You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by bu...@apache.org on 2013/12/24 19:32:22 UTC
svn commit: r891679 [4/24] - in /websites/staging/trafficserver/trunk:
cgi-bin/ content/ content/docs/ content/docs/trunk/
content/docs/trunk/admin/ content/docs/trunk/admin/cluster-howto/
content/docs/trunk/admin/configuration-files/ content/docs/trun...
Added: websites/staging/trafficserver/trunk/content/docs/v2/admin/files.htm
==============================================================================
--- websites/staging/trafficserver/trunk/content/docs/v2/admin/files.htm (added)
+++ websites/staging/trafficserver/trunk/content/docs/v2/admin/files.htm Tue Dec 24 18:32:14 2013
@@ -0,0 +1,3012 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+<head>
+<title>Traffic Server Configuration Files</title>
+
+<link href="http://trafficserver.apache.org/docs/trunk/admin/configuration-files/index.en.html" rel="canonical" />
+<!--#include file="top.html" -->
+
+<h1>Appendix E - Configuration Files</h1>
+ <p>
+This appendix describes Traffic Server configuration files that you can edit. </p>
+<ul>
+<li><a href="#bypass.config">bypass.config</a> </li>
+<li><a href="#cache.config">cache.config</a></li>
+<li><a href="#congestion.config">congestion.config</a></li>
+<li><a href="#filter.config">filter.config</a></li>
+<li><a href="#hosting.config">hosting.config</a></li>
+<li><a href="#icp.config">icp.config</a></li>
+<li><a href="#ip_allow.config">ip_allow.config</a></li>
+<li><a href="#logs.config">logs.config</a></li>
+<li><a href="#logs_hosts.config">log_hosts.config</a></li>
+<li><a href="#logs_xml.config">logs_xml.config</a></li>
+<li><a href="#parent.config">parent.config</a></li>
+<li><a href="#partition.config">partition.config</a></li>
+<li><a href="#records.config">records.config</a>
+ <ul>
+ <li><a href="#records.config.system">System Variables</a></li>
+ <li><a href="#records.config.local">Local Manager</a></li>
+ <li><a href="#records.config.process">Process Manager</a></li>
+ <li><a href="#records.config.alarm">Alarm Configuration</a></li>
+ <li><a href="#records.config.auth">Authentication Basic Realm</a></li>
+ <li><a href="#records.config.congestion">Congestion Control</a></li>
+ <li><a href="#records.config.negative">Negative Response Caching</a></li>
+ <li><a href="#records.config.proxy">Proxy User Variables</a></li>
+ <li><a href="#records.config.security">Security</a></li>
+ <li><a href="#records.config.cache">Cache Control</a></li>
+ <li><a href="#records.config.user">Customizable User Response Pages</a></li>
+ <li><a href="#records.config.DNS">DNS</a></li>
+ <li><a href="#records.config.HostDB">HostDB</a></li>
+ <li><a href="#records.config.reverse">Reverse Proxy</a></li>
+ <li><a href="#records.config.remap">URL Remap Rules</a></li>
+ <li><a href="#records.config.SSL">SSL Termination</a></li>
+ <li><a href="#records.config.client">Client-Related Configuration</a></li>
+ <li><a href="#records.config.ICP">ICP Configuration</a></li>
+ <li><a href="#records.config.update">Scheduled Update Configuration</a></li>
+ <li><a href="#records.config.remapplugin">Remap Plugin Processor</a></li>
+ <li><a href="#records.config.plugin">Plug-in Configuration</a></li>
+ <li><a href="#records.config.sockets">Sockets</a></li>
+ </ul>
+</li>
+<li><a href="#remap.config">remap.config</a></li>
+<li><a href="#splitdns.config">splitdns.config</a></li>
+<li><a href="#ssl_multicert.config">ssl_multicert.config</a></li>
+<li><a href="#storage.config">storage.config</a></li>
+<li><a href="#update.config">update.config</a></li>
+<li><a href="#url_regex">Specifying URL Regular Expressions (url_regex)</a></li>
+</ul>
+
+ <h2>
+<a name="bypass.config">bypass.config</a></h2>
+ <p> The <code> bypass.config</code> file contains static bypass rules that Traffic Server uses in transparent proxy caching mode. <em> Static</em> bypass rules instruct Traffic Server to bypass certain incoming client requests so they are served by the origin server. The <code>bypass.config</code> file also accepts <a href="#dynamic.deny_bypass">Dynamic Deny Bypass Rules</a>.</p>
+<p>You can configure three types of static bypass rules: </p>
+
+<ul>
+ <li> <b>Source bypass rules</b> configure Traffic Server to bypass a particular source IP address or range of IP addresses. For example: bypass clients that do not want to use caching. </li><br />
+ <li><b> Destination bypass rules</b> configure Traffic Server to bypass a particular destination IP address or range of IP addresses. For example: bypass origin servers that use IP authentication based on the client's real IP address.<br />
+ <strong>IMPORTANT</strong>: Destination bypass rules prevent Traffic Server from caching an entire site. You will experience hit rate impacts if the site you bypass is popular.</li>
+ <br />
+ <li><b>Source/destination pair bypass rules</b> configure Traffic Server to bypass requests that originate from the specified source to the specified destination. For example: route around specific client-server pairs that experience broken IP authentication or out-of-band HTTP traffic problems when cached. Source/destination bypass rules can be preferable to destination rules because they block a destination server only for users that experience problems. </li>
+ </ul>
+ <p><strong>IMPORTANT: </strong>After you modify the <code>bypass.config</code> file, you must restart Traffic Server. </p>
+ <h3>Format</h3>
+ <p>Bypass rules follow the format below: <br />
+<code>bypass src <em>ipaddress</em> | dst <em>ipaddress</em> | <em>src ipaddress</em> AND dst <em>ipaddress</em></code></p>
+ <p>The following table describes the variables. </p>
+ <table border="1"><code>
+ <tr>
+ <th> <p>Option </p></th>
+ <th> <p>Description</p></th>
+ </tr>
+ </code><tr>
+ <td><p><code> src <em> ipaddress</em></code></p></td>
+ <td><p>Specifies the source (client) IP address in incoming requests Traffic Server must bypass. </p>
+ <p> The variable<code><i> ipaddress</i></code> can be one of the following:</p>
+ - A simple IP address, such as<code> 123.45.67.8</code><br />
+ - In CIDR (Classless Inter-Domain Routing) format, such as<code> 1.1.1.0/24</code><br />
+ - A range separated by a dash, such as<code> 1.1.1.1-2.2.2.2</code><br />
+ - Any combination of the above separated by commas, such as<code> 1.1.1.0/24, 25.25.25.25, 123.1.23.1-123.1.23.123</code></td>
+ </tr>
+<tr>
+ <td><p><code> dst <em> ipaddress</em> </code></p></td>
+ <td><p>Specifies the destination (origin server) IP address in incoming requests Traffic Server must bypass. </p>
+ <p> The variable <code><em>ipaddress </em> </code>can be one of the following:</p>
+ <p>- A simple IP address, such as <code>123.45.67.8</code><br />
+ - In CIDR (Classless Inter-Domain Routing) format, such as<code> 1.1.1.0/24</code><br />
+ - A range separated by a dash, such as<code> 1.1.1.1-2.2.2.2</code><br />
+ - Any combination of the above separated by commas, such as<code>
+ 1.1.1.0/24, 25.25.25.25, 123.1.23.1-123.1.23.123</code></p></td>
+ </tr>
+<tr>
+ <td><p><code> src <em> ipaddress</em> AND dst <em> ipaddress</em> </code></p></td>
+ <td><p>Specifies the source and destination IP address pair Traffic Server must bypass. </p>
+ <p> The variable <code><i>ipaddress</i></code> must be a single IP address, such as<code> 123.45.67.8</code></p></td>
+ </tr>
+ </table>
+ <h4>
+ <a name="dynamic.deny_bypass">Dynamic Deny Bypass Rules</a> </h4>
+ <p>In addition to static bypass rules, the <code>bypass.config</code> file also accepts <em>dynamic deny</em> bypass rules that prevent Traffic Server from bypassing certain incoming client requests dynamically (a deny bypass rule can prevent Traffic Server from bypassing itself). Dynamic deny bypass rules can be source, destination, or source/destination and have the following format: <br />
+
+ <code>deny_dyn_bypass src <em>ipaddress</em> | dst <em>ipaddress</em> | src <em>ipaddresss</em> AND <em>ipaddress</em></code> </p>
+ <p>For a description of the options, refer to the table above. For the dynamic deny bypass rules to work, you must set the variable <code><i>proxy.config.arm.bypass_dynamic_enabled</i></code> to <code>1</code> in the <code>records.config</code> file. </p>
+<p><strong>IMPORTANT:</strong> Static bypass rules overwrite dynamic deny bypass rules. If a static bypass rule and a dynamic bypass rule contain the same IP address, then the dynamic deny bypass rule will be ignored. </p>
+ <h3>Examples</h3>
+ <p>The following example shows source, destination, and source/destination <b>bypass rules</b>: <br />
+
+ <code>bypass src 1.1.1.0/24, 25.25.25.25, 128.252.11.11-128.252.11.255</code> <br />
+
+ <code>bypass dst 24.24.24.0/24</code> <br />
+
+<code>bypass src 25.25.25.25 AND dst 24.24.24.0</code></p>
+ <p>The following example shows source, destination, and source/destination <b>dynamic deny bypass rules</b>: <br />
+ <code>deny_dyn_bypass src 128.252.11.11-128.252.11.255 </code><br />
+ <code>deny_dyn_bypass dst 111.111.11.1</code> <br />
+<code>deny_dyn_bypass src 111.11.11.1 AND dst 111.11.1.1</code></p>
+ <h2>
+ <a name="cache.config"></a>cache.config</h2>
+ <p>The <code>cache.config</code> file defines how Traffic Server caches web objects. You can add caching rules to specify the following: </p>
+ <ul>
+ <li>Not to cache objects from specific IP addresses</li>
+ <li>How long to pin particular objects in the cache</li>
+ <li>How long to consider cached objects as fresh</li>
+ <li>Whether to ignore no-cache directives from the server </li>
+ </ul>
+ <p><strong>IMPORTANT: </strong>After you modify the <code>cache.config</code> file, navigate to the Traffic Server<code> bin</code> directory; then run the <code>traffic_line -x </code>command to apply changes. When you apply the changes to a node in a cluster, Traffic Server automatically applies the changes to all other nodes in the cluster. </p>
+ <h3>
+ <strong>Format</strong> </h3>
+ <p>Each line in the <code>cache.config</code> file contains a caching rule. Traffic Server recognizes three space-delimited tags: <br />
+<code><em>primary_destination</em>=<em>value</em> <em>secondary_specifier</em>=<em>value</em> <em>action</em>=<em>value</em></code></p>
+ <p>You can use more than one secondary specifier in a rule. However, you cannot repeat a secondary specifier. <br />
+ The following table lists the possible primary destinations with allowed values. </p>
+ <table border="1">
+ <tr>
+ <th> <p>Primary Destination</p></th>
+ <th> <p>Allowed Value</p></th>
+ </tr>
+ <tr>
+ <td><p><i><code> dest_domain</code> </i></p></td>
+ <td><p>A requested domain name. Traffic Server matches the domain name of the destination from the URL in the request.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> dest_host</code> </i></p></td>
+ <td><p>A requested hostname. Traffic Server matches the hostname of the destination from the URL in the request.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> dest_ip</code> </i></p></td>
+ <td><p>A requested IP address. Traffic Server matches the IP address of the destination in the request.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> url_regex</code> </i></p></td>
+ <td><p>A regular expression (regex) to be found in a URL.</p></td>
+ </tr>
+ </table>
+ <p>The secondary specifiers are optional in the <code>cache.config</code> file. The following table lists possible secondary specifiers with allowed values. </p>
+ <table border="1">
+ <tr>
+ <th> <p>Secondary Specifier</p></th>
+ <th> <p>Allowed Value</p></th>
+ </tr>
+ <tr>
+ <td><p><i><code> port</code> </i></p></td>
+ <td><p>A requested URL port.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> scheme</code> </i></p></td>
+ <td><p>A request URL protocol: http or https.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> prefix</code> </i></p></td>
+ <td><p>A prefix in the path part of a URL.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> suffix</code> </i></p></td>
+ <td><p>A file suffix in the URL.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> method</code> </i></p></td>
+ <td><p>A request URL method: <code>get</code>, <code>put</code>, <code>post</code>, <code>trace</code>.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> time</code> </i></p></td>
+ <td><p>A time range, such as<code> 08:00-14:00</code>.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> src_ip</code> </i></p></td>
+ <td><p>A client IP address.</p></td>
+ </tr>
+ </table>
+ <p>The following table lists possible actions and their allowed values. </p>
+ <table border="1">
+ <tr>
+ <th> <p>Action</p></th>
+ <th> <p>Value</p></th>
+ </tr>
+ <tr>
+ <td><p><i><code> action</code> </i></p></td>
+ <td><p>One of the following values:</p>
+ <p><code> never-cache</code> configures Traffic Server to never cache specified objects. <br />
+ <code> ignore-no-cache</code> configures Traffic Server to ignore all Cache-Control: no-cache headers. <br />
+ <code> ignore-client-no-cache</code> configures Traffic Server to ignore Cache-Control: no-cache headers from client requests. <br />
+ <code> ignore-server-no-cache</code> configures Traffic Server to ignore Cache-Control: no-cache headers from origin server responses. </p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> pin-in-cache</code></i></p></td>
+ <td><p>The amount of time you want to keep the object(s) in the cache. The following time formats are allowed:</p>
+ <p><code> d</code> for days; for example: 2d<br />
+ <code> h</code> for hours; for example: 10h<br />
+ <code> m</code> for minutes; for example: 5m<br />
+ <code> s</code> for seconds; for example: 20s<br />
+ mixed units; for example: 1h15m20s</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> revalidate</code> </i></p></td>
+ <td><p>The amount of time object(s) are to be considered fresh. Use the same time formats as <code> pin-in-cache</code> .</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> ttl-in-cache</code> </i></p></td>
+ <td><p>The amount of time object(s) are to be kept in the cache, regardless of <code>Cache-Control</code> response headers. Use the same time formats as <code> pin-in-cache</code> and <code> revalidate</code> .</p></td>
+ </tr>
+ </table>
+ <h3><strong>Examples</strong></h3>
+<p>The following example configures Traffic Server to revalidate <code>gif</code> and <code>jpeg</code> objects in the domain <code>mydomain.com</code> every 6 hours, and all other objects in <code>mydomain.com</code> every hour. The rules are applied in the order listed. </p>
+ <p>
+ <code>dest_domain=mydomain.com suffix=gif revalidate=6h</code> <br />
+ <code>dest_domain=mydomain.com suffix=jpeg revalidate=6h</code> <br />
+ <code>dest_domain=mydomain.com revalidate=1h</code> </p>
+
+<h2>
+ <a name="congestion.config">congestion.config</a> </h2>
+ <p>The <code>congestion.config</code> file enables you to configure Traffic Server to stop forwarding HTTP requests to origin servers when they become congested, and then send the client a message to retry the congested origin server later. After you modify the <code>congestion.control</code> file, navigate to the Traffic Server<code> bin</code> directory; then run the <code>traffic_line -x</code> command to apply changes. When you apply the changes to a node in a cluster, Traffic Server automatically applies the changes to all other nodes in the cluster. Traffic Server uses the <code>congestion.config</code> file only if you enable the <a href="http.htm#UsingCongestionControl">Congestion Control</a> option.</p>
+ <p>You can create rules in the <code>congestion.config</code> file to specify: </p>
+ <ul>
+ <li>Which origin servers Traffic Server tracks for congestion.</li>
+ <li>The timeouts Traffic Server uses, depending on whether a server is congested.</li>
+ <li>The page Traffic Server sends to the client when a server becomes congested.</li>
+ <li>If Traffic Server tracks the origin servers per IP address or per hostname.</li>
+ </ul>
+ <h3>Format</h3>
+ <p>Each line in <code>congestion.config</code> must follow the format below. Traffic Server applies the rules in the order listed, starting at the top of the file. <br />Traffic Server recognizes three space-delimited tags: <br />
+ <code><em>primary_destination</em>=<em>value</em> <em>secondary_specifier</em>=<em>value</em> <em>action</em>=<em>value</em></code> </p>
+ <p>The following table lists possible primary destinations with allowed values. </p>
+ <table border="1">
+ <tr>
+ <th> <p>Primary Destination</p></th>
+ <th> <p>Allowed Value</p></th>
+ </tr>
+ <tr>
+ <td><p><i><code> dest_domain</code> </i></p></td>
+ <td><p>A requested domain name.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> dest_host</code> </i></p></td>
+ <td><p>A requested hostname.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> dest_ip</code> </i></p></td>
+ <td><p>A requested IP address.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> url_regex</code> </i></p></td>
+ <td><p>A regular expression (regex) to be found in a URL.</p></td>
+ </tr>
+ </table>
+ <p>The secondary specifiers are optional in the <code>congestion.config</code> file. The following table lists possible secondary specifiers with allowed values. You can use more than one secondary specifier in a rule; however, you cannot repeat a secondary specifier. </p>
+ <table border="1">
+ <tr>
+ <th> <p>Secondary Specifier</p></th>
+ <th> <p>Allowed Value</p></th>
+ </tr>
+ <tr>
+ <td><p><i><code> port</code> </i></p></td>
+ <td><p>A requested URL port or range of ports.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> prefix</code> </i></p></td>
+ <td><p>A prefix in the path part of a URL.</p></td>
+ </tr>
+ </table>
+ <p>The following table lists the possible tags and their allowed values. </p>
+<table border="1">
+ <tr>
+ <th> <p>Tag</p></th>
+ <th> <p>Allowed Value</p></th>
+ </tr>
+ <tr>
+ <td><p><i><code> max_connection_failures</code> </i></p></td>
+ <td><p>The maximum number of connection failures allowed within the fail window described below before Traffic Server marks the origin server as congested. The default value is <code>5</code>.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code>fail_window</code></i></p></td>
+ <td><p>The time period during which the maximum number of connection failures can occur before Traffic Server marks the origin server as congested. The default value is <code>120</code> seconds.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code>proxy_retry_interval</code></i></p></td>
+ <td><p>The number of seconds that Traffic Server waits before contacting a congested origin server again. The default value is <code>10</code> seconds</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code>client_wait_interval</code></i></p></td>
+ <td><p>The number of seconds that the client is advised to wait before retrying the congested origin server. The default value is <code>300</code> seconds.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code>wait_interval_alpha</code></i></p></td>
+ <td><p>The upper limit for a random number that is added to the wait interval. The default value is <code>30</code> seconds.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code>live_os_conn_timeout</code></i></p></td>
+ <td><p>The connection timeout to the live (uncongested) origin server. The default value is <code>60</code> seconds. <br />
+ If a client stops a request before the timeout occurs, then Traffic Server does not record a connection failure.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code>live_os_conn_retries</code></i></p></td>
+ <td><p>The maximum number of retries allowed to the live (uncongested) origin server. The default value is <code>2</code>.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code>dead_os_conn_timeout</code></i></p></td>
+ <td><p>The connection timeout to the congested origin server. The default value is <code>15</code> seconds.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code>dead_os_conn_retries</code></i></p></td>
+ <td><p>The maximum number of retries allowed to the congested origin server. The default value is <code>1</code>.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code>max_connection</code></i></p></td>
+ <td><p>The maximum number of connections allowed from Traffic Server to the origin server. The default value is <code>-1</code>.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code>error_page</code></i></p></td>
+ <td><p>The error page sent to the client when a server is congested. You must enclose the value in quotes; the default value is <code> "congestion#retryAfter"</code><br />
+ </p></td>
+ </tr>
+ <tr>
+ <td><p><i><code>congestion_scheme</code></i></p></td>
+ <td><p>Specifies if Traffic Server applies the rule on a per-host (<code>"per_host") </code> or per-IP basis <code> ("per_ip")</code>. The default value is <code> "per_ip"</code>; you must enclose the value in quotes.</p>
+ <p> For example: if the server <code> www.host1.com</code> has two IP addresses and you use the tag value <code> "per_ip"</code>, then each IP address has its own number of connection failures and is marked as congested independently. If you use the tag value <code> "per_host"</code> and the server <code> www.host1.com</code> is marked as congested, then <i>both</i> IP addresses are marked as congested. </p></td>
+ </tr>
+ </table>
+ <p>
+<strong>Examples</strong></p>
+ <p>The following <code>congestion.config</code> rule configures Traffic Server to stop forwarding requests to the server <code>www.host.com</code> on port 80 (HTTP traffic) if the server is congested, according to the timeouts specified. Traffic Server uses the default tag values because no tag has been specified.
+ <br /><code>dest_host=www.host.com port=80</code> </p>
+ <p>You can use one or more tags in a rule, but each tag must have one value only. If you specify no tags in the rule, then Traffic Server uses the default values. </p>
+ <p>You can override any of the default tag values by adding configuration variables at the end of <code>records.config</code> as follows: <br />
+ <code>CONFIG proxy.config.http.congestion_control.default.<em>tag</em> INT|STRING <em>value</em></code> <br />
+ where <code><i><b>tag</b></i></code> is one of the tags described in the table under <a href="#congestion.config">congestion.config</a> and <code><i><b>value</b></i></code> is the value you want to use.</p>
+ <p>For example: <br /><code>CONFIG<br />
+proxy.config.http.congestion_control.default.congestion_scheme STRING per_host</code> </p>
+ <p><strong>IMPORTANT: </strong>Rules in the <code>congestion.config</code> file override the following variables in the <code>records.config</code> file: </p>
+ <p><code><i>proxy.config.http.connect_attempts_max_retries</i></code> <i><br />
+ <code>proxy.config.http.connect_attempts_max_retries_dead_server</code> <br />
+ <code>proxy.config.http.connect_attempts_rr_retries</code> <br />
+ <code>proxy.config.http.connect_attempts_timeout</code> <br />
+ <code>proxy.config.http.down_server.cache_time</code> <br />
+ <code>proxy.config.http.down_server.abort_threshold</code></i></p>
+ <h2>
+<a name="filter.config">filter.config</a></h2>
+ <p>The <code>filter.config</code> file enables you to deny or allow particular requests and strip header information from client requests. After you modify <code>filter.config</code>, you must restart Traffic Server. </p>
+<h3>Format</h3>
+ <p>Each line in <code>filter.config</code> contains a filtering rule. Traffic Server applies the rules in the order listed, starting at the top of the file. <br />Traffic Server recognizes three space-delimited tags:
+ <br /><code>primary_destination=<em>value</em> secondary_specifier=<em>value</em> action=<em>value</em></code> </p>
+ <p>The following table lists possible primary destinations with their allowed values. </p>
+ <table border="1">
+ <tr>
+ <th> <p>Primary Destination</p></th>
+ <th> <p>Allowed Value</p></th>
+ </tr>
+ <tr>
+ <td><p><i><code> dest_domain</code> </i></p></td>
+ <td><p>A requested domain name. Traffic Server matches the domain name of the destination from the URL in the request.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> dest_host</code> </i></p></td>
+ <td><p>A requested hostname. Traffic Server matches the hostname of the destination from the URL in the request.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> dest_ip</code> </i></p></td>
+ <td><p>A requested IP address. Traffic Server matches the IP address of the destination in the request.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> url_regex</code> </i></p></td>
+ <td><p>A regular expression (regex) to be found in a URL.</p></td>
+ </tr>
+ </table>
+ <p>The secondary specifiers are optional in the <code>filter.config</code> file. The following table lists the possible secondary specifiers and their allowed values. You can use more than one secondary specifier in a rule; however, you cannot repeat a secondary specifier. </p>
+<p>The following table lists possible actions with allowed values. </p>
+ <table border="1">
+ <tr>
+ <th> <p>Secondary Specifier</p></th>
+ <th> <p>Allowed Value</p></th>
+ </tr>
+ <tr>
+ <td><p><i><code> port</code> </i></p></td>
+ <td><p>A requested URL port.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> scheme</code> </i></p></td>
+ <td><p>A request URL protocol: <code>http</code> or <code>https</code>.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> prefix</code> </i></p></td>
+ <td><p>A prefix in the path part of a URL.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> suffix</code> </i></p></td>
+ <td><p>A file suffix in the URL.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> method</code> </i></p></td>
+ <td><p>A request URL method. You can specify one of the following:<br />
+ <code> get</code> <br />
+ <code> post</code> <br />
+ <code> put</code> <br />
+ <code> trace</code> <br />
+ <code> PUSH</code> </p>
+ <p><b>Note:</b> If the <code>PUSH</code> option is enabled (the <code>PUSH</code> option lets you deliver content directly to the cache without user request), then you must add a filtering rule with the <code>PUSH</code> action to ensure that only known source IP addresses implement <code>PUSH</code> requests to the cache. To enable the <code>PUSH</code> option, set the configuration variable <code> <i>proxy.config.http.push_method_enabled</i></code> to 1 in the <code> records.config</code> file.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> time</code> </i></p></td>
+ <td><p>A time range, such as 08:00-14:00.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> src_ip</code> </i></p></td>
+ <td><p>A client IP address.<br />
+ <b>Note:</b> <code> src_ip</code> is not supported for PNA content.</p></td>
+ </tr>
+ </table>
+ <h3>Examples</h3>
+<p>The following example configures Traffic Server to keep the client IP address header for URL requests that contain the regular expression <code>giraffes</code> and whose path prefix is <code>/habitat</code>: <br />
+
+ <code>url_regex=giraffes prefix=/habitat keep_hdr=client_ip</code> </p>
+ <p>The following example configures Traffic Server to strip all cookies from client requests destined for the origin server <code>www.server1.com: </code><br />
+
+ <code>dest_host=www.server1.com strip_hdr=cookie</code> </p>
+ The following example configures Traffic Server to disallow <code>puts</code> to the origin server <code>www.server2.com</code>: <br />
+<code>dest_host=www.server2.com method=put action=deny</code>
+ <p>The following example configures Traffic Server to allow only the host associated with the IP address 11.11.1.1 to deliver content directly into the cache (<code>PUSH</code>). A deny rule is also included to prevent unauthorized users from pushing content into the cache. <br />
+ <code>dest_domain=. src_ip=11.11.1.1 method=PUSH action=allow</code> <br />
+ <code>dest_domain=. method=PUSH action=deny</code></p>
+ <p>Traffic Server applies the rules in the order listed in the <code>filter.config</code> file. For example, the sample <code>filter.config</code> file below configures Traffic Server to do the following: </p>
+ <ul>
+ <li>Allow only users authenticated by the LDAP server on <code> ldap.com</code> to access <code> internal.com</code> </li>
+ <li>Allow all users (except those trying to access <code> internal.com</code> ) to access <code> server1.com</code> </li>
+ <li>Deny all users access to <code> naughty.com</code> </li>
+ <li>Allow authenticated users (authenticated by the LDAP server on <code> ldap.com</code> ) with the attribute ou="Accounting Department" in their LDAP profile to access <code> 401kfidelity.com</code> </li>
+ <li>Require any user not included in any of the above directives to be authenticated by the default LDAP server</li>
+ </ul>
+ <p><code>dest_host=internal.com action=ldap server=ldap.com dn="o=ldap.com"</code><br />
+ <code> dest_host=server1.com action=allow</code><br />
+ <code>dest_host=naughty.com action=deny</code><br />
+ <code>dest_host=401k.fidelity.com action=ldap server=ldap.com:389 dn="o=ldap.com" attr=ou attr_val="Accounting Department"</code><br />
+ <code>dest_ip=0.0.0.0-255.255.255.255 action=lda</code></p>
+ <h2>
+<a name="hosting.config">hosting.config</a> </h2>
+ <p>The <code>hosting.config</code> file enables you to assign cache partitions to specific origin servers and/or domains so that you can manage cache space efficiently and restrict disk usage. For step-by-step instructions on partitioning the cache according to origin servers and/or domains, refer to <a href="cache.htm">Partitioning the Cache According to Origin Server or Domain</a>.
+<br />Before you can assign cache partitions to specific origin servers and/or domains, you must first partition your cache according to size and protocol in the <code>partition.config</code> file. For step-by-step instructions about partitioning your cache, refer to <a href="cache.htm">Partitioning the Cache</a>. For a description of the <code>partition.config</code> file, refer to <a href="#partition.config">partition.config</a>. </p>
+ <p>After you modify <code>hosting.config, </code> navigate to the Traffic Server<code> bin</code> directory and run the <code>traffic_line -x</code> command to apply your changes. When you apply the changes to a node in a cluster, Traffic Server automatically applies the changes to all other nodes in the cluster. </p>
+ <p><strong>IMPORTANT:</strong> The partition configuration must be the same on all nodes in a cluster. </p>
+ <h3>Format</h3>
+ <p>Each line in the <code>hosting.config</code> file must have one of the following formats: <br />
+ <code>hostname=<em> hostname</em> partition=<em> partition_numbers</em></code> <br />
+ <code> domain=<em> domain_name</em> partition=<em> partition_numbers</em></code></p>
+ <p>where <code><em>hostname</em></code> is the fully-qualified hostname of the origin server whose content you want to store on a particular partition (for example, <code>www.myhost.com</code>); <code><em>domain_name</em></code> is the domain whose content you want to store on a particular partition(for example, <code>mydomain.com</code>); and <code><em>partition_numbers</em></code> is a comma-separated list of the partitions on which you want to store the content that belongs to the origin server or domain listed. The partition numbers must be valid numbers listed in the <a href="#partition.config"><code>partition.config</code></a> file. </p>
+<p><strong>Note: </strong>To allocate more than one partition to an origin server or domain, you must enter the partitions in a comma-separated list on one line, as shown in the example below. The <code>hosting.config</code> file cannot contain multiple entries for the same origin server or domain. </p>
+ <h4>Generic Partition</h4>
+ <p>When configuring the <code>hosting.config </code>file, you must assign a generic partition to use for content that does not belong to any of the origin servers or domains listed. If all partitions for a particular origin server become corrupt, Traffic Server will also use the generic partition to store content for that origin server. </p>
+ <p>The generic partition must have the following format: <br />
+<code>hostname=* partition=<em>partition_numbers</em> </code><br />
+where <code><i>partition_numbers</i></code> is a comma-separated list of generic partitions. </p>
+ <h3>Examples</h3>
+ <p>The following example configures Traffic Server to store content from the domain <code>mydomain.com</code> in partition 1 and content from <code>www.myhost.com</code> in partition 2. Traffic Server stores content from all other origin servers in partitions 3 and 4. </p>
+ <p><code>domain=mydomain.com partition=1</code> <br /><code>hostname=www.myhost.com partition=2</code><br /><code>hostname=* partition=3,</code></p>
+ <h2>
+ <a name="icp.config">icp.config</a> </h2>
+ <p>The <code>icp.config</code> file defines ICP peers (parent and sibling caches). </p>
+ <p><strong>IMPORTANT: </strong>After you modify the <code>icp.config</code> file, navigate to the Traffic Server<code> bin</code> directory and run the <code>traffic_line -x</code> command to apply the changes. When you apply the changes to a node in a cluster, Traffic Server automatically applies the changes to all other nodes in the cluster. </p>
+ <h3>Format</h3>
+ <p>Each line in the <code>icp.config</code> file contains the name and configuration information for a single ICP peer in the following format:
+ <br /><code> <em> host</em> :<em> host_IP</em> :<em> peer_type : proxy_port : icp_port : MC_on : MC_IP : MC_TTL :</em></code></p>
+ <p>Each field is described in the following table. </p>
+ <table border="1">
+ <tr>
+ <th> <p>Field </p></th>
+ <th> <p>Description</p></th>
+ </tr>
+ <tr>
+ <td><p><code> <em>host</em></code></p></td>
+ <td><p>The hostname of the ICP peer.
+ <br />This field is optional; if you do not specify the hostname of the ICP peer, you must specify the IP address.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><em> host _IP</em></code> </p></td>
+ <td><p>The IP address of the ICP peer. <br />
+ This field is optional; if you do not specify the IP address of the ICP peer, you must specify the hostname.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><em>ctype</em></code> </p></td>
+ <td><p>Use the following options:</p>
+ <p><code> 1</code> to indicate an ICP parent cache<br />
+ <code>2</code> to indicate an ICP sibling cache</p></td>
+ </tr>
+ <tr>
+ <td><p><code><em> proxy_port</em></code> </p></td>
+ <td><p>The port number of the TCP port used by the ICP peer for proxy communication.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><em>icp_port</em></code> </p></td>
+ <td><p>The port number of the UDP port used by the ICP peer for ICP communication. </p></td>
+ </tr>
+ </table>
+ <h3>Examples</h3>
+ <p>The following example configuration is for three nodes: the local host, one parent, and one sibling. </p>
+
+ <p>
+ <code>localhost:0.0.0.0:3:8080:3130:0:0.0.0.0:1 <br />
+ </code><code>host1:123.12.1.23:1:8080:3131:0:0.0.0.0:1 <br />
+ </code><code>host2:123.12.1.24:2:8080:3131:0:0.0.0.0:1 </code></p>
+<h2>
+<a name="ip_allow.config">ip_allow.config</a></h2>
+ <p>The <code>ip_allow.config</code> file controls client access to the Traffic Server proxy cache. You can specify ranges of IP addresses that are allowed to use the Traffic Server as a web proxy cache. <br />
+ After you modify the <code>ip_allow.config</code> file, navigate to the Traffic Server<code> bin</code> directory and run the <code>traffic_line -x</code> command to apply changes. When you apply the changes to a node in a cluster, Traffic Server automatically applies the changes to all other nodes in the cluster. </p>
+<h3>Format</h3>
+ <p>Each line in the <code>ip_allow.config</code> file must have the following format: <br />
+ <code>src_ip=<em>ipaddress </em>action=ip_allow | ip_deny</code> </p>
+<p>where <code><i>ipaddress</i></code> is the IP address or range of IP addresses of the clients allowed to access the Traffic Server proxy cache, the action <code>ip_allow</code> enables the specified clients to access the Traffic Server proxy cache, and <code>ip_deny</code> denies the specified clients to access the Traffic Server proxy cache. </p>
+<p>By default, the <code>ip_allow.config</code> file contains the following line, which allows all clients to access the Traffic Server proxy cache. To restrict access, comment out or delete this line before adding rules: <br />
+ <code>src_ip=0.0.0.0-255.255.255.255 action=ip_allow </code></p>
+<h3>Examples</h3>
+ <p> The following example enables all clients to access the Traffic Server proxy cache: <br />
+ <code>src_ip=0.0.0.0-255.255.255.255 action=ip_allow </code></p>
+<p>The following example allows all clients on a specific subnet to access the Traffic Server proxy cache: <br />
+ <code>src_ip=123.12.3.000-123.12.3.123 action=ip_allow</code></p>
+<p>The following example denies all clients on a specific subnet to access the Traffic Server proxy cache: <br />
+ <code>src_ip=123.45.6.0-123.45.6.123 action=ip_deny</code></p>
+<h2>
+<a name="logs.config">logs.config</a></h2>
+ <p>The <code>logs.config</code> file establishes and formats <b>traditional</b> custom transaction log files. <br />
+ Although Traffic Server supports traditional custom logging, you should use the more versatile XML-based custom logging (refer to <a href="log.htm">Using the Custom Format</a> and <a href="#logs_xml.config">logs_xml.config</a>). If you opt to use traditional custom logging instead of the more versatile XML-based custom logging, then you must enable the traditional custom logging option manually (refer to <a href="log.htm">Support for Traditional Custom Logging</a>). </p>
+<p><strong>IMPORTANT: </strong>After you modify <code>logs.config</code>, navigate to the Traffic Server<code> bin</code> directory and run the <code>traffic_line -x</code> command to apply changes. When you apply the changes to a node in a cluster, Traffic Server automatically applies the changes to all other nodes in the cluster. </p>
+
+ <h3>Format</h3>
+ <p>Each line in the <code>logs.config</code> file establishes and formats a custom transaction log file. Lines consist of the following fields, separated by colons (:). </p>
+ <table border="1">
+ <tr>
+ <th> <p>Field</p></th>
+ <th> <p>Allowed Inputs</p></th>
+ </tr>
+ <tr>
+ <td><p><i><code> format</code> </i></p></td>
+ <td><p>All lines must begin with the word <code> format</code> .</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> activation flag</code> </i></p></td>
+ <td><p>Specifies if the custom log file is activated. You can specify one of the following options:</p>
+ <p><code> enabled</code> <br />
+ <code>disabled</code> </p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> unique format identifier</code> </i></p></td>
+ <td><p>You must use a unique integer for each custom log file you create.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> format name</code> </i></p></td>
+ <td><p>The name for the format you define.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> format string</code> </i></p></td>
+ <td><p>Identifies the <code> printf</code> -style format string specifying the field symbols to be displayed and how they should look in ASCII. Refer to this <a href="logfmts.htm"> Appendix</a> for a list of the available field symbols and their meanings. </p>
+ <p>Field symbols are indicated by %<<code> field_symbol</code> > format. For example: to indicate that <code> chi</code> is the client host IP and not the string <code> chi</code> to be printed, enter <code>% <chi></code> . </p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> file name</code> </i></p></td>
+ <td><p>The name of the custom log file you create.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> file type</code> </i></p></td>
+ <td><p>The format of the file: <code>ASCII</code> or <code> BINARY.</code> </p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> file header data</code> </i></p></td>
+ <td><p>The header text. Enter <code> none</code> if you do not want header text; enter the text of the header if you want your custom log file to have a header.</p></td>
+ </tr>
+ </table>
+ <h3>Examples</h3>
+ <p>The following example shows a custom log format for a file named <code><b>minimalist</b></code>. It records the client host IP address (<code>chi</code>), the client request universal resource identifier (<code>cqu</code>), and the proxy response status code (<code>pssc</code>). <br />
+ <code>format:enabled:1:minimal:%<chi> / %<cqu> / %<pssc>:minimalist:ASCII:none</code> </p>
+<p>The output file for the above example format is: <br />
+ <code>123.12.3.123 / GET http://earth/ocean/index.html HTTP/1.0 / 200</code> </p>
+<p>The following example shows a custom log format for a file named <code><b>test</b></code>. It records the <code>User-Agent </code>value of the client request header (<code>cqh</code>) and the <code>Retry-After</code> value of the proxy response header (<code>psh</code>). <br />
+ <code>format:enabled:1:test:%<{User-Agent}cqh> %<{Retry-After}psh>:test:ASCII:none</code></p>
+<h3>WELF</h3>
+ <p>Traffic Server supports <b>WELF</b>, the WebTrends Enhanced Log format, so you can analyze Traffic Server log files with WebTrends reporting tools. A predefined custom format for WELF is provided in the <code>logs.config</code> file. To create a WELF format log file, comment out the following section at the end of the file and replace <code><FORMAT_ID></code> with a unique integer. </p>
+ <p>
+ <code>#format:enabled:<FORMAT_ID>:welf:id=firewall time="%<cqtd> %<cqtt>" fw=%<phn> pri=6 proto=%<cqus> duration=%<ttmsf> sent=%<psql> rcvd=%<cqhl> src=%<chi> dst=%<shi> dstname=%<shn> user=%<caun> op=%<cqhm> arg="%<cqup>" result=%<pssc> ref="%<{Referer}cqh>" agent="%<{user-agent}cqh>" cache=%<crc>:welf:ASCII:none<br />
+ <br />
+ #</code></p>
+
+ <h2>
+ <a name="logs_hosts.config">log_hosts.config</a> </h2>
+ <p>To record HTTP transactions for different origin servers in separate log files, you must list each origin server hostname in the <code>log_hosts.config</code> file. In addition, you must enable the <a href="log.htm">HTTP Host Log Splitting</a> option. You should use the same <code>log_hosts.config</code> file on every Traffic Server node in your cluster. <strong> </strong> After you modify the <code>log_hosts.config</code> file, navigate to the Traffic Server<code> bin</code> directory and run the <code>traffic_line -x</code> command to apply the changes. When you apply the changes to a node in a cluster, Traffic Server automatically applies the changes to all other nodes in the cluster. </p>
+<h3>
+ Format </h3>
+ <p>Each line in the <code>log_hosts.config</code> file has the following format: <code><br />
+ <i>hostname</i> </code></p>
+ <p>
+ where <code><i>hostname</i></code> is the hostname of the origin server. </p>
+<p><strong>Tip:</strong> You can specify keywords in the <code>log_hosts.config</code> file to record all transactions from origin servers with the specified keyword in their names in a separate log file. See the example below.</p>
+ <h3>Examples</h3>
+ <p>The following example configures Traffic Server to create separate log files containing all HTTP transactions for the origin servers <code>webserver1</code>, <code>webserver2</code>, and <code>webserver3</code>. </p>
+ <p><code>webserver1</code> <code><br />
+ </code><code>webserver2</code> <code><br />
+ </code><code>webserver3</code></p>
+<p>The following example records all HTTP transactions from origin servers that contain <code>sports</code> in their names. For example: <code>sports.yahoo.com</code> and <code>www.foxsports.com</code> in a log file called <code>squid-sport.log</code> (the Squid format is enabled). </p>
+ <p><code>sports</code> </p>
+ <h2>
+ <a name="logs_xml.config">logs_xml.config</a> </h2>
+ <p>The <code>logs_xml.config</code> file defines the custom log file formats, filters, and processing options. The format of this file is modeled after <b>XML</b>, the Extensible Markup Language. </p>
+
+ <h3>Format</h3>
+ <p>The <code>logs_xml.config</code> file contains the specifications below: </p>
+ <ul>
+ <li><code> LogFormat</code> specifies the fields to be gathered from each protocol event access.</li>
+ <li><code> LogFilter</code> specifies the filters that are used to include or exclude certain entries being logged based on the value of a field within that entry.</li>
+ <li><code> LogObject</code> specifies an object that contains a particular format, a local filename, filters, and collation servers.</li>
+ </ul>
+ <p>The <code>logs_xml.config</code> file ignores extra white space, blank lines, and all comments.</p>
+
+ <h3>LogFormat</h3>
+ <p>The following table lists <code><b>LogFormat</b></code> specifications. </p>
+ <table border="1">
+ <tr>
+ <th> <p>Field</p></th>
+ <th> <p>Allowed Inputs</p></th>
+ </tr>
+ <tr>
+ <td><p><code><Name = "valid_format_name"/></code></p></td>
+ <td><p>Required. Valid format names include any name except <code>squid</code>, <code>common</code>, <code>extended</code>, or <code>extended2</code>, which are pre-defined formats. There is no default for this tag.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><Format = "valid_format_specification"/></code></p></td>
+ <td><p>Required. A valid format specification is a printf-style string describing each log entry when formatted for ASCII output. Use <code> %< <em> field</em> ></code> as a placeholder for valid field names. For more information, refer to <a href="logfmts.htm#66912"> Custom Logging Fields</a>. </p>
+ <p>The specified field can be one of the following types:
+ </p><ul> <li>Simple. For example: <code>%<cqu><br />
+ </code></li>
+ <li>A field within a container, such as an HTTP header or a statistic. Fields of this type have the syntax: <code> %<{ <em> field</em> } <em> container</em> ></code></li><li>
+ Aggregates, such as <code>COUNT</code>, <code>SUM</code>, <code>AVG</code>, <code>FIRST</code>, <code>LAST</code>. Fields of this type have the syntax: <code> %<operator ( <em> field</em> )></code></li>
+<p><b>Note:</b> You cannot create a format specification that contains both aggregate operators and regular fields.</p></ul></td>
+ </tr>
+ <tr>
+ <td><p><code><Interval = "aggregate_interval_secs"/></code></p></td>
+ <td><p>Use this tag when the format contains aggregate operators. The value "<code>aggregate_interval_secs</code>" represents the number of seconds between individual aggregate values being produced. </p>
+ <p>The valid set of aggregate operators are:<code><br />
+ </code><code>COUNT</code> <code><br />
+ </code><code>SUM</code><code><br />
+ </code><code>AVG</code> <code><br />
+ </code><code>FIRST</code> <code><br />
+ </code><code>LAST</code> </p></td>
+ </tr>
+ </table>
+ <h3>LogFilters</h3>
+ <p> The following table lists the <code><b>LogFilter</b></code> specifications.</p>
+ <table border="1">
+ <tr>
+ <th> <p>Field</p></th>
+ <th> <p>Allowed Inputs</p></th>
+ </tr>
+ <tr>
+ <td><p><code><Name = "valid_filter_name"/></code></p></td>
+ <td><p>Required. All filters must be uniquely named.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><Condition = "valid_log_field valid_operator valid_comparison_value"/></code></p></td>
+ <td><p>Required. This field contains the following elements:</p>
+ <p><code> <b>valid_log_field</b></code> - the field that will be compared against the given value. For more information, refer to <a href="logfmts.htm#63460">Logging Format Cross-Reference</a>.</p>
+ <p><code> <b>valid_operator_field</b></code> - any one of the following: <code> MATCH</code> , <code> CASE_INSENSITIVE_MATCH</code> , <code> CONTAIN</code> , <code> CASE_INSENSITIVE_CONTAIN</code>.
+ </p><ul>
+<li><code>MATCH</code> is true if the field and value are identical (case-sensitive). </li>
+<li><code> CASE_INSENSITIVE_MATCH</code> is similar to <code> MATCH</code>, except that it is case-<b>insensitive</b>. </li>
+<li> <code>CONTAIN</code> is true if the field contains the value (the value is a substring of the field). </li>
+<li> <code>CASE_INSENSITIVE_CONTAIN</code> is a case-insensitive version of <code> CONTAIN</code>.</li> </ul>
+ <p><code> <b>valid_comparison_value</b></code> - any string or integer matching the field type. For integer values, all of the operators are equivalent and mean that the field must be equal to the specified value.</p>
+ <p><b>Note: </b>There are no negative comparison operators. If you want to specify a negative condition, then use the <code> Action</code> field to <code> REJECT</code> the record.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><Action = "valid_action_field"/></code></p></td>
+ <td><p>This instructs Traffic Server to either accept or reject records that satisfy the filter condition. <code><br />
+ </code>Required:<code> ACCEPT</code> or <code> REJECT</code> . </p></td>
+ </tr>
+ </table>
+ <h3>LogObject</h3>
+ <p>The following table lists the <code><b>LogObject</b></code> specifications. </p>
+ <table border="1">
+ <tr>
+ <th> <p>Field</p></th>
+ <th> <p>Allowed Inputs</p></th>
+ </tr>
+ <tr>
+ <td><p><code><Format = "valid_format_name"/></code></p></td>
+ <td><p>Required. Valid format names include the predefined logging formats: <code>squid</code>, <code>common</code>, <code>extended</code>, and <code>extended2</code>, as well as any previously-defined custom log formats. There is no default for this tag.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><Filename = "file_name"/></code></p></td>
+ <td><p>Required. The filename to which the given log file is written on the local file system or on a remote collation server. No local log file will be created if you fail to specify this tag. All filenames are relative to the default logging directory.</p>
+ <p>If the name does not contain an extension (for example, <code> squid</code>), then the extension <code> .log</code> is automatically appended to it for ASCII logs and <code> .blog</code> for binary logs (refer to <a href="files.htm#0_73225">Mode = "valid_logging_mode"</a>). <code><br />
+ </code>If you do not want an extension to be added, then end the filename with a single (.) dot (for example: <code> squid.</code> ).</p></td>
+ </tr>
+ <tr>
+ <td><p><code><Mode = "valid_logging_mode"/></code></p></td>
+ <td><p>Valid logging modes include <code> ascii</code> , <code> binary</code> , and <code> ascii_pipe</code> . The default is <code> ascii</code> .</p>
+ <ul><li>- Use <code> ascii</code> to create event log files in human-readable form (plain ASCII).</li>
+ <li>- Use <code> binary</code> to create event log files in binary format. Binary log files generate lower system overhead and occupy less space on the disk (depending on the information being logged). You must use the <code>logcat</code> utility to translate binary log files to ASCII format before you can read them.</li>
+ <li>- Use <code> ascii_pipe</code> to write log entries to a UNIX named pipe (a buffer in memory). Other processes can then read the data using standard I/O functions. The advantage of using this option is that Traffic Server does not have to write to disk, which frees disk space and bandwidth for other tasks. In addition, writing to a pipe does not stop when logging space is exhausted because the pipe does not use disk space.</li> </ul>
+<p>If you are using a collation server, then the log is written to a pipe on the collation server. A local pipe is created even before a transaction is processed, so you can see the pipe right after Traffic Server starts. Pipes on a collation server, however, <em> are</em> created when Traffic Server starts.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><Filters = "list_of_valid_filter_names"/></code></p></td>
+ <td><p>A comma-separated list of names of any previously-defined log filters. If more than one filter is specified, then all filters must accept a record for the record to be logged.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><Protocols = "list_of_valid_protocols"/></code></p></td>
+ <td><p>A comma-separated list of the protocols this object should log. Valid protocol names for this release are <code>HTTP</code> (FTP is deprecated).</p></td>
+ </tr>
+ <tr>
+ <td><p><code><ServerHosts = "list_of_valid_servers"/></code></p></td>
+ <td><p>A comma-separated list of valid hostnames.This tag indicates that only entries from the named servers will be included in the file. </p></td>
+ </tr>
+ <tr>
+ <td><p><code><CollationHosts = "list_of_valid_hostnames"/></code></p></td>
+ <td><p>A comma-separated list of collation servers to which all log entries (for this object) are forwarded. Collation servers can be specified by name or IP address. Specify the collation port with a colon after the name; for example, <code> host:port</code> .</p></td>
+ </tr>
+ <tr>
+ <td><p><code><Header = "header"/></code></p></td>
+ <td><p>The header text you want the log files to contain. The header text appears at the beginning of the log file, just before the first record.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><RollingEnabled = "truth value"/></code></p></td>
+ <td><p>Enables or disables log file rolling for the <code>LogObject</code>. This setting overrides the value for the <code> <i>proxy.config.log.rolling_enabled</i></code> variable in the <code> records.config</code> file. Set <code> <i>truth value</i></code> to one of the following values:</p>
+ <p><code> 0</code> to disable rolling for this particular <code>LogObject</code>.<br />
+ <code> 1</code> to roll log files at specific intervals during the day (you specify time intervals with the <code> RollingIntervalSec</code> and <code> RollingOffsetHr </code> fields).<br />
+ <code>2</code> to roll log files when they reach a certain size (you specify the size with the<code> RollingSizeMb </code> field).<br />
+ <code>3</code> to roll log files at specific intervals during the day or when they reach a certain size (whichever occurs first).<br />
+ <code>4</code> to roll log files at specific intervals during the day when log files reach a specific size (at a specified time if the file is of the specified size). </p></td>
+ </tr>
+ <tr>
+ <td><p><code><RollingIntervalSec = "seconds"/></code></p></td>
+ <td><p>The seconds between log file rolling for the <code>LogObject</code>; enables you to specify different rolling intervals for different <code>LogObjects</code>. <br />
+ This setting overrides the value for <code> <i>proxy.config.log.rolling_interval_sec </i></code> in the <code> records.config</code> file. </p></td>
+ </tr>
+ <tr>
+ <td><p><code><RollingOffsetHr = "hour"/></code></p></td>
+ <td><p>Specifies an hour (from 0 to 23) at which rolling is guaranteed to align. Rolling might start before then, but a rolled file will be produced only at that time. The impact of this setting is only noticeable if the rolling interval is larger than one hour. <br />
+ This setting overrides the configuration setting for<code> <i>proxy.config.log.rolling_offset_hr </i></code> in the <code> records.config</code> file. </p></td>
+ </tr>
+ <tr>
+ <td><p><code><RollingSizeMb = "size_in_MB"/></code></p></td>
+ <td><p>The size at which log files are rolled.</p></td>
+ </tr>
+ </table>
+ <p>
+ <strong>Examples</strong> </p>
+ <p>The following is an example of a <code><b>LogFormat</b></code> specification that collects information using three common fields:</p>
+ <pre>
+ <LogFormat>
+ <Name = "minimal"/>
+ <Format = "%<chi> : %<cqu> : %<pssc>"/>
+ </LogFormat></pre>
+ <p>The following is an example of a <code><b>LogFormat</b></code> specification that uses aggregate operators:</p>
+ <pre>
+ <LogFormat>
+ <Name = "summary"/>
+ <Format = "%<LAST(cqts)> : %<COUNT(*)> : %<SUM(psql)>"/>
+ <Interval = "10"/>
+ </LogFormat> </pre>
+
+<p> The following is an example of a <code><b>LogFilter</b></code> that will cause only <code>REFRESH_HIT</code> entries to be logged: </p>
+
+ <pre>
+ <LogFilter>
+ <Name = "only_refresh_hits"/>
+ <Action = "ACCEPT"/>
+ <Condition = "%<pssc> MATCH REFRESH_HIT"/><br />
+ </LogFilter> </pre>
+ <p><strong>Note:</strong> When specifying the field in the filter condition, you can omit the<code> %<></code>. This means that the filter below is equivalent to the example directly above:</p>
+
+ <pre>
+ <LogFilter>
+ <Name = "only_refresh_hits"/>
+ <Action = "ACCEPT"/>
+ <Condition = "pssc MATCH REFRESH_HIT"/>
+ </LogFilter> </pre>
+<p> The following is an example of a <code><b>LogObject</b></code> specification that creates a local log file for the minimal format defined earlier. The log filename will be <code>minimal.log</code> because this is an ASCII log file (the default). </p>
+ <pre>
+ <LogObject>
+ <Format = "minimal"/>
+ <Filename = "minimal"/>
+ </LogObject> </pre>
+<p>The following is an example of a <code><b>LogObject</b></code> specification that includes only HTTP requests served by hosts in the domain <code>company.com</code> or by the specific server <code>server.somewhere.com</code>. Log entries are sent to port 4000 of the collation host <code>logs.company.com</code> and to port 5000 of the collation host <code>209.131.52.129. </code></p><code>
+
+ <pre>
+ <LogObject>
+ <Format = "minimal"/>
+ <Filename = "minimal"/>
+ <ServerHosts = "company.com,server.somewhere.com"/>
+ <Protocols = "http"/>
+ <CollationHosts = "logs.company.com:4000,209.131.52.129:5000"/>
+ </LogObject> </pre></code>
+ <h3>WELF</h3>
+ <p>Traffic Server supports WELF (WebTrends Enhanced Log Format) so you can analyze Traffic Server log files with WebTrends reporting tools. A predefined <code><LogFormat></code> that is compatible with WELF is provided at the end of the <code><code>logs.config</code></code> file (shown below). To create a WELF format log file, create a <code><code><LogObject></code></code> that uses this predefined format.</p><code>
+ <pre>
+ <LogFormat>
+ <Name = "welf"/>
+ <Format = "id=firewall time=\"%<cqtd> %<cqtt>\" fw=%<phn> pri=6
+ proto=%<cqus> duration=%<ttmsf> sent=%<psql> rcvd=%<cqhl>
+ src=%<chi> dst=%<shi> dstname=%<shn> user=%<caun> op=%<cqhm>
+ arg=\"%<cqup>\" result=%<pssc> ref=\"%<{Referer}cqh>\"
+ agent=\"%<{user-agent}cqh>\" cache=%<crc>"/>
+ </LogFormat>
+</pre></code>
+<h2>
+<a name="parent.config">parent.config</a></h2>
+ <p>The <code>parent.config</code> file identifies the parent proxies used in an cache hierarchy. Use this file to perform the following configuration: </p>
+ <ul>
+ <li>Set up parent cache hierarchies, with multiple parents and parent failover</li>
+ <li>Configure selected URL requests to bypass parent proxies </li>
+ </ul>
+ <p>Traffic Server uses the <code>parent.config</code> file only when the parent caching option is enabled (refer to <a href="hier.htm">Configuring Traffic Server to Use a Parent Cache</a>).</p>
+ <p><strong>IMPORTANT:</strong> After you modify the <code>parent.config</code> file, navigate to the Traffic Server<code> bin</code> directory and run the <code>traffic_line -x</code> command to apply your changes. When you apply the changes to one node in a cluster, Traffic Server automatically applies the changes to all other nodes in the cluster. </p>
+
+ <h3>Format</h3>
+ <p>Each line in the <code>parent.config</code> file must contain a parent caching rule. Traffic Server recognizes three space-delimited tags: <br />
+ <code><em>primary_destination</em>=<em>value secondary_specifier</em>=<em>value action</em>=<em>value</em> </code></p>
+<p>The following table lists the possible primary destinations and their allowed values. </p>
+ <table border="1">
+ <tr>
+ <th> <p>Primary Destination</p></th>
+ <th> <p>Allowed Value</p></th>
+ </tr>
+ <tr>
+ <td><p><i><code> dest_domain</code> </i></p></td>
+ <td><p>A requested domain name.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> dest_host</code> </i></p></td>
+ <td><p>A requested hostname. </p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> dest_ip</code> </i></p></td>
+ <td><p>A requested IP address or range of IP addresses separated by a dash (-).</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> url_regex</code> </i></p></td>
+ <td><p>A regular expression (regex) to be found in a URL</p></td>
+ </tr>
+ </table>
+ <p>The secondary specifiers are optional in the <code>parent.config</code> file. The following table lists the possible secondary specifiers and their allowed values. </p>
+<table border="1">
+ <tr>
+ <th> <p>Secondary Specifiers </p></th>
+ <th> <p>Allowed Value</p></th>
+ </tr>
+ <tr>
+ <td><p><i><code> port</code> </i></p></td>
+ <td><p>A requested URL port.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> scheme</code> </i></p></td>
+ <td><p>A request URL protocol: <code>http</code> or <code>https</code>.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> prefix</code> </i></p></td>
+ <td><p>A prefix in the path part of a URL.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> suffix</code> </i></p></td>
+ <td><p>A file suffix in the URL.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> method</code> </i></p></td>
+ <td><p>A request URL method. It can be one of the following:<br />
+<code>get</code> <br />
+ <code>post</code> <br />
+ <code>put</code> <br />
+ <code>trace</code> </p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> time</code> </i></p></td>
+ <td><p>A time range, such as 08:00-14:00, during which the parent cache is used to serve requests.</p></td>
+ </tr>
+ <tr>
+ <td><p><i><code> src_ip</code> </i></p></td>
+ <td><p>A client IP address.</p></td>
+ </tr>
+ </table>
+<p>The following tables lists the possible actions and their allowed values.</p>
+ <table border="1">
+ <tr>
+ <th> <p>Action</p></th>
+ <th> <p>Allowed Value</p></th>
+ </tr>
+ <tr>
+ <td><p><code> parent</code> </p></td>
+ <td><p>An ordered list of parent servers. If the request cannot be handled by the last parent server in the list, then it will be routed to the origin server. You can specify either a hostname or an IP address, but; you must specify the port number.</p></td>
+ </tr>
+ <tr>
+ <td><p><code> round_robin</code> </p></td>
+ <td><p>One of the following values:</p>
+ <p><code> true</code> - Traffic Server goes through the parent cache list in a round robin-based on client IP address.<br />
+ <code>strict</code> - Traffic Server machines serve requests strictly in turn. For example: machine <code> proxy1</code> serves the first request, <code> proxy2</code> serves the second request, and so on.<br />
+ <code>false</code> - Round robin selection does not occur.</p></td>
+ </tr>
+ <tr>
+ <td><p><code> go_direct</code> </p></td>
+ <td><p>One of the following values:</p>
+ <p><code> true</code> - requests bypass parent hierarchies and go directly to the origin server.<br />
+ <code>false</code> - requests do not bypass parent hierarchies.</p></td>
+ </tr>
+ </table>
+ <h3>Examples</h3>
+ <p>The following rule configures a parent cache hierarchy consisting of Traffic Server (which is the child) and two parents, <code>p1.x.com</code> and <code>p2.x.com</code>. Traffic Server forwards the requests it cannot serve to the parent servers <code>p1.x.com</code> and <code>p2.x.com</code> in a round-robin fashion because:<code><br />
+ </code> <code>round_robin=true. <br />
+ </code><code>dest_domain=. method=get parent=âp1.x.com:8080; p2.y.com:8080â round_robin=true </code></p>
+ <code></code>
+ <p>The following rule configures Traffic Server to route all requests containing the regular expression <code>politics</code> and the path /<code>viewpoint</code> directly to the origin server (bypassing any parent hierarchies): <br />
+ <code>url_regex=politics prefix=/viewpoint go_direct=true </code></p>
+<p>Every line in the <code>parent.config</code> file must contain either a <code>parent=</code> or <code>go_direct=</code> directive.</p>
+ <h2>
+ <a name="partition.config">partition.config</a> </h2>
+ <p>The <code>partition.config</code> file enables you to manage your cache space more efficiently and restrict disk usage by creating cache partitions of different sizes for specific protocols. You can further configure these partitions to store data from certain origin servers and/or domains in the<code> </code><a href="#hosting.config">hosting.config</a> file. </p>
+ <p><strong>IMPORTANT: </strong> The partition configuration must be the same on all nodes in a cluster. You must stop Traffic Server before you change the cache partition size and protocol assignment. For step-by-step instructions about partitioning the cache, refer to <a href="cache.htm">Partitioning the Cache</a>. </p>
+<h3>Format</h3>
+ <p>For each partition you want to create, enter a line with the following format: <br />
+ <code>partition=<em>partition_number</em> scheme=<em>protocol_type</em> size=<em>partition_size</em></code></p>
+ <p>where <code><i>partition_number </i></code> is a number between 1 and 255 (the maximum number of partitions is 255) and
+ <code><i>protocol_type </i></code> is <code>http</code>. Traffic Server supports <code>http</code> for HTTP partition types; <code><i>partition_size </i></code> is the amount of cache space allocated to the partition. This value can be either a percentage of the total cache space or an absolute value. The absolute value must be a multiple of 128 MB, where 128 MB is the smallest value. If you specify a percentage, then the size is rounded down to the closest multiple of 128 MB. </p>
+<p>Each partition is striped across several disks to achieve parallel I/O. For example: if there are four disks, then a 1-GB partition will have 256 MB on each disk (assuming each disk has enough free space available). If you do not allocate all the disk space in the cache, then the extra disk space is not used. You can use the extra space later to create new partitions without deleting and clearing the existing partitions. </p>
+<h3>Examples</h3>
+ <p>The following example partitions the cache evenly between HTTP and HTTPS requests: </p>
+ <p>
+ <code>partition=<em>1</em> scheme=http size=50% <br />
+ </code><code>partition=<em>2</em> scheme=https size=50% </code></p>
+<h2>
+<a name="records.config">records.config</a></h2>
+ <p>The <code>records.config</code> file is a list of configurable variables used by the Traffic Server software. Many of the variables in the <code>records.config</code> file are set automatically when you set configuration options in Traffic Line or Traffic Shell. After you modify the <code>records.config</code> file, navigate to the Traffic Server<code> bin</code> directory and run the command <code>traffic_line -x</code> to apply the changes. When you apply changes to one node in a cluster, Traffic Server automatically applies the changes to all other nodes in the cluster.</p>
+ <h3>Format</h3>
+ <p>Each variable has the following format: <code><br />
+ CONFIG <em>variable_name</em> DATATYPE <em>variable_value</em> </code></p>
+<p>where <code>DATATYPE</code> is <code>INT</code> (integer), <code>STRING</code> (string), or <code>FLOAT</code> (floating point). </p>
+
+ <h3>Examples</h3>
+ <p>In the following example, the variable<code> <i>proxy.config.proxy_name </i></code> is a <code>STRING</code> datatype with the value <code>my_server</code>. This means that the name of the Traffic Server proxy is <code>my_server</code>.<br />
+<code>CONFIG proxy.config.proxy_name STRING my_server </code></p>
+ <p>In the following example, the variable <code><em>proxy.config.arm.enabled </em></code>is a yes/no flag. A value of <code>0</code> (zero) disables the option; a value of <code>1</code> enables the option. <br />
+<code>CONFIG proxy.config.arm.enabled INT 0 </code></p>
+ <p>In the following example, the variable sets the cluster startup timeout to 10 seconds. <br />
+ <code>CONFIG proxy.config.cluster.startup_timeout INT 10 </code></p>
+ <h3>
+ <a name="config_var">Configuration Variables</a> </h3>
+ <p>The following table describes the configuration variables listed in the <code>records.config</code> file.</p>
+ <table border="1">
+ <tr>
+ <th width="488"> <p>Configuration Variable<br />
+ Data Type</p> </th>
+ <th width="210"> <p>Default Value</p></th>
+ <th width="632"> <p>Description</p></th>
+ </tr>
+ <tr>
+ <td rowspan="1" colspan="3"><strong><a name="records.config.system">System Variables</a></strong></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.proxy_name</i></code></p>
+ <p><code>STRING </code></p></td>
+ <td><p><code></code> </p></td>
+ <td><p>The name of the Traffic Server node.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.bin_path</i></code></p>
+ <p><code>STRING </code></p></td>
+ <td><p><code>bin</code></p></td>
+ <td><p>The location of the Traffic Server <code> bin</code> directory.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.proxy_binary </i></code></p>
+ <p><code>STRING</code></p></td>
+ <td><p><code>traffic_server </code></p></td>
+ <td><p>The name of the executable that runs the <code>traffic_server</code> process.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.proxy_binary_opts</i></code></p>
+ <p><code>STRING</code></p></td>
+ <td><p><code>-M</code></p></td>
+ <td><p>The command-line options for starting Traffic Server.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.manager_binary</i></code></p>
+ <p><code>STRING</code></p></td>
+ <td><p><code>traffic_manager</code></p></td>
+ <td><p>The name of the executable that runs the <code>traffic_manager</code> process.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.cli_binary</i></code></p>
+ <p><code>STRING</code></p></td>
+ <td><p><code>traffic_line </code></p>
+ <p> </p></td>
+ <td><p>The name of the executable that runs the command-line interface (Traffic Line).</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.watch_script</i></code></p>
+ <p><code>STRING</code></p></td>
+ <td><p><code>traffic_cop </code></p></td>
+ <td><p>The name of the executable that runs the <code>traffic_cop</code> process.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.env_prep</i></code></p>
+ <p><code>STRING</code></p></td>
+ <td><p><code>example_prep.sh</code></p>
+ <p> </p></td>
+ <td><p>The script executed before the <code>traffic_manager</code> process spawns the <code>traffic_server</code> process.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.config_dir</i></code></p>
+ <p><code>STRING</code></p></td>
+ <td><p><code>config</code></p></td>
+ <td><p>The directory that contains Traffic Server configuration files.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.temp_dir </i></code></p>
+ <p><code>STRING</code></p></td>
+ <td><p><code>/tmp</code></p></td>
+ <td><p>The directory used for Traffic Server temporary files.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.alarm_email</i></code></p>
+ <p><code>STRING</code></p></td>
+ <td><p> </p></td>
+ <td><p>The email address to which Traffic Server sends alarm messages.</p>
+ <p>During a custom Traffic Server installation, you can specify the email address; otherwise, Traffic Server uses the Traffic Server user account name as the default value for this variable.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.syslog_facility</i></code></p>
+ <p><code>STRING</code></p></td>
+ <td><p><code>LOG_DAEMON</code></p></td>
+ <td><p>The facility used to record system log files.</p>
+ <p>Refer to <a href="log.htm#UnderstandingTrafficEdgeLogFiles">Understanding Traffic Server Log Files</a>.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.cop.core_signal</i></code></p>
+ <p><code>INT</code></p></td>
+ <td><p><code>0</code></p></td>
+ <td><p>The signal sent to <code>traffic_cop</code>'s managed processes to stop them. </p>
+ <p>0 = no signal is sent.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.cop.linux_min_swapfree_kb</i></code></p>
+ <p><code>INT</code></p></td>
+ <td><p><code>10240</code></p></td>
+ <td><p>The minimum amount of free swap space allowed before Traffic Server stops the <code>traffic_server </code>and <code>traffic_manager</code> processes to prevent the system from hanging. </p>
+ <p>This configuration variable applies if swap is enabled in Linux 2.2 only.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.cop.linux_min_memfree_kb</i></code></p>
+ <p><code>INT</code></p></td>
+ <td><p><code>10240</code></p></td>
+ <td><p>The minimum amount of free memory allowed before Traffic Server stops the<code> traffic_server</code> and <code>traffic_manager</code> processes to prevent the system from hanging.</p>
+ <p>This configuration variable applies if swap is <em> disabled </em> in Linux 2.2 only.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.output.logfile</i></code></p>
+ <p><code>STRING</code></p></td>
+ <td><p><code>traffic.out</code></p></td>
+ <td><p>The name and location of the file that contains warnings, status messages, and error messages produced by the Traffic Server processes.</p>
+ <p>If no path is specified, then Traffic Server creates the file in its logging directory.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.snapshot_dir</i></code></p>
+ <p><code>STRING</code></p></td>
+ <td><p><code>snapshots</code></p></td>
+ <td><p>The directory in which Traffic Server stores configuration snapshots on the local system. Unless you specify an absolute path, this directory is located in the Traffic Server <code> config</code> directory.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.accept_threads</i></code></p>
+ <p><code>INT</code></p></td>
+ <td><code>0</code></td>
+ <td>When enabled (<code>1</code>), runs a separate thread for accept processing. If disabled (<code>0</code>), then only 1 thread can be created.</td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.thread.default.stacksize</i></code></p>
+ <p><code>INT</code></p></td>
+ <td><code>1096908</code></td>
+ <td>The new default thread stack size, for all threads. The original default is set at 1 MB.</td>
+ </tr>
+ <tr>
+ <td rowspan="1" colspan="3"><strong><a name="records.config.local">Local Manager</a></strong></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.lm.sem_id </i></code></p>
+ <p><code>INT</code></p></td>
+ <td><p><code>11452</code></p></td>
+ <td><p>The semaphore ID for the local manager.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.local.cluster.type</i></code></p>
+ <p><code>INT</code></p></td>
+ <td><p><code>3</code></p></td>
+ <td><p>Sets the clustering mode:</p>
+ <p><code>1</code> = full-clustering mode<br />
+ <code>2</code> = management-only mode<br />
+ <code>3</code> = no clustering</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.cluster.rsport</i></code></p>
+ <p><code>INT</code></p></td>
+ <td><p><code>8088</code></p></td>
+ <td><p>The reliable service port. The reliable service port is used to send configuration information between the nodes in a cluster. All nodes in a cluster must use the same reliable service port.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.admin.autoconf_port </i></code></p>
+ <p><code>INT</code></p></td>
+ <td><p><code>8083</code></p></td>
+ <td><p>The autoconfiguration port.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.admin.overseer_port </i></code></p>
+ <p><code>INT</code></p></td>
+ <td><p><code>8082</code></p></td>
+ <td><p>The port used for retrieving and setting statistics and configuration variables.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.admin.number_config_bak</i></code></p>
+ <p><code>INT</code></p></td>
+ <td><p><code>3</code></p></td>
+ <td><p>The maximum number of copies of rolled configuration files to keep.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.admin.admin_password</i></code></p>
+ <p><code>STRING</code></p></td>
+ <td></td>
+ <td>Specifies the encrypted administrator password that controls access to Traffic Manager. The format can be recreated with:<br />
+ <code>#!/usr/bin/php<br />
+ <?php<br />
+ $foo = md5('admin',true); <br />
+ echo strtoupper(substr(bin2hex($foo),0,23)) . "\n";<br />
+ ?></code><br>
+ or <br><code>perl -MDigest::MD5 -e 'print uc(substr(Digest::MD5::md5_hex($ARGV[0]), 0, 23)), "\n"' admin;</code><br>
+ Note that the web interface is not being maintained.</td>
+ </tr>
+ <tr>
+ <tr>
+ <td><p><code><i>proxy.config.admin.user_id </i></code></p>
+ <p><code>STRING</code></p></td>
+ <td><p><code>nobody</code></p></td>
+ <td><p>Option used to specify who to run the <code>traffic_server </code>process as; also used to specify ownership of config and log files.</p>
+ <p>The nonprivileged user account designated to Traffic Server.</p><p>As of version 2.1.1 if the user_id is prefixed with pound character (#) the remaining of the
+string is considered to be <a href="http://en.wikipedia.org/wiki/User_identifier">numeric user identifier</a>. If the value is set to '#-1' Traffic Server will not change the user during startup.</p><p>
+Setting user_id to 'root' or '#0' is now forbidden to increase security. Trying to do so, will cause the traffic_server fatal failure. However there are two ways to bypass that restriction:
+<li>Specify -DBIG_SECURITY_HOLE in CXXFLAGS during compilation</li>
+<li>Set the user_id=#-1 and start trafficserver as root.</li>
+</p></td>
+ </tr>
+ <tr>
+ <td rowspan="1" colspan="3"><strong><a name="records.config.process">Process Manager</a></strong></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.process_manager.mgmt_port</i></code></p>
+ <p><code>INT</code></p></td>
+ <td><p><code>8084</code></p></td>
+ <td><p>The port used for internal communication between the <code>traffic_manager</code> and <code>traffic_server</code> processes.</p></td>
+ </tr>
+ <tr>
+ <td rowspan="1" colspan="3"><strong><a name="records.config.alarm">Alarm Configuration</a></strong></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.alarm.bin</i></code></p>
+ <p><code>STRING</code></p></td>
+ <td><p><code>example_alarm_bin.sh </code></p></td>
+ <td><p>Name of the script file that can execute certain actions when an alarm is signaled. The default file is a sample script named <code> example_alarm_bin.sh</code> located in the <code> bin</code> directory. You must edit the script to suit your needs.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.alarm.abs_path</i></code></p>
+ <p><code>STRING</code></p></td>
+ <td><p><code>NULL</code></p></td>
+ <td><p>The full path to the script file that sends email to alert someone about Traffic Server problems.</p></td>
+ </tr>
+ <tr>
+ <td rowspan="1" colspan="3"><strong><a name="records.config.auth">Authentication Basic Realm</a></strong></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.proxy.authenticate.basic.realm</i></code></p></td>
+ <td><p><code>NULL</code></p></td>
+ <td><p>The authentication realm name. If the default of <code> NULL</code> is specified, then<code> traffic_edge</code> is used.</p></td>
+ </tr>
+ <tr>
+ <td rowspan="1" colspan="3"><p><strong>HTTP Engine</strong></p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.http.server_port</i></code></p>
+ <p><code>INT</code></p></td>
+ <td><p><code>8080</code></p></td>
+ <td><p>The port that Traffic Server uses when acting as a web proxy server for web traffic.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.http.server_port_attr </i></code></p>
+ <p><code>STRING</code></p></td>
+ <td><p><code>X</code></p></td>
+ <td><p>The server port options. You can specify one of the following:</p>
+ <p><code>C=SERVER_PORT_COMPRESSED<br />
+ </code><code>X=SERVER_PORT_DEFAULT<br />
+ </code><code>T=SERVER_PORT_BLIND_TUNNEL</code></p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.http.server_other_ports </i></code></p>
+ <p><code>STRING</code></p></td>
+ <td><p><code>NULL</code></p></td>
+ <td><p>The ports other than the port specified by the variable <i><code>proxy.config.http.server_port</code></i> to bind for incoming HTTP requests. Example: <code><i>CONFIG proxy.config.http.server_other_ports STRING 6060:X 9090:X</i></code> would listed to ports 6060, 9090, and the port specified by <code><i>proxy.config.http.server_port</i></code>.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.http.ssl_ports</i></code></p>
+ <p><code>STRING</code></p></td>
+ <td><p><code>443 563</code></p></td>
+ <td><p>The range of ports used for tunneling. Traffic Server allows tunnels only to the specified ports. </p>
+ <p> For example: to retrieve an object using HTTPS via Traffic Server, a tunnel must be established to an origin server via Traffic Server.</p></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.http.insert_request_via_str </i></code></p>
+ <p><code>INT</code></p></td>
+ <td><p><code>1</code></p></td>
+ <td><p>You can specify one of the following:</p>
+ <p><code>0</code> = no extra information is added to the string.<br />
+ <code>1</code> = all extra information is added.<br />
+ <code>2</code> = some extra information is added.</p>
+ Note: the Via: header string interpretation is <a href="trouble.htm#interpret_via_header">documented here.</a></td>
+ </tr>
+ <tr>
+ <td><p><code><i>proxy.config.http.insert_response_via_str </i></code></p>
+ <p><code>INT</code></p></td>
+ <td><p><code>1</code></p></td>
+ <td><p>You can specify one of the following:</p>
+ <p><code>0</code><code> </code>= no extra information is added to the string.<br />
+ <code>1 </code>= all extra information is added.<br />
[... 1768 lines stripped ...]