You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by ig...@apache.org on 2011/03/23 03:56:50 UTC
svn commit: r1084466 [8/20] -
/trafficserver/site/branches/ats-cms/content/docs/trunk/admin/configuration-files/
Modified: trafficserver/site/branches/ats-cms/content/docs/trunk/admin/configuration-files/ip_allow.config.en.mdtext
URL: http://svn.apache.org/viewvc/trafficserver/site/branches/ats-cms/content/docs/trunk/admin/configuration-files/ip_allow.config.en.mdtext?rev=1084466&r1=1084465&r2=1084466&view=diff
==============================================================================
--- trafficserver/site/branches/ats-cms/content/docs/trunk/admin/configuration-files/ip_allow.config.en.mdtext (original)
+++ trafficserver/site/branches/ats-cms/content/docs/trunk/admin/configuration-files/ip_allow.config.en.mdtext Wed Mar 23 02:56:50 2011
@@ -1,4 +1,4 @@
-Title: Configuration Files
+Title: Configuration Files - ip_allow.config
Notice: Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
@@ -16,523 +16,7 @@ Notice: Licensed to the Apache Softwa
specific language governing permissions and limitations
under the License.
-Available Languages: [LANG]
-
-# Appendix E - Configuration Files # {#files}
-
-This appendix describes Traffic Server configuration files that you can edit.
-
-[TOC]
-
-
-## bypass.config ## {#bypass.config}
-
-The bypass.config file contains static bypass rules that Traffic Server
-uses in transparent proxy caching mode. Static bypass rules instruct
-Traffic Server to bypass certain incoming client requests so they are
-served by the origin server. The bypass.config file also accepts
-[Dynamic Deny Bypass Rules](#dynamic.deny_bypass).
-
-You can configure three types of static bypass rules:
-- **Source bypass rules** configure Traffic Server to bypass a particular
- source IP address or range of IP addresses. For example: bypass
- clients that do not want to use caching.
-- **Destination bypass rules** configure Traffic Server to bypass a
- particular destination IP address or range of IP addresses. For
- example: bypass origin servers that use IP authentication based on the
- client's real IP address.
- **IMPORTANT:** Destination bypass rules prevent Traffic Server from
- caching an entire site. You will experience hit rate impacts if the
- site you bypass is popular.
-- **Source/destination pair bypass rules** configure Traffic Server to
- bypass requests that originate from the specified source to the
- specified destination. For example: route around specific
- client-server pairs that experience broken IP authentication or
- out-of-band HTTP traffic problems when cached. Source/destination
- bypass rules can be preferable to destination rules because they block
- a destination server only for users that experience problems.
-
-**IMPORTANT:** After you modify the bypass.config file, you must restart
-Traffic Server.
-
-
-#### Format ####
-
-Bypass rules follow the format below:
-
- bypass src ipaddress | dst ipaddress | src ipaddress AND dst ipaddress
-
-The following list describes the variables.
-
-`src` *`ipaddress`*
-: Specifies the source (client) IP address in incoming requests Traffic
- Server must bypass.
-
- The variable ipaddress can be one of the following:
-
- - A simple IP address, such as 123.45.67.8
- - In CIDR (Classless Inter-Domain Routing) format, such as 1.1.1.0/24
- - A range separated by a dash, such as 1.1.1.1-2.2.2.2
- - Any combination of the above separated by commas, such as 1.1.1.0/24,
- 25.25.25.25, 123.1.23.1-123.1.23.123
-
-`dst` *`ipaddress`*
-: Specifies the destination (origin server) IP address in incoming
- requests Traffic Server must bypass.
-
- The variable ipaddress can be one of the following:
-
- - A simple IP address, such as 123.45.67.8
- - In CIDR (Classless Inter-Domain Routing) format, such as 1.1.1.0/24
- - A range separated by a dash, such as 1.1.1.1-2.2.2.2
- - Any combination of the above separated by commas, such as 1.1.1.0/24,
- 25.25.25.25, 123.1.23.1-123.1.23.123
-
-`src` *`ipaddress`* `AND dst` *`ipaddress`*
-: Specifies the source and destination IP address pair Traffic Server must
- bypass.
-
-The variable ipaddress must be a single IP address, such as 123.45.67.8
-
-
-#### Dynamic Deny Bypass Rules #### {#dynamic.bypass\_rules}
-
-In addition to static bypass rules, the bypass.config file also accepts
-dynamic deny bypass rules that prevent Traffic Server from bypassing
-certain incoming client requests dynamically (a deny bypass rule can
-prevent Traffic Server from bypassing itself). Dynamic deny bypass rules
-can be source, destination, or source/destination and have the following
-format:
-
- deny_dyn_bypass src ipaddress | dst ipaddress | src ipaddresss AND ipaddress
-
-For a description of the options, refer to the table above. For the
-dynamic deny bypass rules to work, you must set the variable
-`proxy.config.arm.bypass_dynamic_enabled` to `1` in the
-[records.config](#records.config) file.
-
-**IMPORTANT:** Static bypass rules overwrite dynamic deny bypass rules. If a
-static bypass rule and a dynamic bypass rule contain the same IP address,
-then the dynamic deny bypass rule will be ignored.
-
-
-#### Examples ####
-
-The following example shows source, destination, and source/destination
-**bypass rules**:
-
- bypass src 1.1.1.0/24, 25.25.25.25, 128.252.11.11-128.252.11.255
- bypass dst 24.24.24.0/24
- bypass src 25.25.25.25 AND dst 24.24.24.0
-
-The following example shows source, destination, and source/destination
-**dynamic deny bypass rules**:
-
- deny_dyn_bypass src 128.252.11.11-128.252.11.255
- deny_dyn_bypass dst 111.111.11.1
- deny_dyn_bypass src 111.11.11.1 AND dst 111.11.1.1
-
-
-
-## cache.config ## {#cache.config}
-
-The cache.config file defines how Traffic Server caches web objects. You
-can add caching rules to specify the following:
-- Not to cache objects from specific IP addresses
-- How long to pin particular objects in the cache
-- How long to consider cached objects as fresh
-- Whether to ignore no-cache directives from the server
-
-**IMPORTANT:** After you modify the `cache.config file`, navigate to the Traffic
-Server bin directory; then run the `traffic_line -x` command to apply
-changes. When you apply the changes to a node in a cluster, Traffic Server
-automatically applies the changes to all other nodes in the cluster.
-
-
-#### Format ####
-
-Each line in the cache.config file contains a caching rule. Traffic Server
-recognizes three space-delimited tags:
-
- primary_destination=value secondary_specifier=value action=value
-
-You can use more than one secondary specifier in a rule. However, you
-cannot repeat a secondary specifier.
-The following list shows the possible primary destinations with allowed values.
-
-*`dest_domain`*
-: A requested domain name. Traffic Server matches the domain name of the
- destination from the URL in the request.
-
-*`dest_host`*
-: A requested hostname. Traffic Server matches the hostname of the
- destination from the URL in the request.
-
-*`dest_ip`*
-: A requested IP address. Traffic Server matches the IP address of the
- destination in the request.
-
-*`url_regex`*
-: A regular expression (regex) to be found in a URL.
-
-
-The secondary specifiers are optional in the cache.config file. The
-following list shows possible secondary specifiers with allowed values.
-
-*`port`*
-: A requested URL port.
-
-*`scheme`*
-: A request URL protocol: http or https.
-
-*`prefix`*
-: A prefix in the path part of a URL.
-
-*`suffix`*
-: A file suffix in the URL.
-
-*`method`*
-: A request URL method: get, put, post, trace.
-
-*`time`*
-: A time range, such as 08:00-14:00.
-
-*`src_ip`*
-: A client IP address.
-
-
-The following list shows possible actions and their allowed values.
-
-*`action`*
-: One of the following values:
-
- `never-cache` configures Traffic Server to never cache specified objects.
- `ignore-no-cache` configures Traffic Server to ignore all
- `Cache-Control: no-cache` headers.
- `ignore-client-no-cache` configures Traffic Server to ignore
- `Cache-Control: no-cache` headers from client requests.
- `ignore-server-no-cache` configures Traffic Server to ignore
- `Cache-Control: no-cache` headers from origin server responses.
-
-*`pin-in-cache`*
-: The amount of time you want to keep the object(s) in the cache. The
- following time formats are allowed:
-
- `d` for days; for example: 2d
- `h` for hours; for example: 10h
- `m` for minutes; for example: 5m
- `s` for seconds; for example: 20s
- mixed units; for example: 1h15m20s
-
-*`revalidate`*
-: The amount of time object(s) are to be considered fresh. Use the same
- time formats as `pin-in-cache`.
-
-*`ttl-in-cache`*
-: The amount of time object(s) are to be kept in the cache, regardless of
- Cache-Control response headers. Use the same time formats as
- pin-in-cache and revalidate .
-
-
-#### Examples ####
-
-The following example configures Traffic Server to revalidate `gif` and `jpeg`
-objects in the domain `mydomain.com` every 6 hours, and all other objects in
-`mydomain.com` every hour. The rules are applied in the order listed.
-
- dest_domain=mydomain.com suffix=gif revalidate=6h
- dest_domain=mydomain.com suffix=jpeg revalidate=6h
- dest_domain=mydomain.com revalidate=1h
-
-
-## congestion.config ## {#congestion.config}
-
-The `congestion.config` file enables you to configure Traffic Server to stop
-forwarding HTTP requests to origin servers when they become congested, and
-then send the client a message to retry the congested origin server later.
-After you modify the `congestion.control` file, navigate to the Traffic
-Server bin directory; then run the `traffic_line -x` command to apply
-changes. When you apply the changes to a node in a cluster, Traffic Server
-automatically applies the changes to all other nodes in the cluster.
-Traffic Server uses the `congestion.config` file only if you enable the
-[Congestion Control](http#UsingCongestionControl) option.
-
-You can create rules in the congestion.config file to specify:
-- Which origin servers Traffic Server tracks for congestion.
-- The timeouts Traffic Server uses, depending on whether a server is
- congested.
-- The page Traffic Server sends to the client when a server becomes
- congested.
-- If Traffic Server tracks the origin servers per IP address or per
- hostname.
-
-
-#### Format ####
-
-Each line in `congestion.config` must follow the format below. Traffic
-Server applies the rules in the order listed, starting at the top of the
-file.
-Traffic Server recognizes three space-delimited tags:
-
- primary_destination=value secondary_specifier=value action=value
-
-The following list shows possible primary destinations with allowed
-values.
-
-*`dest_domain`*
-: A requested domain name.
-
-*`dest_host`*
-: A requested hostname.
-
-*`dest_ip`*
-: A requested IP address.
-
-*`url_regex`*
-: A regular expression (regex) to be found in a URL.
-
-The secondary specifiers are optional in the congestion.config file. The
-following list shows possible secondary specifiers with allowed values.
-You can use more than one secondary specifier in a rule; however, you
-cannot repeat a secondary specifier.
-
-*`port`*
-: A requested URL port or range of ports.
-
-*`prefix`*
-: A prefix in the path part of a URL.
-
-The following list shows the possible tags and their allowed values.
-
-*`max_connection_failures`*
-: Default: `5`
-: The maximum number of connection failures allowed within the fail
- window described below before Traffic Server marks the origin server as
- congested.
-
-*`fail_window`*
-: Default: `120` seconds.
-: The time period during which the maximum number of connection failures
- can occur before Traffic Server marks the origin server as congested.
-
-*`proxy_retry_interval`*
-: Default: `10` seconds.
-: The number of seconds that Traffic Server waits before contacting a
- congested origin server again.
-
-*`client_wait_interval`*
-: Default: `300` seconds.
-: The number of seconds that the client is advised to wait before
- retrying the congested origin server.
-
-*`wait_interval_alpha`*
-: Default: `30` seconds
-: The upper limit for a random number that is added to the wait interval.
-
-*`live_os_conn_timeout`*
-: Default: `60` seconds.
-: The connection timeout to the live (uncongested) origin server.
- If a client stops a request before the timeout occurs, then Traffic
- Server does not record a connection failure.
-
-*`live_os_conn_retries`*
-: Default: `2`
-: The maximum number of retries allowed to the live (uncongested) origin
- server.
-
-*`dead_os_conn_timeout`*
-: Default: `15` secondsj
-: The connection timeout to the congested origin server.
-
-*`dead_os_conn_retries`*
-: Default: `1`
-: The maximum number of retries allowed to the congested origin server.
-
-*`max_connection`*
-: Default: `-1`
-: The maximum number of connections allowed from Traffic Server to the
- origin server.
-
-*`error_page`*
-: Default: `"congestion#retryAfter"`
-: The error page sent to the client when a server is congested. You must
- enclose the value in quotes;
-
-*`congestion_scheme`*
-: Default: `"per_ip"`
-: Specifies if Traffic Server applies the rule on a per-host (`"per_host"`)
- or per-IP basis (`"per_ip"`). You must enclose the value in quotes.
-
- For example: if the server `www.host1.com` has two IP addresses and you
- use the tag value `"per_ip"`, then each IP address has its own number of
- connection failures and is marked as congested independently. If you
- use the tag value `"per_host"` and the server `www.host1.com` is marked as
- congested, then both IP addresses are marked as congested.
-
-
-#### Examples ####
-
-The following `congestion.config` rule configures Traffic Server to stop
-forwarding requests to the server `www.host.com` on port 80 (HTTP traffic)
-if the server is congested, according to the timeouts specified. Traffic
-Server uses the default tag values because no tag has been specified.
-
- dest_host=www.host.com port=80
-
-You can use one or more tags in a rule, but each tag must have one value
-only. If you specify no tags in the rule, then Traffic Server uses the
-default values.
-
-You can override any of the default tag values by adding configuration
-variables at the end of `records.config` as follows:
-
- CONFIG proxy.config.http.congestion_control.default.tag INT|STRING value
-
-where tag is one of the tags described in the table under
-[congestion.config](#congestion.config) and value is the value you want to use.
-
-For example:
-
- CONFIG proxy.config.http.congestion_control.default.congestion_scheme STRING per_host
-
-**IMPORTANT:** Rules in the congestion.config file override the following
-variables in the records.config file:
-
- proxy.config.http.connect_attempts_max_retries
- proxy.config.http.connect_attempts_max_retries_dead_server
- proxy.config.http.connect_attempts_rr_retries
- proxy.config.http.connect_attempts_timeout
- proxy.config.http.down_server.cache_time
- proxy.config.http.down_server.abort_threshold
-
-
-
-## hosting.config ## {#hosting.config}
-
-The `hosting.config` file enables you to assign cache partitions to specific
-origin servers and/or domains so that you can manage cache space
-efficiently and restrict disk usage. For step-by-step instructions on
-partitioning the cache according to origin servers and/or domains, refer
-to [Partitioning the Cache](cache) According to Origin Server or Domain.
-Before you can assign cache partitions to specific origin servers and/or
-domains, you must first partition your cache according to size and
-protocol in the [partition.config](#partition.config) file.
-For step-by-step instructions about partitioning your cache, refer to
-[Partitioning the Cache](cache). For a description of the
-`partition.config` file, refer to [partition.config](#partition.config).
-
-After you modify hosting.config, navigate to the Traffic Server bin
-directory and run the `traffic_line -x` command to apply your changes. When
-you apply the changes to a node in a cluster, Traffic Server automatically
-applies the changes to all other nodes in the cluster.
-
-**IMPORTANT:** The partition configuration must be the same on all nodes in a
-cluster.
-
-
-#### Format ####
-
-Each line in the `hosting.config` file must have one of the following
-formats:
-
- hostname= hostname partition= partition_numbers
- domain= domain_name partition= partition_numbers
-
-where hostname is the fully-qualified hostname of the origin server whose
-content you want to store on a particular partition (for example,
-`www.myhost.com`); `domain_name` is the domain whose content you want to store
-on a particular partition(for example, `mydomain.com`); and
-`partition_numbers` is a comma-separated list of the partitions on which you
-want to store the content that belongs to the origin server or domain
-listed. The partition numbers must be valid numbers listed in the
-[partition.config](#partition.config) file.
-
-**Note:** To allocate more than one partition to an origin server or domain,
-you must enter the partitions in a comma-separated list on one line, as
-shown in the example below. The [hosting.config](#hosting.config) file
-cannot contain multiple entries for the same origin server or domain.
-
-
-#### Generic Partition ####
-
-When configuring the hosting.config file, you must assign a generic
-partition to use for content that does not belong to any of the origin
-servers or domains listed. If all partitions for a particular origin
-server become corrupt, Traffic Server will also use the generic partition
-to store content for that origin server.
-
-The generic partition must have the following format:
-
- hostname=* partition=partition_numbers
-
-where `partition_numbers` is a comma-separated list of generic partitions.
-
-
-#### Examples ####
-
-The following example configures Traffic Server to store content from the
-domain `mydomain.com` in partition 1 and content from `www.myhost.com` in
-partition 2. Traffic Server stores content from all other origin servers
-in partitions 3 and 4.
-
- domain=mydomain.com partition=1
- hostname=www.myhost.com partition=2
- hostname=* partition=3,
-
-
-## icp.config ## {#icp.config}
-
-The `icp.config` file defines ICP peers (parent and sibling caches).
-
-**IMPORTANT:** After you modify the icp.config file, navigate to the Traffic
-Server bin directory and run the `traffic_line -x` command to apply the
-changes. When you apply the changes to a node in a cluster, Traffic Server
-automatically applies the changes to all other nodes in the cluster.
-
-#### Format ####
-Each line in the icp.config file contains the name and configuration
-information for a single ICP peer in the following format:
-
- host : host_IP : peer_type : proxy_port : icp_port : MC_on : MC_IP : MC_TTL :
-
-Each field is described in the following list.
-
-`host`
-: The hostname of the ICP peer.
- This field is optional; if you do not specify the hostname of the ICP
- peer, you must specify the IP address.
-
-`host _IP`
-: The IP address of the ICP peer.
- This field is optional; if you do not specify the IP address of the ICP
- peer, you must specify the hostname.
-
-`ctype`
-: Use the following options:
-
- 1 to indicate an ICP parent cache
- 2 to indicate an ICP sibling cache
-
-`proxy_port`
-: The port number of the TCP port used by the ICP peer for proxy
- communication.
-
-`icp_port`
-: The port number of the UDP port used by the ICP peer for ICP
- communication.
-
-
-#### Examples ####
-
-The following example configuration is for three nodes: the local host,
-one parent, and one sibling.
-
- localhost:0.0.0.0:3:8080:3130:0:0.0.0.0:1
- host1:123.12.1.23:1:8080:3131:0:0.0.0.0:1
- host2:123.12.1.24:2:8080:3131:0:0.0.0.0:1
-
-
-## ip\_allow.config ## {#ip\_allow.config}
+# ip_allow.config # {#ip_allow.config}
The `ip_allow.config` file controls client access to the Traffic Server
proxy cache. You can specify ranges of IP addresses that are allowed to
@@ -543,7 +27,7 @@ you apply the changes to a node in a clu
applies the changes to all other nodes in the cluster.
-#### Format ####
+## Format ## {#Format}
Each line in the `ip_allow.config` file must have the following format:
@@ -562,7 +46,7 @@ access, comment out or delete this line
src_ip=0.0.0.0-255.255.255.255 action=ip_allow
-#### Examples ####
+## Examples ## {#Examples}
The following example enables all clients to access the Traffic Server
proxy cache:
@@ -579,3059 +63,3 @@ the Traffic Server proxy cache:
src_ip=123.45.6.0-123.45.6.123 action=ip_deny
-
-## logs.config ## {#logs.config}
-
-The `logs.config` file establishes and formats **traditional**
-custom transaction log files.
-Although Traffic Server supports traditional custom logging, you
-should use the more versatile XML-based custom logging (refer to
-[Using the Custom Format](log) and
-[logs\_xml.config](#logs_xml.config)). If you opt to use
-traditional custom logging instead of the more versatile XML-based
-custom logging, then you must enable the traditional custom logging
-option manually (refer to
-[Support for Traditional Custom Logging](log)).
-
-**IMPORTANT:** After you modify `logs.config`, navigate to the
-Traffic Server`bin` directory and run the `traffic_line -x` command
-to apply changes. When you apply the changes to a node in a
-cluster, Traffic Server automatically applies the changes to all
-other nodes in the cluster.
-
-
-#### Format ####
-
-Each line in the `logs.config` file establishes and formats a
-custom transaction log file. Lines consist of the following fields,
-separated by colons (:).
-
-*`format`*
-: All lines must begin with the word `format` .
-
-*`activation flag`*
-: Specifies if the custom log file is activated. You can specify one
- of the following options:
-
- enabled
- disabled
-
-*`unique format identifier`*
-: You must use a unique integer for each custom log file you create.
-
-*`format name`*
-: The name for the format you define.
-
-*`format string`*
-: Identifies the `printf` -style format string specifying the field
- symbols to be displayed and how they should look in ASCII. Refer to
- this [Appendix](logfmts) for a list of the available field
- symbols and their meanings.
-
- Field symbols are indicated by %<`field_symbol` \> format. For
- example: to indicate that `chi` is the client host IP and not the
- string `chi` to be printed, enter `% <chi>` .
-
-*`file name`*
-: The name of the custom log file you create.
-
-*`file type`*
-: The format of the file: `ASCII` or `BINARY.`
-
-*`file header data`*
-: The header text. Enter `none` if you do not want header text; enter
- the text of the header if you want your custom log file to have a
- header.
-
-
-#### Examples ####
-
-The following example shows a custom log format for a file named
-**`minimalist`**. It records the client host IP address (`chi`),
-the client request universal resource identifier (`cqu`), and the
-proxy response status code (`pssc`).
-
- format:enabled:1:minimal:%<chi> / %<cqu> / %<pssc>:minimalist:ASCII:none
-
-The output file for the above example format is:
-
- 123.12.3.123 / GET http://earth/ocean/index.html HTTP/1.0 / 200
-
-The following example shows a custom log format for a file named
-**`test`**. It records the `User-Agent`value of the client
-request header (`cqh`) and the `Retry-After` value of the proxy
-response header (`psh`).
-
- format:enabled:1:test:%<{User-Agent}cqh> %<{Retry-After}psh>:test:ASCII:none
-
-
-#### WELF ####
-
-Traffic Server supports **WELF**, the WebTrends Enhanced Log
-format, so you can analyze Traffic Server log files with WebTrends
-reporting tools. A predefined custom format for WELF is provided in
-the `logs.config` file. To create a WELF format log file, comment
-out the following section at the end of the file and replace
-`<FORMAT_ID>` with a unique integer.
-
- #format:enabled:<FORMAT_ID>:welf:id=firewall time="%<cqtd> %<cqtt>" fw=%<phn> pri=6 proto=%<cqus> duration=%<ttmsf> sent=%<psql> rcvd=%<cqhl> src=%<chi> dst=%<shi> dstname=%<shn> user=%<caun> op=%<cqhm> arg="%<cqup>" result=%<pssc> ref="%<{Referer}cqh>" agent="%<{user-agent}cqh>" cache=%<crc>:welf:ASCII:none
-
-
- #
-
-
-## log\_hosts.config ## {#log\_hosts.config}
-
-To record HTTP transactions for different origin servers in
-separate log files, you must list each origin server hostname in
-the `log_hosts.config` file. In addition, you must enable the
-[HTTP Host Log Splitting](log) option. You should use the same
-`log_hosts.config` file on every Traffic Server node in your
-cluster. After you modify the `log_hosts.config` file,
-navigate to the Traffic Server`bin` directory and run the
-`traffic_line -x` command to apply the changes. When you apply the
-changes to a node in a cluster, Traffic Server automatically
-applies the changes to all other nodes in the cluster.
-
-
-#### Format ####
-
-Each line in the `log_hosts.config` file has the following format:
-
-*`hostname`*
-
-where *`hostname`* is the hostname of the origin server.
-
-**Tip:** You can specify keywords in the `log_hosts.config` file to
-record all transactions from origin servers with the specified
-keyword in their names in a separate log file. See the example
-below.
-
-
-#### Examples ####
-
-The following example configures Traffic Server to create separate
-log files containing all HTTP transactions for the origin servers
-`webserver1`, `webserver2`, and `webserver3`.
-
- webserver1
- webserver2
- webserver3
-
-The following example records all HTTP transactions from origin
-servers that contain `sports` in their names. For example:
-`sports.yahoo.com` and `www.foxsports.com` in a log file called
-`squid-sport.log` (the Squid format is enabled).
-
- sports
-
-
-
-## logs\_xml.config ## {#logs\_xml.config}
-
-The `logs_xml.config` file defines the custom log file formats,
-filters, and processing options. The format of this file is modeled
-after **XML**, the Extensible Markup Language.
-
-
-#### Format ####
-
-The `logs_xml.config` file contains the specifications below:
-
-- `LogFormat` specifies the fields to be gathered from each
- protocol event access.
-- `LogFilter` specifies the filters that are used to include or
- exclude certain entries being logged based on the value of a field
- within that entry.
-- `LogObject` specifies an object that contains a particular
- format, a local filename, filters, and collation servers.
-
-The `logs_xml.config` file ignores extra white space, blank lines,
-and all comments.
-
-
-#### LogFormat #### {#logformat}
-
-The following list shows **`LogFormat`** specifications.
-
-
-`<Name = "valid_format_name"/>`
-: Required. Valid format names include any name except `squid`,
- `common`, `extended`, or `extended2`, which are pre-defined
- formats. There is no default for this tag.
-
-`<Format = "valid_format_specification"/>`
-: Required. A valid format specification is a printf-style string
- describing each log entry when formatted for ASCII output. Use
- `%<` `*field*` `>` as a placeholder for valid field names. For
- more information, refer to
- [Custom Logging Fields](logfmts#custom-logging-fields).
-
- The specified field can be one of the following types:
-
- Simple. For example: `%<cqu>`
- A field within a container, such as an HTTP header or a statistic.
- Fields of this type have the syntax:
-
- %<{ field } containe>
-
- Aggregates, such as `COUNT`, `SUM`, `AVG`, `FIRST`, `LAST`. Fields
- of this type have the syntax: `%<operator (` *`field`* `)>`
- **Note:** You cannot create a format specification that contains
- both aggregate operators and regular fields.
-
-`<Interval = "aggregate_interval_secs"/>`
-: Use this tag when the format contains aggregate operators. The
- value "`aggregate_interval_secs`" represents the number of seconds
- between individual aggregate values being produced.
-
- The valid set of aggregate operators are:
-
- COUNT
- SUM
- AVG
- FIRST
- LAST
-
-
-### LogFilters ### {#logfilters}
-
-The following list shows the `LogFilter` specifications.
-
-`<Name = "valid_filter_name"/>`
-: Required. All filters must be uniquely named.
-
-`<Condition = "valid_log_field valid_operator valid_comparison_value"/>`
-: Required. This field contains the following elements:
-
- **`valid\_log\_field`** - the field that will be compared against
- the given value. For more information, refer to
- [Logging Format Cross-Reference](logfmts#cross-reference).
-
- **`valid\_operator\_field`** - any one of the following: `MATCH`,
- `CASE_INSENSITIVE_MATCH`, `CONTAIN`, `CASE_INSENSITIVE_CONTAIN`.
-
- - `MATCH` is true if the field and value are identical
- (case-sensitive).
- - `CASE_INSENSITIVE_MATCH` is similar to `MATCH`, except that it
- is case-**insensitive**.
- - `CONTAIN` is true if the field contains the value (the value is
- a substring of the field).
- - `CASE_INSENSITIVE_CONTAIN` is a case-insensitive version of
- `CONTAIN`.
-
- **`valid\_comparison\_value`** - any string or integer matching
- the field type. For integer values, all of the operators are
- equivalent and mean that the field must be equal to the specified
- value.
-
- **Note:** There are no negative comparison operators. If you want to
- specify a negative condition, then use the `Action` field to
- `REJECT` the record.
-
-`<Action = "valid_action_field"/>`
-: This instructs Traffic Server to either accept or reject records
- that satisfy the filter condition. `<br />`Required:`ACCEPT` or
- `REJECT` .
-
-
-### LogObject ### {#LogObject}
-
-The following list shows the `LogObject` specifications.
-
-`<Format = "valid_format_name"/>`
-: Required. Valid format names include the predefined logging
- formats: `squid`, `common`, `extended`, and `extended2`, as well as
- any previously-defined custom log formats. There is no default for
- this tag.
-
-`<Filename = "file_name"/>`
-: Required. The filename to which the given log file is written on
- the local file system or on a remote collation server. No local log
- file will be created if you fail to specify this tag. All filenames
- are relative to the default logging directory.
-
- If the name does not contain an extension (for example, `squid`),
- then the extension `.log` is automatically appended to it for ASCII
- logs and `.blog` for binary logs (refer to
- [Mode = "valid\_logging\_mode"](files#0_73225)).
-
- If you do not want an extension to be added, then end the filename with a
- single (.) dot (for example: `squid.` ).
-
-`<Mode = "valid_logging_mode"/>`
-: Valid logging modes include `ascii` , `binary` , and `ascii_pipe` .
- The default is `ascii` .
-
- - Use `ascii` to create event log files in human-readable form
- (plain ASCII).
- - Use `binary` to create event log files in binary format.
- Binary log files generate lower system overhead and occupy less
- space on the disk (depending on the information being logged). You
- must use the `logcat` utility to translate binary log files to
- ASCII format before you can read them.
- - Use `ascii_pipe` to write log entries to a UNIX named pipe (a
- buffer in memory). Other processes can then read the data using
- standard I/O functions. The advantage of using this option is that
- Traffic Server does not have to write to disk, which frees disk
- space and bandwidth for other tasks. In addition, writing to a pipe
- does not stop when logging space is exhausted because the pipe does
- not use disk space.
-
- If you are using a collation server, then the log is written to a
- pipe on the collation server. A local pipe is created even before a
- transaction is processed, so you can see the pipe right after
- Traffic Server starts. Pipes on a collation server, however, *are*
- created when Traffic Server starts.
-
-`<Filters = "list_of_valid_filter_names"/>`
-: A comma-separated list of names of any previously-defined log
- filters. If more than one filter is specified, then all filters
- must accept a record for the record to be logged.
-
-`<Protocols = "list_of_valid_protocols"/>`
-: A comma-separated list of the protocols this object should log.
- Valid protocol names for this release are `HTTP` (FTP is
- deprecated).
-
-`<ServerHosts = "list_of_valid_servers"/>`
-: A comma-separated list of valid hostnames.This tag indicates that
- only entries from the named servers will be included in the file.
-
-`<CollationHosts = "list_of_valid_hostnames"/>`
-: A comma-separated list of collation servers to which all log
- entries (for this object) are forwarded. Collation servers can be
- specified by name or IP address. Specify the collation port with a
- colon after the name; for example, `host:port` .
-
-`<Header = "header"/>`
-: The header text you want the log files to contain. The header text
- appears at the beginning of the log file, just before the first
- record.
-
-`<RollingEnabled = "truth value"/>`
-: Enables or disables log file rolling for the `LogObject`. This
- setting overrides the value for the
- *`proxy.config.log.rolling_enabled`* variable in the
- `records.config` file. Set *`truth value`* to one of the
- following values:
-
- `0` to disable rolling for this particular `LogObject`.
- `1` to roll log files at specific intervals during the day (you
- specify time intervals with the `RollingIntervalSec` and
- `RollingOffsetHr` fields).
- `2` to roll log files when they reach a certain size (you specify
- the size with the`RollingSizeMb` field).
- `3` to roll log files at specific intervals during the day or when
- they reach a certain size (whichever occurs first).
- `4` to roll log files at specific intervals during the day when log
- files reach a specific size (at a specified time if the file is of
- the specified size).
-
-
-`<RollingIntervalSec = "seconds"/>`
-: The seconds between log file rolling for the `LogObject`; enables
- you to specify different rolling intervals for different
- `LogObjects`.
- This setting overrides the value for
- *`proxy.config.log.rolling_interval_sec`* in the
- `records.config` file.
-
-`<RollingOffsetHr = "hour"/>`
-: Specifies an hour (from 0 to 23) at which rolling is guaranteed to
- align. Rolling might start before then, but a rolled file will be
- produced only at that time. The impact of this setting is only
- noticeable if the rolling interval is larger than one hour.
- This setting overrides the configuration setting
- for *`proxy.config.log.rolling_offset_hr`* in the
- `records.config` file.
-
-`<RollingSizeMb = "size_in_MB"/>`
-: The size at which log files are rolled.
-
-
-#### Examples ####
-
-The following is an example of a **`LogFormat`** specification
-that collects information using three common fields:
-
- <LogFormat>
- <Name = "minimal"/>
- <Format = "%<chi> : %<cqu> : %<pssc>"/>
- </LogFormat>
-
-The following is an example of a **`LogFormat`** specification
-that uses aggregate operators:
-
- <LogFormat>
- <Name = "summary"/>
- <Format = "%<LAST(cqts)> : %<COUNT(*)> : %<SUM(psql)>"/>
- <Interval = "10"/>
- </LogFormat>
-
-The following is an example of a **`LogFilter`** that will cause
-only `REFRESH_HIT` entries to be logged:
-
- <LogFilter>
- <Name = "only_refresh_hits"/>
- <Action = "ACCEPT"/>
- <Condition = "%<pssc> MATCH REFRESH_HIT"/>
- </LogFilter>
-
-**Note:** When specifying the field in the filter condition, you
-can omit the`%<>`. This means that the filter below is equivalent
-to the example directly above:
-
- <LogFilter>
- <Name = "only_refresh_hits"/>
- <Action = "ACCEPT"/>
- <Condition = "pssc MATCH REFRESH_HIT"/>
- </LogFilter>
-The following is an example of a **`LogObject`** specification
-that creates a local log file for the minimal format defined
-earlier. The log filename will be `minimal.log` because this is an
-ASCII log file (the default).
-
- <LogObject>
- <Format = "minimal"/>
- <Filename = "minimal"/>
- </LogObject>
-
-The following is an example of a **`LogObject`** specification
-that includes only HTTP requests served by hosts in the domain
-`company.com` or by the specific server `server.somewhere.com`. Log
-entries are sent to port 4000 of the collation host
-`logs.company.com` and to port 5000 of the collation host
-`209.131.52.129.`
-
- <LogObject>
- <Format = "minimal"/>
- <Filename = "minimal"/>
- <ServerHosts = "company.com,server.somewhere.com"/>
- <Protocols = "http"/>
- <CollationHosts = "logs.company.com:4000,209.131.52.129:5000"/>
- </LogObject>
-
-
-#### WELF ####
-
-Traffic Server supports WELF (WebTrends Enhanced Log Format) so you
-can analyze Traffic Server log files with WebTrends reporting
-tools. A predefined `<LogFormat>` that is compatible with WELF is
-provided at the end of the `logs.config` file (shown below).
-To create a WELF format log file, create a `<LogObject>` that
-uses this predefined format.
-
- <LogFormat>
- <Name = "welf"/>
- <Format = "id=firewall time=\"%<cqtd> %<cqtt>\" fw=%<phn> pri=6
- proto=%<cqus> duration=%<ttmsf> sent=%<psql> rcvd=%<cqhl>
- src=%<chi> dst=%<shi> dstname=%<shn> user=%<caun> op=%<cqhm>
- arg=\"%<cqup>\" result=%<pssc> ref=\"%<{Referer}cqh>\"
- agent=\"%<{user-agent}cqh>\" cache=%<crc>"/>
- </LogFormat>
-
-
-## parent.config ## {#parent.config}
-
-The `parent.config` file identifies the parent proxies used in an
-cache hierarchy. Use this file to perform the following
-configuration:
-
-- Set up parent cache hierarchies, with multiple parents and
- parent failover
-- Configure selected URL requests to bypass parent proxies
-
-Traffic Server uses the `parent.config` file only when the parent
-caching option is enabled (refer to
-[Configuring Traffic Server to Use a Parent Cache](hier)).
-
-**IMPORTANT:** After you modify the `parent.config` file, navigate
-to the Traffic Server`bin` directory and run the `traffic_line -x`
-command to apply your changes. When you apply the changes to one
-node in a cluster, Traffic Server automatically applies the changes
-to all other nodes in the cluster.
-
-
-#### Format ####
-
-Each line in the `parent.config` file must contain a parent caching
-rule. Traffic Server recognizes three space-delimited tags:
-
- primary_destination=value secondary_specifie=value action=value
-
-The following list shows the possible primary destinations and
-their allowed values.
-
-*`dest_domain`*
-: A requested domain name.
-
-*`dest_host`*
-: A requested hostname.
-
-*`dest_ip`*
-: A requested IP address or range of IP addresses separated by a dash
- (-).
-
-*`url_regex`*
-: A regular expression (regex) to be found in a URL
-
-The secondary specifiers are optional in the `parent.config` file.
-The following list shows the possible secondary specifiers and
-their allowed values.
-
-*`port`*
-: A requested URL port.
-
-*`scheme`*
-: A request URL protocol: `http` or `https`.
-
-*`prefix`*
-: A prefix in the path part of a URL.
-
-*`suffix`*
-: A file suffix in the URL.
-
-*`method`*
-: A request URL method. It can be one of the following:
-
- get
- post
- put
- trace
-
-*`time`*
-: A time range, such as 08:00-14:00, during which the parent cache is
- used to serve requests.
-
-*`src_ip`*
-: A client IP address.
-
-The following list shows the possible actions and their allowed
-values.
-
-`parent`
-: An ordered list of parent servers. If the request cannot be handled
- by the last parent server in the list, then it will be routed to
- the origin server. You can specify either a hostname or an IP
- address, but; you must specify the port number.
-
-`round_robin`
-: One of the following values:
-
- `true` - Traffic Server goes through the parent cache list in a
- round robin-based on client IP address.
- `strict` - Traffic Server machines serve requests strictly in turn.
- For example: machine `proxy1` serves the first request, `proxy2`
- serves the second request, and so on.
- `false` - Round robin selection does not occur.
-
-`go_direct`
-: One of the following values:
-
- `true` - requests bypass parent hierarchies and go directly to the
- origin server.
- `false` - requests do not bypass parent hierarchies.
-
-
-### Examples ###
-
-The following rule configures a parent cache hierarchy consisting
-of Traffic Server (which is the child) and two parents, `p1.x.com`
-and `p2.x.com`. Traffic Server forwards the requests it cannot
-serve to the parent servers `p1.x.com` and `p2.x.com` in a
-round-robin fashion because:
-
- round_robin=true
- dest_domain=. method=get parent="p1.x.com:8080; p2.y.com:8080" round_robin=true
-
-The following rule configures Traffic Server to route all requests
-containing the regular expression `politics` and the path
-/`viewpoint` directly to the origin server (bypassing any parent
-hierarchies):
-`url_regex=politics prefix=/viewpoint go_direct=true`
-
-Every line in the `parent.config` file must contain either a
-`parent=` or `go_direct=` directive.
-
-
-## partition.config ## {#parition.config}
-
-The `partition.config` file enables you to manage your cache space
-more efficiently and restrict disk usage by creating cache
-partitions of different sizes for specific protocols. You can
-further configure these partitions to store data from certain
-origin servers and/or domains in
-the [hosting.config](#hosting.config) file.
-
-**IMPORTANT:** The partition configuration must be the same on all
-nodes in a cluster. You must stop Traffic Server before you change
-the cache partition size and protocol assignment. For step-by-step
-instructions about partitioning the cache, refer to
-[Partitioning the Cache](cache).
-
-
-#### Format ####
-
-For each partition you want to create, enter a line with the
-following format:
-
- partition=partition_number scheme=protocol_type size=partition_size
-
-where *`partition_number`* is a number between 1 and 255 (the
-maximum number of partitions is 255) and *`protocol_type`* is
-`http`. Traffic Server supports `http` for HTTP partition types;
-*`partition_size`* is the amount of cache space allocated to
-the partition. This value can be either a percentage of the total
-cache space or an absolute value. The absolute value must be a
-multiple of 128 MB, where 128 MB is the smallest value. If you
-specify a percentage, then the size is rounded down to the closest
-multiple of 128 MB.
-
-Each partition is striped across several disks to achieve parallel
-I/O. For example: if there are four disks, then a 1-GB partition
-will have 256 MB on each disk (assuming each disk has enough free
-space available). If you do not allocate all the disk space in the
-cache, then the extra disk space is not used. You can use the extra
-space later to create new partitions without deleting and clearing
-the existing partitions.
-
-
-#### Examples ###
-
-The following example partitions the cache evenly between HTTP and
-HTTPS requests:
-
- partition=1 scheme=http size=50%
- partition=2 scheme=https size=50%
-
-
-## records.config ## {#records.config}
-
-The `records.config` file is a list of configurable variables used
-by the Traffic Server software. Many of the variables in the
-`records.config` file are set automatically when you set
-configuration options in Traffic Line or Traffic Shell. After you
-modify the `records.config` file, navigate to the Traffic
-Server`bin` directory and run the command `traffic_line -x` to
-apply the changes. When you apply changes to one node in a cluster,
-Traffic Server automatically applies the changes to all other nodes
-in the cluster.
-
-#### Format ####
-Each variable has the following format:
-
- CONFIG variable_name DATATYPE variable_value
-
-where `DATATYPE` is `INT` (integer), `STRING` (string), or `FLOAT`
-(floating point).
-
-#### Examples ####
-
-In the following example, the
-variable *`proxy.config.proxy_name`* is a `STRING` datatype
-with the value `my_server`. This means that the name of the Traffic
-Server proxy is `my_server`.
-
- CONFIG proxy.config.proxy_name STRING my_server
-
-In the following example, the variable
-*`proxy.config.arm.enabled`* is a yes/no flag. A value of
-`0` (zero) disables the option; a value of `1` enables the option.
-
- CONFIG proxy.config.arm.enabled INT 0
-
-In the following example, the variable sets the cluster startup
-timeout to 10 seconds.
-
- CONFIG proxy.config.cluster.startup_timeout INT 10
-
-#### Configuration Variables ####
-
-The following list describes the configuration variables available in
-the `records.config` file.
-
-
-### System Variables ### {#records.config-system-variables}
-
-*`proxy.config.product_company`*
-: `STRING`
-: `Apache Software Foundation`
-: The name of the organization developing Traffic Server.
-
-*`proxy.config.product_vendor`*
-: `STRING`
-: `Apache`
-: The name of the vendor providing Traffic Server.
-
-*`proxy.config.product_name`*
-: `STRING`
-: `Traffic Server`
-: The name of the product.
-
-*`proxy.config.proxy_name`*
-: `STRING`
-: `<proxy_name>`
-: The name of the Traffic Server node.
-
-*`proxy.config.bin_path`*
-: `STRING`
-: `bin`
-: The location of the Traffic Server `bin` directory.
-
-*`proxy.config.proxy_binary`*
-: `STRING`
-: `traffic_server`
-: The name of the executable that runs the `traffic_server` process.
-
-*`proxy.config.proxy_binary_opts`*
-: `STRING`
-: `-M`
-: The command-line options for starting Traffic Server.
-
-*`proxy.config.manager_binary`*
-: `STRING`
-: `traffic_manager`
-: The name of the executable that runs the `traffic_manager`
- process.
-
-*`proxy.config.cli_binary`*
-: `STRING`
-: `traffic_line`
-: The name of the executable that runs the command-line interface
- (Traffic Line).
-
-
-*`proxy.config.watch_script`*
-: `STRING`
-: `traffic_cop`
-: The name of the executable that runs the `traffic_cop` process.
-
-*`proxy.config.env_prep`*
-: `STRING`
-: `example_prep.sh`
-: The script executed before the `traffic_manager` process spawns the
- `traffic_server` process.
-
-*`proxy.config.config_dir`*
-: `STRING`
-: `config`
-: The directory that contains Traffic Server configuration files.
-
-*`proxy.config.temp_dir`*
-: `STRING`
-: `/tmp`
-: The directory used for Traffic Server temporary files.
-
-*`proxy.config.alarm_email`*
-: `STRING`
-: The email address to which Traffic Server sends alarm messages.
-
- During a custom Traffic Server installation, you can specify the
- email address; otherwise, Traffic Server uses the Traffic Server
- user account name as the default value for this variable.
-
-*`proxy.config.syslog_facility`*
-: `STRING`
-: `LOG_DAEMON`
-: The facility used to record system log files.
- Refer to
- [Understanding Traffic Server Log Files](log#UnderstandingTrafficEdgeLogFiles).
-
-*`proxy.config.cop.core_signal`*
-: `INT`
-: `0`
-: The signal sent to `traffic_cop`'s managed processes to stop them.
- 0 = no signal is sent.
-
-*`proxy.config.cop.linux_min_swapfree_kb`*
-: `INT`
-: `10240`
-: The minimum amount of free swap space allowed before Traffic Server
- stops the `traffic_server`and `traffic_manager` processes to
- prevent the system from hanging.
-
- This configuration variable applies if swap is enabled in Linux 2.2
- only.
-
-*`proxy.config.output.logfile`*
-: `STRING`
-: `traffic.out`
-: The name and location of the file that contains warnings, status
- messages, and error messages produced by the Traffic Server
- processes.
-
- If no path is specified, then Traffic Server creates the file in
- its logging directory.
-
-*`proxy.config.snapshot_dir`*
-: `STRING`
-: `snapshots`
-: The directory in which Traffic Server stores configuration
- snapshots on the local system. Unless you specify an absolute path,
- this directory is located in the Traffic Server `config`
- directory.
-
-*`proxy.config.accept_threads`*
-: `INT`
-: `0`
-: When enabled (`1`), runs a separate thread for accept processing.
- If disabled (`0`), then only 1 thread can be created.
-
-*`proxy.config.thread.default.stacksize`*
-: `INT`
-: `1096908`
-: The new default thread stack size, for all threads. The original
- default is set at 1 MB.
-
-
-**Local Manager**
-
-*`proxy.config.lm.sem_id `*
-: `INT`
-: `11452`
-: The semaphore ID for the local manager.
-
-*`proxy.local.cluster.type`*
-: `INT`
-: `3`
-: Sets the clustering mode:
-
- `1` = full-clustering mode
- `2` = management-only mode
- `3` = no clustering
-
-*`proxy.config.cluster.rsport`*
-: `INT`
-: `8088`
-: The reliable service port. The reliable service port is used to
- send configuration information between the nodes in a cluster. All
- nodes in a cluster must use the same reliable service port.
-
-*`proxy.config.admin.autoconf_port `*
-: `INT`
-: `8083`
-: The autoconfiguration port.
-
-*`proxy.config.admin.overseer_port `*
-: `INT`
-: `8082`
- The port used for retrieving and setting statistics and
- configuration variables.
-
-*`proxy.config.admin.number_config_bak`*
-: `INT`
-: `3`
-: The maximum number of copies of rolled configuration files to
- keep.
-
-*`proxy.config.admin.admin_password`*
-: `STRING`
-: Specifies the encrypted administrator password that controls access
- to Traffic Manager. The format can be recreated with:
-
- #!/usr/bin/php
- <?php
- $foo = md5('admin',true);
- echo strtoupper(substr(bin2hex($foo),0,23)) . "\n";
- ?>
-
- or
-
- perl -MDigest::MD5 -e 'print uc(substr(Digest::MD5::md5_hex($ARGV[0]), 0, 23)), "\n"' admin;`
-
- Note that the web interface is not being maintained.
-
-*`proxy.config.admin.user_id `*
-: `STRING`
-: `nobody`
-: Option used to specify who to run the `traffic_server`process as;
- also used to specify ownership of config and log files.
-
- The nonprivileged user account designated to Traffic Server.
-
- As of version 2.1.1 if the user\_id is prefixed with pound
- character (\#) the remaining of the string is considered to be
- [numeric user identifier](http://en.wikipedia.org/wiki/User_identifier).
- If the value is set to '\#-1' Traffic Server will not change the
- user during startup.
-
- Setting `user_id` to `root` or `#0` is now forbidden to increase
- security. Trying to do so, will cause the `traffic_server` fatal
- failure. However there are two ways to bypass that restriction:
- Specify `-DBIG_SECURITY_HOLE` in `CXXFLAGS` during compilation
- Set the `user_id=#-1` and start trafficserver as root.
-
-
-**Process Manager**
-
-*`proxy.config.process_manager.mgmt_port`*
-: `INT`
-: `8084`
-: The port used for internal communication between the
- `traffic_manager` and `traffic_server` processes.
-
-
-**Alarm Configuration**
-
-*`proxy.config.alarm.bin`*
-: `STRING`
-: `example_alarm_bin.sh`
-: Name of the script file that can execute certain actions when an
- alarm is signaled. The default file is a sample script named
- `example_alarm_bin.sh` located in the `bin` directory. You must
- edit the script to suit your needs.
-
-*`proxy.config.alarm.abs_path`*
-: `STRING`
-: `NULL`
-: The full path to the script file that sends email to alert someone
- about Traffic Server problems.
-
-
-**Authentication Basic Realm**
-
-*`proxy.config.proxy.authenticate.basic.realm`*
-: `STRING`
-: `NULL`
-: The authentication realm name. If the default of `NULL` is
- specified, then`traffic_edge` is used.
-
-
-**HTTP Engine**
-
-*`proxy.config.http.server_port`*
-: `INT`
-: `8080`
-: The port that Traffic Server uses when acting as a web proxy server
- for web traffic.
-
-*`proxy.config.http.server_port_attr `*
-: `STRING`
-: `X`
-: The server port options. You can specify one of the following:
-
- C=SERVER_PORT_COMPRESSED
- X=SERVER_PORT_DEFAULT
- T=SERVER_PORT_BLIND_TUNNEL
-
-*`proxy.config.http.server_other_ports `*
-: `STRING`
-: `NULL`
-: The ports other than the port specified by the variable
-
- *`proxy.config.http.server_port`* to bind for incoming HTTP
- requests. Example:
-
- CONFIG proxy.config.http.server_other_ports STRING 6060:X 9090:X
-
- would listed to ports `6060`, `9090`, and the port specified by
- *`proxy.config.http.server_port`*.
-
-*`proxy.config.http.ssl_ports`*
-: `STRING`
-: `443 563`
-: The range of ports used for tunneling. Traffic Server allows
- tunnels only to the specified ports.
-
- For example: to retrieve an object using HTTPS via Traffic Server,
- a tunnel must be established to an origin server via Traffic
- Server.
-
-*`proxy.config.http.insert_request_via_str `*
-: `INT`
-: `1`
-: You can specify one of the following:
-
- `0` = no extra information is added to the string.
- `1` = all extra information is added.
- `2` = some extra information is added.
-
- Note: the Via: header string interpretation is
- [documented here.](trouble#interpret_via_header)
-
-
-*`proxy.config.http.insert_response_via_str `*
-: `INT`
-: `1`
-: You can specify one of the following:
-
- `0` no extra information is added to the string.
- `1` all extra information is added.
- `2` some extra information is added.
-
-*`proxy.config.http.response_server_enabled `*
-: `INT`
-: `1`
-: You can specify one of the following:
-
- `0` no Server: header is added to the response.
- `1` the Server: header is added (see string below).
- `2` the Server: header is added only if the response from Origin
- does not have one already.
-
-*`proxy.config.http.response_server_str `*
-: `STRING`
-: `ATS/`
-: The Server: string that ATS will insert in a response header
- (if requested, see above). Note that the current version number
- is always appended to this string.
-
-*`proxy.config.http.enable\_url\_expandomatic`*
-: `INT`
-: `1`
-: Enables (`1`) or disables (`0`) `.com` domain expansion. This
- configures the Traffic Server to resolve unqualified hostnames by
- prepending with `www.` and appending with `.com` before redirecting
- to the expanded address.
-
- For example: if a client makes a request to `host`, then Traffic
- Server redirects the request to `www.host.com`.
-
-*`proxy.config.http.chunking_enabled `*
-: `INT`
-: `1`
-: Specifies whether Traffic Sever can generate a chunked response:
-
- `0` Never
- `1` Always
- `2` Generate a chunked response if the server has returned HTTP/1.1 before
- `3` = Generate a chunked response if the client request is HTTP/1.1 and
- the origin server has returned HTTP/1.1 before
-
- **Note:** If HTTP/1.1 is used, then Traffic Server can use
- keep-alive connections with pipelining to origin servers. If HTTP/0.9
- is used, then Traffic Server does not use `keep-alive`
- connections to origin servers. If HTTP/1.0 is used, then Traffic
- Server can use `keep-alive` connections without pipelining to origin
- servers.
-
-
-*`proxy.config.http.share_server_sessions `*
-: `INT`
-: `1`
-: Enables (`1`) or disables (`0`) the reuse of server sessions.
-
-*`proxy.config.http.record_heartbeat `*
-: `INT`
-: `0`
-: Enables (`1`) or disables (`0`) `traffic_cop` heartbeat logging.
-
-*`proxy.config.http.use_client_target_addr `*
-: `INT`
-: `0`
-: Avoid DNS lookup for forward transparent requests:
-
- `0` Never.
- `1` Avoid DNS lookup if possible.
-
- This option causes Traffic Server to avoid where possible doing DNS lookups in forward transparent proxy mode. The option is only effective if the following three conditions are true -
-
- * Traffic Server is in forward proxy mode.
- * Traffic Server is using client side transparency.
- * The target URL has not been modified by either remapping or a plugin.
-
- If any of these conditions are not true, then normal DNS processing is done for the connection.
-
- If all of these conditions are met, then the origin server IP address is retrieved from the original client connection, rather than through HostDB or DNS lookup. In effect, client DNS resolution is used instead of Traffic Server DNS.
-
- This can be used to be a little more efficient (looking up the target once by the client rather than by both the client and Traffic Server) but the primary use is when client DNS resolution can differ from that of Traffic Server. Two known uses cases are:
-
- 1. Embedded IP addresses in a protocol with DNS load sharing. In this case, even though Traffic Server and the client both make the same request to the same DNS resolver chain, they may get different origin server addresses. If the address is embedded in the protocol then the overall exchange will fail. One current example is Microsoft Windows update, which presumably embeds the address as a security measure.
-
- 2. The client has access to local DNS zone information which is not available to Traffic Server. There are corporate nets with local DNS information for internal servers which, by design, is not propagated outside the core corporate network. Depending a network topology it can be the case that Traffic Server can access the servers by IP address but cannot resolve such addresses by name. In such as case the client supplied target address must be used.
-
- Additional Notes:
-
- This solution must be considered interim. In the longer term, it should be possible to arrange for much finer grained control of DNS lookup so that wildcard domain can be set to use Traffic Server or client resolution. In both known use cases, marking specific domains as client determined (rather than a single global switch) would suffice. It is possible to do this crudely with this flag by enabling it and then use identity URL mappings to re-disable it for specific domains.
-
-**Parent Proxy Configuration**
-
-*`proxy.config.http.parent_proxy_routing_enable`*
-: `INT`
-: `0`
-: Enables (`1`) or disables (`0`) the parent caching option.
-
- Refer to [Hierarchical Caching](hier).
-
-*`proxy.config.http.parent_proxy.retry_time `*
-: `INT`
-: `300`
-: The amount of time allowed between connection retries to a parent
- cache that is unavailable.
-
-
-*`proxy.config.http.parent_proxy.fail_threshold`*
-: `INT`
-: `10`
-: The number of times the connection to the parent cache can fail
- before Traffic Server considers the parent unavailable.
-
-
-*`proxy.config.http.parent_proxy.total_connect_attempts`*
-: `INT`
-: `4`
-: The total number of connection attempts allowed to a parent cache
- before Traffic Server bypasses the parent or fails the request
- (depending on the *`go_direct`* option in the `bypass.config`
- file).
-
-*`proxy.config.http.parent_proxy.per_parent_connect_attempts `*
-: `INT`
-: `2`
-: The total number of connection attempts allowed per parent, if
- multiple parents are used.
-
-*`proxy.config.http.parent_proxy.connect_attempts_timeout`*
-: `INT`
-: `30`
-: The timeout value (in seconds) for parent cache connection
- attempts.
-
-*`proxy.config.http.forward.proxy_auth_to_parent `*
-: `INT`
-: `0`
-: Configures Traffic Server to send proxy authentication headers on
- to the parent cache.
-
-
-
-**HTTP Connection Timeouts (secs)**
-
-*`proxy.config.http.keep_alive_no_activity_timeout_in`*
-: `INT`
-: `10`
-: Specifies how long Traffic Server keeps connections to clients open
- for a subsequent request after a transaction ends.
-
-*`proxy.config.http.keep_alive_no_activity_timeout_out `*
-: `INT`
-: `10`
-: Specifies how long Traffic Server keeps connections to origin
- servers open for a subsequent transfer of data after a transaction
- ends.
-
-*`proxy.config.http.transaction_no_activity_timeout_in `*
-: `INT`
-: `120`
-: Specifies how long Traffic Server keeps connections to clients open
- if a transaction stalls.
-
-*`proxy.config.http.transaction_no_activity_timeout_out`*
-: `INT`
-: `120`
-: Specifies how long Traffic Server keeps connections to origin
- servers open if the transaction stalls.
-
-*`proxy.config.http.transaction_active_timeout_in `*
-: `INT`
-: `0`
-: The maximum amount of time Traffic Server can remain connected to a
- client. If the transfer to the client is not complete before this
- timeout expires, then Traffic Server closes the connection.
-
- The default value of `0` specifies that there is no timeout.
-
-*`proxy.config.http.transaction_active_timeout_out`*
-: `INT`
-: `0`
-: The maximum amount of time Traffic Server waits for fulfillment of
- a connection request to an origin server. If Traffic Server does
- not complete the transfer to the origin server before this timeout
- expires, then Traffic Server terminates the connection request.
-
- The default value of `0` specifies that there is no timeout.
-
-*`proxy.config.http.accept_no_activity_timeout `*
-: `INT`
-: `120`
-: The timeout interval in seconds before Traffic Server closes a
- connection that has no activity.
-
-
-*`proxy.config.http.background_fill_active_timeout`*
-: `INT`
-: `60`
-: Specifies how long Traffic Server continues a background fill
- before giving up and dropping the origin server connection.
-
-*`proxy.config.http.background_fill_completed_threshold`*
-: `FLOAT`
-: `0.50000`
-: The proportion of total document size already transferred when a
- client aborts at which the proxy continues fetching the document
- from the origin server to get it into the cache (a
- **background fill**).
-
-
-**Origin Server Connect Attempts**
-
-*`proxy.config.http.connect_attempts_max_retries`*
-: `INT`
-: `6`
-: The maximum number of connection retries Traffic Server can make
- when the origin server is not responding.
-
-*`proxy.config.http.connect_attempts_max_retries_dead_server`*
-: `INT`
-: `2`
-: The maximum number of connection retries Traffic Server can make
- when the origin server is unavailable.
-
-*`proxy.config.http.server_max_connections`*
-: `INT`
-: `0`
-: Limits the number of socket connections across all origin servers
- to the value specified.
-
- To disable, set to zero (`0`).
-
-*`proxy.config.http.origin_max_connections`*
-: `INT`
-: `0`
-: Limits the number of socket connections per origin server to the
- value specified.
-
- To enable, set to one (`1`).
-
-*`proxy.config.http.origin_min_keep_alive_connections`*
-: `INT`
-: `0`
-: As connection to an origin server are opened, keep at least 'n'
- number of connections open to that origin, even if the connection
- isn't used for a long time period. Useful when the origin supports
- keep-alive, removing the time needed to set up a new connection
- from the next request at the expense of added (inactive)
- connections.
-
- To enable, set to one (`1`).
-
-*`proxy.config.http.connect_attempts_rr_retries `*
-: `INT`
-: `2`
-: The maximum number of failed connection attempts allowed before a
- round-robin entry is marked as 'down' if a server has round-robin
- DNS entries.
-
-*`proxy.config.http.connect_attempts_timeout `*
-: `INT`
-: `30`
-: The timeout value (in seconds) for an origin server connection.
-
-*`proxy.config.http.post_connect_attempts_timeout`*
-: `INT`
-: `1800`
-: The timeout value (in seconds) for an origin server connection when
- the client request is a `POST` or `PUT` request.
-
-*`proxy.config.http.down_server.cache_time`*
-: `INT`
-: `900`
-: Specifies how long (in seconds) Traffic Server remembers that an
- origin server was unreachable.
-
-*`proxy.config.http.down_server.abort_threshold `*
-: `INT`
-: `10`
-: The number of seconds before Traffic Server marks an origin server
- as unavailable after a client abandons a request because the origin
- server was too slow in sending the response header.
-
-
-**Congestion Control**
-
-*`proxy.config.http.congestion_control.enabled`*
-: `INT`
-: `0`
-: Enables (`1`) or disables (`0`) the Congestion Control option,
- which configures Traffic Server to stop forwarding HTTP requests to
- origin servers when they become congested. Traffic Server sends the
- client a message to retry the congested origin server later.
-
- Refer to
- [Using Congestion Control](http#UsingCongestionControl).
-
-
-**Negative Response Caching**
-
-*`proxy.config.http.negative_caching_enabled`*
-: `INT`
-: `0`
-: When enabled (`1`), Traffic Server caches negative responses (such
- as `404 Not Found`) when a requested page does not exist. The next
- time a client requests the same page, Traffic Server serves the
- negative response directly from cache.
-
- **Note**: `Cache-Control` directives from the server forbidding
- cache are ignored for the following HTTP response codes, regardless
- of the value specified for the
- *`proxy.config.http.negative_caching_enabled`* variable. The
- following negative responses are cached by Traffic Server:
-
- 204 No Content
- 305 Use Proxy
- 400 Bad Request
- 403 Forbidden
- 404 Not Found
- 405 Method Not Allowed
- 500 Internal Server Error
- 501 Not Implemented
- 502 Bad Gateway
- 503 Service Unavailable
- 504 Gateway Timeout`
-
-
-**Proxy User Variables**
-
-*`proxy.config.http.anonymize_remove_from`*
-: `INT`
-: `0`
-: When enabled (`1`), Traffic Server removes the `From` header to
- protect the privacy of your users.
-
-*`proxy.config.http.anonymize_remove_referer `*
-: `INT`
-: `0`
-: When enabled (`1`), Traffic Server removes the `Referrer` header to
- protect the privacy of your site and users.
-
-*`proxy.config.http.anonymize_remove_user_agent `*
-: `INT`
-: `0`
-: When enabled (`1`), Traffic Server removes the `User-agent` header
- to protect the privacy of your site and users.
-
-*`proxy.config.http.anonymize_remove_cookie`*
-: `INT`
-: `0`
-: When enabled (`1`), Traffic Server removes the `Cookie` header to
- protect the privacy of your site and users.
-
-*`proxy.config.http.anonymize_remove_client_ip`*
-: `INT`
-: `0`
-: When enabled (`1`), Traffic Server removes `Client-IP` headers for
- more privacy.
-
-
-*`proxy.config.http.anonymize_insert_client_ip `*
-: `INT`
-: `1`
-: When enabled (`1`), Traffic Server inserts `Client-IP` headers to
- retain the client IP address.
-
-*`proxy.config.http.append_xforwards_header `*
-: `INT`
-: `0`
-: When enabled (`1`), Traffic Server appends `X-Forwards` headers to
- outgoing requests.
-
-*`proxy.config.http.anonymize_other_header_list `*
-: `STRING`
-: `NULL`
-: The headers Traffic Server should remove from outgoing requests.
-
-*`proxy.config.http.insert_squid_x_forwarded_for `*
-: `INT`
-: `0`
-: When enabled (`1`), Traffic Server adds the client IP address to
- the `X-Forwarded-For` header.
-
-*`proxy.config.http.normalize_ae_gzip`*
-: `INT`
-: `0`
-: Enable (`1`) to normalize all `Accept-Encoding:` headers to one of
- the following:
-
- - `Accept-Encoding: gzip` (if the header has `gzip` or `x-gzip` with any `q`) **OR**
- - *blank* (for any header that does not include `gzip`)
-
- This is useful for minimizing cached alternates of documents (e.g.
- `gzip, deflate` vs. `deflate, gzip`). Enabling this option is
- recommended if your origin servers use no encodings other than `gzip`.
-
-
-**Security**
-
-*`proxy.config.http.push_method_enabled `*
-: `INT`
-: `0`
-: Enables (`1`) or disables (`0`) the HTTP `PUSH` option, which
- allows you to deliver content directly to the cache without a user
- request.
-
- **Important:** If you enable this option, then you must also
- specify a filtering rule in the
- [`filter.config`](#filter.config) file to allow only
- certain machines to push content into the cache.
-
-
-**Cache Control**
-
-*`proxy.config.cache.enable_read_while_writer`*
-: `INT`
-: `0`
-: Enables (`1`) or disables (`0`) ability to a read cached object
- while the another connection is completing the write to cache for
- the same object. This must be enabled for connection collapsing to
- work
-
-*`proxy.config.http.cache.http`*
-: `INT`
-: `1`
-: Enables (`1`) or disables (`0`) caching of HTTP requests.
-
-*`proxy.config.http.cache.ignore_client_no_cache`*
-: `INT`
-: `0`
-: When enabled (`1`), Traffic Server ignores client requests to
- bypass the cache.
-
-*`proxy.config.http.cache.ims_on_client_no_cache `*
-: `INT`
-: `0`
-: When enabled (`1`), Traffic Server issues a conditional request to
- the origin server if an incoming request has a `No-Cache` header.
-
-*`proxy.config.http.cache.ignore_server_no_cache `*
-: `INT`
-: `0`
-: When enabled (`1`), Traffic Server ignores origin server requests
- to bypass the cache.
-
-*`proxy.config.http.cache.cache_responses_to_cookies`*
-: `INT`
-: `3`
-: Specifies how cookies are cached:
-
- `0` = do not cache any responses to cookies
- `1` = cache for any content-type
- `2` = cache only for image types
- `3` = cache for all but text content-types
-
-*`proxy.config.http.cache.ignore_authentication `*
-: `INT`
-: `0`
-: When enabled (`1`), Traffic Server ignores `WWW-Authentication`
- headers in responses.
- `WWW-Authentication` headers are removed and not cached.
-
-*`proxy.config.http.cache.cache_urls_that_look_dynamic `*
-: `INT`
-: `0`
-: Enables (`1`) or disables (`0`) caching of URLs that look dynamic.
-
-*`proxy.config.http.cache.enable_default_vary_headers `*
-: `INT`
-: `0`
-: Enables (`1`) or disables (`0`) caching of alternate versions of
- HTTP objects that do not contain the `Vary` header.
-
-
-*`proxy.config.http.cache.when_to_revalidate `*
-: `INT`
-: `0`
-: Specifies when to revalidate content:
-
- `0` = use cache directives or heuristic (the default value)
- `1` = stale if heuristic
- `2` = always stale (always revalidate)
- `3` = never stale
- `4` = use cache directives or heuristic (0) unless the request has
- an `If-Modified-Since` header
-
- If the request contains the `If-Modified-Since` header, then
- Traffic Server always revalidates the cached content and uses the
- client's `If-Modified-Since` header for the proxy request.
-
-*`proxy.config.http.cache.when_to_add_no_cache_to_msie_requests`*
-: `INT`
-: 0
-: Specifies when to add `no-cache` directives to Microsoft Internet
- Explorer requests. You can specify the following:
-
- `0` = `no-cache` is *not* added to MSIE requests
- `1` = `no-cache` is added to IMS MSIE requests
- `2` = `no-cache` is added to all MSIE requests
-
-*`proxy.config.http.cache.required_headers `*
-: `INT`
-: `0`
-: The type of headers required in a request for the request to be
- cacheable.
-
- `0` = no headers required to make document cacheable
- `1` = either the `Last-Modified` header, or an explicit lifetime
- header, `Expires` or `Cache-Control: max-age`, is required
- `2` = explicit lifetime is required, `Expires` or
- `Cache-Control: max-age`
-
-*`proxy.config.http.cache.max_stale_age `*
-: `INT`
-: `604800`
-: The maximum age allowed for a stale response before it cannot be
- cached.
-
-*`proxy.config.http.cache.range.lookup `*
-: `INT`
-: `1`
-: When enabled (`1`), Traffic Server looks up range requests in the
- cache.
-
-*`proxy.config.http.cache.enable_read_while_writer`*
-: `INT`
-: `0`
-: Enables (`1`) or disables (`0`) the ability to read a cached object
- while another connection is completing a write to cache for the
- same object. If you want connection collapsing to work, then this
- option must be enabled.
-
-*`proxy.config.connection_collapsing.hashtable_enabled`*
-: `INT`
-: `0`
-: Enables (`1`) or disables (`0`) whether requests will first search
- the hashtable to see if another similar request is already being
- served.
-
-*`proxy.config.connection_collapsing.rww_wait_time`*
-: `INT`
-: `0`
-: When enabled (`1`) while the write configuration parameter is also
- enabled, secondary clients will wait this amount of time (in msec)
- before cache lookup is retried.
-
-*`proxy.config.connection_collapsing.revalidate_window_period`*
-: `INT`
-: `0`
-: The amount of time (msec) secondary clients for the same URL will
- be served the stale object when revalidation of a cached object is
- in progress.
-
-
-*`proxy.config.http.cache.fuzz.min_time`*
-: `INT`
-: `0`
-: Sets a minimum fuzz time; the default value is `0`.
-
- **Effective fuzz time** is a calculation in the range
- (`fuzz.min_time` - `fuzz.min_time`).
-
-*`proxy.config.http.cache.ignore_accept_mismatch `*
-: `INT`
-: `0`
-: When enabled (`1`), Traffic Server serves documents from cache with
- a `Content-Type:` header that does not match the `Accept:` header
- of the request.
- **Note:** This option should only be enabled if you're having
- problems with caching *and* one of the following is true:
-
- Your origin server sets `Vary: Accept` when doing content
- negotiation with `Accept`
- -OR-
- The server does not send a `406 (Not Acceptable)` response for
- types that it cannot serve.
-
-
-*`proxy.config.http.cache.ignore_accept_language_mismatch `*
-: `INT`
-: `0`
-: When enabled (`1`), Traffic Server serves documents from cache with
- a `Content-Language:` header that does not match the
- `Accept-Language:` header of the request.
-
- **Note:** This option should only be enabled if you're having
- problems with caching and your origin server is guaranteed to set
- `Vary: Accept-Language` when doing content negotiation with
- `Accept-Language`.
-
-
-*`proxy.config.http.cache.ignore_accept_charset_mismatch `*
-: `INT`
-: `0`
-: When enabled (`1`), Traffic Server serves documents from cache with
- a `Content-Type:` header that does not match the `Accept-Charset:`
- header of the request.
-
- **Note:** This option should only be enabled if you're having
- problems with caching and your origin server is guaranteed to set
- `Vary: Accept-Charset` when doing content negotiation with
- `Accept-Charset`.
-
-*`proxy.config.http.cache.ignore_client_cc_max_age`*
-: `INT`
-: `1`
-: When enabled (`1`), Traffic Server ignores any
- `Cache-Control: max-age` headers from the client.
-
-
-**Heuristic Expiration**
-
-*`proxy.config.http.cache.heuristic_min_lifetime`*
-: `INT`
-: `3600`
-: The minimum amount of time a document in the cache is considered to
- be fresh.
-
-*`proxy.config.http.cache.heuristic_max_lifetime`*
-: `INT`
-: `86400`
-: The maximum amount of time a document in the cache remains fresh.
-
-*`proxy.config.http.cache.heuristic_lm_factor`*
-: `FLOAT`
-: `0.10000`
-: The aging factor for freshness computations.
-
-*`proxy.config.http.cache.fuzz.time`*
-: `INT`
-: `240`
-: How often Traffic Server checks for an early refresh, during the
- period before the document stale time. The interval specified must
- be in seconds.
-
-*`proxy.config.http.cache.fuzz.probability`*
-: `FLOAT`
-: `0.00500`
-: The probability that a refresh is made on a document during the
- specified fuzz time.
-
-**Dynamic Content & Content Negotiation**
-
-*`proxy.config.http.cache.vary_default_text`*
-: `STRING`
-: `NULL`
-: The header on which Traffic Server varies for text documents.
-
- For example: if you specify `user-agent`, then Traffic Server
- caches all the different user-agent versions of documents it
- encounters.
-
-*`proxy.config.http.cache.vary_default_images`*
-: `STRING`
-: `NULL`
-: The header on which Traffic Server varies for images.
-
-*`proxy.config.http.cache.vary_default_other`*
-: `STRING`
-: `NULL`
-: The header on which Traffic Server varies for anything other than
- text and images.
-
-
-**Customizable User Response Pages**
-
-*`proxy.config.body_factory.enable_customizations`*
-: `INT`
-: `0`
-: Specifies whether customizable response pages are enabled or
- disabled and which response pages are used:
-
- `0` = disable customizable user response pages
- `1` = enable customizable user response pages in the default
- directory only
- `2` = enable language-targeted user response pages
-
-*`proxy.config.body_factory.enable_logging`*
-: `INT`
-: `1`
-: Enables (`1`) or disables (`0`) logging for customizable response
- pages.
- When enabled, Traffic Server records a message in the error log
- each time a customized response page is used or modified.
-
-*`proxy.config.body_factory.template_sets_dir`*
-: `STRING`
-: `config/body_factory`
-: The customizable response page default directory.
-
-*`proxy.config.body_factory.response_suppression_mode`*
-: `INT`
-: `0`
-: Specifies when Traffic Server suppresses generated response pages:
-
- `0` = never suppress generated response pages
- `1` = always suppress generated response pages
- `2` = suppress response pages only for intercepted traffic
-
-
-**DNS**
-
-*`proxy.config.dns.search_default_domains`*
-: `INT`
-: `1`
-: Enables (`1`) or disables (`0`) local domain expansion so that
- Traffic Server can attempt to resolve unqualified hostnames by
- expanding to the local domain.
-
- For example: if a client makes a request to an unqualified host
- (`host_x`) and the Traffic Server local domain is `y.com` , then
- Traffic Server will expand the hostname to `host_x.y.com`.
-
-*`proxy.config.dns.splitDNS.enabled`*
-: `INT`
-: `0`
-: Enables (`1`) or disables (`0`) DNS server selection.
- When enabled, Traffic Server refers to the `splitdns.config` file
- for the selection specification.
-
- Refer to
- [Configuring DNS Server Selection (Split DNS)](secure#ConfiguringDNSServerSelectionSplit).
-
-*`proxy.config.dns.splitdns.def_domain`*
-: `STRING`
-: `NULL`
-: The default domain for split DNS requests. This value is appended
- automatically to the hostname if it does not include a domain
- before split DNS determines which DNS server to use.
-
-*`proxy.config.dns.url_expansions`*
-: `STRING`
-: `NULL`
-: Specifies a list of hostname extensions that are automatically
- added to the hostname after a failed lookup.
-
- For example: if you want Traffic Server to add the hostname
- extension .org, then specify `org` as the value for this variable
- (Traffic Server automatically adds the dot (.).
-
- **Note:** If the variable
- *`proxy.config.http.enable_url_expandomatic`* is set to `1`
- (the default value), then you do not have to add **`www.`** and
- **`.com`** to this list because Traffic Server automatically tries
- www. and .com after trying the values you've specified.
-
-*`proxy.config.dns.round_robin_nameservers`*
-: `INT`
-: `0`
-: Enables (`1`) or disables (`0`) DNS server round-robin.
-
-*`proxy.config.dns.nameservers`*
-: `STRING`
-: `NULL`
-: The DNS servers.
-
-*`proxy.config.srv_enabled`*
-: `INT`
-: `0`
-: Indicates whether to utilize SRV records for orgin server lookup.
-
-
-**HostDB**
-
-*`proxy.config.hostdb.serve_stale_for`*
-: `INT`
-: `0`
-: The number of seconds for which to utilize a stale NS record while
- initiating a background fetch for the new data.
-
-*`proxy.config.hostdb.storage_size`*
-: `INT`
-: `33554432`
-: The amount of space (in bytes) used to store *`hostdb`*. The
- value of this variable must be increased if you increase the size
- of the *`proxy.config.hostdb.size`* variable.
-
-*`proxy.config.hostdb.size`*
-: `INT`
-: `200000`
-: The maximum number of entries allowed in the host database.
-
- **Note:** For values above `200000`, you must increase the value of
- the *`proxy.config.hostdb.storage_size`* variable by at least
- 44 bytes per entry.
-
-*`proxy.config.hostdb.ttl_mode`*
-: `INT`
-: `0`
-: The host database time to live mode. You can specify one of the
- following:
-
- `0` = obey
- `1`= ignore
- `2` = min(X,ttl)
- `3` = max(X,ttl)
-
-*`proxy.config.hostdb.timeout`*
-: `INT`
-: `1440`
-: The foreground timeout (in minutes).
-
-*`proxy.config.hostdb.strict_round_robin`*
-: `INT`
-: `0`
-: When disabled (`0`), Traffic Server always uses the same origin
- server for the same client, for as long as the origin server is
- available.
-
-
-**Logging Config**
-
-*`proxy.config.log.logging_enabled`*
-: `INT`
-: `3`
-: Enables and disables event logging:
-
- `0` = logging disabled
- `1` = log errors only
- `2` = log transactions only
- `3` = full logging (errors + transactions)
-
- Refer to [Working with Log Files](log).
-
-*`proxy.config.log.max_secs_per_buffer`*
-: `INT`
-: `5`
-: The maximum amount of time before data in the buffer is flushed to
- disk.
-
-*`proxy.config.log.max_space_mb_for_logs`*
-: `INT`
-: `2000`
-: The amount of space allocated to the logging directory (in MB).
-
-*`proxy.config.log.max_space_mb_for_orphan_logs`*
-: `INT`
-: `25`
-: The amount of space allocated to the logging directory (in MB) if
- this node is acting as a collation client.
-
-*`proxy.config.log.max_space_mb_headroom`*
-: `INT`
-: `10`
-: The tolerance for the log space limit (in bytes).
-
- If the variable *`proxy.config.log.auto_delete_rolled_file`*
- is set to `1` (enabled), then autodeletion of log files is
- triggered when the amount of free space available in the logging
- directory is less than the value specified here.
-
-*`proxy.config.log.hostname`*
-: `STRING`
-: `localhost`
-: The hostname of the machine running Traffic Server.
-
-*`proxy.config.log.logfile_dir`*
-: `STRING`
-: `install_dir /logs`
-: The full path to the logging directory.
-
-*`proxy.config.log.logfile_perm`*
-: `STRING`
-: `rw-r--r--`
-: The log file permissions. The standard UNIX file permissions are
- used (owner, group, other). Permissable values are:
-
- `-`no permission
- `r`read permission
- `w`write permission
- `x`execute permission
-
- Permissions are subject to the umask settings for the Traffic
- Server process. This means that a umask setting of`002`will not
- allow write permission for others, even if specified in the
- configuration file. Permissions for existing log files are not
- changed when the configuration is changed.
-
-*`proxy.config.log.custom_logs_enabled`*
-: `INT`
-: `0`
-: Enables (`1`) or disables (`0`) custom logging.
-
-*`proxy.config.log.xml_logs_config`*
-: `INT`
-: `1`
-: Enables (`1`) or disables (`0`) extended custom logging using an
- XML-based configuration file.
- A value of `0` instructs Traffic Server to use the traditional
- custom log formats.
-
- **Note:** Although Traffic Server supports traditional custom
- logging, you should use the more versatile XML-based custom
- formats.
-
-*`proxy.config.log.squid_log_enabled`*
-: `INT`
-: `1`
-: Enables (`1`) or disables (`0`) the squid log file format.
-
-*`proxy.config.log.squid_log_is_ascii`*
-: `INT`
-: `1`
-: The squid log file type:
-
- `1` = ASCII
- `0` = binary
-
-*`proxy.config.log.squid_log_name`*
-: `STRING`
-: `squid`
-: The squid log filename.
-
-*`proxy.config.log.squid_log_header`*
-: `STRING`
-: `NULL`
-: The squid log file header text.
-
-*`proxy.config.log.common_log_enabled`*
-: `INT`
-: `0`
-: Enables (`1`) or disables (`0`) the Netscape common log file
- format.
-
-*`proxy.config.log.common_log_is_ascii`*
-: `INT`
-: `1`
-: The Netscape common log file type:
-
- `1` = ASCII
- `0` = binary
-
-*`proxy.config.log.common_log_name`*
-: `STRING`
-: `common`
-: The Netscape common log filename.
-
-*`proxy.config.log.common_log_header`*
-: `STRING`
-: `NULL`
-: The Netscape common log file header text.
-
-*`proxy.config.log.extended_log_enabled`*
-: `INT`
-: `0`
-: Enables (`1`) or disables (`0`) the Netscape extended log file
- format.
-
-*`proxy.confg.log.extended_log_is_ascii`*
-: `INT`
-: `1`
-: The Netscape extended log file type:
-
- `1` = ASCII
- `0` = binary
-
-*`proxy.config.log.extended_log_name`*
-: `STRING`
-: `extended`
-: The Netscape extended log filename.
-
-*`proxy.config.log.extended_log_header`*
-: `STRING`
-: `NULL`
-: The Netscape extended log file header text.
-
-*`proxy.config.log.extended2_log_enabled`*
-: `INT`
-: `0`
-: Enables (`1`) or disables (`0`) the Netscape Extended-2 log file
- format.
-
-*`proxy.config.log.extended2_log_is_ascii`*
-: `INT`
-: `1`
-: The Netscape Extended-2 log file type:
-
- `1` = ASCII
- `0` = binary
-
-*`proxy.config.log.extended2_log_name`*
-: `STRING`
-: `extended2`
-: The Netscape Extended-2 log filename.
-
-*`proxy.config.log.extended2_log_header`*
-: `STRING`
-: `NULL`
-: The Netscape Extended-2 log file header text.
-
-*`proxy.config.log.separate_icp_logs`*
-: `INT`
-: `0`
-: When enabled (`1`), configures Traffic Server to store ICP
- transactions in a separate log file.
-
-*`proxy.config.log.separate_host_logs`*
-: `INT`
-: `0`
-: When enabled (`1`), configures Traffic Server to create a separate
- log file for HTTP transactions for each origin server listed in the
- `log_hosts.config` file.
-
- Refer to [HTTP Host Log Splitting](log#HTTPHostLogSplitting).
-
-*`proxy.local.log.collation_mode`*
-: `INT`
-: `0`
-: The log collation mode:
-
- `0` = collation is disabled
- `1` = this host is a log collation server
- `2` = this host is a collation client and sends entries using
- standard formats to the collation server
- `3` = this host is a collation client and sends entries using the
- traditional custom formats to the collation server
- `4` = this host is a collation client and sends entries that use
- both the standard and traditional custom formats to the collation
- server
-
- For information on sending XML-based custom formats to the
- collation server, refer to
- [logs\_xml.config](files#logs_xml.config).
-
- **Note:** Although Traffic Server supports traditional custom
- logging, you should use the more versatile XML-based custom
- formats.
-
-*`proxy.confg.log.collation_host`*
-: `STRING`
-: `NULL`
-: The hostname of the log collation server.
-
-*`proxy.config.log.collation_port`*
-: `INT`
-: `8085`
-: The port used for communication between the collation server and
- client.
-
-*`proxy.config.log.collation_secret`*
-: `STRING`
-: `foobar`
-: The password used to validate logging data and prevent the exchange
- of unauthorized information when a collation server is being used.
-
-*`proxy.config.log.collation_host_tagged`*
-: `INT`
-: `0`
-: When enabled (`1`), configures Traffic Server to include the
- hostname of the collation client that generated the log entry in
- each entry.
-
-*`proxy.config.log.collation_retry_sec`*
-: `INT`
-: `5`
-: The number of seconds between collation server connection retries.
-
-*`proxy.config.log.rolling_enabled`*
-: `INT`
-: `1`
-: Specifies how log files are rolled. You can specify the following
- values:
-
- `0` = disables log file rolling
-
- `1` = enables log file rolling at specific intervals during the day
- (specified with the *`proxy.config.log.rolling_interval_sec`*
- and *`proxy.config.log.rolling_offset_hr`* variables)
-
- `2` = enables log file rolling when log files reach a specific size
- (specified with the *`proxy.config.log.rolling_size_mb`*
- variable)
-
- `3` = enables log file rolling at specific intervals during the day
- or when log files reach a specific size (whichever occurs first)
-
- `4` = enables log file rolling at specific intervals during the day
- when log files reach a specific size (i.e., at a specified time if
- the file is of the specified size)
-
-*`proxy.config.log.rolling_interval_sec`*
-: `INT`
-: `86400`
-: The log file rolling interval, in seconds. The minimum value is
- `300` (5 minutes). The maximum value is 86400 seconds (one day).
-
-*`proxy.config.log.rolling_offset_hr`*
-: `INT`
-: `0`
-: The file rolling offset hour. The hour of the day that starts the
- log rolling period.
-
-*`proxy.config.log.rolling_size_mb`*
-: `INT`
-: `10`
-: The size that log files must reach before rolling takes place.
-
-*`proxy.config.log.auto_delete_rolled_files`*
-: `INT`
-: `1`
-: Enables (`1`) or disables (`0`) automatic deletion of rolled
- files.
-
-*`proxy.config.log.sampling_frequency`*
-: `INT`
-: `1`
-: Configures Traffic Server to log only a sample of transactions
- rather than every transaction. You can specify the following
- values:
-
- `1` = log every transaction
- `2` = log every second transaction
- `3` = log every third transaction
- and so on...
-
-
-*`proxy.config.http.slow.log.threshold`*
-: `INT`
-: `0`
-: The number of milliseconds before a slow connection's debugging
- stats are dumped.
- Specify `1` to enable or `0` to disable.
-
-
-**Reverse Proxy**
-
-*`proxy.config.reverse_proxy.enabled`*
-: `INT`
-: `1`
-: Enables (`1`) or disables (`0`) HTTP reverse proxy.
-
-*`proxy.config.header.parse.no_host_url_redirect`*
-: `STRING`
-: `NULL`
-: The URL to which to redirect requests with no host headers (reverse
- proxy).
-
-
-**URL Remap Rules**
-
-*`proxy.config.url_remap.default_to_server_pac`*
-: `INT`
-: `0`
[... 939 lines stripped ...]