Page 1 HP Cache Server Appliance Administrator Guide HP Part Number 5971-3045 Printed in June 2001...
Page 2: Audience Assumptions
Hewlett-Packard assumes no responsibility for the use or reliability of its software on equipment that is not furnished by Hewlett-Packard.
Page 3: Table Of Contents
Contents Preface ............... . . xii Who should read this manual .
Page 4 Contents Blocking particular groups ........18 Clustering.
Page 5 Contents 7 Hierarchical Caching ............51 Understanding cache hierarchies .
Page 6 Contents Controlling access to Traffic Manager ....... . 83 Setting the administrator ID and password ......83 Creating a list of administrator accounts .
Page 7 Contents The Other page ......... . . The MRTG page .
Page 8 Contents Example ..........logs.config .
Page 9 Contents Format ..........Example .
Page 10 List of Procedures To verify that Traffic Server is up and running: 8 To access Traffic Manager: 8 To start a Traffic Line session: 10 To enable WCCP 1.0 after Traffic Server installation: 25 To enable WCCP 2.0 after installation: 26 To set dynamic bypass rules: 29 To view dynamic bypass statistics: 31 To view all current dynamic and static bypass rules: 32...
Page 11 List of Procedures To set configuration options in Configure mode: 77 To set configuration options in batch mode: 78 To specify the clients allowed to use Traffic Server as a proxy cache: 81 To edit the arm_security.config file and enable the ARM security option: 82 To change the administrator ID and password: 83 To clear and re-enter the administrator password: 84 To create a list of administrator accounts: 85...
Page 12: Preface
Preface This manual describes how to use and configure an HP Traffic Server™ system. For information about installing Traffic Server and unsupported features and last minute information not available in this manual, refer to the HP Web Cache Server Appliance (sa2100 or sa2200) Getting Started Guide.
Page 13: Overview
1 Overview Welcome to a faster network. Traffic Server speeds Internet access, enhances web site performance, and delivers unprecedented web hosting capabilities. This chapter discusses the following topics: What is Traffic Server?‚ on page 1 Traffic Server deployment options‚ on page 1 Traffic Server components‚...
Page 14: Traffic Server As A Web Proxy Cache
Chapter 1 Overview Traffic Server as a web proxy cache As a web proxy cache, user requests for web content go to Traffic Server on the way to the destined web server (origin server). If Traffic Server contains the requested content, it serves it directly. If Traffic Server does not have the requested content, Traffic Server acts as a proxy, fetching the content from the origin server on the user’s behalf, while keeping a copy to satisfy future requests.
Page 15: Traffic Server Components
Chapter 1 Overview Traffic Server components Traffic Server consists of several components that work together to form a web proxy cache you can easily monitor and configure. The main components are described below. The Traffic Server cache The Traffic Server cache consists of a high speed object database called the object store. The object store indexes objects according to URLs and associated headers.
Page 16: The Dns Resolver
Chapter 1 Overview Host reliability and availability information (to avoid making the user wait for non-functional servers) The DNS Resolver Traffic Server includes a fast, asynchronous DNS resolver to streamline conversion of host names to IP addresses. Traffic Server implements the DNS resolver natively, directly issuing DNS command packets, rather than relying on slower, conventional resolver libraries.
Page 17: Administration Tools
Chapter 1 Overview Administration tools Traffic Server offers several administration alternatives to suit the needs of many environments: Traffic Manager User Interface (UI) is a web based interface consisting of a series of web pages accessible through a browser. Traffic Manager provides a rich set of graphs and statistical displays for monitoring Traffic Server performance and network traffic, and a set of options for configuring and fine-tuning the Traffic Server system.
Page 18 Chapter 1 Overview Configure Traffic Server integration into your firewall and control traffic through a SOCKS server. Configure Traffic Server to use multiple DNS servers to match your site’s security configuration. For example, you might choose to have Traffic Server use different DNS servers depending on whether it needs to resolve host names located inside or outside a firewall.
Page 19: Getting Started
2 Getting Started You are now ready to begin using Traffic Server. This chapter contains the following sections: Overview of Access Methods‚ on page 7 Verifying that Traffic Server is up and running‚ on page 8 Accessing Traffic Manager‚ on page 8 Starting Traffic Line‚...
Page 20: Verifying That Traffic Server Is Up And Running
Chapter 2 Getting Started Verifying that Traffic Server is up and running When you completed the initial configuration of the cache appliance as described in the HP Web Cache Server Appliance sa2100/sa2200 Getting Started Guide, Traffic Server was automatically started. To verify that Traffic Server is up and running: 1.
Page 21: Using The Monitor And Configure Tabs
Chapter 2 Getting Started Traffic Manager opens in your web browser and displays the Dashboard, shown in Figure 2-1. Click the Configure tab to display the Configure buttons and configuration The Monitor tab contains seven buttons. Click a button to display a page of Click the Help...
Page 22: Starting Traffic Line
Chapter 2 Getting Started Starting Traffic Line Traffic Line is a text-based interface that can be accessed through a Telnet session. You can use Traffic Line to perform many of the tasks you can perform in Traffic Manager. For ease of use, it is recommended that Traffic Manager be used unless a function only available in Traffic Line is required.
Page 23: Web Proxy Caching
3 Web Proxy Caching The idea behind web proxy caching is to store copies of frequently accessed documents close to users and serve this information to them on demand. Internet users get their information faster and Internet bandwidth is freed up for other tasks. This chapter discusses the following topics.
Page 24: Ensuring Cached Object Freshness
Chapter 3 Web Proxy Caching 5. If the object is not in the cache (a cache miss) or the server indicates that the cached copy is no longer valid, Traffic Server gets the document from the origin server, simultaneously streaming it to the user and the cache (Figure 3-2.).
Page 25: Http Object Freshness Tests
Chapter 3 Web Proxy Caching HTTP object freshness tests Here is how Traffic Server determines an HTTP document’s freshness: Some documents come with headers or headers that explicitly Expires header test. Expires max-age define how long the document may be cached. A simple comparison of the current time with the expiration time tells Traffic Server whether or not the document is fresh.
Page 26: Configuring Http Freshness Options
Chapter 3 Web Proxy Caching Traffic Server applies servability criteria after HTTP freshness criteria. For example, a Cache-Control document might be considered fresh, but if its age is greater than its , it is not served. max-age Configuring HTTP freshness options You can configure the following freshness guidelines for Traffic Server: How often to revalidate (when to consider objects stale).
Page 27 Chapter 3 Web Proxy Caching Alternates are identified by header information. You can configure Traffic Server to cache all alternates according to a particular header. For example, if you tell Traffic Server to vary on the header, User-Agent Traffic Server caches all the different user-agent versions of documents it encounters. You configure the caching of alternates in the Variable Content section of the Cache page in Traffic Manager’s Configure mode.
Page 28: Scheduling Updates To Local Cache Content
Chapter 3 Web Proxy Caching Scheduling updates to local cache content To further increase the performance of Traffic Server, you can configure it to perform scheduled updates to the local cache content. This enables you to instruct Traffic Server to explicitly load specific objects into cache.
Page 29: Traffic Server As A News Server
Chapter 3 Web Proxy Caching Traffic Server provides many configurable options for supporting parent NNTP servers. The following sections describe Traffic Server’s NNTP features. Traffic Server as a news server When clients want to read news, they access a news server. The news server offers a list of groups to which clients can subscribe.
Page 30: Blocking Particular Groups
Chapter 3 Web Proxy Caching Background retries Failed servers are retried in the background and are used (restored to their specified priority) when they become available. Several servers supplying different groups Several news servers can be configured with news servers supplying different (disjoint) groups. Administrators can use this feature to spread the load based on group.
Page 31: Transparency
Chapter 3 Web Proxy Caching Transparency NNTP traffic bound for a well known NNTP server can be intercepted transparently by Traffic Server. By transparently intercepting, caching, and serving the NNTP data from a centralized parent news server, Traffic Server simplifies migration and administration while increasing responsiveness and decreasing network utilization.
Page 32: Configuring Access Control
Chapter 3 Web Proxy Caching Take a full feed for some or all groups For all groups designated as feed, Traffic Server does not connect to the parent news server, and instead acts like a conventional news server. In particular, if a cache miss occurs, Traffic Server does not forward the request to a parent news server.
Page 33: Obeying Nntp Control Messages
Chapter 3 Web Proxy Caching Obeying NNTP control messages The Traffic Server default setup for nonfeed news groups is to periodically check the parent server for new groups, cancelled articles, and new articles. If you have enabled these periodic checks in the Configure: Protocols page, you do not need to enable obeying control messages.
Page 34: Transparent Proxy Caching
4 Transparent Proxy Caching The transparency option enables Traffic Server to respond to Internet requests without requiring users to reconfigure their browser settings. This chapter discusses the following topics. Serving requests transparently‚ on page 22 ARM redirection‚ on page 22 Interception strategies‚...
Page 35: Interception Strategies
Chapter 4 Transparent Proxy Caching Interception strategies Routing solutions enable transparent interception of Internet requests. The transparency routing solutions supported by Traffic Server are: A Layer 4 switch. See “Using a layer 4 switch with cache switching functionality to filter transparency requests” on page 23. A Cisco IOS-based router using the Web Cache Control Protocol (WCCP).
Page 36: Using A Wccp-Enabled Router For Transparency
Chapter 4 Transparent Proxy Caching Layer 4 switches offer the following features, depending on the particular switch: A Layer 4 switch that can sense downed hosts on the network and redirect traffic adds reliability. If a single Layer 4 switch feeds several Traffic Servers, the switch handles load balancing among the Traffic Server nodes.
Page 37: To Enable Wccp 1.0 After Traffic Server Installation
Chapter 4 Transparent Proxy Caching WCCP provides the following routing benefits: The WCCP-enabled router and Traffic Server exchange heartbeat messages, letting each other know they are running. The WCCP router automatically reroutes port 80 traffic (and port 119 traffic in WCCP 2.0) if the Traffic Server goes down.
Page 38: To Enable Wccp 2.0 After Installation
Chapter 4 Transparent Proxy Caching To enable WCCP 2.0 after installation: 1. Telnet into the HP web cache appliance and select Shell Access as described in Overview of Access Methods‚ on page 2. Open the file located in the Traffic Server’s directory with Vi.
Page 39: Using Policy-Based Routing To Filter Transparency Requests
Chapter 4 Transparent Proxy Caching About WCCP load balancing If a WCCP router serves several nodes, as in Figure 4-2‚ on page 24 the router balances load among the Traffic Servers. The router sends each node requests aimed at a particular range of IP addresses, so that each node is responsible for caching content residing at particular IP addresses.
Page 40: Interception Bypass
Chapter 4 Transparent Proxy Caching A Traffic Server cluster with virtual IP failover adds reliability; if one node fails, another node can take up its transparency requests. See Virtual IP failover‚ on page world wide web router end users non 80 non port:80 traffic port:80 traffic Traffic Server...
Page 41: Dynamic Bypass Rules
Chapter 4 Transparent Proxy Caching NOTE Do not confuse bypass rules with client access control lists. Bypass rules are generated in response to interoperability problems. Client access control is simply restriction of the client IP addresses that can access the Traffic Server cache as described in Controlling client access to the Traffic Server proxy cache‚...
Page 42 Chapter 4 Transparent Proxy Caching Variable Description proxy.config.arm.bypass_dynamic_enabled Set this variable to 1 to enable dynamic bypass. proxy.config.arm.bypass_use_and_rules_bad_client_request Set this variable to 1 to enable dynamic source/ destination bypass in the event of non-HTTP traffic on port 80. proxy.config.arm.bypass_use_and_rules_400 Set this variable to 1 to enable dynamic source/ destination bypass when an origin server returns a 400 error.
Page 43: To View Dynamic Bypass Statistics
Chapter 4 Transparent Proxy Caching IMPORTANT For a dynamic source/destination bypass rule to work, you must also enable the equivalent destination bypass rule. For example, when you set the variable to 1, you must also set the proxy.config.arm.bypass_use_and_rules_403 variable to 1. proxy.config.arm.bypass_on_403 4.
Page 44: Static Bypass Rules
Chapter 4 Transparent Proxy Caching Static bypass rules In addition to adaptively learning what to bypass, Traffic Server allows you to manually configure bypass rules to direct requests from certain clients or to particular origin servers around Traffic Server. For example, you might want client IP addresses that did not pay for a caching service to be steered around the cache, while paying clients can obtain the benefits of caching.
Page 45: Reverse Proxy And Http Redirects
5 Reverse Proxy and HTTP Redirects As a reverse proxy cache, Traffic Server serves requests on behalf of origin servers. Traffic Server is configured in such a way that it appears to clients like a normal origin server. Using HTTP redirects, Traffic Server routes HTTP requests automatically without contacting the origin server.
Page 46: How Does Reverse Proxy Caching Work
Chapter 5 Reverse Proxy and HTTP Redirects world wide web requests for www.janes_books.com and jazz.flute.org resolve to virtual IP of Traffic Server server eal.janes_books.com Traffic Server serves Traffic server documents on behalf of Server real.janes_books.com big.server.net hosts jazz.flute.org and big.server.net Figure 5-1.
Page 47: Http Reverse Proxy
Chapter 5 Reverse Proxy and HTTP Redirects HTTP Reverse Proxy In forward proxy caching, Traffic Server acts as a proxy server and receives proxy requests. In reverse proxy caching, because Traffic Server is advertised as the origin server, Traffic Server needs to act as an origin server rather than a proxy server, meaning that it receives server requests, not proxy requests.
Page 48: Using Mapping Rules
Chapter 5 Reverse Proxy and HTTP Redirects Using mapping rules Traffic Server uses two types of mapping rules for HTTP reverse proxy: A map rule translates the URL in client requests into the URL where the content is located (refer to “Map rules,”...
Page 49: To Create A Mapping Rule Manually
Chapter 5 Reverse Proxy and HTTP Redirects 3. In the Mapping/Redirection section of the Routing page, click the Edit Mapping Rules link. The Routing: URL Rewriting page opens. 4. Click the Add Entry button. The Add Entry page opens (shown below). 5.
Page 50: Setting Http Reverse Proxy Options
Chapter 5 Reverse Proxy and HTTP Redirects The following example shows a map rule that translates all requests for to the origin server www.x.com server.hoster.com map http://www.x.com/ http://server.hoster.com For more examples of mapping rules, refer to remap.config‚ on page 212. 4.
Page 51: Ftp Reverse Proxy
Chapter 5 Reverse Proxy and HTTP Redirects 3. Edit the following variables: Variable Description proxy.config.reverse_proxy.enabled Set this variable to 1 to enable HTTP reverse proxy mode. Set this variable to 0 (zero) to disable HTTP reverse proxy mode. proxy.config.url_remap.pristine_host_hdr Set this variable to 1 to retain the client host header in the request.
Page 52: Configuring Ftp Reverse Proxy
Chapter 5 Reverse Proxy and HTTP Redirects Configuring FTP Reverse Proxy To use FTP reverse proxy, you must: Set FTP mapping rules in the file. (Refer to Setting FTP Mapping Rules‚ on ftp_remap.config page 40.) Enable the FTP reverse proxy option. (Refer to Enabling FTP Reverse Proxy‚...
Page 53: Modifying Ftp Options
Chapter 5 Reverse Proxy and HTTP Redirects 3. Edit the following variables: Variable Description proxy.config.ftp.ftp_enabled Set this variable to 1 to enable FTP on your Traffic Server. This variable must be enabled for Traffic Server to process FTP requests. proxy.config.ftp.reverse_ftp_enabled Set this variable to 1 to enable the FTP reverse proxy option.
Page 54 Chapter 5 Reverse Proxy and HTTP Redirects Variable Description proxy.config.ftp.proxy_server_port Set this variable to specify the port used for FTP connections. proxy.config.ftp.min_lisn_port Set this variable to specify the lowest port in the range of listening ports used by Traffic Server for data connections when the FTP client sends a PASV or Traffic Server sends a PORT to the FTP server.
Page 55: Redirecting Http Requests
Chapter 5 Reverse Proxy and HTTP Redirects Variable Description proxy.config.ftp.port_accept_timeout Set this variable to specify the timeout value for a listening data port in traffic server (for PORT, for the FTP server data connection) proxy.config.ftp.share_ftp_server_ctrl_enabled Set this variable to 1 to enable sharing of server control connections among multiple anonymous FTP clients.
Page 56: To Set Redirect Rules
Chapter 5 Reverse Proxy and HTTP Redirects To set redirect rules: 1. Telnet into the HP web cache appliance and select Shell Access as described in Overview of Access Methods‚ on page 2. Open the file located in Traffic Server’s directory with Vi.
Page 57: Traffic Server Clusters
6 Traffic Server Clusters Traffic Server scales from a single node to multiple nodes that form a cluster, allowing you to improve system performance and reliability. This chapter discusses the following topics: Understanding Traffic Server clusters‚ on page 45 Changing clustering mode‚ on page 46 Adding and deleting nodes in a cluster‚...
Page 58: Changing Clustering Mode
Chapter 6 Traffic Server Clusters Changing clustering mode To change clustering mode: 1. Telnet into the HP web cache appliance and select Shell Access as described in Overview of Access Methods‚ on page 2. Open the file located in Traffic Server’s directory with Vi.
Page 59: Deleting Nodes From A Cluster
Chapter 6 Traffic Server Clusters 3. Edit the following variables: Variable Description proxy.config.cluster.type Set this variable to: 1 for full-clustering mode 2 for management-only mode Clustering modes are described in Understanding Traffic Server clusters‚ on page proxy.config.proxy_name Set this variable to the name of Traffic Server cluster. All nodes in a cluster must use the same name.
Page 60: Setting Virtual Ip Address Options
Chapter 6 Traffic Server Clusters Virtual IP failover assures that if a node in the cluster fails, other nodes can assume the failed node’s responsibilities. Traffic Server handles virtual IP failover in the following ways: process maintains cluster communication. Nodes automatically exchange traffic_manager statistics and configuration information through multicast communication.
Page 61: To Enable/Disable Virtual Ip Addressing Manually
Chapter 6 Traffic Server Clusters 5. Click the Make These Changes button. 6. Scroll to the Web Management section of the Server Basics page and click the restart button to restart process on all the nodes in the cluster. traffic_manager To enable/disable virtual IP addressing manually: 1.
Page 62: To Add Or Edit Virtual Ip Addresses Manually
Chapter 6 Traffic Server Clusters The Add Entry page opens (shown below). 7. In the IP Address field, enter the virtual IP address. 8. In the Device field, enter the network interface name (for example, eth0). 9. In the Subinterface field, enter the subinterface-ID (this is the number between 1 and 255 that the interface uses for the address).
Page 63: Hierarchical Caching
7 Hierarchical Caching Traffic Server can participate in cache hierarchies, where requests not fulfilled in one cache can be routed to other regional caches, taking advantage of the contents and proximity of nearby caches. This chapter discusses the following topics. Understanding cache hierarchies‚...
Page 64: Parent Failover
Chapter 7 Hierarchical Caching New York traffic server returned document cache parent cache Baltimore traffic server request cache miss end user forwarded request Figure 7-1. An HTTP cache hierarchy in action NOTE If the request is a cache miss on the parent, the parent retrieves the content from the origin server (or from another cache depending on the parent’s configuration).
Page 65: To Enable Http Parent Caching Manually
Chapter 7 Hierarchical Caching 3. Scroll to the Parent Caching section of the Routing page (shown below). 4. Select Parent Caching: On. 5. Click the Make These Changes button. To enable HTTP parent caching manually: 1. Telnet into the HP web cache appliance and select Shell Access as described in Overview of Access Methods‚...
Page 66: Icp Cache Hierarchies
Chapter 7 Hierarchical Caching parent_name:port_number; parent_name:port_number; NOTE When you use Traffic Manager to identify parent caches for parent failover, Traffic Server sends requests to the parents in the order that they appear in the Parent Cache field. For example, when the first parent cache listed in the Parent Cache field is not available, Traffic Server sends requests to the next parent cache in the list.
Page 67: To Set Icp Options From Traffic Manager
Chapter 7 Hierarchical Caching To set ICP options from Traffic Manager: 1. Access Traffic Manager from your browser (refer to Accessing Traffic Manager‚ on page 2. On the Configure tab, click the Routing button. 3. Scroll to the ICP section of the Routing page (shown below) 4.
Page 68: To Identify An Icp Peer From Traffic Manager
Chapter 7 Hierarchical Caching Variable Description proxy.config.icp.multicast_enabled Set this variable to: 0 to disable ICP multicast. 1 to enable ICP multicast. proxy.config.icp.query_timeout Set this variable to specify the timeout used for ICP queries. The default is 2 seconds. 4. Save and close the file.
Page 69: To Identify An Icp Peer Manually
Chapter 7 Hierarchical Caching 7. From the Type drop-down list, select: o Parent to indicate that the ICP peer is a parent cache. o Sibling to indicate that the ICP peer is a sibling cache. 8. In the Proxy Port field, enter the TCP port used by the ICP peer for ICP communication. This is the Traffic Server’s proxy port (usually 8080).
Page 70 Chapter 7 Hierarchical Caching Field Description Specifies the multicast IP address. MC_IP Specifies one of the following options: MC_TTL 1 if you do not want IP multicast datagrams to be forwarded beyond a single subnetwork. 2 to allow delivery of IP multicast datagrams to more than one subnet (if there are one or more multicast routers attached to the first hop subnet).
Page 71: Configuring The Cache
8 Configuring the cache The Traffic Server cache consists of a high speed object database called the object store that indexes objects according to URLs and associated headers. This chapter discusses the following topics: The Traffic Server Cache‚ on page 59 Clearing the cache‚...
Page 72: Creating Cache Partitions For Specific Protocols
Chapter 8 Configuring the cache Creating cache partitions for specific protocols You can create separate partitions for your cache that vary in size to store content according to protocol. This configuration ensures that a certain amount of disk space is always available for a particular protocol. To partition the cache according to protocol: 1.
Page 73: Partitioning The Cache According To Origin Server Or Domain
Chapter 8 Configuring the cache Partitioning the cache according to origin server or domain After you have partitioned the cache according to size and protocol, you can assign the partitions you created to specific origin servers and/or domains. You can assign a partition to a single origin server or multiple origin servers. However, if a partition is assigned to multiple origin servers, there is no guarantee on the space available in the partition for each origin server.
Page 74: Clearing The Cache
Chapter 8 Configuring the cache In the following example, content from the domain is stored on partition 1 and 2, while content hp.com from is stored on partition 3. www.yahoo.com domain=hp.com partition=1,2 hostname=www.yahoo.com partition=3 NOTE If you want to allocate more than one partition to an origin server or domain, you must enter the partitions in a comma-separated list on one line as shown in the above example.
Page 75: Monitoring Traffic
9 Monitoring Traffic Traffic Server provides several options for monitoring system performance and analyzing network traffic. This chapter discusses the following topics: Traffic Server monitoring tools‚ on page 63 Viewing statistics from Traffic Manager‚ on page 63 Working with Traffic Manager Alarms‚ on page 67 Viewing Statistics from Traffic Line‚...
Page 76: Using Monitor Mode
Chapter 9 Monitoring Traffic where is the name of the web cache appliance and is the number assigned to Traffic nodename adminport Manager port, port 8081 by default. NOTE Use the SSL command to reach Traffic Manager only if you have restricted https access to Traffic Manager via SSL connections;...
Page 77 Chapter 9 Monitoring Traffic Figure 9-1. shows the Dashboard. Shows the number of Shows the number objects served by the Click this link to see of transactions Traffic Server node more information about processed per the selected node second by the Traffic Server node Lists the nodes in Indicates if alarms exist on...
Page 78 Chapter 9 Monitoring Traffic The Graphs button Click the Graphs button to view the same statistics displayed on the Node page (cache performance, current connections and transfers, network, and name resolution) in graphical format. You can display multiple statistics in one graph. To display a single graph, click the graph’s name in the list.
Page 79: Working With Traffic Manager Alarms
Chapter 9 Monitoring Traffic The MRTG button Displays MRTG (Multi Router Traffic Grapher) graphs, which enable you to monitor Traffic Server performance and network traffic. Refer to Using MRTG‚ on page Working with Traffic Manager Alarms Traffic Server signals an alarm when it detects a problem (for example, if the process shuts traffic_server down, if the space allocated to event logs is full, or if Traffic Server cannot write to a configuration file).
Page 80: Configuring Traffic Server To E-Mail Alarms
Chapter 9 Monitoring Traffic Configuring Traffic Server to E-mail alarms Alarm messages are built into Traffic Server, you cannot change them. However, you can write a script file to execute certain actions when an alarm is signaled. For example, if Traffic Server signals an alarm to indicate that the logging directory is full, you can write a script file that sends an E-mail to alert someone of the problem.
Page 81: Retrieving Individual Statistics
Chapter 9 Monitoring Traffic The Monitor mode command list appears (shown below). NOTE If the command list does not display, enter at the prompt. 4. At the prompt, enter the number that corresponds to the group of statistics you want to view. For example, to view protocol related statistics, enter , then press Return.
Page 82: Using Mrtg
Chapter 9 Monitoring Traffic Using MRTG MRTG (Multi Router Traffic Grapher) is a graphing tool that enables you to monitor Traffic Server’s performance and analyze network traffic. MRTG provides a variety of graphs that show information about virtual memory usage, client connections, document hit rates, hit and miss rates, and so on. MRTG uses five minute intervals to formulate the statistics and provides useful historical information.
Page 83: Using Snmp
Chapter 9 Monitoring Traffic Using SNMP The Simple Network Management Protocol (SNMP) is a standard protocol used for network management. SNMP agents collect and store management information in Management Information Bases (MIBs), and SNMP managers can probe the agents for this information. In addition, SNMP agents can send alarms and alerts called SNMP traps to the SNMP manager to warn of any problems.
Page 84: Configuring Snmp Trap Destinations
Chapter 9 Monitoring Traffic 4. Save and close the file. records.config 5. Run the following command to apply the configuration changes. traffic_line -x Configuring SNMP trap destinations To configure SNMP trap destinations, edit the file located in Traffic Server’s directory. snmpd.cnf config Refer to...
Page 85: 10 Configuring Traffic Server
10 Configuring Traffic Server Traffic Server provides several options for configuring the system. This chapter discusses the following topics: Configuring Traffic Server using Traffic Manager‚ on page 73 Configuring Traffic Server using Traffic Line‚ on page 76 Configuring Traffic Server using configuration files‚ on page 78 Configuring Traffic Server using Traffic Manager You can use Traffic Manager to view and change your Traffic Server configuration.
Page 86: Using Configure Mode
Chapter 10 Configuring Traffic Server Click here to display the Configure mode buttons Click a button to display a page listing configuration options you can modify Click this button to display a description of the configuration options on the current page Shows the current user logged on to Traffic Manager...
Page 87 Chapter 10 Configuring Traffic Server Configure customizable response pages for HTTP transactions The Protocols button Click the Protocols button to view or change Traffic Server’s protocol configuration. You can: Tune HTTP time-outs and remove HTTP headers to maintain the privacy of your site and users Configure how Traffic Server caches and serves news articles (NNTP) Configure Traffic Server to restrict SSL connections to certain ports Set FTP options, such as the connection mode, inactivity timeouts, and the anonymous FTP password...
Page 88: Configuring Traffic Server Using Traffic Line
Chapter 10 Configuring Traffic Server The Logging button Click the Logging page to view or change Traffic Server logging options. You can: Enable/disable event logging Control where log files are located, how much disk space they can consume, and how low disk space in the logging directory is handled Choose a central location for storing and collating log information Choose standard log file formats...
Page 89: Navigating Configure Mode
Chapter 10 Configuring Traffic Server The Configure mode command list appears (shown below). If the command list does not display, enter ? at the prompt. Navigating Configure mode Configure mode in a Traffic Line interactive session consists of levels of commands. Each command has a number associated with it.
Page 90: Setting Configuration Options In Batch Mode
Chapter 10 Configuring Traffic Server Setting configuration options in batch mode You can also set configuration options from Traffic Line batch mode. To set configuration options in batch mode: 1. Telnet into the HP web cache appliance and select Shell Access as described in Overview of Access Methods‚...
Page 91 Chapter 10 Configuring Traffic Server The following is a sample portion of the file. records.config The variable value that you variable can edit name The variable type: an integer (INT), a string, or a floating point (FLOAT) Figure 10-2. A sample records.config file In addition to the file, Traffic Server provides other configuration files that are used to records.config...
Page 92: 11 Security Options
11 Security Options Traffic Server provides a number of security features. This chapter discusses the following topics: Controlling client access to the Traffic Server proxy cache‚ on page 81 Controlling host access to the Traffic Server machine (ARM security)‚ on page 81 Controlling access to Traffic Manager‚...
Page 93: Controlling Client Access To The Traffic Server Proxy Cache
Chapter 11 Security Options Controlling client access to the Traffic Server proxy cache You can configure Traffic Server to allow only certain clients to use the proxy cache. To specify the clients allowed to use Traffic Server as a proxy cache: 1.
Page 94: To Edit The Arm_Security.config File And Enable The Arm Security Option
Chapter 11 Security Options To use the ARM security feature, you must do the following in the order listed: Edit the file to open specific ports and define the hosts that are allowed to arm_security.config communicate with the Traffic Server machine. IMPORTANT By default, the file specifies that all ports on the Traffic...
Page 95: Controlling Access To Traffic Manager
Chapter 11 Security Options 6. Open the file located in Traffic Server’s directory with Vi. records.config config 7. Edit the following variable: Variable Description proxy.config.arm.security_enabled Set this variable to 1 to enable ARM security. NOTE To disable the ARM security option, set the variable proxy.config.arm.security_enabled to 0 (zero).
Page 96: To Clear And Re-Enter The Administrator Password
Chapter 11 Security Options The Security page opens displaying the Control Access to the Traffic Server Manager section (shown below). 3. Select Authentication (basic): On to check the administrator ID and password when a user tries to access Traffic Manager from a browser. When Authentication (basic) is Off, any user can access Traffic Manager unless you have set up a list of IP addresses that are denied access to Traffic Manager (refer to Controlling host access to Traffic...
Page 97: Creating A List Of Administrator Accounts
Chapter 11 Security Options 3. Edit the following variables: Variable Description proxy.config.admin.basic_auth Set this variable to 1 to enable authentication. proxy.config.admin.admin_password Change the value of this variable to NULL to leave the password blank. 4. Save and close the file. records.config 5.
Page 98: Controlling Host Access To Traffic Manager
Chapter 11 Security Options 5. In the User field, enter the name of the user allowed to access Traffic Manager. 6. In the Password field, enter the password for the user, then enter the password again in the Password (retype) field. 7.
Page 99: Using Ssl For Secure Administration
Chapter 11 Security Options 6. Run the command to apply the configuration changes. traffic_line -x Using SSL for secure administration Traffic Server supports the Secure Sockets Layer protocol (SSL) to provide protection for remote administrative monitoring and configuration using Traffic Manager. SSL security provides authentication of both ends of a network connection using certificates and provides privacy using encryption.
Page 100 Chapter 11 Security Options Accessing Traffic Manager using SSL To access Traffic Manager from your browser using SSL, use the command as shown below: https https://nodename:adminport where is the hostname of the Traffic Server node, and is the port number assigned to nodename adminport Traffic Manager port (the default port number is 8081).
Page 101: Configuring Socks Firewall Integration
Chapter 11 Security Options Configuring SOCKS firewall integration SOCKS is commonly used as a network firewall that allows hosts behind a SOCKS server to gain full access to the Internet and prevents unauthorized access from the Internet to hosts inside the firewall. Figure 11-1.
Page 102 Chapter 11 Security Options 3. Scroll to the Firewall Configuration section (shown below). 4. Select SOCKS: On to enable the SOCKS option. 5. In the SOCKS server IP address field, enter the IP address of your SOCKS server. 6. In the SOCKS server port, enter the port through which Traffic Server communicates with the SOCKS server.
Page 103: Configuring Dns Server Selection (Split Dns)
Chapter 11 Security Options To set SOCKS options manually: 1. Telnet into the HP web cache appliance and select Shell Access as described in Overview of Access Methods‚ on page 2. Open the file located in Traffic Server’s directory with Vi. records.config config 3.
Page 104: Configuring Ldap-Based Proxy Authentication
Chapter 11 Security Options 6. Add rules to the file. splitdns.config For information about the format of the file, see page 217. splitdns.config 7. Save and close the file. splitdns.config 8. Run the command to apply the configuration changes. traffic_line -x Configuring LDAP-based proxy authentication Traffic Server enables you to leverage existing directory services by supporting asynchronous match and bind requests to LDAP servers, thereby supporting policies that require users to log in and be authenticated by the...
Page 105: Using Ssl Termination
Chapter 11 Security Options 3. Edit the following variables: Variable Description proxy.config.ldap.auth.bypass.enabled Set this variable to 1 to enable LDAP authentication bypass. proxy.config.ldap.auth.multiple.ldap_servers.enabled Set this variable to 1 to allow the sites specified in the ldapsrvr.config file to bypass authentication. 4.
Page 106: Client And Traffic Server Connections
Chapter 11 Security Options Client and Traffic Server connections Figure 11-2. illustrates communication between a client and Traffic Server, and between Traffic Server and an origin server when the SSL termination option is enabled and configured for client/Traffic Server connections only. HTTPS request HTTP Traffic...
Page 107: To Set Ssl Termination Configuration Variables For Client/Traffic Server Connections
Chapter 11 Security Options To set SSL termination configuration variables for client/Traffic Server connections: 1. Telnet into the HP web cache appliance and select Shell Access as described in Overview of Access Methods‚ on page 2. Open the file located in Traffic Server’s directory with Vi.
Page 108: Traffic Server And Origin Server Connections
Chapter 11 Security Options 4. Save and close the file. records.config 5. Restart Traffic Server using the command start_traffic_server Traffic Server and origin server connections Figure 11-2. illustrates communication between Traffic Server and an origin server when the SSL termination option is enabled for Traffic Server /origin server connections.
Page 109: To Set Ssl Termination Configuration Variables For Traffic Server/Origin Server Connections
Chapter 11 Security Options To set SSL termination configuration variables for Traffic Server/origin server connections: 1. Telnet into the HP web cache appliance and select Shell Access as described in Overview of Access Methods‚ on page 2. Open the file located in Traffic Server’s directory with Vi.
Page 110: 12 Working With Log Files
12 Working with Log Files Traffic Server generates log files that contain information about every request it receives and every error it detects. This chapter discusses the following topics: Understanding Traffic Server log files‚ on page 98 Understanding event log files‚ on page 98 Managing event log files‚...
Page 111: Managing Event Log Files
Chapter 12 Working with Log Files Traffic Server supports several standard log file formats, such as Squid and Netscape, and user-defined custom formats. You can analyze the standard format log files with off-the-shelf analysis packages. To help with log file analysis, you can separate log files so that they contain information specific to protocol or hosts. You can also configure Traffic Server to roll log files automatically at specific intervals during the day.
Page 112: Setting Log File Management Options
Chapter 12 Working with Log Files If the autodelete option (discussed in Rolling event log files‚ on page 109) is enabled, Traffic Server identifies previously rolled log files (log files with a extension) and starts deleting files one by one— .old beginning with the oldest file—until it emerges from the low state.
Page 113: Choosing Event Log File Formats
Chapter 12 Working with Log Files 3. Edit the following variables: Variable Description proxy.config.log2.logfile_dir Specify the name and path of the directory in which you want to store event log files. The default is logs located in the directory where you installed Traffic Server.
Page 114: To Select A Standard Event Log File Format Manually
Chapter 12 Working with Log Files 3. Scroll to the Standard Event Log Formats section of the Logging page (shown below). 4. Click the Enabled:On button for the format you want to use. 5. Select the log file type (ASCII or binary). 6.
Page 115: Using Custom Formats
Chapter 12 Working with Log Files 4. To use the Netscape Common format, edit the following variables: Variable Description proxy.config.log2.common_log_enabled Set this variable to 1 to enable the Netscape Common log file format. proxy.config.log2.common_log_is_ascii Set this variable to 1 to enable ASCII mode. Set this variable to 0 to enable binary mode.
Page 116: To Create Traditional Custom Log Formats
Chapter 12 Working with Log Files Using traditional custom formats To create traditional custom log files, you must enable the traditional custom log format option and edit Traffic Server’s traditional log configuration file ( ). You must specify the information you want to logs.config display in your log files by entering printf-style format strings.
Page 117 Chapter 12 Working with Log Files Field Description Enter a name you want to use for the log file created with this format. file_name Enter one of the following: type ASCII BINARY If you want your custom log file to have header text, enter it here. header Example The following example custom log definition produces a log file that records the client host IP address, the...
Page 118: To Generate Xml-Based Custom Log Files
Chapter 12 Working with Log Files o The origin servers you want to log (if the servers tag is used, Traffic Server will only log transactions from the origin servers listed, otherwise, transactions from all origin servers are logged). NOTE To generate a custom log file, you must specify at least one definition.
Page 119: To Create A Summary Log File
Chapter 12 Working with Log Files COUNT AVERAGE FIRST LAST You can apply each of these operators to specific fields, requesting it to operate over a specified interval. Summary logs represent a trade-off between convenience and information granularity. Since you must specify a time interval during which only a single record is generated, you will necessarily be losing a certain amount of information.
Page 120: Choosing Binary Or Ascii
Chapter 12 Working with Log Files Choosing binary or ASCII You can configure the Traffic Server to create event log files in either of the following: ASCII - these files are human readable and can be processed using standard, off-the-shelf log analysis tools.
Page 121: Rolling Event Log Files
Chapter 12 Working with Log Files The following table describes the command-line options: Option Description -o output_file Specifies where the command output is directed. Automatically generates the output file name based on the input file name. If the input is from stdin, this option is ignored. For example: logcat -a squid-1.blog squid-2.blog squid-3.blog generates...
Page 122: Rolling Intervals
Chapter 12 Working with Log Files The suffix that makes it easy for automated scripts to find rolled log files .old The time stamps have the following format: %Y%M%D.%Hh%Mm%Ss-%Y%M%D.%Hh%Mm%Ss where: Code Definition Example the year in four-digit format 2000 the month in two-digit format, from 01-12 the day in two-digit format, from 01-31 the hour in two-digit format, from 00-23 the minute in two-digit format, from 00-59...
Page 123: To Set Log File Rolling Options Manually
Chapter 12 Working with Log Files 3. Scroll to the Log File Rolling section of the Logging page (shown below). 4. Click the Rolling enabled:On button to turn on log file rotation. 5. In the Roll offset hour field, enter the time of day to start the log file rolling. You can enter any hour in the range 0 (midnight) to 23.
Page 124: Splitting Event Log Files
Chapter 12 Working with Log Files Splitting event log files By default, Traffic Server uses standard log formats and generates separate log files for HTTP/FTP, NNTP, and ICP transactions. Under most circumstances, this default behavior offers the most flexibility for collecting and analyzing log files.
Page 125: Setting Log Splitting Options
Chapter 12 Working with Log Files If you disable NNTP and ICP log splitting, NNTP and ICP transactions are placed in the same log file as HTTP and FTP transactions. Using the previous example hosts and assuming the Squid log format, Traffic Server generates these log files: Log file name Description...
Page 126: Editing The Log_Hosts.config File
Chapter 12 Working with Log Files 3. Edit the following variables: records.config Variable Description proxy.config.log2.separate_icp_logs Set this variable to 1 to record all ICP transactions in a separate log file. Set this variable to 0 to record all ICP transactions in the same log file as HTTP/FTP transactions. proxy.config.log2.separate_nntp_logs Set this variable to 1 to record NNTP transactions in a separate log file.
Page 127: Collating Event Log Files
Chapter 12 Working with Log Files Collating event log files You can use Traffic Server’s log file collation feature to keep all logged information in one place. This allows you to analyze Traffic Server as a whole rather than as individual nodes and to use a large disk that may only be located on one of the nodes in a cluster.
Page 128: Setting Log Collation Options
Chapter 12 Working with Log Files Collated log files contain time stamp information for each entry, but entries do not appear in the files in strict chronological order. You can sort collated log files before doing analysis. Setting log collation options You can set log collation options by using Traffic Manager or by editing a configuration file manually.
Page 129: To Set Log Collation Options Manually
Chapter 12 Working with Log Files 3. Scroll to the Log Collation section of the Logging page (shown below). 4. Click one of the following buttons: o Send standard formats to set the Traffic Server node as a collation client and send the active standard formats (such as Squid and Netscape) to the log collation server.
Page 130: Using A Stand-Alone Collator
Chapter 12 Working with Log Files 3. Edit the following variables: records.config Variable Description proxy.config.log2.collation_host Specify the collation server’s hostname. proxy.config.log2.collation_host_tagged Set this variable to 1 if you want the hostname of the collation client that generated the log entry to be included in each entry.
Page 131: Recovering Log Files
Chapter 12 Working with Log Files file contains the log collation secret and port you specified when configuring records.config Traffic Server nodes to be collation clients. The collation port and secret must be the same for all collation clients and hosts. 5.
Page 132: A Traffic Manager Statistics
A Traffic Manager Statistics This appendix describes the statistics on the following Traffic Manager Monitor pages: The Dashboard page‚ on page 120 The Node page‚ on page 121 The Graphs page‚ on page 121 The Protocols page‚ on page 122 The Cache page‚...
Page 133: The Node Page
Appendix A Traffic Manager Statistics Statistic/Field Description Node IP Address The IP address assigned to this node. If virtual IP addressing is enabled, several virtual IP addresses could be assigned to this node. Virtual IP Address If you have configured your Traffic Server system to use virtual IP addresses Mappings (refer to Virtual IP failover‚...
Page 134: The Protocols Page
Appendix A Traffic Manager Statistics The Protocols page The following table describes the statistics on the Protocols page. Statistic Description HTTP Transaction Frequency and Speeds Hits Fresh The percentage of hits that are fresh and their average transaction times. Stale Revalidated The percentage of hits that are stale and revalidated, turn out to be still fresh and served, and their average transaction times.
Page 135 Appendix A Traffic Manager Statistics Statistic Description PASV Connections The number of successful PASV connections since installation. Successes PASV Connections The number of PASV connection failures since installation. Failures PORT Connections The number of successful PORT connections since installation. Successes PORT Connections The number of PORT connection failures since installation.
Page 136 Appendix A Traffic Manager Statistics Statistic Description Queries Originating From ICP Peers Query Messages The number of ICP query messages received from remote ICP peers (siblings Received and parents). Remote Query Hits The number of successful cache lookups in response to queries from ICP peers. Remote Query Misses The number of unsuccessful cache lookups in response to queries from ICP peers.
Page 137: The Cache Page
Appendix A Traffic Manager Statistics Statistic Description Number of Caches The number of nodes in the WCCP cache farm. Number of Routers The number of WCCP routers sending traffic to the Traffic Server. Router[0] The IP address of the router sending traffic to the Traffic Server. If there is more IP address than one router sending traffic, the IP addresses of all other routers are also listed.
Page 138: The Other Page
Appendix A Traffic Manager Statistics Statistic Description READS In Progress The number of cache reads in progress (NNTP, HTTP, and FTP). Hits The number of cache reads completed since installation (NNTP, HTTP, and FTP). Misses The number of cache read misses since installation (NNTP, HTTP, and FTP). WRITES In Progress The number of cache writes in progress (NNTP, HTTP, and FTP).
Page 139: The Mrtg Page
Appendix A Traffic Manager Statistics Statistic Description Network Backups The number of times this node encountered intracluster network congestion and reverted to proxy-only mode since installation. Clustering Nodes The number of clustering nodes. SOCKS Unsuccessful Connections The number of unsuccessful connections to the SOCKS server since installation.
Page 140: B Traffic Manager Configuration Options
B Traffic Manager Configuration Options This appendix describes the configuration options in the following Traffic Manager Configure pages: The Server Basics page‚ on page 128 The Protocols page‚ on page 131 The Cache page‚ on page 135 The Security page‚ on page 137 The Routing page‚...
Page 141 Appendix B Traffic Manager Configuration Options .com Domain Expansion Turns domain expansion on so that Traffic Server can attempt .com to resolve unqualified hostnames by redirecting them to the expanded address, prepended with and appended with www. .com. For example, if a client makes a request to , the Traffic Server redirects the request to www.hp.com.
Page 142 Appendix B Traffic Manager Configuration Options Throttling of Network Connections Maximum Number of Connections Specifies the maximum number of network connections accepted by the Traffic Server. Setting a throttling limit on the Traffic Server helps to prevent system overload when traffic bottlenecks develop. When network connections reach this maximum, new connections are queued until existing connections close.
Page 143: The Protocols Page
Appendix B Traffic Manager Configuration Options Control customizable response Select Turn Off Customizable Response Pages to send the default pages: response pages to clients. Select Enable Default Custom Response Pages to send customized response pages to your clients. You can customize the error message text and format to provide a different look and feel or to explain the errors in a different language.
Page 144 Appendix B Traffic Manager Configuration Options Option Definition Activity timeout (inbound) Specifies the maximum time the Traffic Server should remain connected to a client. If the client does not finish making a request— reading and writing data—before this timeout expires, the Traffic Server closes the connection.
Page 145 Appendix B Traffic Manager Configuration Options Option Definition NNTP option: Clustering Allows cluster-wide NNTP caching. NNTP option: Allow Feeds Allows the Traffic Server to accept feeds of news articles from feed or push groups. If Traffic Server is clustered, configure your news server CAUTION: to send feeds to only one node in the cluster.
Page 146 Appendix B Traffic Manager Configuration Options Option Definition Check Pull Groups Every Sets how often the Traffic Server checks pull groups for new articles (and “pulls” the new articles if they exist). The Traffic Server actively pulls (caches) news articles from pull groups, rather than waiting for user requests.
Page 147: The Cache Page
Appendix B Traffic Manager Configuration Options The Cache page The following table describes the configuration options on the Cache page. Option Description Cache Activation Enable HTTP caching Configures the Traffic Server to cache objects retrieved via HTTP. Enable FTP caching Configures the Traffic Server to cache FTP objects retrieved via HTTP.
Page 148 Appendix B Traffic Manager Configuration Options Option Description Internet Explorer Certain versions of Microsoft Internet Explorer do not request cache reloads requests force a check from reverse proxies and transparent caches when the user presses the browser with the origin server Refresh button.
Page 149: The Security Page
Appendix B Traffic Manager Configuration Options The Security page The following table describes the configuration options on the Security page. Option Description Control Access to the Traffic Server Manager Authentication (basic) on/off Sets basic authentication on or off. When on, Traffic Server checks the administrator ID and password or user name and password (if administrator accounts have been configured) whenever a user logs on to Traffic Manager.
Page 150: The Routing Page
Appendix B Traffic Manager Configuration Options Option Description SOCKS timeout (seconds) Specifies how long (in seconds) the Traffic Server must wait for the SOCKS server to respond. If the SOCKS server does not respond within the amount of time specified, the Traffic Server drops the connection. SOCKS List Displays a page where you can specify the origin servers to which you want to connect without going through the SOCKS server.
Page 151: The Host Database Page
Appendix B Traffic Manager Configuration Options Option Description Reverse proxy Reverse Proxy Enables or disables HTTP reverse proxy caching mode. For FTP reverse caching mode, refer to FTP Reverse Proxy‚ on page If you enable reverse proxy, Traffic Server is a reverse proxy for the origin servers specified in mapping rules (in the file).
Page 152: The Logging Page
Appendix B Traffic Manager Configuration Options Option Description Background timeout Specifies how long DNS entries can remain in the database before they are flagged as entries to refresh in the background. These entries are still fresh, so they can be refreshed after they are served, rather than before. The foreground refresh timeout interval is 24 hours and the Example: background timeout is 12 hours.
Page 153 Appendix B Traffic Manager Configuration Options Options Description Log space limit (MB) Specifies the maximum amount of space, in MB, allocated to the logging directory for the log files. NOTE: Transaction logs can consume a lot of space. You should set this limit high enough to accommodate at least a single day's worth of uncompressed transaction logs.
Page 154 Appendix B Traffic Manager Configuration Options Options Description Log file type Specifies the type of log file: ASCII or binary. Log file name Specifies the name of the log file that will record transactions using the selected format style. The default file names are: squid.log common.log extended.log...
Page 155: The Snapshots Page
Appendix B Traffic Manager Configuration Options The Snapshots page The following table describes the configuration options on the Snapshots page. Option Description Name New Snapshot Takes a snapshot and saves a copy of all Traffic Server configuration files. You Take Snapshot must first specify a name for the snapshot, then click the Take Snapshot button.
Page 156 Appendix B Traffic Manager Configuration Options Option Description URL Update List Click this link to display the URL Update List page enabling you to view, modify, or delete URL entries and their associated Request Headers, update offset hour, interval, and recursion depth. These entries are recorded in the file.
Page 157: C Traffic Line Commands
C Traffic Line Commands This appendix contains the following sections: Traffic Line batch mode commands‚ on page 145 Traffic Line interactive mode commands‚ on page 146 Traffic Line variables‚ on page 147 Traffic Line batch mode commands Use batch mode to execute individual Traffic Server commands. You can also script multiple batch mode commands in a shell.
Page 158: Traffic Line Interactive Mode Commands
Appendix C Traffic Line Commands Command Description Bounces the Traffic Server cluster wide. Bouncing traffic_line -B the Traffic Server shuts down and immediately restarts Traffic Server node by node. traffic_line -b Bounces the Traffic Server on the local node. Bouncing the Traffic Server shuts down and immediately restarts the Traffic Server node.
Page 159: Traffic Line Variables
Appendix C Traffic Line Commands Traffic Line variables You can view statistics and change configuration options in Traffic Line by using specific variables. The variables used for gathering statistics are described below. The variables used for viewing and changing configuration options are described in Configuration Options‚...
Page 160 Appendix C Traffic Line Commands Protocols HTTP (client) Total Document Bytes proxy.process.http.user_agent_response_document_total_ size Total Header Bytes proxy.process.http.user_agent_response_header_total_size Total Connections proxy.process.http.current_client_connections Transactions In Progress proxy.process.http.current_client_transactions HTTP (origin server) Total Document Bytes proxy.process.http.origin_server_response_document_total_ size Total Header Bytes proxy.process.http.origin_server_response_header_total_ size Total Connections proxy.process.http.current_server_connections Transactions In Progress proxy.process.http.current_server_transactions Currently Open...
Page 161 Appendix C Traffic Line Commands NNTP (client) Open Connections proxy.process.nntp.client_connections_currently_open Bytes Read proxy.process.nntp.client_bytes_read Bytes Written proxy.process.nntp.client_bytes_written NNTP (server) Open Connections proxy.process.nntp.server_connections_currently_open Bytes Read proxy.process.nntp.server_bytes_read Bytes Written proxy.process.nntp.server_bytes_written NNTP (operations) Article Hits proxy.process.nntp.article_hits Article Misses proxy.process.nntp.article_misses Overview Hits proxy.process.nntp.overview_hits Overview Refreshes proxy.process.nntp.overview_refreshes Group Hits proxy.process.nntp.group_hits...
Page 162 Appendix C Traffic Line Commands Write Failures proxy.process.cache.write.cancel Updates in Progress proxy.process.cache.update.active Updates Completed proxy.process.cache.update.success Update Failures proxy.process.cache.update.failure Removes in Progress proxy.process.cache.remove.active Remove Successes proxy.process.cache.remove.success Remove Failures proxy.process.cache.remove.failure Other HostDB Total Lookups proxy.process.hostdb.total_lookups Total Hits proxy.process.hostdb.total_hits Time TTL (min) proxy.process.hostdb.ttl DNS Total Look Ups proxy.process.dns.total_dns_lookups Average Lookup Up Time...
Page 163: Configuration Options
Appendix C Traffic Line Commands Configuration Options The following table lists the variables you can specify in Traffic Line interactive mode or batch mode to configure Traffic Server. For a description of the configuration options, refer to Appendix B‚ Traffic Manager Configuration Options.
Page 164 Appendix C Traffic Line Commands Configuration Option Variable Protocols HTTP Keep-Alive Timeout: Inbound proxy.config.http.keep_alive_no_activity_timeout_in (secs) Keep-Alive Timeout: Outbound proxy.config.http.keep_alive_no_activity_timeout_out (secs) Inactivity Timeout: Inbound proxy.config.http.transaction_no_activity_timeout_in (secs) Inactivity Timeout: Outbound proxy.config.http.transaction_no_activity_timeout_out (secs) Activity Timeout: Inbound proxy.config.http.transaction_active_timeout_in (secs) Activity Timeout: Outbound proxy.config.http.transaction_active_timeout_out (secs) Remove HTTP headers:From proxy.config.http.anonymize_remove_from Remove HTTP headers: Referer...
Page 165 Appendix C Traffic Line Commands Configuration Option Variable Posting enabled proxy.config.nntp.posting_enabled = Enable = Disable Access Control enabled proxy.config.nntp.access_control_enabled = Enable = Disable NNTP V2 Authentication proxy.config.nntp.v2_authenticatio enabled = Enable = Disable Run Local Authentication proxy.config.nntp.run_local_authentication_server Server Clustering enabled proxy.config.nntp.cluster_enabled Feed enabled proxy.config.nntp.feed_enabled = Enable...
Page 166 Appendix C Traffic Line Commands Configuration Option Variable Cache Activation Enable HTTP caching proxy.config.http.cache.http = Enable = Disable Enable FTP caching proxy.config.http.cache.ftp = Enable = Disable Enable NNTP caching proxy.config.nntp.cache.enabled = Enable = Disable Ignore user requests to bypass proxy.config.http.cache.ignore_server_no_cache cache = Yes = No...
Page 167 Appendix C Traffic Line Commands Configuration Option Variable If alternates are enabled, then vary on these headers: If the request is for text proxy.config.http.cache.vary_default_text If the request is for images proxy.config.http.cache.vary_default_images If the request is for anything else proxy.config.http.cache.vary_default_other Security Access Authentication (basic): proxy.config.admin.basic_auth...
Page 168 Appendix C Traffic Line Commands Configuration Option Variable Log file header proxy.config.log2.squid_log_header Netscape Common Format Netscape Common Enabled proxy.config.log2.common_log_enabled = Enable = Disable Netscape Common Log file type proxy.config.log2.common_log_is_ascii = ASCII = binary Netscape Common Log file proxy.config.log2.common_log_name name Netscape Common Log file proxy.config.log2.common_log_header header Netscape Extended Format...
Page 169 Appendix C Traffic Line Commands Configuration Option Variable Auto-delete rolled log files proxy.config.log2.auto_delete_rolled_files when space is low Log Splitting NNTP Log Splitting proxy.config.log2.separate_nntp_logs = Enable = Disable Host Log Splitting proxy.config.log2.separate_host_logs = Enable = Disable Routing Parent Proxy Parent Caching proxy.config.http.parent_proxy_routing_enable = Enable = Disable...
Page 170 Appendix C Traffic Line Commands Configuration Option Variable DNS Configuration Resolve attempt timeout(secs) proxy.config.dns.lookup_timeout Number of retries proxy.config.dns.retries...
Page 171: D Configuration Files
D Configuration Files This appendix describes the Traffic Server configuration files that you can edit. arm_security.config‚ on page 160 bypass.config‚ on page 161 cache.config‚ on page 162 filter.config‚ on page 164 ftp_remap.config‚ on page 166 hosting.config‚ on page 166 icp.config‚ on page 167 ip_allow.config‚...
Page 172: Arm_Security.config
Appendix D Configuration Files arm_security.config file contains the ARM access control list. The file consists of a series of open, arm_security.config allow, and deny lines that specify the hosts that are allowed to communicate with the Traffic Server ARM using TCP and UDP through defined ports. Traffic Server uses this configuration file when the ARM security option is enabled.
Page 173: Bypass.config
Appendix D Configuration Files In the following example, the first line specifies that all hosts are denied access to destination port 80 using TCP. The second line specifies that host 209.1.2.2 is denied access to destination port 90 using UDP deny tcp dport 80 src 0.0.0.0-255.255.255.255 deny udp dport 90 src 209.1.2.2 In the following example, the first line specifies that host 1.1.1.1 using source port 20 is allowed to...
Page 174: Format
Appendix D Configuration Files Format The bypass rules have the following format: Rule Format source IP bypass bypass src IPaddress Where can be: IPaddress a simple IP address, such as 1.1.1.1 in CIDR (Classless Inter-Domain Routing) format, such as 1.1.1.0/24 a range separated by a dash, such as 1.1.1.1-2.2.2.2 any combination of the above, separated by commas, such as 1.1.1.0/24, 25.25.25.25, 123.1.23.1 - 123.1.23.123...
Page 175: Format
Appendix D Configuration Files Format Each line in the file contains a caching rule. Traffic Server recognizes three space-delimited cache.config tags: primary destination=value secondary specifier=value action=value NOTE You can use more than one secondary specifier in a rule. However, you cannot repeat a secondary specifier.
Page 176: Example
Appendix D Configuration Files Example The following rule configures Traffic Server to never cache FTP documents requested from the IP address 112.12.12.12. dest_ip=112.12.12.12 scheme=ftp action=never-cache The following rule configures Traffic Server to keep documents with URLs that contain the regular expression and with the path prefix in the cache for 12 hours.
Page 177: Example
Appendix D Configuration Files Secondary Specifiers Allowed Value A time range, such as 08:00-14:00 time The IP address of the client src_ip A prefix in the path part of a URL prefix A file suffix in the URL suffix A requested URL port port A request URL method;...
Page 178: Ftp_Remap.config
Appendix D Configuration Files The following rule configures Traffic Server to allow only the host associated with the IP address 11.11.1.1 to deliver content directly into the cache. IMPORTANT If you enable the PUSH option, you must add a line similar to the following to prevent unauthorized users from putting content in the cache.
Page 179: Format
Appendix D Configuration Files After you modify the file, Traffic Manager has to reread the configuration files. Run the hosting.config command. If you are running a cluster, you need only run the command for one node; the traffic_line -x changes will propagate. IMPORTANT The partition configuration must be the same on all nodes in a cluster.
Page 180: Example
Appendix D Configuration Files Each field is described in the following table: Field Description host The hostname of the ICP peer. The name is reserved for the Traffic localhost Server. host _IP The IP address of the ICP peer. cache _type Use the following options: 1 to indicate an ICP parent cache 2 to indicate an ICP sibling cache...
Page 181: Example
Appendix D Configuration Files Example The following line in the file allows all clients to access the Traffic Server proxy cache: ip_allow.config src_ip=0.0.0.0-255.255.255.255 action=ip_allow The following line allows all clients on a specific subnet to access the Traffic Server proxy cache: src_ip=123.12.3.000-123.12.3.123 action=ip_allow ldapsrvr.config file enables you to specify sites on the Internet that Traffic Server clients can access...
Page 182: Format
Appendix D Configuration Files Refer to records.config‚ on page 182 for information about setting variables. If the records.config variable is set to 0 (disabled), any custom log files set in the proxy.config.log2.custom_logs_enabled file are disabled. logs.config IMPORTANT After you modify the file, Traffic Manager has to reread the logs.config configuration files.
Page 183: Welf (Webtrends Enhanced Log Format)
Appendix D Configuration Files WELF (WebTrends Enhanced Log Format) Traffic Server supports WELF, the WebTrends Enhanced Log format, so that you can analyze Traffic Server log files with WebTrends reporting tools. A predefined custom format for WELF is provided in the file.
Page 184: Format
Appendix D Configuration Files CONFIG proxy.config.log2.xml_logs_config When the variable is set to 1, Traffic Server refers to the XML- proxy.config.log2.xml_logs_config based log configuration file specified in to determine the proxy.config.log2.xml_config_file extended custom logging specifications. This file, , serves as the default XML-based logs_xml.config configuration file.
Page 185 Appendix D Configuration Files LogFilters LogFilter specifications can consist of the following tags: Field Allowed Inputs <Name = "valid_filter_name"/> (Required) All filters must be uniquely named. <Action = “valid_action_field”/> (Required) ACCEPT or REJECT. This instructs Traffic Server to either accept or reject records satisfying the condition of the filter. <Condition = “valid_log_field (Required) This field contains the following elements: valid_operator...
Page 186 Appendix D Configuration Files Field Allowed Inputs <Mode = “valid_logging_mode”/> Valid logging modes include ASCII, binary, and ASCII_PIPE. The default is ASCII. Use the ASCII_PIPE mode to write an XML-based custom log file to a pipe so that the logging data is sent to a buffer in memory.
Page 187: Example
Appendix D Configuration Files Example The following is an example of a specification collecting information using three common fields: LogFormat <LogFormat> <Name = "minimal"/> <Format = "%<chi> : %<cqu> : %<pssc>"/> </LogFormat> The following is an example of a specification using aggregate operators: LogFormat <LogFormat>...
Page 188: Mgmt_Allow.config
Appendix D Configuration Files <LogFormat> <Name = "welf"/> <Format = "id=firewall time=\"%<cqtd> %<cqtt>\" fw=%<phn> pri=6 proto=%<cqus> duration=%<ttmsf> sent=%<psql> rcvd=%<cqhl> src=%<chi> dst=%<shi> dstname=%<shn> user=%<caun> op=%<cqhm> arg=\"%<cqup>\" result=%<pssc> ref=\"%<{Referer}cqh>\" agent=\"%<{user-agent}cqh>\" cache=%<crc>"/> </LogFormat> mgmt_allow.config file specifies the IP addresses of remote hosts allowed to access Traffic Manager. mgmt_allow.config If no entries exist in the file, all remote hosts are allowed to access Traffic Manager.
Page 189: Nntp_Servers.config
Appendix D Configuration Files Following the client group is an access directive. The access directive is of the form . The access=value allowed access values are . Depending on the access allow, deny, basic, generic, custom directive, you can further specify an authenticator program, users, and passwords, as in the following examples: ip=127.0.0.1 access=”generic”...
Page 190 Appendix D Configuration Files Description Enter a comma-separated list of group names and list files in wildmat format (use * group-wildmat as a wildcard). The list files options are the following: subscriptions, distributions, distrib.pats Make sure there are no spaces in the list. Use the prefix ! to indicate groups that are not included in the list.
Page 191: Example
Appendix D Configuration Files Description pullover The Traffic Server actively pulls the overview database for the news groups, but retrieves news articles on demand. NOTE: A “pullover” line in must be preceded by a nntp_servers.config “cache on demand” line. The Traffic Server needs to be aware of the news server and its groups before it can pull overviews from a specific group.
Page 192: Format
Appendix D Configuration Files For the file to take effect, HTTP parent caching option must be enabled in Traffic Manager. parent.config Refer to Enabling the HTTP parent caching option‚ on page IMPORTANT After you modify the file, Traffic Manager has to reread the parent.config configuration files.
Page 193: Example
Appendix D Configuration Files The following tables lists the possible actions and their allowed values: Action Allowed Value Enter an ordered list of parent proxies. If the request cannot be handled by the parent last parent server in the list, it will be routed to the origin server. true round_robin Enter true if you want the Traffic Server to go through the parent cache list in a...
Page 194: Format
Appendix D Configuration Files Format For each partition you want to create, enter a line with the following format: partition=partition_number scheme=protocol_type size=partition_size where: is a number between 1 and 255 (the maximum nuber of partitions is 255). partition_number is either (all streaming media content is stored in the partition, all protocol_type...
Page 195: Example
Appendix D Configuration Files Example In the following example, the variable is of datatype string and its value is proxy.config.proxy_name . This means that the name of the Traffic Server proxy is my_server my_server CONFIG proxy.config.proxy_name STRING my_server In the following example, the variable is a yes/no flag.
Page 196 Appendix D Configuration Files Configuration Variable Default Value Description Data Type Local Manager proxy.config.lm.sem_id 11452 Specifies the semaphore ID for the local manager. proxy.config.cluster.type Sets the clustering mode: 1 = full-clustering mode 2 = management-only mode 3 = no clustering proxy.config.cluster.rsport 8088 Specifies the reliable service port.
Page 197 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.config.admin.basic_auth Enables (1) or disables (0) basic user authentication to control access to Traffic Manager. If basic authentication is not enabled, NOTE: any user can access Traffic Manager to monitor and configure Traffic Server.
Page 198 Appendix D Configuration Files Configuration Variable Default Value Description Data Type ARM (Transparency Configuration) proxy.config.arm.enabled Enables (1) or disables (0) the Traffic Server transparency option for transparent proxy caching. Refer to Chapter 4‚ Transparent Proxy Caching. proxy.config.arm.ignore_ifp Configures Traffic Server to ignore the interface when sending packets back to the client if NAT rules are applied.
Page 199 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.config.arm.bypass_use_and_rules Enables (1) or disables (0) dynamic _405 generation of source/destination bypass rules when an origin server returns a 405 error. The variable NOTE: proxy.config.arm.bypass_on_405 must also be enabled for this option to work. proxy.config.arm.bypass_use_and_rules Enables (1) or disables (0) dynamic _406...
Page 200 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.config.header.parse.no_host_url_ NULL Specifies the URL to which to redirect redirect requests with no host headers (reverse proxy). STRING (ARM) Load Shedding Configuration proxy.config.arm.loadshedding.max_ 1000000 Specifies the maximum number of client connections connections allowed before Traffic Server starts forwarding incoming requests directly...
Page 201 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.config.ldap.auth.multiple.ldap_ Enables (1) or disables (0) the use of multiple servers.enabled LDAP servers for LDAP-based authentication. You must enable this feature when enabling LDAP authentication bypass (proxy.config.ldap.auth.bypass.enabled). proxy.config.ldap.auth.bypass.enabled Enables (1) or disables (0) client access to specific URLs without being authenticated by an LDAP server.
Page 202 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.config.http.insert_response_via_ You can specify one of the following: 0 = no extra information is added to the string. 1 = all extra information is added. 2 = some extra information is added. proxy.config.http.enable_url_ Enables (1) or disables (0) .com domain expandomatic...
Page 203 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.config.http.origin_server_pipeline Configures Traffic Server to use keep-alive connections with or without pipelining when connecting to the origin server. You can specify one of the following values: 0 = Traffic Server does not use keep-alive connections to origin servers.
Page 204 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.config.http.parent_proxy.per_ Specifies the total number of connection parent_connect_attempts attempts allowed per parent if multiple parents are used. proxy.config.http.parent_proxy.connect_ Specifies the timeout value in seconds for attempts_timeout parent cache connection attempts. proxy.config.http.forward.proxy_auth_ Configures Traffic Server to send proxy to_parent...
Page 205 Appendix D Configuration Files Configuration Variable Default Value Description Data Type origin server connect attempts proxy.config.http.connect_attempts_ Specifies the maximum number of max_retries connection retries Traffic Server can make when the origin server is not responding. proxy.config.http.connect_attempts_ Specifies the maximum number of max_retries_dead_server connection retries Traffic Server can make when the origin server is unavailable.
Page 206 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.config.http.anonymize_other_ NULL Specifies the headers that Traffic Server will header_list remove from outgoing requests. STRING proxy.config.http.snarf_username_from When enabled (1), Traffic Server takes the _authorization username and password from the authorization header for LDAP if the authorization scheme is Basic.
Page 207 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.config.http.cache.cache_urls_ Enables (1) or disables (0) caching of URLs that_look_dynamic that look dynamic. proxy.config.http.cache.enable_default_ Enables (1) or disables (0) caching of vary_headers alternate versions of HTTP objects. proxy.config.http.cache.when_to_ Specifies when to revalidate content. revalidate 0 = Use cache directives or heuristic.
Page 208 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.config.http.cache.fuzz.probability 0.005 Specifies the probability that a refresh is made on a document during the specified fuzz FLOAT time. dynamic content & content negotiation proxy.config.http.cache.vary_default_ Cookie Specifies the header on which Traffic Server text varies for text documents.
Page 209 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.config.nntp.cache_enabled Enables (1) or disables (0) Traffic Server from caching NNTP requests. proxy.config.nntp.posting_enabled Enables (1) or disables (0) posting. When enabled, users can post NNTP articles to parent NNTP servers. proxy.config.nntp.access_control_ Enables (1) or disables (0) access control.
Page 210 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.config.nntp.obey_control_cancel Enables (1) or disables (0) the obey cancel control messages option. When enabled, Traffic Server deletes the article from the cache when it receives a cancel control message. proxy.config.nntp.obey_control_ Enables (1) or disables (0) the obey newgroup...
Page 211 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.config.nntp.overview_sync_every Specifies how often Traffic Server synchronizes overviews in memory to the cache. proxy.config.nntp.overview_gc_every 1200 Specifies how often Traffic Server garbage collectors collect overviews in memory. proxy.config.nntp.load_overview_min Specifies the minimum number of overviews Traffic Server fetches at a time.
Page 212 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.config.nntp.accept_local_ When enabled (1), configures Traffic Server authentication_requests_only to only accept authentication requests from the same machine. proxy.config.nntp.custom_ When enabled (1), configures Traffic Server authentication_via_stdio to pass authentication information via stdin instead of the environment variables.
Page 213 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.config.ftp.server_data_default_ Specifies the default method used to set up pasv server side data connections. 1 = Traffic Server sends a PASV to the FTP server and lets the FTP server open a listening port.
Page 214 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.config.ftp.share_ftp_server_ctrl_ Enables (1) or disables (0) sharing the server enabled control connections among multiple anonymous FTP clients. proxy.config.ftp.server_ctrl_keep_alive_ Specifies the timeout value when the FTP no_activity_timeout server control connection is not used by any FTP clients.
Page 215 Appendix D Configuration Files Configuration Variable Default Value Description Data Type Net Subsystem proxy.config.net.connections_throttle 8000 Specifies the maximum number of connections that Traffic Server can handle. If Traffic Server receives additional client requests, they are queued until existing requests are served. Cluster Subsystem proxy.config.cluster.cluster_port 8086...
Page 216 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.config.dns.url_expansions NULL Specifies a list of hostname extensions that are automatically added to the hostname after STRING a failed lookup. For example, if you want Traffic Server to add the hostname extension , specify as the value for this .org...
Page 217 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.config.log2.max_space_mb_ Specifies the tolerance for the log space limit headroom in bytes. If the variable proxy.config.log2.auto_delete_ is set to 1 (enabled), rolled_file autodeletion of log files is triggered when the amount of free space available in the logging directory is less than the value specified here.
Page 218 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.config.log2.common_log_name common Specifies the Netscape common log file name. STRING proxy.config.log2.common_log_header NULL Specifies the Netscape common log file header text. STRING proxy.config.log2.extended_log_enabled Enables (1) or disables (0) the Netscape extended log file format.
Page 219 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.local.log2.collation_mode Specifies the log collation mode: 0 = Collation disabled. 1 = This host is a log collation server. 2 = This host is a collation client, and sends entries using standard formats to the collation server.
Page 220 Appendix D Configuration Files Configuration Variable Default Value Description Data Type Reverse Proxy proxy.config.reverse_proxy.enabled Enables (1) or disables (0) reverse proxy. (HTTP only). For FTP reverse proxy, refer to proxy.config.ftp.reverse_ftp_enabled‚ on page 202. URL Remap Rules proxy.config.url_remap.default_to_ Enables (1) or disables (0) requests for / and server_pac /proxy.pac on the proxy port to be sent to the PAC port.
Page 221 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.config.ssl.server.cert.filename server.pem Specifies the file name of Traffic Server’s SSL certificate (the server certificate). STRING proxy.config.ssl.server.cert.path /config Specifies the location of Traffic Server’s SSL certificate (the server certificate). STRING proxy.config.ssl.server.private_ NULL Specifies the file name of Traffic Server’s...
Page 222 Appendix D Configuration Files Configuration Variable Default Value Description Data Type ICP Configuration proxy.config.icp.enabled Sets ICP mode for hierarchical caching: 0 = disables ICP. 1 = allows Traffic Server to receive ICP queries only. 2 = allows Traffic Server to send and receive ICP queries.
Page 223 Appendix D Configuration Files Configuration Variable Default Value Description Data Type proxy.config.wccp.version Specifies the version of WCCP being used. 1 = Version 1.0. 2 = Version 2.0. WCCP 1.0 variables proxy.config.wccp.router_ip NULL Specifies the IP address of the router sending traffic to Traffic Server.
Page 224: Remap.config
Appendix D Configuration Files Configuration Variable Default Value Description Data Type ARM (Security Configuration) proxy.config.arm.security_enabled Enables (1) or disables (0) ARM security. Refer to Controlling host access to the Traffic Server machine (ARM security)‚ on page remap.config file contains mapping rules that Traffic Server uses to: remap.config Map URL requests for a specific origin server to the appropriate location on Traffic Server when Traffic Server acts as a reverse proxy for that particular origin server...
Page 225: Example
Appendix D Configuration Files Example The following section shows example mapping rules in the file. remap.config Reverse proxy mapping rules The following example shows a map rule that does not specify a path prefix in the target or replacement: map http://www.x.com/ http://server.hoster.com This rule results in the following translations: Client Request Translated Request...
Page 226: Snmpd.cnf
Appendix D Configuration Files The following example shows reverse-map rules: map http://www.x.com/ http://server.hoster.com/x/ reverse_map http://server.hoster.com/x/ http://www.x.com/ These rules result in the following translations: Client Request Translated Request http://www.x.com/Widgets http://server.hoster.com/x/Widgets Client Request Origin server Header Translated Header http://www.x.com/Widgets http://server.hoster.com/x/Widgets/ http://www.x.com/Widgets/ NOTE When acting as a reverse proxy for multiple servers, the Traffic Server is unable to route to URLs from older browsers that do not send the header.
Page 227: Configuring Trap Destinations
Appendix D Configuration Files Configuring trap destinations You must modify the file to send traps to each of your monitoring stations. snmpd.cnf You must configure the entries for trap destinations. snmpnotifyEntry snmpTargetAddrEntry sends traps to a particular host or group of hosts. defines the IP snmpnotifyEntry snmpTargetAddrEntry...
Page 228: Socks.config
Appendix D Configuration Files line defines the host, , which has the IP address . The snmpTargetAddrEntry host_a A.B.C.D line defines the community , which contains the host . The communityEntry OneHost host_a lines allow access to the community vacmAccessEntry vacmSecurityToGroupEntry OneHost To allow MIB access to one subnet named...
Page 229: Splitdns.config
Appendix D Configuration Files splitdns.config file enables you to specify the DNS server that Traffic server should use for resolving splitdns.config hosts under specific conditions. To specify a DNS server, you must supply the following information in each active line within the file: A primary destination specifier in the form of a destination domain, a destination host, or a URL regular expression A set of server directives, listing one or more DNS servers with corresponding port numbers...
Page 230: Storage.config
Appendix D Configuration Files Now consider the following two requests: http://minstar.internal.hp.com This request will match the first line and select DNS server on port . All resolver 255.255.255.255 requests will use as the default domain, and as the set of domains to search hp.com hp.com hp1.com...
Page 231: Supported Tag/Attribute Pairs
Appendix D Configuration Files The URL URL-specific Request Headers, which overrides the default The update time and interval The recursion depth NOTE Always use the Content Management page to modify settings in the update.config file instead of modifying the file directly using a text editor. This is recommended because certain fields contain special characters, such as <CR><LF>.
Page 232: Example
Appendix D Configuration Files The following table describes each field: Field Allowed inputs HTTP and FTP-based URLs. Request_headers (Optional) A <CR><LF> separated list of headers passed in each request. You can define any request header that conforms to the HTTP specification. The default is no request header.
Page 233: Example
Appendix D Configuration Files Value Description "[xyz]\"foo" The literal string [xyz]"foo If X is ‘a’, ‘b’, ‘f’, ‘n’, ‘r’, ‘t’, or ‘v’, then the ANSI-C interpretation of \x. Otherwise, a literal 'X'. This us used to escape operators such as ‘*’. A NULL character \123 The character with octal value 123...
Page 234: E Event Logging Formats
E Event Logging Formats This appendix contains the following sections: HP custom logging fields‚ on page 222 provides descriptions of HP logging fields Logging format cross reference‚ on page 224 provides cross-references between HP logging fields, and Netscape and Squid logging fields (including Netscape Extended and Extended-2 fields) HP custom logging fields The following table describes the HP custom logging fields.
Page 235 Appendix E Event Logging Formats %<field symbol> Description cqtx The full HTTP client request text, minus headers; for example, GET http://www.hp.com HTTP/1.0 The client request URI; universal resource identifier (URI) of the request from client to proxy (subset of cqtx). cquc The client request canonical URL;...
Page 236: Logging Format Cross Reference
Appendix E Event Logging Formats %<field symbol> Description sscl The server response transfer length; response length (bytes) from server to proxy. sshl The server response header length; response header length (bytes) from server to proxy. sshv The server response HTTP version (1.0, 1.1, ...). sssc The server response status code;...
Page 237: Netscape Common Logging Formats
Appendix E Event Logging Formats Netscape Common logging formats The following table lists the Netscape Common logging fields and the corresponding HP logging field symbols: Netscape Common HP field symbols host caun [time] [cqtn] “req” “cqtx” pssc pscl Netscape Extended logging formats The following table lists the Netscape Extended logging fields and the corresponding HP logging field symbols.
Page 238 Appendix E Event Logging Formats Netscape Extended-2 HP field symbols sssc sscl cqbl pqbl cqhl pshl pqhl sshl route cfsc pfsc...
Page 239: F Traffic Server Error Messages
F Traffic Server Error Messages This appendix contains the following sections: Traffic Server error messages‚ on page 227 describes the messages that Traffic Server software sends to the system log file (messages) Traffic Server alarm messages‚ on page 229 describes the alarm messages that appear in Traffic Manager Monitor pages HTML messages sent to clients‚...
Page 240: Traffic Server Process Fatal
Appendix F Traffic Server Error Messages Message Description rolled file <file name> already exists, attempting Attempting to roll over existing file, so roll is version <version> being changed. “\”Vary: <header field>” —object not served from Document content varies on header fields, so the cache cached copy is not being served back to the client.
Page 241: Traffic Server Alarm Messages
Appendix F Traffic Server Error Messages Message Description Unable to accept cluster connections on port: Call technical support <cluster port number> Unable to open logfile <file name>, errno = Cannot open the log file. <error number> unable to read cache segment The garbage collector is unable to read cache segments in the following cases: if the segment is corrupt, if the pool the segment is in is corrupt, or if there is an actual disk...
Page 242: Html Messages Sent To Clients
Appendix F Traffic Server Error Messages Message Description Traffic Server failed to parse line <line Check your custom log configuration file. There may be number> of the logging config file <file some syntax errors. See HP custom logging fields‚ on name>...
Page 243 Appendix F Traffic Server Error Messages Title HTTP Description Customizable file name code Host Header Required An attempt was made to transparently interception#no_host proxy your request, but this attempt failed because your browser did not send an HTTP Host header. Manually configure your browser to use http:// as an HTTP roxy_name:proxy_port...
Page 244: Standard Http Response Messages
Appendix F Traffic Server Error Messages Title HTTP Description Customizable file name code Temporarily Moved The document you requested, redirect#moved_ URL, moved to a new location. The new temporarily location is new_URL Transcoding Not Unable to provide the document transcoding#unsupported Available the format requested by your browser.
Page 245: Glossary
Glossary Different versions of the same web object. Some origin servers answer requests to the same URL Alternates. with a variety of objects. The content of these objects can vary widely, depending on whether a server delivers content for different languages, targets different browsers with different presentation styles, or delivers variable content at different times of the day.
Page 246 Glossary A Traffic Server option where all nodes in a cluster automatically share Management-only clustering. configuration information. See also Chapter , “Full clustering,”. The LINUX system logging facility. Messages. Management Information Base. The set of parameters that an SNMP management station can query in MIB.
Page 247 Glossary Traffic Server’s browser-based interface consisting of a series of web pages that enable you Traffic Manager . to monitor performance and change configuration settings. A Traffic Server process and the command and control facility. traffic_manager. traffic_manager responsible for launching, monitoring, and reconfiguring the Chapter , “traffic_server,” process. It is also responsible for the administration UI, the proxy auto-configuration port, the statistics interface, cluster administration, and Chapter , “Virtual IP failover,”.
Page 248: Index
Index changing modes full access methods overview management-only accessing the Traffic Manager modes Adaptive Redirection Module. See ARM collating event log files adding virtual IP addresses configuration files administration tools configuration options (Traffic Manager) administrator accounts configuration variables (records.config) adminport Configure mode alarm messages Traffic Line...
Page 249 Index files about log file name arm_security.config peer bypass.config separate logs cache.config ICP cache hierarchies filter.config ftp_remap.config icp.config file hosting.config interactive mode (Traffic Line) icp.config interactive mode commands (Traffic Line) ip_allow.config interception strategies ldapsrvr.config ip_allow.config file log_hosts.config logs.config logs_xml.config LDAP-based proxy authentication mgmt_allow.config about nntp_access.config...
Page 250 Index mgmt_allow.config file Traffic Manager Configure Traffic Manager Monitor MIBs proxy caching Monitor dashboard explicit and transparent Monitor mode HTTP alternates Traffic Line whether to cache Traffic Manager pull group monitoring tools pullover group monitoring traffic PUSH MRTG push group about accessing navigating...
Page 251 Index SQL-like aggregate logging operators Protocols button (Monitor) Routing button (Configure) Squid logging formats Security button (Configure) Server button (Configure) certificate setting administrator ID and password enabling (Traffic Manager) Snapshots button (Configure) using to access Traffic Manager starting monitor mode SSL termination statistics and graphs about...

This manual is also suitable for:

P4535a

HP P4535A - Web Cache Server Appliance Administrator's Manual

Preface

1 Overview

2 Getting Started

3 Web Proxy Caching

4 Transparent Proxy Caching

5 Reverse Proxy and HTTP Redirects

6 Traffic Server Clusters

7 Hierarchical Caching

8 Configuring the Cache

9 Monitoring Traffic

10 Configuring Traffic Server

11 Security Options

12 Working with Log Files

A Traffic Manager Statistics

B Traffic Manager Configuration Options

C Traffic Line Commands

D Configuration Files

Quick Links

Related Manuals for HP P4535A - Web Cache Server Appliance

Summary of Contents for HP P4535A - Web Cache Server Appliance