ADC

Expressions for identifying the protocol in an incoming IP packet

The following table lists the expressions that you can use to identify the protocol in an incoming packet.

Expression Description
CLIENT.IP.PROTOCOL Identifies the protocol in IPv4 packets sent by clients.
CLIENT.IPV6.PROTOCOL Identifies the protocol in IPv6 packets sent by clients.
SERVER.IP.PROTOCOL Identifies the protocol in IPv4 packets sent by servers.
SERVER.IPV6.PROTOCOL Identifies the protocol in IPv6 packets sent by servers.

Arguments to the PROTOCOL function

You can pass the Internet Assigned Numbers Authority (IANA) protocol number to the PROTOCOL function. For example, if you want to determine whether the protocol in an incoming packet is TCP, you can use CLIENT.IP.PROTOCOL.EQ(6), where 6 is the IANA-assigned protocol number for TCP. For some protocols, you can pass an enumeration value instead of the protocol number. For example, instead of CLIENT.IP.PROTOCOL.EQ(6), you can use CLIENT.IP.PROTOCOL.EQ(TCP). The following table lists the protocols for which you can use enumeration values, and the corresponding enumeration values for use with the PROTOCOL function.

Protocol Enumeration value
Transmission Control Protocol (TCP) TCP
User Datagram Protocol (UDP) UDP
Internet Control Message Protocol (ICMP) ICMP
IP Authentication Header (AH), for providing authentication services in IPv4 and IPv6 AH
Encapsulating Security Payload (ESP) protocol ESP
General Routing Encapsulation (GRE) GRE
IP-within-IP Encapsulation Protocol IPIP
Internet Control Message Protocol for IPv6 (ICMPv6) ICMPv6
Fragment Header for IPv6 FRAGMENT

Use case scenarios

The protocol expressions can be used in both request-based and response-based policies. You can use the expressions in various Citrix ADC features, such as load balancing, WAN optimization, content switching, rewrite, and listen policies. You can use the expressions with functions such as EQ() and NE(), to identify the protocol in a policy and perform an action.

Following are some use cases for the expressions:

  • In Branch Repeater load balancing configurations, you can use the expressions in a listen policy for the wildcard virtual server. For example, you can configure the wildcard virtual server with the listen policy CLIENT.IP.PROTOCOL.EQ(TCP) so that the virtual server processes only TCP traffic and simply bridges all non-TCP traffic. Even though you can use an Access Control List instead of the listen policy, the listen policy provides better control over what traffic is processed.
  • For content switching virtual servers of type ANY, you can configure content switching policies that switch requests on the basis of the protocol in incoming packets. For example, you can configure content switching policies to direct all TCP traffic to one load balancing virtual server and all non-TCP traffic to another load balancing virtual server.
  • You can use the client-based expressions to configure persistence based on the protocol. For example, you can use CLIENT.IP.PROTOCOL to configure persistence on the basis of the protocols in incoming IPv4 packets.
Expressions for identifying the protocol in an incoming IP packet