Comtech EF Data / Stampede
FX Series Administration Guide - Version 6.2.2
144
Chapter: FX Series Optimization Settings
Section: Layer 5 Application Policies
MN-FXSERIESADM6 Rev 6
Authorization Realm:
This is a pull-down selector that enables you to limit the scope of this policy to a specific previously
defined authorization realm. Authorization realms allow users to be grouped based on criteria such as
source IP address.
Destination ports:
This mandatory setting allows you to specify the TCP port(s) that apply to this policy. Multiple ports
may be specified separated by commas or a port range may be specified with a dash. Multiple port
ranges may be separated by commas. The minimum port value is 1 and the maximum value is 65535.
There is no default setting.
NOTE:
A “*” policy for L5 can be defined. A “*” policy is a port range of 1-65525.
Destination networks:
This setting allows you to limit the Layer 5 acceleration only to traffic that is destined for certain
networks. The destination network is specified using “CIDR” notation where a base IP address is
followed by a ‘/’ character which is followed by a value between 1 and 32 that denotes the number of
bits used to describe the network and the remaining bits (32 – the value) are used to specify the nodes
on that network. For example a setting of 192.110.1.0/24 would be equivalent to specifying a network
of 192.110.1.0 with a net mask of 255.255.255.0. Separating each CIDR entry with a comma can
specify multiple destinations. The default setting is all networks.
Enable Acceleration:
If enabled then the FX-Remote will apply the acceleration techniques based upon the specifications of
this policy, otherwise it will not intercept the traffic specified in this policy.
This setting is useful for defining exceptions to a broad port range defined in other policies.
The default setting is 'On'.
Comment:
This field is used to describe the rationale for this configuration.
7.3.3
How to Configure Layer 5 Optimizations
Data compression:
If “On”, and the remote machine is enhanced with the Layer 5 software, then bi-directional
compression of all traffic is performed. If “Off” is specified, then no compression will be performed.
If “Only-to-client” is set, then data compression will only be performed on traffic that flows from the
server to the client. If “Only-to-server” is set, then data compression will only be performed on traffic
that flows from the client to the server. The default is on.
Dynamic data suppression:
If “On”, the FX Series will maintain a byte cache of network traffic and replace repeated patterns with
signatures when they are detected in the data stream. The default value is on.
Preserve source IP address:
This specifies which source IP address should be presented to the back-end server when the ADC
makes requests on behalf of a remote client. If “Client” is specified then the client’s IP address will be
used. If “Gateway” is specified, then the IP address of the gateway will be used, this is sometimes
useful when Network Address Translation makes it unfeasible to use the client’s IP address.
If “None” is specified, then the ADC’s IP address is used. The default setting is “Client”.
Preserve source ports:
This specifies if the ADC should use the same source port as the client. If “On” then “Preserve source
IP address must be set to “Client”. If this is set to “Off”, then an arbitrary port will be used. Some
applications such as “NFS” require this to be set to “On”. The default setting is “Off”.