ipTunnelParam¶
The following operations can be performed on "ipTunnelParam":
set ipTunnelParam¶
p{white-space: pre-wrap;}
Sets global parameters of IPv4 tunnels on the Citrix ADC.
Synopsys¶
set ipTunnelParam [-srcIP <ip_addr>] [-dropFrag ( YES | NO )] [-dropFragCpuThreshold <positive_integer>] [-srcIPRoundRobin ( YES | NO )] [-enableStrictRx ( YES | NO )] [-enableStrictTx ( YES | NO )] [-mac <mac_addr>] [-useClientSourceIP ( YES | NO )]
Arguments¶
srcIP
Common source-IP address for all tunnels. For a specific tunnel, this global setting is overridden if you have specified another source IP address. Must be a MIP or SNIP address.
dropFrag
Drop any IP packet that requires fragmentation before it is sent through the tunnel.
Possible values: YES, NO
Default value: NO
dropFragCpuThreshold
Threshold value, as a percentage of CPU usage, at which to drop packets that require fragmentation to use the IP tunnel. Applies only if dropFragparameter is set to NO. The default value, 0, specifies that this parameter is not set.
Minimum value: 1
Maximum value: 100
srcIPRoundRobin
Use a different source IP address for each new session through a particular IP tunnel, as determined by round robin selection of one of the SNIP addresses. This setting is ignored if a common global source IP address has been specified for all the IP tunnels. This setting does not apply to a tunnel for which a source IP address has been specified.
Possible values: YES, NO
Default value: NO
enableStrictRx
Strict PBR check for IPSec packets received through tunnel
Possible values: YES, NO
Default value: NO
enableStrictTx
Strict PBR check for packets to be sent IPSec protected
Possible values: YES, NO
Default value: NO
mac
The shared MAC used for shared IP between cluster nodes/HA peers
useClientSourceIP
Use client source IP as source IP for outer tunnel IP header
Possible values: YES, NO
Default value: NO
Example¶
set ipTunnelParam -srcIP 10.100.20.48 -dropFrag YES -dropFragCpuThreshold 95 -useClientSourceIP YES
unset ipTunnelParam¶
p{white-space: pre-wrap;}
Use this command to remove ipTunnelParam settings.Refer to the set ipTunnelParam command for meanings of the arguments.
Synopsys¶
unset ipTunnelParam [-srcIP] [-dropFrag] [-dropFragCpuThreshold] [-srcIPRoundRobin] [-enableStrictRx] [-enableStrictTx] [-mac] [-useClientSourceIP]
show ipTunnelParam¶
p{white-space: pre-wrap;}
Display the IP Tunnel global settings on the Citrix ADC
Synopsys¶
show ipTunnelParam
Outputs¶
srcIP
Common source-IP address for all tunnels. For a specific tunnel, this global setting is overridden if you have specified another source IP address. Must be a MIP or SNIP address.
dropFrag
Drop any IP packet that requires fragmentation before it is sent through the tunnel.
dropFragCpuThreshold
Threshold value, as a percentage of CPU usage, at which to drop packets that require fragmentation to use the IP tunnel. Applies only if dropFragparameter is set to NO. The default value, 0, specifies that this parameter is not set.
srcIPRoundRobin
Use a different source IP address for each new session through a particular IP tunnel, as determined by round robin selection of one of the SNIP addresses. This setting is ignored if a common global source IP address has been specified for all the IP tunnels. This setting does not apply to a tunnel for which a source IP address has been specified.
enableStrictRx
Strict PBR check for IPSec packets received through tunnel
enableStrictTx
Strict PBR check for packets to be sent IPSec protected
mac
The shared MAC used for shared IP between cluster nodes/HA peers
useClientSourceIP
Use client source IP as source IP for outer tunnel IP header
Example¶
Tunnel Source IP: 10.100.20.48 Round Robin of Tunnel Source IP: NO Drop if Fragmentation Needed: NO CPU usage threshold to avoid fragmentation: 95 Strict PBR check for IPSec packets received through tunnel: NO Strict PBR check for packets to be sent IPSec protected: NO Tunnel MAC for shared IPs: 00:00:00:00:00:00 Use client sourceIP as sourceIP for outer tunnel IP header: YES