
keepalive uri "uri"
no keepalive uri
Syntax Description
Usage Guidelines
When you specify the content information of a URI for an HTTP keepalive, the CSS calculates a hash value for the content. If the content information changes, the hash value no longer matches the original hash value and the CSS assumes that the service is down. To prevent the CSS from assuming that a service is down due to a hash value mismatch, define keepalive method as head. The CSS does not compute a hash value for this type of keepalive.
If you specify a Web page with changeable content and do not specify the head keepalive method, you must suspend and reactivate the service each time the content changes.
Command Modes
Service
(config-service) load
To configure a load on a service and bypass the CSS load calculation method (relative or absolute), use the load command in service configuration mode. Use the no form of the command to reset the load value to the default of 2.
load number
no load
Syntax Description
Command Modes
Service
Usage Guidelines
To use the load command, you must disable global load reporting by entering the no load reporting command in global configuration mode. Do not reenable load reporting. If you do, the load value you entered with the load command will no longer apply to the service. To recover, you must then disable load reporting and reenter the load command on the service at the CLI.
Use the load command with the ACA load-balancing method when you want to take into account server load parameters, for example:
•
•
•
•
You can set the load command value with your application or server using SNMP or the CSS XML interface. For information about ACA, refer to the Cisco Content Services Switch Content Load-Balancing Configuration Guide. For information about SNMP and the XML interface, refer to the Cisco Content Services Switch Administration Guide.
Related Commands
(config-service) show load
(config-service) max age
To define the maximum age for replicated objects on services defined as type rep-cache-redir, rep-store, or rep-store-redir, use the max age command. The CSS deletes the dynamic content rule after the maximum age time elapses. Use the no form of this command to set the maximum age for replicated objects to its default value of 120.
max age minutes
no max age
Syntax Description
(config-service) max connections
To define the maximum number of TCP connections on the services, use the max connections command. Use the no form of this command to set the maximum TCP connections to the default of 65534.
max connections number
no max connections
Syntax Description
Usage Guidelines
Do not use service max connections on UDP content rules. The service connection counters do not increment and remain at 0 because UDP is a connectionless protocol.
(config-service) max content
To define the maximum pieces of content for replication on services defined as type rep-cache-redir, rep-store, or rep-store-redir, use the max content command. Use the no form of this command to set the maximum content to its default value of 100.
max content number
no max content
Syntax Description
(config-service) max usage
To define the maximum disk space allowed for replication on services defined as type rep-cache-redir, rep-store, or rep-store-redir, use the max usage command. Use the no form of this command to set the maximum disk space to its default value of 1 megabyte.
max usage mbytes
no max usage
Syntax Description
(config-service) no
To negate a command or set it to its default, use the no command. For information on general no commands you can use in this mode, see the general no command. The following option is available in service mode.
Syntax Description
no access ftp
Removes the service access mechanism.
no acl index
Deletes an ACL.
no bypass-hosttag
Disables the bypassing of cache for noncacheable content.
no cache-bypass
Allows the applying of content rules to requests from a proxy or transparent cache service.
no domain
Clears the redirect domain for the service.
no ip address
Clears the IP address for the service and sets it to its default value of 0.0.0.0.
no keepalive frequency
Resets the keepalive frequency to its default value of 5 seconds.
no keepalive hash
Clears the keepalive MD5 hash object.
no keepalive http-rspcode
Resets the response code to its default value of 200.
no keepalive maxfailure
Resets the keepalive maximum failures to its default value of 3.
no keepalive port
Resets the keepalive port to its default setting based on the configured service port. Otherwise, the default setting is based on the configured keepalive type.
no keepalive retryperiod
Resets the keepalive retry period to its default value of 5 seconds.
no keepalive uri
Clears the content information for the HTTP keepalive URI.
no load
Resets the manually configured load value on a service to the default of 2.
no max age
Resets the maximum age for replicated content to the default of 120 minutes.
no max content
Resets the maximum content for replication to the default of 100 pieces.
no max usage
Resets the maximum disk space allowed for replication to the default of 1 megabyte.
no owner existing_owner_name
Deletes an existing owner.
no port
Resets the IP port for the service to the default of any.
no prepend-http
Disables the prepending of http:// on string configured through the (config-service) redirect-string and (config-service) domain commands for the service.
no protocol
Resets the IP protocol for the service to the default of any.
no publisher
Removes publishing on a service.
no publisher interval
Disables the publisher resynchronization interval by setting it to its default of 0.
no redirect-string
Removes the redirect string from the service.
no redundant-index
Disables redundancy on the service.
no string
Removes the cookie from the service.
no subscriber
Unsubscribes the service from a publishing service.
no transparent-hosttag
Disables destination NATing for the transparent cache service type.
no type
Resets the type for the service to its default setting of local.
no weight
Resets the service weight to its default setting of 1.
(config-service) port
To specify the service TCP/UDP port number or a range of port numbers, use the port command. Use the no form of this command to reset the port to any.
port number1 {range number2}
no port
Syntax Description
Usage Guidelines
Before you can change the port, make sure that the service is suspended.
Related Commands
(config-service) ip address
(config-service) protocol(config-service) prepend-http
To enable the prepending of http:// to a redirect string configured through the (config-service) redirect-string command, or a domain configured through the (config-service) domain command for the service. By default, prepending is enabled. Use the no form of this command to disable the prepending of http://.
prepend-http
no prepend-http
Related Commands
(config-service) domain
(config-service) redirect-string(config-service) protocol
To specify the service IP protocol, use the protocol command. The default setting for this command is any, for any IP protocol. Use the no form of this command to reset the protocol to the default of any.
protocol tcp|udp
no protocol
Syntax Description
Usage Guidelines
Before you can change the protocol, make sure that the service is suspended.
Related Commands
(config-service) ip address
(config-service) keepalive type
(config-service) port(config-service) publisher
To configure a service as a publishing service and define its synchronization interval, use the publisher command. Use the no form of this command to remove publishing on a service or disable the publisher resynchronization interval by setting it to its default of 0.
publisher {interval minutes {trigger_file}}
no publisher {interval}
Syntax Description
Usage Guidelines
Use the publisher command to configure a service as a publishing service.
A publishing service can synchronize content among associated subscriber services. To move the content during publishing activities, configure an access mechanism by using the (config-service) access command.
When you define the interval to synchronize the subscriber, the interval begins at the time that you enter the command. Subscribers that are unavailable for synchronization are placed in an offline state and retried until the operation is completed.
The publisher service does not become active until it has at least one configured subscriber. You do not need to configure the publisher before configuring the subscriber, but the publisher must be configured before the subscriber can receive any content synchronization updates.
Related Commands
replicate
(config) ftp-record
(config-service) access
(config-service) subscriber(config-service) redirect-string
To specify an HTTP redirect string to be used when an HTTP redirect service generates an "object moved" message for the service, use the redirect-string command. Use the no form of this command to remove the redirect string from the service.
redirect-string string
no redirect-string
Syntax Description
string
HTTP redirect string. Enter a quoted or an unquoted text string with no spaces and a maximum of 252 characters.
The CSS automatically prepends the string with http://. To disable the prepending of http:// to the string, use the (config-service) prepend-http command.
Usage Guidelines
The CSS uses the entire configured redirect string as the new location for the requested content. If no string is configured, the CSS prepends the domain configured with the (config-service) domain command to the original request. If neither the redirect string nor the domain name is configured, the CSS uses the domain in the host-tag field from the original request combined with the requested HTTP content URL. If no host tag is found, the CSS uses the IP address of the service to generate the redirect.
Note
Note
Related Commands
(config-service) redundant-index
To configure the global content index for a redundant service, use the redundant-index command. A CSS uses the global content index to keep track of redundant services and associated flow state information. Use the no form of this command to disable redundancy on the service.
redundant-index number
no redundant-index
Syntax Description
Usage Guidelines
If you enter the no redundant-index command on an active redundant service for live redundancy peers, the command automatically suspends the service. Flows already mapped by a CSS are not affected. However, if a failover occurs during the life of an active flow that matches on such a suspended service, the backup CSS cannot map the flow because it cannot find the service with the same global index as that on the original master.
Note
For information on redundant indexes and configuring Adaptive Session Redundancy (ASR) on 11500 series CSS peers, including requirements and restrictions that apply to both CSS peers in an ASR configuration, refer to the Cisco Content Services Switch Redundancy Configuration Guide.
Related Commands
(config-group) redundant-index
(config-owner-content) redundant-index
(config-service) ip address(config-service) remove ssl-proxy-list
To remove an SSL proxy list that is part of an SSL service, use the remove ssl-proxy-list command. Removing a service removes it from the resource pool for load-balancing content requests.
remove ssl-proxy-list name
Syntax Description
Related Commands
(config-service) add ssl-proxy-list
(config-service) session-cache-size
To reconfigure the size of the SSL session ID cache for the service, use the session-cache-size command. The cache size is the maximum number of SSL session IDs that can be stored in a dedicated session cache on the SSL module. Use the no form of this command to reset the cache to its default value of 10000.
session-cache-size sessions
no session-cache-size
Syntax Description
sessions
Number of sessions in the SSL session ID cache. Enter a number from 0 to 100000. A value of 0 disables the cache.
Usage Guidelines
If you disable the SSL session cache by setting it to 0, ensure the following are properly configured to turn off the use of SSL session ID:
•
•
The backend session ID cache is set to 4096 entries and is not configurable.
(config-service) slot
To specify the slot in a CSS in which the SSL Acceleration module is located, use the slot command. The SSL service requires the SSL module slot number to correlate the SSL proxy list to a specific module. The CSS 11501 supports a single integrated SSL module. The CSS 11503 and CSS 11506 support multiple SSL modules; a maximum of two in a CSS 11503 and a maximum of four in a CSS 11506.
slot number
Syntax Description
number
Slot number. The valid entry for the CSS 11501 is 2. The valid entries for the CSS 11503 are 2 and 3. The valid entries for the CSS 11506 CSS are 2 to 6. Slot 1 is reserved for the SCM.
Usage Guidelines
The CSS supports one active SSL service for each SSL module in the CSS (one SSL service per slot). You can configure more than one SSL service for a slot but only a single SSL service can be active at a time.
(config-service) string
To specify the HTTP cookie for the service, use the string command. Use the no form of this command to remove the cookie for the service.
string cookie_name
no string
Syntax Description
cookie_name
Name of the cookie. Enter a unquoted text string with no spaces and a maximum length of 15 characters.
(config-service) subscriber
To configure a service as a subscriber to a publishing service, use the subscriber command. Use the no form of this command to unsubscribe the service from a publishing service.
subscriber publisher
no subscriber
Syntax Description
Usage Guidelines
By default, the subscriber inherits the access mechanism of the publisher for the movement of content. But if you want to configure an alternative mechanism, use the (config-service) access command.
You can define a maximum of 31 subscribers to a publisher.
Related Commands
(config) ftp-record
(config-service) access
(config-service) publisher(config-service) suspend
To remove the service from the pool for future load-balancing content requests, use the suspend command. Suspending a service does not affect existing content flows, but it does prevent additional connections from accessing the service for its content.
suspend
Usage Guidelines
If you suspend a service, the CSS uses the failover command setting to handle content requests.
Related Commands
(config-service) transparent-hosttag
To enable destination network address translation (NAT) for the transparent cache service type, use the transparent-hosttag command. Use the no form of this command to disable destination network address translation for the transparent cache service type.
transparent-hosttag
no transparent-hosttag
Usage Guidelines
Before you can use this command, make sure that the service is suspended.
Currently, you can use this command only in a CSA environment.
You do not need to configure source groups in a CSA environment. The transparent cache environment does not require the client source IP NATing that occurs as a result of a source group configuration.
Related Commands
(config-service) type
To specify the type for the service, use the type command. If you do not define a type for the service, the default service type is local. Use the no form of this command to reset the type for the service to its default setting of local.
type nci-direct-return|nci-info-only|proxy-cache|redirect
|redundancy-up|rep-cache-redir|rep-store|rep-store-redir|ssl-accel
|ssl-accel-backend|ssl-init|transparent-cacheno type
Syntax Description
nci-direct-return
Specifies a NAT Channel Indication (NCI) service for NAT peering. NAT peering allows the building of forward TCP-switched connections between CSSs until the destination CSS is reached and the destination CSS performs the final transformations, which allows return traffic packets to flow to the client through any network path. This service type informs the CSS to include the NCI option in the TCP packet. This keyword indicates to the server-side CSS that NAT parameters are in use and contains the original source and destination IP addresses and TCP port numbers. If a Layer 5 rule is matched, the spoof bit in the NCI option is set to indicate that part of the flow has been spoofed and the rest of the forward path must be established before the destination CSS can use the information in the packet to perform the NAT transformations for the reverse path. Configure the VIP for the service to the VIP on the server-side CSS to indicate an endpoint for the connection.
You must create a source group for the client traffic. The CSS will translate the client IP address to the IP address defined in the source group.
nci-info-only
Specifies the service is NAT Channel indication for information only.
proxy-cache
Specifies the service is a proxy cache. This keyword bypasses content rules for requests from the cache. Bypassing content rules prevents a loop from forming between the cache server and the CSS. To allow the applying of content rules to requests, enter:
no cache-bypassredirect
Specifies the service is not directly accessible and requires redirection. The CSS must use the HTTP redirect mechanism to direct the client request to the desired content.
redundancy-up
Designates one or more routers as type redundancy-up critical services. A typical configuration contains 10 or fewer routers. Within a redundant configuration, the CSS allows you to configure multiple redundancy uplink critical services (up to a maximum of 512).
This critical service type enables the master CSS to ping a router service using the default keepalive Internet Control Message Protocol (ICMP). If the master CSS fails or it detects that all router uplink critical services have failed, the backup CSS becomes the master.
In a redundant configuration that does not configure the routers as type redundancy-up critical services, a backup CSS becomes master only when the current master CSS fails. In this configuration, a switchover does not occur when the router services fail.
You cannot add redundancy uplink critical services to a content rule.
You cannot use this service type and the (config) ip redundancy master command simultaneously. Before you can specify a redundant uplink, you must enter the (config) no ip redundancy master command.
rep-cache-redir
Specifies the service is a replication cache with redirect. The CSS uses the replication cache as a redirect service instead of load balancing between the local service and the cache.
rep-store
Specifies the service is a replication store server for hot content. The service is a local overflow service used to load-balance content requests. The CSS moves hot content to the server, and then creates a dynamic content rule for the hot content automatically. The dynamic content rule inherits all the attributes of the existing rule with the following changes:
•
•
The CSS deletes the dynamic content rule after the maximum age time elapses or the service keepalive indicates failure.
rep-store-redir
Specifies the service is a replication store to which content requests are redirected. The service is a remote overflow service. No content rules are applied to requests from this service type.
ssl-accel
Specifies that this is an SSL acceleration service. You add an active SSL proxy list to an ssl-accel type service to initiate the transfer of SSL configuration data for the SSL module. This allows you to:
•
•
ssl-accel-backend
Specifies that this is a backend SSL service. You add an active SSL proxy list to an ssl-accel-backend type service to initiate the transfer of SSL configuration data for the SSL module. This allows you to:
•
•
ssl-init
Specifies that this is an SSL initiation service. You add an active SSL proxy list to an ssl-init type service to initiate the transfer of SSL configuration data for the SSL module. This command allows you to:
•
•
transparent-cache
Specifies the service is a transparent cache. No content rules are applied to requests from the cache. Bypassing content rules prevents a loop from forming between the cache server and the CSS. To allow the applying of content rules to requests, enter:
no cache-bypass
Usage Guidelines
Before you can change the type, make sure that the service is suspended.
(config-service) weight
To specify the relative weight of the service, use the weight command. The weight is used in ArrowPoint Content Awareness (ACA) and weighted roundrobin load-balancing decisions. Use the no form of this command to reset the service weight to its default value of 1.
weight weight
no weight
Syntax Description
weight
Service weight used with load metrics to make load-allocation decisions. You can use the weight to bias flows toward the specified service. Enter an integer from 0 to 10. The default is 1.
Usage Guidelines
The weight for the service set through the (config-owner-content) add service command takes precedent over the (config-service) weight command. For information about using a service weight of 0 (graceful shutdown), refer to the Cisco Content Services Switch Content Load-Balancing Configuration Guide.
Related Commands
(config-owner-content) add service
(config-owner-content) balance(config-service) zero
To set statistics counters for all or specified services on the CSS to zero, use the zero command. The show service command displays the counters.
zero total-connections|total-reused-connections|state-transitions {service name}
Syntax Description
Command Modes
All modes
Related Commands
