You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by ig...@apache.org on 2010/10/27 18:46:23 UTC
svn commit: r1028030 -
/trafficserver/site/branches/ats-cms/content/docs/admin/files.mdtext
Author: igalic
Date: Wed Oct 27 16:46:23 2010
New Revision: 1028030
URL: http://svn.apache.org/viewvc?rev=1028030&view=rev
Log:
files.config ~50% of records.config, storing it before it gets lost.
Modified:
trafficserver/site/branches/ats-cms/content/docs/admin/files.mdtext
Modified: trafficserver/site/branches/ats-cms/content/docs/admin/files.mdtext
URL: http://svn.apache.org/viewvc/trafficserver/site/branches/ats-cms/content/docs/admin/files.mdtext?rev=1028030&r1=1028029&r2=1028030&view=diff
==============================================================================
--- trafficserver/site/branches/ats-cms/content/docs/admin/files.mdtext (original)
+++ trafficserver/site/branches/ats-cms/content/docs/admin/files.mdtext Wed Oct 27 16:46:23 2010
@@ -17,11 +17,14 @@ Notice: Licensed to the Apache Softwa
under the License.
# Appendix E - Configuration Files # {#files}
+
This appendix describes Traffic Server configuration files that you can edit.
[TOC]
+
## bypass.config ## {#bypass.config}
+
The bypass.config file contains static bypass rules that Traffic Server
uses in transparent proxy caching mode. Static bypass rules instruct
Traffic Server to bypass certain incoming client requests so they are
@@ -29,17 +32,17 @@ served by the origin server. The bypass.
[Dynamic Deny Bypass Rules](#dynamic.deny_bypass).
You can configure three types of static bypass rules:
--Â **Source bypass rules** configure Traffic Server to bypass a particular
+- **Source bypass rules** configure Traffic Server to bypass a particular
source IP address or range of IP addresses. For example: bypass
clients that do not want to use caching.
--Â **Destination bypass rules** configure Traffic Server to bypass a
+- **Destination bypass rules** configure Traffic Server to bypass a
particular destination IP address or range of IP addresses. For
example: bypass origin servers that use IP authentication based on the
client's real IP address.
**IMPORTANT:** Destination bypass rules prevent Traffic Server from
caching an entire site. You will experience hit rate impacts if the
site you bypass is popular.
--Â **Source/destination pair bypass rules** configure Traffic Server to
+- **Source/destination pair bypass rules** configure Traffic Server to
bypass requests that originate from the specified source to the
specified destination. For example: route around specific
client-server pairs that experience broken IP authentication or
@@ -50,6 +53,7 @@ You can configure three types of static
**IMPORTANT:** After you modify the bypass.config file, you must restart
Traffic Server.
+
#### Format ####
Bypass rules follow the format below:
@@ -58,7 +62,7 @@ Bypass rules follow the format below:
The following list describes the variables.
-src ipaddress
+`src` *`ipaddress`*
: Specifies the source (client) IP address in incoming requests Traffic
Server must bypass.
@@ -70,7 +74,7 @@ src ipaddress
- Any combination of the above separated by commas, such as 1.1.1.0/24,
25.25.25.25, 123.1.23.1-123.1.23.123
-dst ipaddress
+`dst` *`ipaddress`*
: Specifies the destination (origin server) IP address in incoming
requests Traffic Server must bypass.
@@ -82,30 +86,36 @@ dst ipaddress
- Any combination of the above separated by commas, such as 1.1.1.0/24,
25.25.25.25, 123.1.23.1-123.1.23.123
-src ipaddress AND dst ipaddress
+`src` *`ipaddress`* `AND dst` *`ipaddress`*
: Specifies the source and destination IP address pair Traffic Server must
bypass.
The variable ipaddress must be a single IP address, such as 123.45.67.8
+
#### Dynamic Deny Bypass Rules #### {#dynamic.bypass\_rules}
+
In addition to static bypass rules, the bypass.config file also accepts
dynamic deny bypass rules that prevent Traffic Server from bypassing
certain incoming client requests dynamically (a deny bypass rule can
prevent Traffic Server from bypassing itself). Dynamic deny bypass rules
can be source, destination, or source/destination and have the following
format:
-`deny\_dyn\_bypass src ipaddress | dst ipaddress | src ipaddresss AND ipaddress`
+
+ deny_dyn_bypass src ipaddress | dst ipaddress | src ipaddresss AND ipaddress`
For a description of the options, refer to the table above. For the
dynamic deny bypass rules to work, you must set the variable
-proxy.config.arm.bypass\_dynamic\_enabled to 1 in the records.config file.
+`proxy.config.arm.bypass_dynamic_enabled` to `1` in the
+[records.config](#records.config) file.
**IMPORTANT:** Static bypass rules overwrite dynamic deny bypass rules. If a
static bypass rule and a dynamic bypass rule contain the same IP address,
then the dynamic deny bypass rule will be ignored.
+
#### Examples ####
+
The following example shows source, destination, and source/destination
**bypass rules**:
@@ -121,71 +131,77 @@ The following example shows source, dest
deny_dyn_bypass src 111.11.11.1 AND dst 111.11.1.1
+
## cache.config ## {#cache.config}
+
The cache.config file defines how Traffic Server caches web objects. You
can add caching rules to specify the following:
--Â Not to cache objects from specific IP addresses
--Â How long to pin particular objects in the cache
--Â How long to consider cached objects as fresh
--Â Whether to ignore no-cache directives from the server
+- Not to cache objects from specific IP addresses
+- How long to pin particular objects in the cache
+- How long to consider cached objects as fresh
+- Whether to ignore no-cache directives from the server
-**IMPORTANT:** After you modify the cache.config file, navigate to the Traffic
-Server bin directory; then run the traffic\_line -x command to apply
+**IMPORTANT:** After you modify the `cache.config file`, navigate to the Traffic
+Server bin directory; then run the `traffic_line -x` command to apply
changes. When you apply the changes to a node in a cluster, Traffic Server
automatically applies the changes to all other nodes in the cluster.
+
#### Format ####
+
Each line in the cache.config file contains a caching rule. Traffic Server
recognizes three space-delimited tags:
-`primary_destination=value secondary_specifier=value action=value`
+
+ primary_destination=value secondary_specifier=value action=value
You can use more than one secondary specifier in a rule. However, you
cannot repeat a secondary specifier.
The following list shows the possible primary destinations with allowed values.
-`dest_domain`
+*`dest_domain`*
: A requested domain name. Traffic Server matches the domain name of the
destination from the URL in the request.
-`dest_host`
+*`dest_host`*
: A requested hostname. Traffic Server matches the hostname of the
destination from the URL in the request.
-`dest_ip`
+*`dest_ip`*
: A requested IP address. Traffic Server matches the IP address of the
destination in the request.
-`url_regex`
+*`url_regex`*
: A regular expression (regex) to be found in a URL.
The secondary specifiers are optional in the cache.config file. The
-following table lists possible secondary specifiers with allowed values.
+following list shows possible secondary specifiers with allowed values.
-`port`
+*`port`*
: A requested URL port.
-`scheme`
+*`scheme`*
: A request URL protocol: http or https.
-`prefix
+*`prefix`*
: A prefix in the path part of a URL.
-`suffix`
+*`suffix`*
: A file suffix in the URL.
-`method
+*`method`*
: A request URL method: get, put, post, trace.
-`time`
+*`time`*
: A time range, such as 08:00-14:00.
-`src_ip`
+*`src_ip`*
: A client IP address.
The following list shows possible actions and their allowed values.
-`action`
+
+*`action`*
: One of the following values:
`never-cache` configures Traffic Server to never cache specified objects.<br />
@@ -196,7 +212,7 @@ The following list shows possible action
`ignore-server-no-cache` configures Traffic Server to ignore
`Cache-Control: no-cache` headers from origin server responses.
-`pin-in-cache`
+*`pin-in-cache`*
: The amount of time you want to keep the object(s) in the cache. The
following time formats are allowed:
@@ -206,26 +222,29 @@ The following list shows possible action
`s` for seconds; for example: 20s
mixed units; for example: 1h15m20s
-`revalidate`
+*`revalidate`*
: The amount of time object(s) are to be considered fresh. Use the same
time formats as `pin-in-cache`.
-`ttl-in-cache`
+*`ttl-in-cache`*
: The amount of time object(s) are to be kept in the cache, regardless of
Cache-Control response headers. Use the same time formats as
pin-in-cache and revalidate .
#### Examples ####
-The following example configures Traffic Server to revalidate gif and jpeg
-objects in the domain mydomain.com every 6 hours, and all other objects in
-mydomain.com every hour. The rules are applied in the order listed.
+
+The following example configures Traffic Server to revalidate `gif` and `jpeg`
+objects in the domain `mydomain.com` every 6 hours, and all other objects in
+`mydomain.com` every hour. The rules are applied in the order listed.
dest_domain=mydomain.com suffix=gif revalidate=6h
dest_domain=mydomain.com suffix=jpeg revalidate=6h
dest_domain=mydomain.com revalidate=1h
+
## congestion.config ## {#congestion.config}
+
The `congestion.config` file enables you to configure Traffic Server to stop
forwarding HTTP requests to origin servers when they become congested, and
then send the client a message to retry the congested origin server later.
@@ -233,117 +252,126 @@ After you modify the `congestion.control
Server bin directory; then run the `traffic_line -x` command to apply
changes. When you apply the changes to a node in a cluster, Traffic Server
automatically applies the changes to all other nodes in the cluster.
-Traffic Server uses the congestion.config file only if you enable the
+Traffic Server uses the `congestion.config` file only if you enable the
[Congestion Control](http.html#UsingCongestionControl) option.
You can create rules in the congestion.config file to specify:
--Â Which origin servers Traffic Server tracks for congestion.
--Â The timeouts Traffic Server uses, depending on whether a server is
+- Which origin servers Traffic Server tracks for congestion.
+- The timeouts Traffic Server uses, depending on whether a server is
congested.
--Â The page Traffic Server sends to the client when a server becomes
+- The page Traffic Server sends to the client when a server becomes
congested.
--Â If Traffic Server tracks the origin servers per IP address or per
+- If Traffic Server tracks the origin servers per IP address or per
hostname.
+
#### Format ####
+
Each line in `congestion.config` must follow the format below. Traffic
Server applies the rules in the order listed, starting at the top of the
file.
Traffic Server recognizes three space-delimited tags:
-`primary_destination=value secondary_specifier=value action=value`
+
+ primary_destination=value secondary_specifier=value action=value
The following list shows possible primary destinations with allowed
values.
-`dest_domain`
+*`dest_domain`*
: A requested domain name.
-`dest_host`
+*`dest_host`*
: A requested hostname.
-`dest_ip`
+*`dest_ip`*
: A requested IP address.
-`url_regex`
+*`url_regex`*
: A regular expression (regex) to be found in a URL.
The secondary specifiers are optional in the congestion.config file. The
-following table lists possible secondary specifiers with allowed values.
+following list shows possible secondary specifiers with allowed values.
You can use more than one secondary specifier in a rule; however, you
cannot repeat a secondary specifier.
-`port`
+*`port`*
: A requested URL port or range of ports.
-`prefix`
+*`prefix`*
: A prefix in the path part of a URL.
The following list shows the possible tags and their allowed values.
-`max_connection_failures`
- The maximum number of connection failures allowed within the fail
+*`max_connection_failures`*
+: Default: `5`
+: The maximum number of connection failures allowed within the fail
window described below before Traffic Server marks the origin server as
- congested. The default value is 5.
+ congested.
-`fail_window`
+*`fail_window`*
+: Default: `120` seconds.
: The time period during which the maximum number of connection failures
can occur before Traffic Server marks the origin server as congested.
- The default value is 120 seconds.
-`proxy_retry_interval`
+*`proxy_retry_interval`*
+: Default: `10` seconds.
: The number of seconds that Traffic Server waits before contacting a
- congested origin server again. The default value is 10 seconds
+ congested origin server again.
-`client_wait_interval`
+*`client_wait_interval`*
+: Default: `300` seconds.
: The number of seconds that the client is advised to wait before
- retrying the congested origin server. The default value is 300 seconds.
+ retrying the congested origin server.
-`wait_interval_alpha`
+*`wait_interval_alpha`*
+: Default: `30` seconds
: The upper limit for a random number that is added to the wait interval.
- The default value is 30 seconds.
-`live_os_conn_timeout`
-: The connection timeout to the live (uncongested) origin server. The
- default value is 60 seconds.
+*`live_os_conn_timeout`*
+: Default: `60` seconds.
+: The connection timeout to the live (uncongested) origin server.
If a client stops a request before the timeout occurs, then Traffic
Server does not record a connection failure.
-`live_os_conn_retries`
+*`live_os_conn_retries`*
+: Default: `2`
: The maximum number of retries allowed to the live (uncongested) origin
- server. The default value is 2.
+ server.
-`dead_os_conn_timeout`
-: The connection timeout to the congested origin server. The default
- value is 15 seconds.
+*`dead_os_conn_timeout`*
+: Default: `15` secondsj
+: The connection timeout to the congested origin server.
-`dead_os_conn_retries`
+*`dead_os_conn_retries`*
+: Default: `1`
: The maximum number of retries allowed to the congested origin server.
- The default value is 1.
-`max_connection`
+*`max_connection`*
+: Default: `-1`
: The maximum number of connections allowed from Traffic Server to the
- origin server. The default value is -1.
+ origin server.
-`error_page`
+*`error_page`*
+: Default: `"congestion#retryAfter"`
: The error page sent to the client when a server is congested. You must
- enclose the value in quotes; the default value is
- "congestion#retryAfter"
+ enclose the value in quotes;
-`congestion_scheme`
-: Specifies if Traffic Server applies the rule on a per-host ("per\_host")
- or per-IP basis ("per\_ip"). The default value is "per\_ip"; you must
- enclose the value in quotes.
+*`congestion_scheme`*
+: Default: `"per_ip"`
+: Specifies if Traffic Server applies the rule on a per-host (`"per_host"`)
+ or per-IP basis (`"per_ip"`). You must enclose the value in quotes.
- For example: if the server www.host1.com has two IP addresses and you
- use the tag value "per\_ip", then each IP address has its own number of
+ For example: if the server `www.host1.com` has two IP addresses and you
+ use the tag value `"per_ip"`, then each IP address has its own number of
connection failures and is marked as congested independently. If you
- use the tag value "per\_host" and the server www.host1.com is marked as
+ use the tag value `"per_host"` and the server `www.host1.com` is marked as
congested, then both IP addresses are marked as congested.
#### Examples ####
-The following congestion.config rule configures Traffic Server to stop
-forwarding requests to the server www.host.com on port 80 (HTTP traffic)
+
+The following `congestion.config` rule configures Traffic Server to stop
+forwarding requests to the server `www.host.com` on port 80 (HTTP traffic)
if the server is congested, according to the timeouts specified. Traffic
Server uses the default tag values because no tag has been specified.
@@ -355,7 +383,9 @@ default values.
You can override any of the default tag values by adding configuration
variables at the end of `records.config` as follows:
-`CONFIG proxy.config.http.congestion_control.default.tag INT|STRING value`
+
+ CONFIG proxy.config.http.congestion_control.default.tag INT|STRING value
+
where tag is one of the tags described in the table under
[congestion.config](#congestion.config) and value is the value you want to use.
@@ -373,55 +403,58 @@ variables in the records.config file:
proxy.config.http.down_server.cache_time
proxy.config.http.down_server.abort_threshold
+
## filter.config ## {#filter.config}
+
The `filter.config` file enables you to deny or allow particular requests
and strip header information from client requests. After you modify
`filter.config`, you must restart Traffic Server.
+
#### Format ####
+
Each line in `filter.config` contains a filtering rule. Traffic Server
applies the rules in the order listed, starting at the top of the file.
Traffic Server recognizes three space-delimited tags:
-`primary_destination=value secondary_specifier=value action=value`
+
+ primary_destination=value secondary_specifier=value action=(allow|deny)
The following list shows possible primary destinations with their allowed
values.
-`dest_domain`
+*`dest_domain`*
: A requested domain name. Traffic Server matches the domain name of the
destination from the URL in the request.
-`dest_host`
+*`dest_host`*
: A requested hostname. Traffic Server matches the hostname of the
destination from the URL in the request.
-`dest_ip`
+*`dest_ip`*
: A requested IP address. Traffic Server matches the IP address of the
destination in the request.
-`url_regex`
+*`url_regex`*
: A regular expression (regex) to be found in a URL.
The secondary specifiers are optional in the filter.config file. The
-following table lists the possible secondary specifiers and their allowed
+following list shows the possible secondary specifiers and their allowed
values. You can use more than one secondary specifier in a rule; however,
you cannot repeat a secondary specifier.
-The following list shows possible actions with allowed values.
-
-`port`
+*`port`*
: A requested URL port.
-`scheme`
-: A request URL protocol: http or https.
+*`scheme`*
+: A request URL protocol: `http` or `https`.
-`prefix`
+*`prefix`*
: A prefix in the path part of a URL.
-`suffix`
+*`suffix`*
: A file suffix in the URL.
-`method`
+*`method`*
: A request URL method. You can specify one of the following:
`get
post
@@ -429,21 +462,24 @@ The following list shows possible action
trace
PUSH`
- **Note:** If the PUSH option is enabled (the PUSH option lets you deliver
+ **Note:** If the `PUSH` option is enabled (the `PUSH` option lets you deliver
content directly to the cache without user request), then you must add
- a filtering rule with the PUSH action to ensure that only known source
- IP addresses implement PUSH requests to the cache. To enable the PUSH
+ a filtering rule with the `PUSH` action to ensure that only known source
+ IP addresses implement `PUSH` requests to the cache. To enable the PUSH
option, set the configuration variable
- `proxy.config.http.push_method_enabled` to `1` in the `records.config` file.
+ `proxy.config.http.push_method_enabled` to `1` in the
+ [records.config](#records.config) file.
-`time`
+*`time`*
: A time range, such as 08:00-14:00.
-`src_ip`
+*`src_ip`*
: A client IP address.<br />
**Note:** `src_ip` is not supported for PNA content.
+
#### Examples ####
+
The following example configures Traffic Server to keep the client IP
address header for URL requests that contain the regular expression
giraffes and whose path prefix is `/habitat`:
@@ -472,35 +508,27 @@ Traffic Server applies the rules in the
file. For example, the sample `filter.config` file below configures Traffic
Server to do the following:
--Â Allow only users authenticated by the LDAP server on ldap.com to
- access internal.com
--Â Allow all users (except those trying to access internal.com ) to
+- Allow all users (except those trying to access internal.com ) to
access server1.com
--Â Deny all users access to naughty.com
--Â Allow authenticated users (authenticated by the LDAP server on
- ldap.com ) with the attribute ou="Accounting Department" in their LDAP
- profile to access 401kfidelity.com
--Â Require any user not included in any of the above directives to be
- authenticated by the default LDAP server
+- Deny all users access to naughty.com
- dest_host=internal.com action=ldap server=ldap.com dn="o=ldap.com"
dest_host=server1.com action=allow
dest_host=naughty.com action=deny
- dest_host=401k.fidelity.com action=ldap server=ldap.com:389
- dn="o=ldap.com" attr=ou attr_val="Accounting Department"
- dest_ip=0.0.0.0-255.255.255.255 action=lda
+
## hosting.config ## {#hosting.config}
-The hosting.config file enables you to assign cache partitions to specific
+
+The `hosting.config` file enables you to assign cache partitions to specific
origin servers and/or domains so that you can manage cache space
efficiently and restrict disk usage. For step-by-step instructions on
partitioning the cache according to origin servers and/or domains, refer
to [Partitioning the Cache](cache.html) According to Origin Server or Domain.
Before you can assign cache partitions to specific origin servers and/or
domains, you must first partition your cache according to size and
-protocol in the partition.config file. For step-by-step instructions about
-partitioning your cache, refer to [49]Partitioning the Cache. For a
-description of the partition.config file, refer to [50]partition.config.
+protocol in the [partition.config](#partition.config) file.
+For step-by-step instructions about partitioning your cache, refer to
+[Partitioning the Cache](cache.html). For a description of the
+`partition.config` file, refer to [partition.config](#partition.config).
After you modify hosting.config, navigate to the Traffic Server bin
directory and run the `traffic_line -x` command to apply your changes. When
@@ -650,7 +678,7 @@ The `logs.config` file establishes and f
custom transaction log files.
Although Traffic Server supports traditional custom logging, you
should use the more versatile XML-based custom logging (refer to
-[Using the Custom Format](log.htm) and
+[Using the Custom Format](log.html) and
[logs\_xml.config](#logs_xml.config)). If you opt to use
traditional custom logging instead of the more versatile XML-based
custom logging, then you must enable the traditional custom logging
@@ -675,8 +703,8 @@ separated by colons (:).
: Specifies if the custom log file is activated. You can specify one
of the following options:
- `enabled`
- `disabled`
+ enabled
+ disabled
*`unique format identifier`*
: You must use a unique integer for each custom log file you create.
@@ -705,23 +733,30 @@ separated by colons (:).
the text of the header if you want your custom log file to have a
header.
+
#### Examples ####
+
The following example shows a custom log format for a file named
-`<b>minimalist</b>`. It records the client host IP address (`chi`),
+**`minimalist`**. It records the client host IP address (`chi`),
the client request universal resource identifier (`cqu`), and the
proxy response status code (`pssc`).
-`format:enabled:1:minimal:%<chi> / %<cqu> / %<pssc>:minimalist:ASCII:none`
+
+ format:enabled:1:minimal:%<chi> / %<cqu> / %<pssc>:minimalist:ASCII:none
The output file for the above example format is:
-`123.12.3.123 / GET http://earth/ocean/index.html HTTP/1.0 / 200`
+
+ 123.12.3.123 / GET http://earth/ocean/index.html HTTP/1.0 / 200
The following example shows a custom log format for a file named
-`<b>test</b>`. It records the `User-Agent`value of the client
+**`test`**. It records the `User-Agent`value of the client
request header (`cqh`) and the `Retry-After` value of the proxy
response header (`psh`).
-`format:enabled:1:test:%<{User-Agent}cqh> %<{Retry-After}psh>:test:ASCII:none`
+
+ format:enabled:1:test:%<{User-Agent}cqh> %<{Retry-After}psh>:test:ASCII:none
+
#### WELF ####
+
Traffic Server supports **WELF**, the WebTrends Enhanced Log
format, so you can analyze Traffic Server log files with WebTrends
reporting tools. A predefined custom format for WELF is provided in
@@ -729,9 +764,14 @@ the `logs.config` file. To create a WELF
out the following section at the end of the file and replace
`<FORMAT_ID>` with a unique integer.
-`#format:enabled:<FORMAT_ID>:welf:id=firewall time="%<cqtd> %<cqtt>" fw=%<phn> pri=6 proto=%<cqus> duration=%<ttmsf> sent=%<psql> rcvd=%<cqhl> src=%<chi> dst=%<shi> dstname=%<shn> user=%<caun> op=%<cqhm> arg="%<cqup>" result=%<pssc> ref="%<{Referer}cqh>" agent="%<{user-agent}cqh>" cache=%<crc>:welf:ASCII:none<br /> <br /> #`
+ #format:enabled:<FORMAT_ID>:welf:id=firewall time="%<cqtd> %<cqtt>" fw=%<phn> pri=6 proto=%<cqus> duration=%<ttmsf> sent=%<psql> rcvd=%<cqhl> src=%<chi> dst=%<shi> dstname=%<shn> user=%<caun> op=%<cqhm> arg="%<cqup>" result=%<pssc> ref="%<{Referer}cqh>" agent="%<{user-agent}cqh>" cache=%<crc>:welf:ASCII:none
+
+
+ #
+
## log\_hosts.config ## {#log\_hosts.config}
+
To record HTTP transactions for different origin servers in
separate log files, you must list each origin server hostname in
the `log_hosts.config` file. In addition, you must enable the
@@ -743,11 +783,14 @@ navigate to the Traffic Server`bin` dire
changes to a node in a cluster, Traffic Server automatically
applies the changes to all other nodes in the cluster.
+
#### Format ####
+
Each line in the `log_hosts.config` file has the following format:
-`<br /> <i>hostname</i>`
-where `<i>hostname</i>` is the hostname of the origin server.
+*`hostname`*
+
+where *`hostname`* is the hostname of the origin server.
**Tip:** You can specify keywords in the `log_hosts.config` file to
record all transactions from origin servers with the specified
@@ -759,16 +802,21 @@ The following example configures Traffic
log files containing all HTTP transactions for the origin servers
`webserver1`, `webserver2`, and `webserver3`.
-`webserver1` `<br />``webserver2` `<br />``webserver3`
+ webserver1
+ webserver2
+ webserver3
The following example records all HTTP transactions from origin
servers that contain `sports` in their names. For example:
`sports.yahoo.com` and `www.foxsports.com` in a log file called
`squid-sport.log` (the Squid format is enabled).
-`sports`
+ sports
+
+
## logs\_xml.config ## {#logs\_xml.config}
+
The `logs_xml.config` file defines the custom log file formats,
filters, and processing options. The format of this file is modeled
after **XML**, the Extensible Markup Language.
@@ -788,8 +836,10 @@ The `logs_xml.config` file contains the
The `logs_xml.config` file ignores extra white space, blank lines,
and all comments.
+
#### LogFormat #### {#logformat}
-The following list shows `<b>LogFormat</b>` specifications.
+
+The following list shows **`LogFormat`** specifications.
`<Name = "valid_format_name"/>`
@@ -800,18 +850,18 @@ The following list shows `<b>LogFormat</
`<Format = "valid_format_specification"/>`
: Required. A valid format specification is a printf-style string
describing each log entry when formatted for ASCII output. Use
- `%< <em> field</em> >` as a placeholder for valid field names. For
+ `%<` `*field*` `>` as a placeholder for valid field names. For
more information, refer to
[Custom Logging Fields](logfmts.html#custom-logging-fields).
The specified field can be one of the following types:
- Simple. For example: `%<cqu><br />`
+ Simple. For example: `%<cqu>`<br />
A field within a container, such as an HTTP header or a statistic.
Fields of this type have the syntax:
- `%<{ <em> field</em> } <em> container</em> >`
+ `%<{` *`field`* `}` *`container`* `>`
Aggregates, such as `COUNT`, `SUM`, `AVG`, `FIRST`, `LAST`. Fields
- of this type have the syntax: `%<operator ( <em> field</em> )>`
+ of this type have the syntax: `%<operator (` *`field`* `)>`
**Note:** You cannot create a format specification that contains
both aggregate operators and regular fields.
@@ -820,11 +870,18 @@ The following list shows `<b>LogFormat</
value "`aggregate_interval_secs`" represents the number of seconds
between individual aggregate values being produced.
- The valid set of aggregate operators are:`<br />``COUNT`
- `<br />``SUM``<br />``AVG` `<br />``FIRST` `<br />``LAST`
+ The valid set of aggregate operators are:
+
+ COUNT
+ SUM
+ AVG
+ FIRST
+ LAST
+
### LogFilters ### {#logfilters}
-The following list shows the `<b>LogFilter</b>` specifications.
+
+The following list shows the **`LogFilter`** specifications.
`<Name = "valid_filter_name"/>`
: Required. All filters must be uniquely named.
@@ -832,12 +889,12 @@ The following list shows the `<b>LogFilt
`<Condition = "valid_log_field valid_operator valid_comparison_value"/>`
: Required. This field contains the following elements:
- `<b>valid_log_field</b>` - the field that will be compared against
+ **`valid\_log\_field`** - the field that will be compared against
the given value. For more information, refer to
[Logging Format Cross-Reference](logfmts.html#cross-reference).
- `<b>valid_operator_field</b>` - any one of the following: `MATCH` ,
- `CASE_INSENSITIVE_MATCH` , `CONTAIN` , `CASE_INSENSITIVE_CONTAIN`.
+ **`valid\_operator\_field`** - any one of the following: `MATCH`,
+ `CASE_INSENSITIVE_MATCH`, `CONTAIN`, `CASE_INSENSITIVE_CONTAIN`.
- `MATCH` is true if the field and value are identical
(case-sensitive).
@@ -848,7 +905,7 @@ The following list shows the `<b>LogFilt
- `CASE_INSENSITIVE_CONTAIN` is a case-insensitive version of
`CONTAIN`.
- `<b>valid_comparison_value</b>` - any string or integer matching
+ **`valid\_comparison\_value`** - any string or integer matching
the field type. For integer values, all of the operators are
equivalent and mean that the field must be equal to the specified
value.
@@ -864,7 +921,8 @@ The following list shows the `<b>LogFilt
### LogObject ### {#LogObject}
-The following list shows the `<b>LogObject</b>` specifications.
+
+The following list shows the **`LogObject`** specifications.
`<Format = "valid_format_name"/>`
: Required. Valid format names include the predefined logging
@@ -881,8 +939,9 @@ The following list shows the `<b>LogObje
If the name does not contain an extension (for example, `squid`),
then the extension `.log` is automatically appended to it for ASCII
logs and `.blog` for binary logs (refer to
- [Mode = "valid\_logging\_mode"](files.htm#0_73225)). `<br />`If you
- do not want an extension to be added, then end the filename with a
+ [Mode = "valid\_logging\_mode"](files.htm#0_73225)).
+
+ If you do not want an extension to be added, then end the filename with a
single (.) dot (for example: `squid.` ).
`<Mode = "valid_logging_mode"/>`
@@ -938,8 +997,8 @@ The following list shows the `<b>LogObje
`<RollingEnabled = "truth value"/>`
: Enables or disables log file rolling for the `LogObject`. This
setting overrides the value for the
- `<i>proxy.config.log2.rolling_enabled</i>` variable in the
- `records.config` file. Set `<i>truth value</i>` to one of the
+ *`proxy.config.log2.rolling_enabled</i>` variable in the
+ `records.config` file. Set *`truth value</i>` to one of the
following values:
`0` to disable rolling for this particular `LogObject`.
@@ -960,7 +1019,7 @@ The following list shows the `<b>LogObje
you to specify different rolling intervals for different
`LogObjects`.
This setting overrides the value for
- `<i>proxy.config.log2.rolling_interval_sec </i>` in the
+ *`proxy.config.log2.rolling_interval_sec`* in the
`records.config` file.
`<RollingOffsetHr = "hour"/>`
@@ -969,14 +1028,14 @@ The following list shows the `<b>LogObje
produced only at that time. The impact of this setting is only
noticeable if the rolling interval is larger than one hour.
This setting overrides the configuration setting
- for`<i>proxy.config.log2.rolling_offset_hr </i>` in the
+ for*`proxy.config.log2.rolling_offset_hr`* in the
`records.config` file.
`<RollingSizeMb = "size_in_MB"/>`
: The size at which log files are rolled.
#### Examples ####
-The following is an example of a `<b>LogFormat</b>` specification
+The following is an example of a **`LogFormat`** specification
that collects information using three common fields:
<LogFormat>
@@ -984,7 +1043,7 @@ that collects information using three co
<Format = "%<chi> : %<cqu> : %<pssc>"/>
</LogFormat>
-The following is an example of a `<b>LogFormat</b>` specification
+The following is an example of a **`LogFormat`** specification
that uses aggregate operators:
<LogFormat>
@@ -993,7 +1052,7 @@ that uses aggregate operators:
<Interval = "10"/>
</LogFormat>
-The following is an example of a `<b>LogFilter</b>` that will cause
+The following is an example of a **`LogFilter`** that will cause
only `REFRESH_HIT` entries to be logged:
<LogFilter>
@@ -1011,7 +1070,7 @@ to the example directly above:
<Action = "ACCEPT"/>
<Condition = "pssc MATCH REFRESH_HIT"/>
</LogFilter>
-The following is an example of a `<b>LogObject</b>` specification
+The following is an example of a **`LogObject`** specification
that creates a local log file for the minimal format defined
earlier. The log filename will be `minimal.log` because this is an
ASCII log file (the default).
@@ -1021,7 +1080,7 @@ ASCII log file (the default).
<Filename = "minimal"/>
</LogObject>
-The following is an example of a `<b>LogObject</b>` specification
+The following is an example of a **`LogObject`** specification
that includes only HTTP requests served by hosts in the domain
`company.com` or by the specific server `server.somewhere.com`. Log
entries are sent to port 4000 of the collation host
@@ -1187,12 +1246,12 @@ instructions about partitioning the cach
For each partition you want to create, enter a line with the
following format:
-`partition=<em>partition_number</em> scheme=<em>protocol_type</em> size=<em>partition_size</em>`
+`partition=`*`partition_number`* `scheme=`*`protocol_type`* `size=`*`partition_size`*
-where `<i>partition_number </i>` is a number between 1 and 255 (the
-maximum number of partitions is 255) and `<i>protocol_type </i>` is
+where *`partition_number`* is a number between 1 and 255 (the
+maximum number of partitions is 255) and *`protocol_type`* is
`http`. Traffic Server supports `http` for HTTP partition types;
-`<i>partition_size </i>` is the amount of cache space allocated to
+*`partition_size`* is the amount of cache space allocated to
the partition. This value can be either a percentage of the total
cache space or an absolute value. The absolute value must be a
multiple of 128 MB, where 128 MB is the smallest value. If you
@@ -1207,14 +1266,18 @@ cache, then the extra disk space is not
space later to create new partitions without deleting and clearing
the existing partitions.
+
#### Examples ###
The following example partitions the cache evenly between HTTP and
HTTPS requests:
-`partition=<em>1</em> scheme=http size=50% <br />``partition=<em>2</em> scheme=https size=50%`
+ partition=1 scheme=http size=50%
+ partition=2 scheme=https size=50%
+
## records.config ## {#records.config}
+
The `records.config` file is a list of configurable variables used
by the Traffic Server software. Many of the variables in the
`records.config` file are set automatically when you set
@@ -1376,3 +1439,739 @@ the `records.config` file.
**Local Manager**
+
+*`proxy.config.lm.sem_id `*
+: `INT`
+: `11452`
+: The semaphore ID for the local manager.
+
+*`proxy.local.cluster.type`*
+: `INT`
+: `3`
+: Sets the clustering mode:
+
+ `1` = full-clustering mode
+ `2` = management-only mode
+ `3` = no clustering
+
+*`proxy.config.cluster.rsport`*
+: `INT`
+: `8088`
+: The reliable service port. The reliable service port is used to
+ send configuration information between the nodes in a cluster. All
+ nodes in a cluster must use the same reliable service port.
+
+*`proxy.config.admin.autoconf_port `*
+: `INT`
+: `8083`
+: The autoconfiguration port.
+
+*`proxy.config.admin.overseer_port `*
+: `INT`
+: `8082`
+ The port used for retrieving and setting statistics and
+ configuration variables.
+
+*`proxy.config.admin.number_config_bak`*
+: `INT`
+: `3`
+: The maximum number of copies of rolled configuration files to
+ keep.
+
+*`proxy.config.admin.admin_password`*
+: `STRING`
+: Specifies the encrypted administrator password that controls access
+ to Traffic Manager. The format can be recreated with:
+
+ #!/usr/bin/php
+ <?php
+ $foo = md5('admin',true);
+ echo strtoupper(substr(bin2hex($foo),0,23)) . "\n";
+ ?>
+
+ or
+
+ perl -MDigest::MD5 -e 'print uc(substr(Digest::MD5::md5_hex($ARGV[0]), 0, 23)), "\n"' admin;`
+
+ Note that the web interface is not being maintained.
+
+*`proxy.config.admin.user_id `*
+: `STRING`
+: `nobody`
+: Option used to specify who to run the `traffic_server`process as;
+ also used to specify ownership of config and log files.
+
+ The nonprivileged user account designated to Traffic Server.
+
+ As of version 2.1.1 if the user\_id is prefixed with pound
+ character (\#) the remaining of the string is considered to be
+ [numeric user identifier](http://en.wikipedia.org/wiki/User_identifier).
+ If the value is set to '\#-1' Traffic Server will not change the
+ user during startup.
+
+ Setting user\_id to 'root' or '\#0' is now forbidden to increase
+ security. Trying to do so, will cause the traffic\_server fatal
+ failure. However there are two ways to bypass that restriction:
+ Specify -DBIG\_SECURITY\_HOLE in CXXFLAGS during compilation
+ Set the user\_id=\#-1 and start trafficserver as root.
+
+
+**Process Manager**
+
+*`proxy.config.process_manager.mgmt_port`*
+: `INT`
+: `8084`
+: The port used for internal communication between the
+ `traffic_manager` and `traffic_server` processes.
+
+
+**Alarm Configuration**
+
+*`proxy.config.alarm.bin`*
+: `STRING`
+: `example_alarm_bin.sh`
+: Name of the script file that can execute certain actions when an
+ alarm is signaled. The default file is a sample script named
+ `example_alarm_bin.sh` located in the `bin` directory. You must
+ edit the script to suit your needs.
+
+*`proxy.config.alarm.abs_path`*
+: `STRING`
+: `NULL`
+: The full path to the script file that sends email to alert someone
+ about Traffic Server problems.
+
+
+**Authentication Basic Realm**
+
+*`proxy.config.proxy.authenticate.basic.realm`*
+: `STRING`
+: `NULL`
+: The authentication realm name. If the default of `NULL` is
+ specified, then`traffic_edge` is used.
+
+
+**HTTP Engine**
+
+*`proxy.config.http.server_port`*
+: `INT`
+: `8080`
+: The port that Traffic Server uses when acting as a web proxy server
+ for web traffic.
+
+*`proxy.config.http.server_port_attr `*
+: `STRING`
+: `X`
+: The server port options. You can specify one of the following:
+
+ C=SERVER_PORT_COMPRESSED
+ X=SERVER_PORT_DEFAULT
+ T=SERVER_PORT_BLIND_TUNNEL
+
+*`proxy.config.http.server_other_ports `*
+: `STRING`
+: `NULL`
+: The ports other than the port specified by the variable
+
+ *`proxy.config.http.server_port`* to bind for incoming HTTP
+ requests. Example:
+
+ CONFIG proxy.config.http.server_other_ports STRING 6060:X 9090:X
+
+ would listed to ports 6060, 9090, and the port specified by
+ *`proxy.config.http.server_port`*.
+
+*`proxy.config.http.ssl_ports`*
+: `STRING`
+: `443 563`
+: The range of ports used for tunneling. Traffic Server allows
+ tunnels only to the specified ports.
+
+ For example: to retrieve an object using HTTPS via Traffic Server,
+ a tunnel must be established to an origin server via Traffic
+ Server.
+
+*`proxy.config.http.insert_request_via_str `*
+: `INT`
+: `1`
+: You can specify one of the following:
+
+ `0` = no extra information is added to the string.
+ `1` = all extra information is added.
+ `2` = some extra information is added.
+
+ Note: the Via: header string interpretation is
+ [documented here.](trouble.htm#interpret_via_header)
+
+
+*`proxy.config.http.insert_response_via_str `*
+: `INT`
+: `1`
+: You can specify one of the following:
+
+ `0` no extra information is added to the string.<br />
+ `1` all extra information is added.<br />
+ `2` some extra information is added.<br />
+
+*`proxy.config.http.enable\_url\_expandomatic`*
+: `INT`
+: `1`
+: Enables (`1`) or disables (`0`) `.com` domain expansion. This
+ configures the Traffic Server to resolve unqualified hostnames by
+ prepending with `www.` and appending with `.com` before redirecting
+ to the expanded address.
+
+ For example: if a client makes a request to `host`, then Traffic
+ Server redirects the request to `www.host.com`.
+
+*`proxy.config.http.chunking_enabled `*
+: `INT`
+: `0`
+: Specifies whether Traffic Sever can generate a chunked response:
+
+ `0` Never<br />
+ `1` Always<br />
+ `2` Generate a chunked response if the server has returned HTTP/1.1 before<br />
+ `3` = Generate a chunked response if the client request is HTTP/1.1 and
+ the origin server has returned HTTP/1.1 before
+
+ **Note:** If HTTP/1.1 is used, then Traffic Server can use
+ keep-alive connections with pipelining to origin servers. If HTTP/0.9
+ is used, then Traffic Server does not use `keep-alive`
+ connections to origin servers. If HTTP/1.0 is used, then Traffic
+ Server can use `keep-alive` connections without pipelining to origin
+ servers.
+
+
+*`proxy.config.http.share_server_sessions `*
+: `INT`
+: `1`
+: Enables (`1`) or disables (`0`) the reuse of server sessions.
+
+*`proxy.config.http.record_heartbeat `*
+: `INT`
+: `0`
+: Enables (`1`) or disables (`0`) `traffic_cop` heartbeat logging.
+
+
+**Parent Proxy Configuration**
+
+*`proxy.config.http.parent_proxy_routing_enable`*
+: `INT`
+: `0`
+: Enables (`1`) or disables (`0`) the parent caching option.
+
+ Refer to [Hierarchical Caching](hier.html).
+
+*`proxy.config.http.parent_proxy.retry_time `*
+: `INT`
+: `300`
+: The amount of time allowed between connection retries to a parent
+ cache that is unavailable.
+
+
+*`proxy.config.http.parent_proxy.fail_threshold`*
+: `INT`
+: `10`
+: The number of times the connection to the parent cache can fail
+ before Traffic Server considers the parent unavailable.
+
+
+*`proxy.config.http.parent_proxy.total_connect_attempts`*
+: `INT`
+: `4`
+: The total number of connection attempts allowed to a parent cache
+ before Traffic Server bypasses the parent or fails the request
+ (depending on the *`go_direct`* option in the `bypass.config`
+ file).
+
+*`proxy.config.http.parent_proxy.per_parent_connect_attempts `*
+: `INT`
+: `2`
+: The total number of connection attempts allowed per parent, if
+ multiple parents are used.
+
+*`proxy.config.http.parent_proxy.connect_attempts_timeout`*
+: `INT`
+: `30`
+: The timeout value (in seconds) for parent cache connection
+ attempts.
+
+*`proxy.config.http.forward.proxy_auth_to_parent `*
+: `INT`
+: `0`
+: Configures Traffic Server to send proxy authentication headers on
+ to the parent cache.
+
+
+
+**HTTP Connection Timeouts (secs)**
+
+*`proxy.config.http.keep_alive_no_activity_timeout_in`*
+: `INT`
+: `10`
+: Specifies how long Traffic Server keeps connections to clients open
+ for a subsequent request after a transaction ends.
+
+*`proxy.config.http.keep_alive_no_activity_timeout_out `*
+: `INT`
+: `10`
+: Specifies how long Traffic Server keeps connections to origin
+ servers open for a subsequent transfer of data after a transaction
+ ends.
+
+*`proxy.config.http.transaction_no_activity_timeout_in `*
+: `INT`
+: `120`
+: Specifies how long Traffic Server keeps connections to clients open
+ if a transaction stalls.
+
+*`proxy.config.http.transaction_no_activity_timeout_out`*
+: `INT`
+: `120`
+: Specifies how long Traffic Server keeps connections to origin
+ servers open if the transaction stalls.
+
+*`proxy.config.http.transaction_active_timeout_in `*
+: `INT`
+: `0`
+: The maximum amount of time Traffic Server can remain connected to a
+ client. If the transfer to the client is not complete before this
+ timeout expires, then Traffic Server closes the connection.
+
+ The default value of `0` specifies that there is no timeout.
+
+*`proxy.config.http.transaction_active_timeout_out`*
+: `INT`
+: `0`
+: The maximum amount of time Traffic Server waits for fulfillment of
+ a connection request to an origin server. If Traffic Server does
+ not complete the transfer to the origin server before this timeout
+ expires, then Traffic Server terminates the connection request.
+
+ The default value of `0` specifies that there is no timeout.
+
+*`proxy.config.http.accept_no_activity_timeout `*
+: `INT`
+: `120`
+: The timeout interval in seconds before Traffic Server closes a
+ connection that has no activity.
+
+
+*`proxy.config.http.background_fill_active_timeout`*
+: `INT`
+: `60`
+: Specifies how long Traffic Server continues a background fill
+ before giving up and dropping the origin server connection.
+
+*`proxy.config.http.background_fill_completed_threshold`*
+: `FLOAT`
+: `0.50000`
+: The proportion of total document size already transferred when a
+ client aborts at which the proxy continues fetching the document
+ from the origin server to get it into the cache (a
+ **background fill**).
+
+
+**Origin Server Connect Attempts**
+
+*`proxy.config.http.connect_attempts_max_retries`*
+: `INT`
+: `6`
+: The maximum number of connection retries Traffic Server can make
+ when the origin server is not responding.
+
+*`proxy.config.http.connect_attempts_max_retries_dead_server`*
+: `INT`
+: `2`
+: The maximum number of connection retries Traffic Server can make
+ when the origin server is unavailable.
+
+*`proxy.config.http.server_max_connections`*
+: `INT`
+: `0`
+: Limits the number of socket connections across all origin servers
+ to the value specified.
+
+ To disable, set to zero (`0`).
+
+*`proxy.config.http.origin_max_connections`*
+: `INT`
+: `0`
+: Limits the number of socket connections per origin server to the
+ value specified.
+
+ To enable, set to one (`1`).
+
+*`proxy.config.http.origin_min_keep_alive_connections`*
+: `INT`
+: `0`
+: As connection to an origin server are opened, keep at least 'n'
+ number of connections open to that origin, even if the connection
+ isn't used for a long time period. Useful when the origin supports
+ keep-alive, removing the time needed to set up a new connection
+ from the next request at the expense of added (inactive)
+ connections.
+
+ To enable, set to one (`1`).
+
+*`proxy.config.http.connect_attempts_rr_retries `*
+: `INT`
+: `2`
+: The maximum number of failed connection attempts allowed before a
+ round-robin entry is marked as 'down' if a server has round-robin
+ DNS entries.
+
+*`proxy.config.http.connect_attempts_timeout `*
+: `INT`
+: `30`
+: The timeout value (in seconds) for an origin server connection.
+
+*`proxy.config.http.post_connect_attempts_timeout`*
+: `INT`
+: `1800`
+: The timeout value (in seconds) for an origin server connection when
+ the client request is a `POST` or `PUT` request.
+
+*`proxy.config.http.down_server.cache_time`*
+: `INT`
+: `900`
+: Specifies how long (in seconds) Traffic Server remembers that an
+ origin server was unreachable.
+
+*`proxy.config.http.down_server.abort_threshold `*
+: `INT`
+: `10`
+: The number of seconds before Traffic Server marks an origin server
+ as unavailable after a client abandons a request because the origin
+ server was too slow in sending the response header.
+
+
+**Congestion Control**
+
+*`proxy.config.http.congestion_control.enabled`*
+: `INT`
+: `0`
+: Enables (`1`) or disables (`0`) the Congestion Control option,
+ which configures Traffic Server to stop forwarding HTTP requests to
+ origin servers when they become congested. Traffic Server sends the
+ client a message to retry the congested origin server later.
+
+ Refer to
+ [Using Congestion Control](http.htm#UsingCongestionControl).
+
+
+**Negative Response Caching**
+
+*`proxy.config.http.negative_caching_enabled`*
+: `INT`
+: `0`
+: When enabled (`1`), Traffic Server caches negative responses (such
+ as `404 Not Found`) when a requested page does not exist. The next
+ time a client requests the same page, Traffic Server serves the
+ negative response directly from cache.
+
+ **Note**: `Cache-Control` directives from the server forbidding
+ cache are ignored for the following HTTP response codes, regardless
+ of the value specified for the
+ *`proxy.config.http.negative_caching_enabled`* variable. The
+ following negative responses are cached by Traffic Server:
+
+ 204 No Content
+ 305 Use Proxy
+ 400 Bad Request
+ 403 Forbidden
+ 404 Not Found
+ 405 Method Not Allowed
+ 500 Internal Server Error
+ 501 Not Implemented
+ 502 Bad Gateway
+ 503 Service Unavailable
+ 504 Gateway Timeout`
+
+
+**Proxy User Variables**
+
+*`proxy.config.http.anonymize_remove_from`*
+: `INT`
+: `0`
+: When enabled (`1`), Traffic Server removes the `From` header to
+ protect the privacy of your users.
+
+*`proxy.config.http.anonymize_remove_referer `*
+: `INT`
+: `0`
+: When enabled (`1`), Traffic Server removes the `Referrer` header to
+ protect the privacy of your site and users.
+
+*`proxy.config.http.anonymize_remove_user_agent `*
+: `INT`
+: `0`
+: When enabled (`1`), Traffic Server removes the `User-agent` header
+ to protect the privacy of your site and users.
+
+*`proxy.config.http.anonymize_remove_cookie`*
+: `INT`
+: `0`
+: When enabled (`1`), Traffic Server removes the `Cookie` header to
+ protect the privacy of your site and users.
+
+*`proxy.config.http.anonymize_remove_client_ip`*
+: `INT`
+: `0`
+: When enabled (`1`), Traffic Server removes `Client-IP` headers for
+ more privacy.
+
+
+*`proxy.config.http.anonymize_insert_client_ip `*
+: `INT`
+: `1`
+: When enabled (`1`), Traffic Server inserts `Client-IP` headers to
+ retain the client IP address.
+
+*`proxy.config.http.append_xforwards_header `*
+: `INT`
+: `0`
+: When enabled (`1`), Traffic Server appends `X-Forwards` headers to
+ outgoing requests.
+
+*`proxy.config.http.anonymize_other_header_list `*
+: `STRING`
+: `NULL`
+: The headers Traffic Server should remove from outgoing requests.
+
+*`proxy.config.http.insert_squid_x_forwarded_for `*
+: `INT`
+: `0`
+: When enabled (`1`), Traffic Server adds the client IP address to
+ the `X-Forwarded-For` header.
+
+*`proxy.config.http.normalize_ae_gzip`*
+: `INT`
+: `0`
+: Enable (`1`) to normalize all `Accept-Encoding:` headers to one of
+ the following:
+
+ - `Accept-Encoding: gzip` (if the header has `gzip` or `x-gzip` with any `q`) **OR**
+ - *blank* (for any header that does not include `gzip`)
+
+ This is useful for minimizing cached alternates of documents (e.g.
+ `gzip, deflate` vs. `deflate, gzip`). Enabling this option is
+ recommended if your origin servers use no encodings other than `gzip`.
+
+
+**Security**
+
+*`proxy.config.http.push_method_enabled `*
+: `INT`
+: `0`
+: Enables (`1`) or disables (`0`) the HTTP `PUSH` option, which
+ allows you to deliver content directly to the cache without a user
+ request.
+
+ **Important:** If you enable this option, then you must also
+ specify a filtering rule in the
+ [`filter.config`](#filter.config) file to allow only
+ certain machines to push content into the cache.
+
+
+**Cache Control**
+
+*`proxy.config.cache.enable_read_while_writer`*
+: `INT`
+: `0`
+: Enables (`1`) or disables (`0`) ability to a read cached object
+ while the another connection is completing the write to cache for
+ the same object. This must be enabled for connection collapsing to
+ work
+
+*`proxy.config.http.cache.http`*
+: `INT`
+: `1`
+: Enables (`1`) or disables (`0`) caching of HTTP requests.
+
+*`proxy.config.http.cache.ignore_client_no_cache`*
+: `INT`
+: `0`
+: When enabled (`1`), Traffic Server ignores client requests to
+ bypass the cache.
+
+*`proxy.config.http.cache.ims_on_client_no_cache `*
+: `INT`
+: `0`
+: When enabled (`1`), Traffic Server issues a conditional request to
+ the origin server if an incoming request has a `No-Cache` header.
+
+*`proxy.config.http.cache.ignore_server_no_cache `*
+: `INT`
+: `0`
+: When enabled (`1`), Traffic Server ignores origin server requests
+ to bypass the cache.
+
+*`proxy.config.http.cache.cache_responses_to_cookies`*
+: `INT`
+: `3`
+: Specifies how cookies are cached:
+
+ `0` = do not cache any responses to cookies
+ `1` = cache for any content-type
+ `2` = cache only for image types
+ `3` = cache for all but text content-types
+
+*`proxy.config.http.cache.ignore_authentication `*
+: `INT`
+: `0`
+: When enabled (`1`), Traffic Server ignores `WWW-Authentication`
+ headers in responses.
+ `WWW-Authentication` headers are removed and not cached.
+
+*`proxy.config.http.cache.cache_urls_that_look_dynamic `*
+: `INT`
+: `0`
+: Enables (`1`) or disables (`0`) caching of URLs that look dynamic.
+
+*`proxy.config.http.cache.enable_default_vary_headers `*
+: `INT`
+: `0`
+: Enables (`1`) or disables (`0`) caching of alternate versions of
+ HTTP objects that do not contain the `Vary` header.
+
+
+*`proxy.config.http.cache.when_to_revalidate `*
+: `INT`
+: `0`
+: Specifies when to revalidate content:
+
+ `0` = use cache directives or heuristic (the default value)
+ `1` = stale if heuristic
+ `2` = always stale (always revalidate)
+ `3` = never stale
+ `4` = use cache directives or heuristic (0) unless the request has
+ an `If-Modified-Since` header
+
+ If the request contains the `If-Modified-Since` header, then
+ Traffic Server always revalidates the cached content and uses the
+ client's `If-Modified-Since` header for the proxy request.
+
+*`proxy.config.http.cache.when_to_add_no_cache_to_msie_requests`*
+: `INT`
+: 0
+: Specifies when to add `no-cache` directives to Microsoft Internet
+ Explorer requests. You can specify the following:
+
+ `0` = `no-cache` is *not* added to MSIE requests
+ `1` = `no-cache` is added to IMS MSIE requests
+ `2` = `no-cache` is added to all MSIE requests
+
+*`proxy.config.http.cache.required_headers `*
+: `INT`
+: `0`
+: The type of headers required in a request for the request to be
+ cacheable.
+
+ `0` = no headers required to make document cacheable
+ `1` = either the `Last-Modified` header, or an explicit lifetime
+ header, `Expires` or `Cache-Control: max-age`, is required
+ `2` = explicit lifetime is required, `Expires` or
+ `Cache-Control: max-age`
+
+*`proxy.config.http.cache.max_stale_age `*
+: `INT`
+: `604800`
+: The maximum age allowed for a stale response before it cannot be
+cached.
+
+*`proxy.config.http.cache.range.lookup `*
+: `INT`
+: `1`
+: When enabled (`1`), Traffic Server looks up range requests in the
+ cache.
+
+*`proxy.config.http.cache.enable_read_while_writer`*
+: `INT`
+: `0`
+: Enables (`1`) or disables (`0`) the ability to read a cached object
+ while another connection is completing a write to cache for the
+ same object. If you want connection collapsing to work, then this
+ option must be enabled.
+
+*`proxy.config.connection_collapsing.hashtable_enabled`*
+: `INT`
+: `0`
+: Enables (`1`) or disables (`0`) whether requests will first search
+ the hashtable to see if another similar request is already being
+ served.
+
+*`proxy.config.connection_collapsing.rww_wait_time`*
+: `INT`
+: `0`
+: When enabled (`1`) while the write configuration parameter is also
+ enabled, secondary clients will wait this amount of time (in msec)
+ before cache lookup is retried.
+
+*`proxy.config.connection_collapsing.revalidate_window_period`*
+: `INT`
+: `0`
+: The amount of time (msec) secondary clients for the same URL will
+ be served the stale object when revalidation of a cached object is
+ in progress.
+
+
+*`proxy.config.http.cache.fuzz.min_time`*
+: `INT`
+: `0`
+: Sets a minimum fuzz time; the default value is `0`.
+
+ **Effective fuzz time** is a calculation in the range
+ (`fuzz.min_time` - `fuzz.min_time`).
+
+*`proxy.config.http.cache.ignore_accept_mismatch `*
+: `INT`
+: `0`
+: When enabled (`1`), Traffic Server serves documents from cache with
+ a `Content-Type:` header that does not match the `Accept:` header
+ of the request.
+ **Note:** This option should only be enabled if you're having
+ problems with caching *and* one of the following is true:
+
+ Your origin server sets `Vary: Accept` when doing content
+ negotiation with `Accept`
+ -OR-
+ The server does not send a `406 (Not Acceptable)` response for
+ types that it cannot serve.
+
+
+*`proxy.config.http.cache.ignore_accept_language_mismatch `*
+: `INT`
+: `0`
+: When enabled (`1`), Traffic Server serves documents from cache with
+ a `Content-Language:` header that does not match the
+ `Accept-Language:` header of the request.
+
+ **Note:** This option should only be enabled if you're having
+ problems with caching and your origin server is guaranteed to set
+ `Vary: Accept-Language` when doing content negotiation with
+ `Accept-Language`.
+
+
+*`proxy.config.http.cache.ignore_accept_charset_mismatch `*
+: `INT`
+: `0`
+: When enabled (`1`), Traffic Server serves documents from cache with
+ a `Content-Type:` header that does not match the `Accept-Charset:`
+ header of the request.
+
+ **Note:** This option should only be enabled if you're having
+ problems with caching and your origin server is guaranteed to set
+ `Vary: Accept-Charset` when doing content negotiation with
+ `Accept-Charset`.
+
+*`proxy.config.http.cache.ignore_client_cc_max_age`*
+: `INT`
+: `1`
+: When enabled (`1`), Traffic Server ignores any
+ `Cache-Control: max-age` headers from the client.
+
+
+**Heuristic Expiration**
+