Add a real service

Create a real service which binds a named host (created with the host command) and port to a named service. You can also use this command to modify an existing service configuration. You can configure up to 512 real services per service group.

There are several configurable parameters available with this command, the most important being the protocol this service will use and the port which it will monitor for connections. You can specify multiple ports on each host. The command defaults to protocol of TCP and port number 80.

You cannot configure more than one real service with the same host/port combination. Also, a real service can only be configured as part of one virtual service and one service group.

Access mode

config

Syntax

vSwitch-name loadBalance realService

Arguments

Field Name Description
name text A text string identifying the real service.
hostName text The named host, configured with the host command, that is associated with the real service.
protocol enumeration Optional: The protocol that the virtual service takes action on. When traffic of that protocol type arrives over the port specified with the port argument, it is forwarded according to the load balancing configuration.

The default setting is "TCP".

Valid values:
  • TCP : Transmission Control Protocol.
  • UDP : User Datagram Protocol.
port enumeration Optional: The port that the host uses to listen for connections of the type specified with the protocol argument.

The default setting is "80".

Valid values:
  • 1..65535
  • ignore : The port is not necessary for the VirtualService this RealService is used in.
healthCheckPort integer Optional: The port on the host that is being used for health checking for health checks that require a port.

Valid values are from 1 to 65535.
weight enumeration Optional: The weight associated with the host, which the system uses in combination with the algorithm (set with the serviceGroup command) to determine the number of assigned connections.

The larger the weight, the greater the number of connections allocated by the load balance algorithm. If a server is capable of handling more traffic than other servers in the service group, then set the weight to a higher value than those weights assigned to other servers in the group. Each server receives a percentage of traffic equal to the percentage its weight is of the cumulative weight (for all servers in the service group).

You can either set a specific weight or leave it as a dynamic variable. A setting of dynamic determines a weight calculation based on the server health check latency results.

The default setting is "1".

Valid values:
  • 1..65535
  • dynamic : Weight calculation is based on the server health check latency results.
description text Optional: A text description assigned to the real service. This description is displayed with output from the show realService command.
adminState enumeration Optional: The administrative state of the named service, either enabled or disabled. Set a status of disabled if you want to preconfigure a real service before bringing it online or disable a running real service.

The default setting is "enabled".

Valid values: enabled, disabled
disableDelay enumeration Optional: This is the time in seconds before a real service is disabled when the adminState is set to disabled.

The default setting is "0".

Valid values:
  • 0..600
  • unlimited : The real service will not terminate any current connections.
ilSHCFailureRateThreshold integer Optional: The percentage of InLine Server Health Check failures allowed before the real service is brought down.

Valid values are from 0 to 50; the default setting is "1".
clientAddressTranslationMask ipAddress Optional: The mask to control whether or not the client's address will be changed to an address from the Proxy IP Pool for the vRouter that the RealService is using, before the packet is sent to the RealService. A value of 255.255.255.255 (default) disables client address translation while a value of 0.0.0.0 enables client address translation for all clients. Any other value of contiguous 1's and 0's can be used to control the clients that will have their address translated.

The default setting is "255.255.255.255".
proxyIpPool text Optional: The named Proxy IP Pool that will be used when clientAddressTranslation is enabled on this real service, or usePooledConnections is enabled on the RequestPolicy that this real service is in. The Proxy IP Pool defines the IP addresses that will be substituted for the host address of this real service.
bridgeMode enumeration Optional: When enabled, traffic that is sent to the RealService will be bridged, that is it will be forwarded with the client's source address and VirtualService's destination address. The source and destination addresses will not be modified.

The default setting is "disabled".

Valid values: enabled, disabled
persistName text Optional: When the RequestPolicy persistType is set to fieldMatchName, this string will be used to compare to the extracted field in the HTTP request header. If there is a match, the request will be forwarded to this real service.
encryption enumeration Optional: The encryption method for real service traffic.

The default setting is "unencrypted".

Valid values:
  • unencrypted : No encryption is enabled for the real service.
  • SSL : SSL is enabled for the real service.
certName text Optional: The name of an imported certificate used to verify the real service. If certName is not a valid CKM table entry, no other SSL configuration parameters set through this service group are used.
certType enumeration Optional: The SSL authentication type for the real service.

The default setting is "literal".

Valid values:
  • CA : Accept any valid cert signed by the key holder of the certificate rsCertName.
  • Literal : Accept the certificate rsCertName to complete SSL certificate verification.
sslProto enumeration Optional: The SSL protocols supported by the real services.

The default setting is "SSLv3; TLSv1".

Valid values:
  • SSLv3 : Secure Socket Layer Protocol, Version 3.0.
  • TLSv1 : Transport Layer Security (TLS) V 1.0, defined in RFC 2246. SSL, Version 3.1.
sslCiphers enumeration Optional: The encryption methods (cipher suites) used on traffic passing through this real service. (See RFC 2246, The Transport Layer Security (TLS) Protocol Version 1.0 for detailed descriptions of each cipher.)

The default setting is "RSA_WITH_AES_256_CBC_SHA; RSA_WITH_RC4_128_MD5; RSA_WITH_RC4_128_SHA; RSA_WITH_AES_128_CBC_SHA; RSA_WITH_3DES_EDE_CBC_SHA".

Valid values:
  • RSA_EXPORT_WITH_RC4_40_MD5 : RSA Export Auth / 40-bit RC4 / MD5 MAC
  • RSA_WITH_RC4_128_MD5 : RSA Auth / 128-bit RC4 / MD5 MAC
  • RSA_WITH_RC4_128_SHA : RSA Auth / 128-bit RC4 / SHA MAC
  • RSA_EXPORT_WITH_DES40_CBC_SHA : RSA Export Auth / DES40 CBC / SHA MAC
  • RSA_WITH_DES_CBC_SHA : RSA Auth / DES CBC / SHA MAC
  • RSA_WITH_3DES_EDE_CBC_SHA : RSA Auth / 3DES CBC / SHA MAC
  • RSA_WITH_AES_128_CBC_SHA : RSA Auth / 128-bit AES CBC / SHA MAC
  • RSA_WITH_AES_256_CBC_SHA : RSA Auth / 256-bit AES CBC / SHA MAC (N1000 only)
  • RSA_EXPORT1024_WITH_DES_CBC_SHA : RSA Export1024 Auth / DES CBC / SHA MAC
  • RSA_EXPORT1024_WITH_RC4_56_SHA : RSA Export1024 Auth / 56-bit RC4 / SHA MAC
reneg enumeration Optional: The system's capability for renegotiating cryptographic parameters over an existing connection to real services. When set to true, the system allows multiple SSL handshakes to occur over an existing SSL connection to the real services. When set to false, the system ignores renegotiation requests from the real service.

The default setting is "true".

Valid values: true, false
resume enumeration Optional: The system's capability for doing SSL session resumption when connecting to this real service. When set to true, the system attempts to resume a previous SSL session when connecting to the real service, resulting in better performance. When set to false, the system initiates a full SSL handshake on all new connections to the real service.

The default setting is "true".

Valid values: true, false