The records.config
file (by default, located in/usr/local/etc/trafficserver/
) is a list of configurable variables used bythe Traffic Server software. Many of the variables in therecords.config
file are set automatically when you set configurationoptions in Traffic Line. After you modify therecords.config
file,run the command traffic_line -x
to apply the changes.When you apply changes to one node in a cluster, Traffic Serverautomatically applies the changes to all other nodes in the cluster.
Each variable has the following format:
SCOPE variable_name DATATYPE variable_value
where
SCOPE
is related to clustering and is either CONFIG
(all members ofthe cluster) or LOCAL
(only the local machine)
DATATYPE
is one of INT
(integer), STRING
(string), FLOAT
(floating point).:A variable marked as Deprecated
is still functional but should be avoidedas it may be removed in a future release without warning.
A variable marked as Reloadable
can be updated via the command:
traffic_line -x
INT
type configurations are expressed as any normal integer,e.g. 32768. They can also be expressed using more human readable valuesusing standard prefixes, e.g. 32K. The following prefixes are supportedfor all INT
type configurations
K
Kilobytes (1024 bytes)M
Megabytes (1024^2 or 1,048,576 bytes)G
Gigabytes (1024^3 or 1,073,741,824 bytes)T
Terabytes (1024^4 or 1,099,511,627,776 bytes)
Note
Traffic Server currently writes back configurations to disk periodically,and when doing so, will not preserve the prefixes.
In the following example, the variable proxy.config.proxy_name isa STRING
datatype with the value my_server
. This means that thename of the Traffic Server proxy is my_server
.
CONFIG proxy.config.proxy_name STRING my_server
If the server name should be that_server
the line would be
CONFIG proxy.config.proxy_name STRING that_server
In the following example, the variable proxy.config.arm.enabled
isa yes/no flag. A value of 0
(zero) disables the option; a value of1
enables the option.
CONFIG proxy.config.arm.enabled INT 0
In the following example, the variable sets the cluster startup timeoutto 10 seconds.
CONFIG proxy.config.cluster.startup_timeout INT 10
The last examples configures a 64GB RAM cache, using a human readableprefix.
CONFIG proxy.config.cache.ram_cache.size INT 64G
Every records.config
configuration variable can be overriddenby a corresponding environment variable. This can be useful insituations where you need a static records.config
but stillwant to tweak one or two settings. The override variable is formedby converting the records.config
variable name to uppercase, and replacing any dot separators with an underscore.
Overriding a variable from the environment is permanent and willnot be affected by future configuration changes made inrecords.config
or applied with traffic_line.
For example, we could override the proxy.config.product_company variablelike this:
$ PROXY_CONFIG_PRODUCT_COMPANY=example traffic_cop &
$ traffic_line -r proxy.config.product_company
The following list describes the configuration variables available inthe records.config
file.
proxy.config.product_company
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | Apache Software Foundation |
The name of the organization developing Traffic Server.
proxy.config.product_vendor
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | Apache |
The name of the vendor providing Traffic Server.
proxy.config.product_name
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | Traffic Server |
The name of the product.
proxy.config.proxy_name
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | ``build_machine`` |
Reloadable: | Yes |
The name of the Traffic Server node.
proxy.config.bin_path
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | bin |
The location of the Traffic Server bin
directory.
proxy.config.proxy_binary
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | traffic_server |
The name of the executable that runs the traffic_server process.
proxy.config.proxy_binary_opts
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | -M |
The command-line options for starting Traffic Server.
proxy.config.manager_binary
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | traffic_manager |
The name of the executable that runs the traffic_manager process.
proxy.config.env_prep
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | *NONE* |
The script executed before the traffic_manager process spawnsthe traffic_server process.
proxy.config.config_dir
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | etc/trafficserver |
The directory that contains Traffic Server configuration files.This is a read-only configuration option that contains theSYSCONFDIR
value specified at build time relative to theinstallation prefix. The $TS_ROOT
environment variable canbe used alter the installation prefix at run time.
proxy.config.syslog_facility
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | LOG_DAEMON |
The facility used to record system log files. Refer to Understanding Traffic Server Log Files.
proxy.config.cop.core_signal
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
The signal sent to traffic_cop‘s managed processes to stop them.
A value of 0
means no signal will be sent.
proxy.config.cop.linux_min_memfree_kb
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
The minimum amount of free memory space allowed before Traffic Server stopsthe traffic_server and traffic_manager processes toprevent the system from hanging.
proxy.config.cop.linux_min_swapfree_kb
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
The minimum amount of free swap space allowed before Traffic Server stopsthe traffic_server and traffic_manager processes toprevent the system from hanging. This configuration variable applies ifswap is enabled in Linux 2.2 only.
proxy.config.cop.init_sleep_time
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
The minimum amount of addtional duration allowed before Traffic Server detectsthat the traffic_server is not responsive and attempts a restartduring startup. This configuration variable allows Traffic Server a longer inittime to load potentially large configuration files such as remap config. Note thatthis applies only during startup of Traffic Server and does not apply to the runtime heartbeat checking.
proxy.config.output.logfile
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | traffic.out |
The name and location of the file that contains warnings, status messages, and error messages produced by the Traffic Serverprocesses. If no path is specified, then Traffic Server creates the file in its logging directory.
proxy.config.snapshot_dir
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | snapshots |
The directory in which Traffic Server stores configurationsnapshots on the local system. Unless you specify an absolutepath, this directory is located in the Traffic Server SYSCONFDIR
directory.
proxy.config.exec_thread.autoconfig
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
When enabled (the default, 1
), Traffic Server scales threads according to the available CPU cores. See the config option below.
proxy.config.exec_thread.autoconfig.scale
¶
Scope: | CONFIG |
---|---|
Type: | FLOAT |
Default: | 1.5 |
Factor by which Traffic Server scales the number of threads. The multiplier is usually the number of available CPU cores. By defaultthis is scaling factor is 1.5
.
proxy.config.exec_thread.limit
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 2 |
The number of threads Traffic Server will create if proxy.config.exec_thread.autoconfig is set to 0, otherwise this option is ignored.
proxy.config.accept_threads
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
When enabled (1
), runs a separate thread for accept processing. If disabled (0
), then only 1 thread can be created.
proxy.config.thread.default.stacksize
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1048576 |
The new default thread stack size, for all threads. The original default is set at 1 MB.
proxy.config.exec_thread.affinity
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Bind threads to specific processing units.
Value | Effect |
---|---|
0 | assign threads to machine |
1 | assign threads to NUMA nodes |
2 | assign threads to sockets |
3 | assign threads to cores |
4 | assign threads to processing units |
Note
This option only has an affect when Traffic Server has been compiled with --enable-hwloc
.
proxy.config.system.file_max_pct
¶
Scope: | CONFIG |
---|---|
Type: | FLOAT |
Default: | 0.9 |
Set the maximum number of file handles for the traffic_server process as a percentage of the the fs.file-max proc value in Linux. The default is 90%.
proxy.config.crash_log_helper
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | traffic_crashlog |
This option directs traffic_server to spawn a crashlog helper at startup. The value should be the path to anexecutable program. If the path is not absolute, it is locatedrelative to configured bin
directory. Any user-providedprogram specified here must behave in a fashion compatible withtraffic_crashlog. Specifically, it must implementthe traffic_crashlog --wait
behavior.
This setting not reloadable because the helper must be spawnedbefore traffic_server drops privilege. If this variableis set to NULL
, no helper will be spawned.
proxy.config.restart.active_client_threshold
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 :reloadable: |
This setting specifies the number of active client connectionsfor use by traffic_line --drain
.
proxy.config.net.connections_throttle
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 30000 |
The total number of client and origin server connections that the servercan handle simultaneously. This is in fact the max number of filedescriptors that the traffic_server process can have open at anygiven time. Roughly 10% of these connections are reserved for origin serverconnections, i.e. from the default, only ~9,000 client connections can behandled. This should be tuned according to your memory size, and expectedwork load.
proxy.config.net.default_inactivity_timeout
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 86400 |
Reloadable: | Yes |
The connection inactivity timeout (in seconds) to apply whenTraffic Server detects that no inactivity timeout has been appliedby the HTTP state machine. When this timeout is applied, theproxy.process.net.default_inactivity_timeout_applied metricis incremented.
proxy.config.net.inactivity_check_frequency
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
How frequent (in seconds) to check for inactive connections. If you dealwith a lot of concurrent connections, increasing this setting can reducepressure on the system.
proxy.local.incoming_ip_to_bind
¶
Scope: | LOCAL |
---|---|
Type: | STRING |
Default: | 0.0.0.0 [::] |
Controls the global default IP addresses to which to bind proxy server ports. The value is a space separated list of IP addresses, one per supported IP address family (currently IPv4 and IPv6).
Unless explicitly specified in proxy.config.http.server_ports the server port will be bound to one of these addresses, selected by IP address family. The built in default is any address. This is used if no address for a family is specified. This setting is useful if most or all server ports should be bound to the same address.
Note
This is ignored for inbound transparent server ports because they must be able to accept connections on arbitrary IP addresses.
Example
Set the global default for IPv4 to 192.168.101.18
and leave the global default for IPv6 as any address.:
LOCAL proxy.local.incoming_ip_to_bind STRING 192.168.101.18
Example
Set the global default for IPv4 to 191.68.101.18
and the global default for IPv6 to fc07:192:168:101::17
.:
LOCAL proxy.local.incoming_ip_to_bind STRING 192.168.101.18 [fc07:192:168:101::17]
proxy.local.outgoing_ip_to_bind
¶
Scope: | LOCAL |
---|---|
Type: | STRING |
Default: | 0.0.0.0 [::] |
This controls the global default for the local IP address for outbound connections to origin servers. The value is a list of space separated IP addresses, one per supported IP address family (currently IPv4 and IPv6).
Unless explicitly specified in proxy.config.http.server_ports one of these addresses, selected by IP address family, will be used as the local address for outbound connections. This setting is useful if most or all of the server ports should use the same outbound IP addresses.
Note
This is ignored for outbound transparent ports as the local outbound address will be the same as the client local address.
Example
Set the default local outbound IP address for IPv4 connections to 192.168.101.18
.:
LOCAL proxy.local.outgoing_ip_to_bind STRING 192.168.101.18
Example
Set the default local outbound IP address to 192.168.101.17
for IPv4 and fc07:192:168:101::17
for IPv6.:
LOCAL proxy.local.outgoing_ip_to_bind STRING 192.168.101.17 [fc07:192:168:101::17]
proxy.local.cluster.type
¶
Scope: | LOCAL |
---|---|
Type: | INT |
Default: | 3 |
Sets the clustering mode:
Value | Effect |
---|---|
1 | full-clustering mode |
2 | management-only mode |
3 | no clustering |
proxy.config.cluster.ethernet_interface
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | eth0 |
The network interface to be used for cluster communication. This has to beidentical on all members of a clsuter. ToDo: Is that reasonable ?? Shouldthis be local”
proxy.config.cluster.rsport
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 8088 |
The reliable service port. The reliable service port is used to send configuration information between the nodes in a cluster. All nodesin a cluster must use the same reliable service port.
proxy.config.cluster.threads
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
The number of threads for cluster communication. On heavy cluster, the number should be adjusted. It is recommend that take the threadCPU usage as a reference when adjusting.
proxy.config.clustger.ethernet_interface
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | *NONE* |
Set the interface to use for cluster communications.
proxy.config.http.cache.cluster_cache_local
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
This turns on the local caching of objects in cluster mode. The point ofthis is to allow for popular or hot content to be cached on all nodesin a cluster. Be aware that the primary way to configure this behavior isvia the cache.config
configuration file usingaction=cluster-cache-local
directives.
This particular records.config
configuration can be controlled pertransaction or per remap rule. As such, it augments thecache.config
directives, since you can turn on the local cachingfeature without complex regular expression matching.
This implies that turning this on in your global records.config
isalmost never what you want; instead, you want to use this either viae.g. conf_remap.so
overrides for a certain remap rule, or through acustom plugin using the appropriate APIs.
proxy.config.lm.sem_id
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 11452 |
The semaphore ID for the local manager.
proxy.config.admin.autoconf_port
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 8083 |
The autoconfiguration port.
proxy.config.admin.number_config_bak
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 3 |
The maximum number of copies of rolled configuration files to keep.
proxy.config.admin.user_id
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | nobody |
Option used to specify who to run the traffic_server process as; also used to specify ownership of config and log files.
The nonprivileged user account designated to Traffic Server.
As of version 2.1.1 if the user_id is prefixed with pound character (#) the remaining of the string is considered to bea numeric user identifier. If the value is set to #-1
TrafficServer will not change the user during startup.
Setting user_id
to root
or #0
is now forbidden toincrease security. Trying to do so, will cause thetraffic_server fatal failure. However there are two ways tobypass that restriction
-DBIG_SECURITY_HOLE
in CXXFLAGS
during compilation.user_id=#-1
and start trafficserver as root.proxy.config.admin.api.restricted
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
This setting specifies whether the management API should be restrictedto root processes. If this is set to 0
, then on platforms thatsupport passing process credentials, non-root processes will beallowed to make read-only management API calls. Any management APIcalls that modify server state (eg. setting a configuration variable)will still be restricted to root processes.
This setting is not reloadable, since it is must be applied whenprogram:traffic_manager initializes.
Note
In Traffic Server 6.0, the default value ofproxy.config.admin.api.restricted
will be changed to 0
.
proxy.config.process_manager.mgmt_port
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 8084 |
The port used for internal communication between the traffic_manager and traffic_server processes.
proxy.config.alarm_email
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | *NONE* |
Reloadable: | Yes |
The address to which the alarm script should send email.
proxy.config.alarm.bin
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | example_alarm_bin.sh |
Reloadable: | Yes |
Name of the script file that can execute certain actions whenan alarm is signaled. The script is invoked with up to 4 arguments:
- the alarm message
- the value of
proxy.config.product_name
- the value of
proxy.config.admin.user_id
- the value of
proxy.config.alarm_email
proxy.config.alarm.abs_path
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | NULL |
Reloadable: | Yes |
The absolute path to the directory containing the alarm script.If this is not set, the script will be located relative toproxy.config.bin_path
.
proxy.config.alarm.script_runtime
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 5 |
Reloadable: | Yes |
The number of seconds that Traffic Server allows the alarm scriptto run before aborting it.
proxy.config.http.server_ports
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | 8080 |
Ports used for proxying HTTP traffic.
This is a list, separated by space or comma, of port descriptors. Each descriptor is a sequence of keywords and values separated by colons. Not all keywords have values, those that do are specifically noted. Keywords with values can have an optional ‘=’ character separating the keyword and value. The case of keywords is ignored. The order of keywords is irrelevant but unspecified results may occur if incompatible options are used (noted below). Options without values are idempotent. Options with values use the last (right most) value specified, except for ip-out
as detailed later.
Quick reference chart.
Name | Note | Definition |
---|---|---|
number | Required | The local port. |
blind | Blind (CONNECT ) port. |
|
compress | N/I | Compressed. Not implemented. |
ipv4 | Default | Bind to IPv4 address family. |
ipv6 | Bind to IPv6 address family. | |
ip-in | Value | Local inbound IP address. |
ip-out | Value | Local outbound IP address. |
ip-resolve | Value | IP address resolution style. |
proto | Value | List of supported session protocols. |
ssl | SSL terminated. | |
tr-full | Fully transparent (inbound and outbound) | |
tr-in | Inbound transparent. | |
tr-out | Outbound transparent. | |
tr-pass | Pass through enabled. |
Accept only the CONNECT
method on this port.
Not compatible with: tr-in
, ssl
.
ip-in
option is used with an IPv4 address.
ip-in
option is used with an IPv6 address.
Require SSL termination for inbound connections. SSL must be configured for this option to provide a functional server port.
Not compatible with: blind
.
Fully transparent. This is a convenience option and is identical to specifying both tr-in
and tr-out
.
Not compatible with: Any option not compatible with tr-in
or tr-out
.
Inbound transparent. The proxy port will accept connections to any IP address on the port. To have IPv6 inbound transparent you must use this and the ipv6
option. This overrides proxy.local.incoming_ip_to_bind
for this port.
Not compatible with: ip-in
, blind
Outbound transparent. If ATS connects to an origin server for a transaction on this port, it will use the client’s address as its local address. This overrides proxy.local.outgoing_ip_to_bind
for this port.
Not compatible with: ip-out
, ip-resolve
proxy.config.http.use_client_target_addr
for the transaction as there is no other place to obtain the origin server address.
Set the local IP address for the port. This is the address to which clients will connect. This forces the IP address family for the port. The ipv4
or ipv6
can be used but it is optional and is an error for it to disagree with the IP address family of this value. An IPv6 address must be enclosed in square brackets. If this option is omitted proxy.local.incoming_ip_to_bind
is used.
Not compatible with: tr-in
.
Set the local IP address for outbound connections. This is the address used by ATS locally when it connects to an origin server for transactions on this port. If this is omitted proxy.local.outgoing_ip_to_bind
is used.
This option can used multiple times, once for each IP address family. The address used is selected by the IP address family of the origin server address.
Not compatible with: tr-out
.
Set the host resolution style
for transactions on this proxy port.
Not compatible with: tr-out
- this option requires a value of client;none
which is forced and should not be explicitly specified.
Example
Listen on port 80 on any address for IPv4 and IPv6.:
80 80:ipv6
Example
Listen transparently on any IPv4 address on port 8080, andtransparently on port 8080 on local address fc01:10:10:1::1
(which implies ipv6
).:
IPv4:tr-FULL:8080 TR-full:IP-in=[fc02:10:10:1::1]:8080
Example
Listen on port 8080 for IPv6, fully transparent. Set up an SSL port on 443. These ports will use the IP address from proxy.local.incoming_ip_to_bind
. Listen on IP address 192.168.17.1
, port 80, IPv4, and connect to origin servers using the local address 10.10.10.1
for IPv4 and fc01:10:10:1::1
for IPv6.:
8080:ipv6:tr-full 443:ssl ip-in=192.168.17.1:80:ip-out=[fc01:10:10:1::1]:ip-out=10.10.10.1
Example
Listen on port 9090 for TSL enabled SPDY or HTTP connections, accept no other session protocols.:
9090:proto=spdy;http:ssl
proxy.config.http.connect_ports
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | 443 563 |
The range of origin server ports that can be used for tunneling via CONNECT
.
Traffic Server allows tunnels only to the specified ports.Supports both wildcards (‘*’) and ranges (“0-1023”).
Note
These are the ports on the origin server, not Traffic Server proxy ports
.
proxy.config.http.insert_request_via_str
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
Set how the Via
field is handled on a request to the origin server.
Value | Effect |
---|---|
0 | Do not modify / set this via header |
1 | Update the via, with normal verbosity |
2 | Update the via, with higher verbosity |
3 | Update the via, with highest verbosity |
Note
The Via
header string can be decoded with the Via Decoder Ring.
proxy.config.http.insert_response_via_str
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Set how the Via
field is handled on the response to the client.
Value | Effect |
---|---|
0 | Do not modify / set this via header |
1 | Update the via, with normal verbosity |
2 | Update the via, with higher verbosity |
3 | Update the via, with highest verbosity |
Note
The Via
header string can be decoded with the Via Decoder Ring.
proxy.config.http.send_100_continue_response
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
You can specify one of the following:
0
ATS buffer the request until the post body has been recieved and then send the request to origin.1
immediately return a 100 Continue from ATS without waiting for the post bodyproxy.config.http.response_server_enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
You can specify one of the following:
0
no Server: header is added to the response.1
the Server: header is added (see string below).2
the Server: header is added only if the response from origin does not have one already.proxy.config.http.insert_age_in_response
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
This option specifies whether Traffic Server should insert an Age
header in the response. The Age field value is the cache’sestimate of the amount of time since the response was generated or revalidated by the origin server.
0
no Age
header is added1
the Age
header is addedproxy.config.http.response_server_str
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | ATS/ |
Reloadable: | Yes |
The Server: string that ATS will insert in a response header (if requested, see above). Note that the current version number isalways appended to this string.
proxy.config.http.enable_url_expandomatic
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Enables (1
) or disables (0
) .com
domain expansion. This configures the Traffic Server to resolve unqualified hostnames byprepending with www.
and appending with .com
before redirecting to the expanded address. For example: if a client makesa request to host
, then Traffic Server redirects the request to www.host.com
.
proxy.config.http.chunking_enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
Specifies whether Traffic Sever can generate a chunked response:
0
Never1
Always2
Generate a chunked response if the server has returned HTTP/1.1 before3
= Generate a chunked response if the client request is HTTP/1.1 and the origin server has returned HTTP/1.1 beforeNote
If HTTP/1.1 is used, then Traffic Server can usekeep-alive connections with pipelining to origin servers. IfHTTP/0.9 is used, then Traffic Server does not use keep-alive
connections to origin servers. If HTTP/1.0 is used, then TrafficServer can use keep-alive
connections without pipelining toorigin servers.
proxy.config.http.send_http11_requests
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
Specifies when and how Traffic Sever uses HTTP/1.1 to communicate with the origin server
0
Never1
Always2
If the server has returned HTTP/1.1 before3
If the client request is HTTP/1.1 and the server has returned HTTP/1.1 beforeNote
If proxy.config.http.use_client_target_addr
is set to 1, options 2 and 3 cause the proxy to usethe client HTTP version for upstream requests.
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 2 |
Deprecated: | Yes |
Enables (1
) or disables (0
) the reuse of server sessions. Thedefault (2
) is similar to enabled, except it creates a server sessionpool per network thread. This has the best performance characteristics.Note that setting this parameter to (2
) will not work correctly unlessthe dedicated SSL threads are disabled (proxy.config.ssl.number.threads
is set to (-1
)).
proxy.config.http.auth_server_session_private
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
If enabled (1
) anytime a request contains a (Authorization
), (Proxy-Authorization
)or (Www-Authenticate
) header the connection will be closed and not reused. This marksthe connection as private. When disabled (0
) the connection will be available for reuse.
proxy.config.http.server_session_sharing.match
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | both |
Enable and set the ability to re-use server connections across client connections. The valid values are
It is strongly recommended to use either none or both for this value unless you have a specific need to use ipor host. The most common reason is virtual hosts that share an IP address in which case performance can be enhancedif those sessions can be re-used. However, not all web servers support requests for different virtual hosts on thesame connection so use with caution.
proxy.config.http.server_session_sharing.pool
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | thread |
Control the scope of server session re-use if it is enabled by proxy.config.http.server_session_sharing.match
. The valid values are
proxy.config.http.attach_server_session_to_client
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Control the re-use of an server session by a user agent (client) session.
If a user agent performs more than one HTTP transaction on its connection to Traffic Server a server session must beobtained for the second (and subsequent) transaction as for the first. This settings affects how that server sessionis selected.
If this setting is 0
then after the first transaction the server session for that transaction is released to theserver pool (if any). When a server session is needed for subsequent transactions one is selected from the serverpool or created if there is no suitable server session in the pool.
If this setting is not 0
then the current server session for the user agent session is “sticky”. It will bepreferred to any other server session (either from the pool or newly created). The server session will be detachedfrom the user agent session only if it cannot be used for the transaction. This is determined by theproxy.config.http.server_session_sharing.match
value. If the server session matches the next transactionaccording to this setting then it will be used, otherwise it will be released to the pool and a different sessionselected or created.
proxy.config.http.record_heartbeat
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Enables (1
) or disables (0
) traffic_cop heartbeat logging.
proxy.config.http.use_client_target_addr
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
For fully transparent ports use the same origin server address as the client.
This option causes Traffic Server to avoid where possible doing DNSlookups in forward transparent proxy mode. The option is onlyeffective if the following three conditions are true -
If any of these conditions are not true, then normal DNS processingis done for the connection.
There are three valid values.* 0 - Disables the feature.* 1 - Enables the feature with address verification. The Proxy does theregular DNS processing. If the client-specified origin address is not in theset of addresses found by the Proxy, the request continues to the clientspecified address, but the result is not cached.* 2 - Enables the feature with no address verification. No DNS processingis performed. The result is cached (if allowed otherwise). This option isvulnerable to cache poisoning if an incorrect Host header is specified, sothis option should be used with extreme caution. See bug TS-2954 fordetails.
If all of these conditions are met, then the origin server IPaddress is retrieved from the original client connection, ratherthan through HostDB or DNS lookup. In effect, client DNS resolutionis used instead of Traffic Server DNS.
This can be used to be a little more efficient (looking up thetarget once by the client rather than by both the client and TrafficServer) but the primary use is when client DNS resolution can differfrom that of Traffic Server. Two known uses cases are:
This solution must be considered interim. In the longer term, itshould be possible to arrange for much finer grained control of DNSlookup so that wildcard domain can be set to use Traffic Server orclient resolution. In both known use cases, marking specific domainsas client determined (rather than a single global switch) wouldsuffice. It is possible to do this crudely with this flag byenabling it and then use identity URL mappings to re-disable it forspecific domains.
proxy.config.http.keep_alive_enabled_in
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Enables (1
) or disables (0
) incoming keep-alive connections.
proxy.config.http.keep_alive_enabled_out
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Enables (1
) or disables (0
) outgoing keep-alive connections.
Note
Enabling keep-alive does not automatically enable purging of keep-aliverequests when nearing the connection limit, that is controlled byproxy.config.http.server_max_connections
.
proxy.config.http.keep_alive_post_out
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Controls wether new POST requests re-use keep-alive sessions (1
) orcreate new connections per request (0
).
proxy.config.http.send_408_post_timeout_response
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Controls wether POST timeout sends a HTTP status 408 response (1
)
proxy.config.http.disallow_post_100_continue
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Allows you to return a 405 Method Not Supported with Posts alsocontaining an Expect: 100-continue.
When a Post w/ Expect: 100-continue is blocked the statproxy.process.http.disallowed_post_100_continue will be incremented.
proxy.config.http.parent_proxy_routing_enable
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Enables (1
) or disables (0
) the parent caching option. Refer to Hierarchical Caching.
proxy.config.http.parent_proxy.retry_time
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 300 |
Reloadable: | Yes |
The amount of time allowed between connection retries to a parent cache that is unavailable.
proxy.config.http.parent_proxy.fail_threshold
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 10 |
Reloadable: | Yes |
The number of times the connection to the parent cache can fail before Traffic Server considers the parent unavailable.
proxy.config.http.parent_proxy.total_connect_attempts
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 4 |
Reloadable: | Yes |
The total number of connection attempts allowed to a parent cache before Traffic Server bypasses the parent or fails the request(depending on the go_direct
option in the parent.config
file).
proxy.config.http.parent_proxy.per_parent_connect_attempts
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 2 |
Reloadable: | Yes |
The total number of connection attempts allowed per parent, if multiple parents are used.
proxy.config.http.parent_proxy.connect_attempts_timeout
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 30 |
Reloadable: | Yes |
The timeout value (in seconds) for parent cache connection attempts.
proxy.config.http.forward.proxy_auth_to_parent
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Configures Traffic Server to send proxy authentication headers on to the parent cache.
proxy.config.http.no_dns_just_forward_to_parent
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Don’t try to resolve DNS, forward all DNS requests to the parent. This is off (0
) by default.
proxy.config.http.keep_alive_no_activity_timeout_in
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 115 |
Reloadable: | Yes |
Specifies how long Traffic Server keeps connections to clients open for asubsequent request after a transaction ends. A value of 0
will disablethe no activity timeout.
proxy.config.http.keep_alive_no_activity_timeout_out
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 120 |
Reloadable: | Yes |
Specifies how long Traffic Server keeps connections to origin servers openfor a subsequent transfer of data after a transaction ends. A value of0
will disable the no activity timeout.
proxy.config.http.transaction_no_activity_timeout_in
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 30 |
Reloadable: | Yes |
Specifies how long Traffic Server keeps connections to clients open if a transaction stalls.
proxy.config.http.transaction_no_activity_timeout_out
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 30 |
Reloadable: | Yes |
Specifies how long Traffic Server keeps connections to origin servers open if the transaction stalls.
proxy.config.http.transaction_active_timeout_in
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 900 |
Reloadable: | Yes |
The maximum amount of time Traffic Server can remain connected to a client. If the transfer to the client is not complete before thistimeout expires, then Traffic Server closes the connection.
The value of 0
specifies that there is no timeout.
proxy.config.http.transaction_active_timeout_out
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
The maximum amount of time Traffic Server waits for fulfillment of a connection request to an origin server. If Traffic Server does notcomplete the transfer to the origin server before this timeout expires, then Traffic Server terminates the connection request.
The default value of 0
specifies that there is no timeout.
proxy.config.http.accept_no_activity_timeout
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 120 |
Reloadable: | Yes |
The timeout interval in seconds before Traffic Server closes a connection that has no activity.
proxy.config.http.background_fill_active_timeout
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Specifies how long Traffic Server continues a background fill before giving up and dropping the origin server connection.
proxy.config.http.background_fill_completed_threshold
¶
Scope: | CONFIG |
---|---|
Type: | FLOAT |
Default: | 0.0 |
Reloadable: | Yes |
The proportion of total document size already transferred when a client aborts at which the proxy continues fetching the documentfrom the origin server to get it into the cache (a background fill).
proxy.config.http.connect_attempts_max_retries
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 6 |
Reloadable: | Yes |
The maximum number of connection retries Traffic Server can make when the origin server is not responding.Each retry attempt lasts for proxy.config.http.connect_attempts_timeout seconds. Once the maximum number of retries isreached, the origin is marked dead. After this, the setting proxy.config.http.connect_attempts_max_retries_dead_serveris used to limit the number of retry attempts to the known dead origin.
proxy.config.http.connect_attempts_max_retries_dead_server
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 3 |
Reloadable: | Yes |
Maximum number of connection retries Traffic Server can make while an origin is marked dead. Typically this value is smaller thanproxy.config.http.connect_attempts_max_retries so an error is returned to the client faster and also to reduce the load on the dead origin.The timeout interval proxy.config.http.connect_attempts_timeout in seconds is used with this setting.
proxy.config.http.server_max_connections
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Limits the number of socket connections across all origin servers to the value specified. To disable, set to zero (0
).
Note
This value is used in determining when and if to prune active origin sessions. Without this value set connectionsto origins can consume all the way up to ts:cv:proxy.config.net.connections_throttle connections, which in turn canstarve incoming requests from available connections.
proxy.config.http.origin_max_connections
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Limits the number of socket connections per origin server to the value specified. To enable, set to one (1
).
proxy.config.http.origin_min_keep_alive_connections
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
As connection to an origin server are opened, keep at least ‘n’ number of connections open to that origin, even ifthe connection isn’t used for a long time period. Useful when the origin supports keep-alive, removing the timeneeded to set up a new connection fromthe next request at the expense of added (inactive) connections. To enable, set to one (1
).
proxy.config.http.connect_attempts_rr_retries
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 3 |
Reloadable: | Yes |
The maximum number of failed connection attempts allowed before a round-robin entry is marked as ‘down’ if a serverhas round-robin DNS entries.
proxy.config.http.connect_attempts_timeout
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 30 |
Reloadable: | Yes |
The timeout value (in seconds) for time to first byte for an origin server connection.
proxy.config.http.post_connect_attempts_timeout
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1800 |
Reloadable: | Yes |
The timeout value (in seconds) for an origin server connection when the client request is a POST
or PUT
request.
proxy.config.http.down_server.cache_time
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 300 |
Reloadable: | Yes |
Specifies how long (in seconds) Traffic Server remembers that an origin server was unreachable.
proxy.config.http.down_server.abort_threshold
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 10 |
Reloadable: | Yes |
The number of seconds before Traffic Server marks an origin server as unavailable after a client abandons a requestbecause the origin server was too slow in sending the response header.
proxy.config.http.uncacheable_requests_bypass_parent
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
When enabled (1), Traffic Server bypasses the parent proxy for a request that is not cacheable.
proxy.config.http.congestion_control.enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Enables (1
) or disables (0
) the Congestion Control option, which configures Traffic Server to stop forwardingHTTP requests to origin servers when they become congested. Traffic Server sends the client a message to retry thecongested origin server later. Refer to Using Congestion Control.
proxy.config.http.flow_control.enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Transaction buffering / flow control is enabled if this is set to a non-zero value. Otherwise no flow control is done.
proxy.config.http.flow_control.high_water
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Metric: | bytes |
The high water mark for transaction buffer control. External source I/O is halted when the total buffer space in useby the transaction exceeds this value.
proxy.config.http.flow_control.low_water
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Metric: | bytes |
The low water mark for transaction buffer control. External source I/O is resumed when the total buffer space in useby the transaction is no more than this value.
proxy.config.http.negative_caching_enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
When enabled (1
), Traffic Server caches negative responses (such as 404 Not Found
) when a requested page doesnot exist. The next time a client requests the same page, Traffic Server serves the negative response directly fromcache. When disabled (0
) Traffic Server will only cache the response if the response has Cache-Control
headers.
Note
The following negative responses are cached by Traffic Server::
204 No Content
305 Use Proxy
400 Bad Request
403 Forbidden
404 Not Found
405 Method Not Allowed
500 Internal Server Error
501 Not Implemented
502 Bad Gateway
503 Service Unavailable
504 Gateway Timeout
The cache lifetime for objects cached from this setting is controlled viaproxy.config.http.negative_caching_lifetime
.
proxy.config.http.negative_caching_lifetime
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1800 |
How long (in seconds) Traffic Server keeps the negative responses valid in cache. This value only affects negativeresponses that do have explicit Expires:
or Cache-Control:
lifetimes set by the server.
proxy.config.http.anonymize_remove_from
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
When enabled (1
), Traffic Server removes the From
header to protect the privacy of your users.
proxy.config.http.anonymize_remove_referer
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
When enabled (1
), Traffic Server removes the Referrer
header to protect the privacy of your site and users.
proxy.config.http.anonymize_remove_user_agent
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
When enabled (1
), Traffic Server removes the User-agent
header to protect the privacy of your site and users.
proxy.config.http.anonymize_remove_cookie
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
When enabled (1
), Traffic Server removes the Cookie
header to protect the privacy of your site and users.
proxy.config.http.anonymize_remove_client_ip
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
When enabled (1
), Traffic Server removes Client-IP
headers for more privacy.
proxy.config.http.anonymize_insert_client_ip
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
When enabled (1
), Traffic Server inserts Client-IP
headers to retain the client IP address.
proxy.config.http.anonymize_other_header_list
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | NULL |
Reloadable: | Yes |
Comma separated list of headers Traffic Server should remove from outgoing requests.
proxy.config.http.insert_squid_x_forwarded_for
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
When enabled (1
), Traffic Server adds the client IP address to the X-Forwarded-For
header.
proxy.config.http.normalize_ae_gzip
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
Enable (1
) to normalize all Accept-Encoding:
headers to one of the following:
Accept-Encoding: gzip
(if the header has gzip
or x-gzip
with any q
) OR gzip
)This is useful for minimizing cached alternates of documents (e.g. gzip, deflate
vs. deflate, gzip
). Enabling this option isrecommended if your origin servers use no encodings other than gzip
.
proxy.config.http.push_method_enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Enables (1
) or disables (0
) the HTTP PUSH
option, which allows you to deliver content directly to the cache without a userrequest.
Important
If you enable this option, then you must also specifya filtering rule in the ip_allow.config file to allow only certainmachines to push content into the cache.
proxy.config.http.max_post_size
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
This feature is disabled by default with a value of (0
), any positivevalue will limit the size of post bodies. If a request is received with apost body larger than this limit the response will be terminated with413 - Request Entity Too Large and logged accordingly.
proxy.config.cache.enable_read_while_writer
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
Specifies when to enable the ability to read a cached object while anotherconnection is completing the write to cache for that same object. The goalhere is to avoid multiple origin connections for the same cacheable objectupon a cache miss. The possible values of this config are:
0
= never read while writing1
= always read while writing2
= always read while writing, but allow non-cached Range requests through to the originThe 2
option is useful to avoid delaying requests which can not easilybe satisfied by the partially written response.
Several other configuration values need to be set for this to beusable. See Reducing Origin Server Requests.
proxy.config.cache.force_sector_size
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Forces the use of a specific hardware sector size (512 - 8192 bytes).
proxy.config.http.cache.http
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
Enables (1
) or disables (0
) caching of HTTP requests.
proxy.config.http.cache.allow_empty_doc
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
Enables (1
) or disables (0
) caching objects that have an emptyresponse body. This is particularly useful for caching 301 or 302 responseswith a Location
header but no document body. This only works if theorigin response also has a Content-Length
header.
proxy.config.http.cache.ignore_client_no_cache
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
When enabled (1
), Traffic Server ignores client requests to bypass the cache.
proxy.config.http.cache.ims_on_client_no_cache
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
When enabled (1
), Traffic Server issues a conditional request to the origin server if an incoming request has a No-Cache
header.
proxy.config.http.cache.ignore_server_no_cache
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
When enabled (1
), Traffic Server ignores origin server requests to bypass the cache.
proxy.config.http.cache.cache_responses_to_cookies
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
Specifies how cookies are cached:
0
= do not cache any responses to cookies1
= cache for any content-type2
= cache only for image types3
= cache for all but text content-typesproxy.config.http.cache.ignore_authentication
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
When enabled (1
), Traffic Server ignores WWW-Authentication
headers in responses WWW-Authentication
headers are removed andnot cached.
proxy.config.http.cache.cache_urls_that_look_dynamic
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
Enables (1
) or disables (0
) caching of URLs that look dynamic, i.e.: URLs that end in ``.asp`` or contain a questionmark (``?``), a semicolon (``;``), or ``cgi``. For a full list, please refer toHttpTransact::url_looks_dynamic
proxy.config.http.cache.enable_default_vary_headers
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Enables (1
) or disables (0
) caching of alternate versions of HTTP objects that do not contain the Vary
header.
proxy.config.http.cache.when_to_revalidate
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Specifies when to revalidate content:
0
= use cache directives or heuristic (the default value)
1
= stale if heuristic
2
= always stale (always revalidate)
3
= never stale
4
= use cache directives or heuristic (0) unless the request
has an If-Modified-Since
header
If the request contains the If-Modified-Since
header, thenTraffic Server always revalidates the cached content and uses theclient’s If-Modified-Since
header for the proxy request.
proxy.config.http.cache.required_headers
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 2 |
Reloadable: | Yes |
The type of headers required in a request for the request to be cacheable.
0
= no headers required to make document cacheable1
= either the Last-Modified
header, or an explicit lifetime header, Expires
or Cache-Control: max-age
, is required2
= explicit lifetime is required, Expires
or Cache-Control: max-age
proxy.config.http.cache.max_stale_age
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 604800 |
Reloadable: | Yes |
The maximum age allowed for a stale response before it cannot be cached.
proxy.config.http.cache.range.lookup
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
When enabled (1
), Traffic Server looks up range requests in the cache.
proxy.config.http.cache.range.write
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
When enabled (1
), Traffic Server will attempt to write (lock) the URLto cache. This is rarely useful (at the moment), since it’ll only be ableto write to cache if the origin has ignored the Range:` header. For a usecase where you know the origin will respond with a full (``200
) response,you can turn this on to allow it to be cached.
proxy.config.http.cache.ignore_accept_mismatch
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 2 |
Reloadable: | Yes |
When enabled with a value of 1
, Traffic Server serves documents from cache with aContent-Type:
header even if it does not match the Accept:
header of therequest. If set to 2
(default), this logic only happens in the absence of aVary
header in the cached response (which is the recommended and safe use).
Note
This option should only be enabled with 1
if you’re havingproblems with caching and you origin server doesn’t set the Vary
header. Alternatively, if the origin is incorrectly settingVary: Accept
or doesn’t respond with 406 (Not Acceptable)
,you can also enable this configuration with a 1
.
proxy.config.http.cache.ignore_accept_language_mismatch
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 2 |
Reloadable: | Yes |
When enabled with a value of 1
, Traffic Server serves documents from cache with aContent-Language:
header even if it does not match the Accept-Language:
header of the request. If set to 2
(default), this logic only happens in the absence of aVary
header in the cached response (which is the recommended and safe use).
Note
This option should only be enabled with 1
if you’re havingproblems with caching and you origin server doesn’t set the Vary
header. Alternatively, if the origin is incorrectly settingVary: Accept-Language
or doesn’t respond with 406 (Not Acceptable)
,you can also enable this configuration with a 1
.
proxy.config.http.cache.ignore_accept_encoding_mismatch
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 2 |
Reloadable: | Yes |
When enabled with a value of 1
, Traffic Server serves documents from cache with aContent-Encoding:
header even if it does not match the Accept-Encoding:
header of the request. If set to 2
(default), this logic only happens in the absence of aVary
header in the cached response (which is the recommended and safe use).
Note
This option should only be enabled with 1
if you’re havingproblems with caching and you origin server doesn’t set the Vary
header. Alternatively, if the origin is incorrectly settingVary: Accept-Encoding
or doesn’t respond with 406 (Not Acceptable)
you can also enable this configuration with a 1
.
proxy.config.http.cache.ignore_accept_charset_mismatch
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 2 |
Reloadable: | Yes |
When enabled with a value of 1
, Traffic Server serves documents from cache with aContent-Type:
header even if it does not match the Accept-Charset:
headerof the request. If set to 2
(default), this logic only happens in the absence of aVary
header in the cached response (which is the recommended and safe use).
Note
This option should only be enabled with 1
if you’re havingproblems with caching and you origin server doesn’t set the Vary
header. Alternatively, if the origin is incorrectly settingVary: Accept-Charset
or doesn’t respond with 406 (Not Acceptable)
,you can also enable this configuration with a 1
.
proxy.config.http.cache.ignore_client_cc_max_age
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
When enabled (1
), Traffic Server ignores any Cache-Control:max-age
headers from the client. This technically violates the HTTP RFC,but avoids a problem where a client can forcefully invalidate a cached object.
proxy.config.cache.max_doc_size
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Specifies the maximum object size that will be cached. 0
is unlimited.
proxy.config.cache.permit.pinning
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
When enabled (1
), Traffic Server will keep certain HTTP objects in the cache for a certain time as specified in cache.config.
proxy.config.cache.hit_evacuate_percent
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
The size of the region (as a percentage of the total content storage in a cache stripe) in front of thewrite cursor that constitutes a recent access hit for evacutating the accessed object.
When an object is accessed it can be marked for evacuation, that is to be copied over the write cursor andthereby preserved from being overwritten. This is done if it is no more than a specific number of bytes in front ofthe write cursor. The number of bytes is a percentage of the total number of bytes of content storage in the cachestripe where the object is stored and that percentage is set by this variable.
By default, the feature is off (set to 0).
proxy.config.cache.hit_evacuate_size_limit
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Metric: | bytes |
Limit the size of objects that are hit evacuated.
Objects larger than the limit are not hit evacuated. A value of 0 disables the limit.
proxy.config.cache.limits.http.max_alts
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 5 |
The maximum number of alternates that are allowed for any given URL.Disable by setting to 0.
proxy.config.cache.target_fragment_size
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1048576 |
Sets the target size of a contiguous fragment of a file in the disk cache.When setting this, consider that larger numbers could waste memory on slowconnections, but smaller numbers could increase (waste) seeks.
proxy.config.cache.ram_cache.size
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | -1 |
By default the RAM cache size is automatically determined, based ondisk cache size; approximately 10 MB of RAM cache per GB of disk cache.Alternatively, it can be set to a fixed value such as20GB (21474836480)
proxy.config.cache.ram_cache_cutoff
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 4194304 |
Objects greater than this size will not be kept in the RAM cache.This should be set high enough to keep objects accessed frequentlyin memory in order to improve performance.4MB (4194304)
proxy.config.cache.ram_cache.algorithm
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Two distinct RAM caches are supported, the default (0) being the CLFUS(Clocked Least Frequently Used by Size). As an alternative, a simplerLRU (Least Recently Used) cache is also available, by changing thisconfiguration to 1.
proxy.config.cache.ram_cache.use_seen_filter
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Enabling this option will filter inserts into the RAM cache to ensure thatthey have been seen at least once. For the LRU, this provides scanresistance. Note that CLFUS already requires that a document have historybefore it is inserted, so for CLFUS, setting this option means that adocument must be seen three times before it is added to the RAM cache.
proxy.config.cache.ram_cache.compress
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
The CLFUS RAM cache also supports an optional in-memory compression.This is not to be confused with Content-Encoding: gzip
compression.The RAM cache compression is intended to try to save space in the RAM,and is not visible to the User-Agent (client).
Possible values are:
0
= no compression1
= fastlz (extremely fast, relatively low compression)2
= libz (moderate speed, reasonable compression)3
= liblzma (very slow, high compression)Note
Compression runs on task threads. To use more cores for RAM cache compression, increase proxy.config.task_threads
.
proxy.config.http.cache.heuristic_min_lifetime
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 3600 |
Reloadable: | Yes |
The minimum amount of time an HTTP object without an expiration date can remain fresh in the cache before isconsidered to be stale.
proxy.config.http.cache.heuristic_max_lifetime
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 86400 |
Reloadable: | Yes |
The maximum amount of time an HTTP object without an expiration date can remain fresh in the cache before isconsidered to be stale.
proxy.config.http.cache.heuristic_lm_factor
¶
Scope: | CONFIG |
---|---|
Type: | FLOAT |
Default: | 0.10 |
Reloadable: | Yes |
The aging factor for freshness computations. Traffic Server stores an object for this percentage of the time thatelapsed since it last changed.
proxy.config.http.cache.fuzz.time
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 240 |
Reloadable: | Yes |
How often Traffic Server checks for an early refresh, during the period before the document stale time. The intervalspecified must be in seconds. See Fuzzy Revalidation
proxy.config.http.cache.fuzz.probability
¶
Scope: | CONFIG |
---|---|
Type: | FLOAT |
Default: | 0.005 |
Reloadable: | Yes |
The probability that a refresh is made on a document during the specified fuzz time.
proxy.config.http.cache.fuzz.min_time
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Handles requests with a TTL less than fuzz.time – it allows for different times to evaluate the probability of revalidation for small TTLs and big TTLs. Objects with small TTLs will start “rolling the revalidation dice” near the fuzz.min_time, while objects with large TTLs would start at fuzz.time. A logarithmic like function between determines the revalidation evaluation start time (which will be between fuzz.min_time and fuzz.time). As the object gets closer to expiring, the window start becomes more likely. By default this setting is not enabled, but should be enabled anytime you have objects with small TTLs. The default value is 0
.
proxy.config.http.cache.vary_default_text
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | NULL |
Reloadable: | Yes |
The header on which Traffic Server varies for text documents.
For example: if you specify User-agent
, then Traffic Server cachesall the different user-agent versions of documents it encounters.
proxy.config.http.cache.vary_default_images
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | NULL |
Reloadable: | Yes |
The header on which Traffic Server varies for images.
proxy.config.http.cache.vary_default_other
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | NULL |
Reloadable: | Yes |
The header on which Traffic Server varies for anything other than text and images.
proxy.config.http.cache.open_read_retry_time
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 10 |
Reloadable: | Yes |
The number of milliseconds a cacheable request will wait before requesting the object from cache if an equivalent request is in flight.
proxy.config.http.cache.max_open_read_retries
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | -1 |
Reloadable: | Yes |
The number of times to attempt fetching an object from cache if there was an equivalent request in flight.
proxy.config.body_factory.enable_customizations
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Specifies whether customizable response pages are language specificor not:
1
= enable customizable user response pages in the default directory only2
= enable language-targeted user response pagesproxy.config.body_factory.enable_logging
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Enables (1
) or disables (0
) logging for customizable response pages. When enabled, Traffic Server records a message inthe error log each time a customized response page is used or modified.
proxy.config.body_factory.template_sets_dir
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | etc/trafficserver/body_factory |
The customizable response page default directory. If this is arelative path, Traffic Server resolves it relative to thePREFIX
directory.
proxy.config.body_factory.response_suppression_mode
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Specifies when Traffic Server suppresses generated response pages:
0
= never suppress generated response pages1
= always suppress generated response pages2
= suppress response pages only for intercepted trafficproxy.config.http_ui_enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Specifies which http UI endpoints to allow within remap.config
:
0
= disable all http UI endpoints1
= enable only cache endpoints2
= enable only stats endpoints3
= enable all http UI endpointsTo enable any enpoint there needs to be an entry in remap.config
whichspecifically enables it. Such a line would look like:
map / http://{stat}
The following are the cache endpoints:
cache
= UI to interact with the cacheThe following are the stats endpoints:
cache-internal
= statistics about cache evacuation and volumeshostdb
= lookups against the hostdbhttp
= HTTPSM details, this endpoint is also gated by proxy.config.http.enable_http_infonet
= lookup and listing of open connectionsstat
= list of all records.config options and metricstest
= test callback pageproxy.config.http.enable_http_info
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Enables (1
) or disables (0
) access to an endpoint within proxy.config.http_ui_enabledwhich shows details about inflight transactions (HttpSM).
proxy.config.dns.search_default_domains
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Enables (1
) or disables (0
) local domain expansion.
Traffic Server can attempt to resolve unqualified hostnames byexpanding to the local domain. For example if a client makes arequest to an unqualified host (host_x
) and the Traffic Serverlocal domain is y.com
, then Traffic Server will expand thehostname to host_x.y.com
.
proxy.config.dns.splitDNS.enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Enables (1
) or disables (0
) DNS server selection. When enabled, Traffic Server refers to the splitdns.config
file forthe selection specification. Refer to Configuring DNS Server Selection (Split DNS).
proxy.config.dns.url_expansions
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | NULL |
Specifies a list of hostname extensions that are automatically added to the hostname after a failed lookup. For example: if you wantTraffic Server to add the hostname extension .org, then specify org
as the value for this variable (Traffic Server automaticallyadds the dot (.)).
Note
If the variable proxy.config.http.enable_url_expandomatic
is set to 1
(the default value), then you do not have toadd ``www.`` and ``.com`` to this list because Traffic Server automatically tries www. and .com after trying the valuesyou’ve specified.
proxy.config.dns.resolv_conf
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | /etc/resolv.conf |
Allows to specify which resolv.conf
file to use for finding resolvers. While the format of this file must be the same as thestandard resolv.conf
file, this option allows an administrator to manage the set of resolvers in an external configuration file,without affecting how the rest of the operating system uses DNS.
proxy.config.dns.round_robin_nameservers
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
Enables (1
) or disables (0
) DNS server round-robin.
proxy.config.dns.nameservers
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | NULL |
Reloadable: | Yes |
The DNS servers.
proxy.config.srv_enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Indicates whether to use SRV records for orgin server lookup.
proxy.config.dns.dedicated_thread
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Create and dedicate a thread entirely for DNS processing. This is probablymost useful on system which do a significant number of DNS lookups,typically forward proxies. But even on other systems, it can avoid somecontention on the first worker thread (which otherwise takes on the burden ofall DNS lookups).
proxy.config.dns.validate_query_name
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
When enabled (1) provides additional resilience against DNS forgery (for instancein DNS Injection attacks), particularly in forward or transparent proxies, butrequires that the resolver populates the queries section of the response properly.
proxy.config.hostdb.lookup_timeout
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 120 |
Metric: | seconds |
Reloadable: | Yes |
Time to wait for a DNS response in seconds.
proxy.config.hostdb.serve_stale_for
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | *NONE* |
Metric: | seconds |
Reloadable: | Yes |
The number of seconds for which to use a stale NS record while initiating abackground fetch for the new data.
If not set then stale records are not served.
proxy.config.hostdb.storage_size
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 33554432 |
Metric: | bytes |
The amount of space (in bytes) used to store hostdb
.The value of this variable must be increased if you increase the size of theproxy.config.hostdb.size variable.
proxy.config.hostdb.size
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 120000 |
The maximum number of entries that can be stored in the database.
Note
For values above 200000
, you must increase proxy.config.hostdb.storage_size
by at least 44 bytes per entry.
proxy.config.hostdb.ttl_mode
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
A host entry will eventually time out and be discarded. This variable controls how that time is calculated. A DNSrequest will return a TTL value and an internal value can be set with proxy.config.hostdb.timeout
. Thisvariable determines which value will be used.
Value | TTL |
---|---|
0 | The TTL from the DNS response. |
1 | The internal timeout value. |
2 | The smaller of the DNS and internal TTL values. The internal timeout value becomes a maximum TTL. |
3 | The larger of the DNS and internal TTL values. The internal timeout value become a minimum TTL. |
proxy.config.hostdb.timeout
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1440 |
Metric: | minutes |
Reloadable: | Yes |
Internal time to live value for host DB entries, in minutes.
See proxy.config.hostdb.ttl_mode
for when this value is used.
proxy.config.hostdb.strict_round_robin
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Set host resolution to use strict round robin.
When this and proxy.config.hostdb.timed_round_robin
are both disabled (set to 0
), Traffic Server alwaysuses the same origin server for the same client, for as long as the origin server is available. Otherwise if this isset then IP address is rotated on every request. This setting takes precedence overproxy.config.hostdb.timed_round_robin
.
proxy.config.hostdb.timed_round_robin
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Set host resolution to use timed round robin.
When this and proxy.config.hostdb.strict_round_robin
are both disabled (set to 0
), Traffic Server alwaysuses the same origin server for the same client, for as long as the origin server is available. Otherwise if this isset to N the IP address is rotated if more than N seconds have past since the first time thecurrent address was used.
proxy.config.hostdb.host_file.path
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | /etc/hosts |
Set the file path for an external host file.
If this is set (non-empty) then the file is presumed to be a hosts file in the standard host file format. It is read and the entries there added to the HostDB. The file is periodically checked for a more recent modification date in which case it is reloaded. The interval is set by the value proxy.config.hostdb.host_file.interval
.
While not technically reloadable, the value is read every time the file is to be checked so that if changed the newvalue will be used on the next check and the file will be treated as modified.
proxy.config.hostdb.host_file.interval
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 86400 |
Metric: | seconds |
Reloadable: | Yes |
Set the file changed check timer for proxy.config.hostdb.host_file.path
.
The file is checked every this many seconds to see if it has changed. If so the HostDB is updated with the new values in the file.
proxy.config.hostdb.ip_resolve
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | NULL |
Set the host resolution style.
This is an ordered list of keywords separated by semicolons that specify how a host name is to be resolved to an IP address. The keywords are caseinsensitive.
Keyword | Meaning |
---|---|
ipv4 | Resolve to an IPv4 address. |
ipv6 | Resolve to an IPv6 address. |
client | Resolve to the same family as the client IP address. |
none | Stop resolving. |
The order of the keywords is critical. When a host name needs to be resolved it is resolved in same order as thekeywords. If a resolution fails, the next option in the list is tried. The keyword none
means to give up resolutionentirely. The keyword list has a maximum length of three keywords, more are never needed. By default there is animplicit ipv4;ipv6
attached to the end of the string unless the keyword none
appears.
Example
Use the incoming client family, then try IPv4 and IPv6.
client;ipv4;ipv6
Because of the implicit resolution this can also be expressed as just
client
Example
Resolve only to IPv4.
ipv4;none
Example
Resolve only to the same family as the client (do not permit cross family transactions).
client;none
This value is a global default that can be overridden by proxy.config.http.server_ports
.
Note
This style is used as a convenience for the administrator. During a resolution the resolution order will beone family, then possibly the other. This is determined by changing client
to ipv4
or ipv6
based on theclient IP address and then removing duplicates.
Important
This option has no effect on outbound transparent connections The local IP address used in the connection to theorigin server is determined by the client, which forces the IP address family of the address used for the originserver. In effect, outbound transparent connections always use a resolution style of “client
”.
proxy.config.log.logging_enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 3 |
Reloadable: | Yes |
Enables and disables event logging:
0
= logging disabled1
= log errors only2
= log transactions only3
= full logging (errors + transactions)Refer to Working with Log Files.
proxy.config.log.max_secs_per_buffer
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 5 |
Reloadable: | Yes |
The maximum amount of time before data in the buffer is flushed to disk.
proxy.config.log.max_space_mb_for_logs
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 25000 |
Metric: | megabytes |
Reloadable: | Yes |
The amount of space allocated to the logging directory (in MB).
Note
All files in the logging directory contribute to the space used, even if they are not log files. In collation clientmode, if there is no local disk logging, or proxy.config.log.max_space_mb_for_orphan_logs
is set to a highervalue than proxy.config.log.max_space_mb_for_logs
, TS will takeproxy.config.log.max_space_mb_for_orphan_logs
for maximum allowed log space.
proxy.config.log.max_space_mb_for_orphan_logs
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 25 |
Metric: | megabytes |
Reloadable: | Yes |
The amount of space allocated to the logging directory (in MB) if this node is acting as a collation client.
Note
When max_space_mb_for_orphan_logs is take as the maximum allowed log space in the logging system, the same rule applyto proxy.config.log.max_space_mb_for_logs also apply to proxy.config.log.max_space_mb_for_orphan_logs, ie: All filesin the logging directory contribute to the space used, even if they are not log files. you may need to consider thiswhen you enable full remote logging, and bump to the same size as proxy.config.log.max_space_mb_for_logs.
proxy.config.log.max_space_mb_headroom
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1000 |
Metric: | megabytes |
Reloadable: | Yes |
The tolerance for the log space limit (in megabytes). If the variable proxy.config.log.auto_delete_rolled_files
is set to 1
(enabled), then autodeletion of log files is triggered when the amount of free space available in the logging directory is less thanthe value specified here.
proxy.config.log.hostname
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | localhost |
Reloadable: | Yes |
The hostname of the machine running Traffic Server.
proxy.config.log.logfile_dir
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | var/log/trafficserver |
Reloadable: | Yes |
The path to the logging directory. This can be an absolute pathor a path relative to the PREFIX
directory in which TrafficServer is installed.
Note
The directory you specify must already exist.
proxy.config.log.logfile_perm
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | rw-r–r– |
Reloadable: | Yes |
The log file permissions. The standard UNIX file permissions are used (owner, group, other). Permissible values are:
-
no permission r
read permission w
write permission x
execute permission
Permissions are subject to the umask settings for the Traffic Server process. This means that a umask setting of002
will not allowwrite permission for others, even if specified in the configuration file. Permissions for existing log files are not changed when theconfiguration is changed.
proxy.config.log.custom_logs_enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
Enables (1
) or disables (0
) custom logging.
proxy.config.log.squid_log_enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
Enables (1
) or disables (0
) the squid log file format.
proxy.config.log.squid_log_is_ascii
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
The squid log file type:
1
= ASCII0
= binaryproxy.config.log.squid_log_name
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | squid |
Reloadable: | Yes |
The squid log filename.
proxy.config.log.squid_log_header
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | NULL |
The squid log file header text.
proxy.config.log.common_log_enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Enables (1
) or disables (0
) the Netscape common log file format.
proxy.config.log.common_log_is_ascii
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
The Netscape common log file type:
1
= ASCII0
= binaryproxy.config.log.common_log_name
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | common |
Reloadable: | Yes |
The Netscape common log filename.
proxy.config.log.common_log_header
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | NULL |
Reloadable: | Yes |
The Netscape common log file header text.
proxy.config.log.extended_log_enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Enables (1
) or disables (0
) the Netscape extended log file format.
proxy.config.log.extended_log_is_ascii
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
The Netscape extended log file type:
1
= ASCII0
= binaryproxy.config.log.extended_log_name
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | extended |
The Netscape extended log filename.
proxy.config.log.extended_log_header
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | NULL |
Reloadable: | Yes |
The Netscape extended log file header text.
proxy.config.log.extended2_log_enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Enables (1
) or disables (0
) the Netscape Extended-2 log fileformat.
proxy.config.log.extended2_log_is_ascii
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
The Netscape Extended-2 log file type:
1
= ASCII0
= binaryproxy.config.log.extended2_log_name
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | extended2 |
Reloadable: | Yes |
The Netscape Extended-2 log filename.
proxy.config.log.extended2_log_header
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | NULL |
Reloadable: | Yes |
The Netscape Extended-2 log file header text.
proxy.config.log.separate_icp_logs
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
When enabled (1
), configures Traffic Server to store ICP transactions in a separate log file.
0
= separation is disabled, all ICP transactions are recorded in the same file as HTTP transactions1
= all ICP transactions are recorded in a separate log file.-1
= filter all ICP transactions from the default log files; ICP transactions are not logged anywhere.proxy.config.log.separate_host_logs
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
When enabled (1
), configures Traffic Server to create a separate log file for HTTP transactions for each origin server listed in thelog_hosts.config
file. Refer to HTTP Host Log Splitting.
proxy.local.log.collation_mode
¶
Scope: | LOCAL |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Set the log collation mode.
Value | Effect |
---|---|
0 | collation is disabled |
1 | this host is a log collation server |
2 | this host is a collation client and sends entries using standard formats to the collation server |
3 | this host is a collation client and sends entries using the traditional custom formats to the collation server |
4 | this host is a collation client and sends entries that use both the standard and traditional custom formats to the collation server |
For information on sending XML-based custom formats to the collationserver, refer to logs_xml.config
.
Note
Although Traffic Server supports traditional custom logging, you should use the more versatile XML-based custom formats.
proxy.config.log.collation_host
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | NULL |
The hostname of the log collation server.
proxy.config.log.collation_port
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 8085 |
Reloadable: | Yes |
The port used for communication between the collation server and client.
proxy.config.log.collation_secret
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | foobar |
Reloadable: | Yes |
The password used to validate logging data and prevent the exchange of unauthorized information when a collation server is being used.
proxy.config.log.collation_host_tagged
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
When enabled (1
), configures Traffic Server to include the hostname of the collation client that generated the log entry in each entry.
proxy.config.log.collation_retry_sec
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 5 |
Reloadable: | Yes |
The number of seconds between collation server connection retries.
proxy.config.log.rolling_enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
Specifies how log files are rolled. You can specify the following values:
0
= disables log file rolling
1
= enables log file rolling at specific intervals during the day (specified with the
proxy.config.log.rolling_interval_sec and proxy.config.log.rolling_offset_hr variables)
2
= enables log file rolling when log files reach a specific size (specified with the proxy.config.log.rolling_size_mb variable)
3
= enables log file rolling at specific intervals during the day or when log files reach a specific size (whichever occurs first)
4
= enables log file rolling at specific intervals during the day when log files reach a specific size (i.e., at a specified
time if the file is of the specified size)
proxy.config.log.rolling_interval_sec
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 86400 |
Reloadable: | Yes |
The log file rolling interval, in seconds. The minimum value is 60
(1 minute). The maximum, and default, value is 86400 seconds (one day).
Note
If you start Traffic Server within a few minutes of the next rolling time, then rolling might not occur until the next rolling time.
proxy.config.log.rolling_offset_hr
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
The file rolling offset hour. The hour of the day that starts the log rolling period.
proxy.config.log.rolling_size_mb
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 10 |
Reloadable: | Yes |
The size that log files must reach before rolling takes place.
proxy.config.log.auto_delete_rolled_files
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
Enables (1
) or disables (0
) automatic deletion of rolled files.
proxy.config.log.sampling_frequency
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
Configures Traffic Server to log only a sample of transactions rather than every transaction. You can specify the following values:
1
= log every transaction2
= log every second transaction3
= log every third transaction and so on...proxy.config.http.slow.log.threshold
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Metric: | milliseconds |
Reloadable: | Yes |
If set to a non-zero value N then any connection that takes longer than N milliseconds from accept tocompletion will cause its timing stats to be written to the debugging log file
. This is identifying data about the transaction and all of the transaction milestones
.
proxy.config.diags.output.diag
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | E |
proxy.config.diags.output.debug
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | E |
proxy.config.diags.output.status
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | L |
proxy.config.diags.output.note
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | L |
proxy.config.diags.output.warning
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | L |
proxy.config.diags.output.error
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | SL |
proxy.config.diags.output.fatal
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | SL |
proxy.config.diags.output.alert
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | L |
proxy.config.diags.output.emergency
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | SL |
The diagnosic output configuration variables control where TrafficServer should log diagnostic output. Messages at each diagnostic levelcan be directed to any combination of diagnostic destinations.Valid diagnostic message destinations are:
Example
To log debug diagnostics to both syslog and diags.log:
CONFIG proxy.config.diags.output.debug STRING SL
proxy.config.diags.show_location
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Annotates diagnostic messages with the source code location.
proxy.config.diags.debug.enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Enables logging for diagnostic messages whose log level is diag or debug.
proxy.config.diags.debug.tags
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | http.*|dns.* |
Each Traffic Server diag and debug level message is annotatedwith a subsytem tag. This configuration contains a regularexpression that filters the messages based on the tag. Somecommonly used debug tags are:
Tag | Subsytem usage |
---|---|
dns | DNS query resolution |
http_hdrs | Logs the headers for HTTP requests and responses |
privileges | Privilege elevation |
ssl | TLS termination and certificate processing |
Traffic Server plugins will typically log debug messages usingtheTSDebug()
API, passing the plugin name as the debugtag.
proxy.config.reverse_proxy.enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
Enables (1
) or disables (0
) HTTP reverse proxy.
proxy.config.header.parse.no_host_url_redirect
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | NULL |
Reloadable: | Yes |
The URL to which to redirect requests with no host headers (reverseproxy).
proxy.config.url_remap.filename
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | remap.config |
Sets the name of the remap.config
file.
proxy.config.url_remap.default_to_server_pac
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Enables (1
) or disables (0
) requests for a PAC file on the proxyservice port (8080 by default) to be redirected to the PACport. For this type of redirection to work, the variableproxy.config.reverse_proxy.enabled must be set to 1
.
proxy.config.url_remap.default_to_server_pac_port
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | -1 |
Reloadable: | Yes |
Sets the PAC port so that PAC requests made to the Traffic Serverproxy service port are redirected this port. -1
is the defaultsetting that sets the PAC port to the autoconfiguration port (thedefault autoconfiguration port is 8083). This variable can be usedtogether with the proxy.config.url_remap.default_to_server_pacvariable to get a PAC file from a different port. You must createand run a process that serves a PAC file on this port. For example:if you create a Perl script that listens on port 9000 and writes aPAC file in response to any request, then you can set this variableto 9000
. Browsers that request the PAC file from a proxy serveron port 8080 will get the PAC file served by the Perl script.
proxy.config.url_remap.remap_required
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Reloadable: | Yes |
Set this variable to 1
if you want Traffic Server to serverequests only from origin servers listed in the mapping rules of theremap.config
file. If a request does not match, then the browserwill receive an error.
proxy.config.url_remap.pristine_host_hdr
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Set this variable to 1
if you want to retain the client hostheader in a request during remapping.
proxy.config.ssl.SSLv2
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Enables (1
) or disables (0
) SSLv2. Please don’t enable it.
proxy.config.ssl.SSLv3
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Enables (1
) or disables (0
) SSLv3.
proxy.config.ssl.TLSv1
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Enables (1
) or disables (0
) TLSv1.
proxy.config.ssl.TLSv1_1
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Enables (1
) or disables (0
) TLS v1.1. If not specified, enabled by default. [Requires OpenSSL v1.0.1 and higher]
proxy.config.ssl.TLSv1_2
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Enables (1
) or disables (0
) TLS v1.2. If not specified, DISABLED by default. [Requires OpenSSL v1.0.1 and higher]
proxy.config.ssl.client.certification_level
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Sets the client certification level:
0
= no client certificates are required. Traffic Server does
not verify client certificates during the SSL handshake. Accessto Traffic Server depends on Traffic Server configuration options(such as access control lists).
1
= client certificates are optional. If a client has a
certificate, then the certificate is validated. If the clientdoes not have a certificate, then the client is still allowedaccess to Traffic Server unless access is denied through otherTraffic Server configuration options.
2
= client certificates are required. The client must be
authenticated during the SSL handshake. Clients without acertificate are not allowed to access Traffic Server.
proxy.config.ssl.number.threads
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Sets the number of SSL threads to use, this defaults to 0 (autoconfigure).
0
= autoconfigure, this will allow Traffic Server to determinethe appropriate number of threads-1
= disable, this makes ET_NET threads behave like ET_SSL threadsNote: this does not disable SSL, it simply allows another thread poolto assist in SSL tasks without dedicated SSL threads.>0
= Use a non-zero number of SSL threadsproxy.config.ssl.server.multicert.filename
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | ssl_multicert.config |
The location of the ssl_multicert.config
file, relativeto the Traffic Server configuration directory. In the followingexample, if the Traffic Server configuration directory is/etc/trafficserver, the Traffic Server SSL configuration fileand the corresponding certificates are located in/etc/trafficserver/ssl:
CONFIG proxy.config.ssl.server.multicert.filename STRING ssl/ssl_multicert.config
CONFIG proxy.config.ssl.server.cert.path STRING etc/trafficserver/ssl
CONFIG proxy.config.ssl.server.private_key.path STRING etc/trafficserver/ssl
proxy.config.ssl.server.cert.path
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | /config |
The location of the SSL certificates and chains used for acceptingand validation new SSL sessions. If this is a relative path,it is appended to the Traffic Server installation PREFIX. Allcertificates and certificate chains listed inssl_multicert.config
will be loaded relative to this path.
proxy.config.ssl.server.private_key.path
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | NULL |
The location of the SSL certificate private keys. Change thisvariable only if the private key is not located in the SSLcertificate file. All private keys listed inssl_multicert.config
will be loaded relative to thispath.
proxy.config.ssl.server.cert_chain.filename
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | NULL |
The name of a file containing a global certificate chain thatshould be used with every server certificate. This file is onlyused if there are certificates defined in ssl_multicert.config
.Unless this is an absolute path, it is loaded relative to thepath specified by proxy.config.ssl.server.cert.path
.
proxy.config.ssl.server.dhparams_file
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | NULL |
The name of a file containing a set of Diffie-Hellman key exchangeparameters. If not specified, 2048-bit DH parameters from RFC 5114 areused. These parameters are only used if a DHE (or EDH) cipher suite hasbeen selected.
proxy.config.ssl.CA.cert.path
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | NULL |
The location of the certificate authority file that clientcertificates will be verified against.
proxy.config.ssl.CA.cert.filename
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | NULL |
The filename of the certificate authority that client certificateswill be verified against.
proxy.config.ssl.server.ticket_key.filename
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | ssl_ticket.key |
The location of the ssl_ticket.key
file, relative to theproxy.config.ssl.server.cert.path
directory.
proxy.config.ssl.max_record_size
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
This configuration specifies the maximum number of bytes to writeinto a SSL record when replying over a SSL session. In somecircumstances this setting can improve response latency by reducingbuffering at the SSL layer. This setting can have a value between 0and 16383 (max TLS record size).
The default of 0
means to always write all available data intoa single SSL record.
A value of -1
means TLS record size is dynamically determined. Thestrategy employed is to use small TLS records that fit into a singleTCP segment for the first ~1 MB of data, but, increase the record size to16 KB after that to optimize throughput. The record size is reset back toa single segment after ~1 second of inactivity and the record size rampingmechanism is repeated again.
proxy.config.ssl.session_cache
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 2 |
Enables the SSL Session Cache:- 0
= Disables the session cache entirely
1
= Enables the session cache using OpenSSLs implementation.
2
= (default) Enables the session cache using Traffic Server’s implementation.
This implentation should perform much better than the OpenSSLimplementation.
proxy.config.ssl.session_cache.timeout
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
This configuration specifies the lifetime of SSL session cacheentries in seconds. If it is 0
, then the SSL library will usea default value, typically 300 seconds. Note: This option has no affectwhen using the Traffic Server session cache (option 2
inproxy.config.ssl.session_cache
)
proxy.config.ssl.session_cache.auto_clear
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
This will set the OpenSSL auto clear flag. Auto clear is enabled bydefault with 1
it can be disabled by changing this setting to 0
.
proxy.config.ssl.session_cache.size
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 102400 |
This configuration specifies the maximum number of entriesthe SSL session cache may contain.
proxy.config.ssl.session_cache.num_buckets
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1024 |
This configuration specifies the number of buckets to use with theTraffic Server SSL session cache implementation. The TS implementationis a fixed size hash map where each bucket is protected by a mutex.
proxy.config.ssl.session_cache.skip_cache_on_bucket_contention
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
This configuration specifies the behavior of the Traffic Server SSL sessioncache implementation during lock contention on each bucket:
0
= (default) Don’t skip session caching when bucket lock is contented.1
= Don’t use the SSL session cache for this connection during lock contention.proxy.config.ssl.hsts_max_age
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | -1 |
This configuration specifies the max-age value that will be usedwhen adding the Strict-Transport-Security header. The value is in seconds.A value of 0
will set the max-age value to 0
and should remove theHSTS entry from the client. A value of -1
will disable this feature andnot set the header. This option is only used for HTTPS requests and theheader will not be set on HTTP requests.
proxy.config.ssl.hsts_include_subdomains
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Enables (1
) or disables (0
) adding the includeSubdomain valueto the Strict-Transport-Security header. proxy.config.ssl.hsts_max_ageneeds to be set to a non -1
value for this configuration to take effect.
proxy.config.ssl.allow_client_renegotiation
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
This configuration specifies whether the client is able to initiaterenegotiation of the SSL connection. The default of 0
, meansthe client can’t initiate renegotiation.
proxy.config.ssl.cert.load_elevated
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Enables (1
) or disables (0
) elevation of traffic_serverprivileges during loading of SSL certificates. By enabling this, SSLcertificate files’ access rights can be restricted to help reduce thevulnerability of certificates.
This feature requires Traffic Server to be built with POSIXcapabilities enabled.
proxy.config.icp.enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Sets ICP mode for hierarchical caching:
0
= disables ICP1
= allows Traffic Server to receive ICP queries only2
= allows Traffic Server to send and receive ICP queriesRefer to
proxy.config.icp.icp_interface
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | your_interface |
Specifies the network interface used for ICP traffic.
Note
The Traffic Server installation script detects yournetwork interface and sets this variable appropriately. If yoursystem has multiple network interfaces, check that this variablespecifies the correct interface.
proxy.config.icp.icp_port
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 3130 |
Reloadable: | Yes |
Specifies the UDP port that you want to use for ICP messages.
proxy.config.icp.query_timeout
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 2 |
Reloadable: | Yes |
Specifies the timeout used for ICP queries.
proxy.config.http2.enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Enable the experimental HTTP/2 feature. This implements most of thespecifications, with the one big exception being server PUSH.
Note
This configuration will be eliminated for v6.0.0, where HTTP/2 isenabled by default and controlled via the ports configuration.
proxy.config.http2.max_concurrent_streams_in
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 100 |
Reloadable: | Yes |
The maximum number of concurrent streams per inbound connection.
Note
Reloading this value affects only new HTTP/2 connections, not theones already established.
proxy.config.http2.initial_window_size_in
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1048576 |
Reloadable: | Yes |
The initial window size for inbound connections.
proxy.config.http2.max_frame_size
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 16384 |
Reloadable: | Yes |
Indicates the size of the largest frame payload that the sender is willingto receive.
proxy.config.http2.header_table_size
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 4096 |
Reloadable: | Yes |
The maximum size of the header compression table used to decode headerblocks.
proxy.config.http2.max_header_list_size
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 4294967295 |
Reloadable: | Yes |
This advisory setting informs a peer of the maximum size of header listthat the sender is prepared to accept blocks. The default value, which isthe unsigned int maximum value in Traffic Server, implies unlimited size.
proxy.config.spdy.accept_no_activity_timeout
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 30 |
Reloadable: | Yes |
How long a SPDY connection will be kept open after an accept without any streams created.
proxy.config.spdy.no_activity_timeout_in
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 30 |
Reloadable: | Yes |
How long a stream is kept open without activity.
proxy.config.spdy.initial_window_size_in
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 65536 |
Reloadable: | Yes |
The initial window size for inbound connections.
proxy.config.spdy.max_concurrent_streams_in
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 100 |
Reloadable: | Yes |
The maximum number of concurrent streams per inbound connection.
Note
Reloading this value affects only new SPDY connections, not theones already established..
proxy.config.update.enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Enables (1
) or disables (0
) the Scheduled Update option.
proxy.config.update.force
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Reloadable: | Yes |
Enables (1
) or disables (0
) a force immediate update. Whenenabled, Traffic Server overrides the scheduling expiration time forall scheduled update entries and initiates updates until this optionis disabled.
proxy.config.update.retry_count
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 10 |
Reloadable: | Yes |
Specifies the number of times Traffic Server can retry the scheduledupdate of a URL in the event of failure.
proxy.config.update.retry_interval
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 2 |
Reloadable: | Yes |
Specifies the delay (in seconds) between each scheduled update retryfor a URL in the event of failure.
proxy.config.update.concurrent_updates
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 100 |
Reloadable: | Yes |
Specifies the maximum simultaneous update requests allowed at anytime. This option prevents the scheduled update process fromoverburdening the host.
proxy.config.plugin.plugin_dir
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | config/plugins |
Specifies the location of Traffic Server plugins.
proxy.config.remap.num_remap_threads
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
When this variable is set to 0
, plugin remap callbacks areexecuted in line on network threads. If remap processing takessignificant time, this can be cause additional request latency.Setting this variable to causes remap processing to take placeon a dedicated thread pool, freeing the network threads to serviceadditional requests.
proxy.config.socks.socks_needed
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Enables (1
) or disables (0
) the SOCKS processor
proxy.config.socks.socks_version
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 4 |
Specifies the SOCKS version (4
) or (5
)
proxy.config.socks.socks_config_file
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | socks.config |
The socks_onfig file allows you to specify ranges of IP addressesthat will not be relayed to the SOCKS server. It can also be usedto configure AUTH information for SOCKSv5 servers.
proxy.config.socks.socks_timeout
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 100 |
The activity timeout value (in seconds) for SOCKS server connections.
proxy.config.socks.server_connect_timeout
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 10 |
The timeout value (in seconds) for SOCKS server connection attempts.
proxy.config.socks.per_server_connection_attempts
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
The total number of connection attempts allowed per SOCKS server,if multiple servers are used.
proxy.config.socks.connection_attempts
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 4 |
The total number of connection attempts allowed to a SOCKS serverTraffic Server bypasses the server or fails the request
proxy.config.socks.server_retry_timeout
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 300 |
The timeout value (in seconds) for SOCKS server connection retry attempts.
proxy.config.socks.default_servers
¶
Scope: | CONFIG |
---|---|
Type: | STRING |
Default: | *NONE* |
Default list of SOCKS servers and their ports.
proxy.config.socks.server_retry_time
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 300 |
The amount of time allowed between connection retries to a SOCKSserver that is unavailable.
proxy.config.socks.server_fail_threshold
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 2 |
The number of times the connection to the SOCKS server can failbefore Traffic Server considers the server unavailable.
proxy.config.socks.accept_enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Enables (1) or disables (0) the SOCKS proxy option. As a SOCKSproxy, Traffic Server receives SOCKS traffic (usually on port1080) and forwards all requests directly to the SOCKS server.
proxy.config.socks.accept_port
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1080 |
Specifies the port on which Traffic Server accepts SOCKS traffic.
proxy.config.socks.http_port
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 80 |
Specifies the port on which Traffic Server accepts HTTP proxy requestsover SOCKS connections..
proxy.config.net.defer_accept
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
default: 1
meaning on
all Platforms except Linux: 45
seconds
This directive enables operating system specific optimizations for a listening socket. defer_accept
holds a call to accept(2)
back until data has arrived. In Linux’ special case this is up to a maximum of 45 seconds.
proxy.config.net.sock_send_buffer_size_in
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Sets the send buffer size for connections from the client to Traffic Server.
proxy.config.net.sock_recv_buffer_size_in
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Sets the receive buffer size for connections from the client to Traffic Server.
proxy.config.net.sock_option_flag_in
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0x5 |
Turns different options “on” for the socket handling client connections::
TCP_NODELAY (1)
SO_KEEPALIVE (2)
SO_LINGER (4) - with a timeout of 0 seconds
Note
This is a bitmask and you need to decide what bits to set. Therefore,you must set the value to 3
if you want to enable nodelay andkeepalive options above.
proxy.config.net.sock_send_buffer_size_out
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Sets the send buffer size for connections from Traffic Server to the origin server.
proxy.config.net.sock_recv_buffer_size_out
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Sets the receive buffer size for connections from Traffic Server tothe origin server.
proxy.config.net.sock_option_flag_out
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0x1 |
Turns different options “on” for the origin server socket::
TCP_NODELAY (1)
SO_KEEPALIVE (2)
SO_LINGER (4) - with a timeout of 0 seconds
Note
This is a bitmask and you need to decide what bits to set. Therefore,you must set the value to 3
if you want to enable nodelay andkeepalive options above.
When SO_LINGER is enabled, the linger timeout time is setto 0. This is useful when Traffic Server and the origin serverare co-located and large numbers of sockets are retainedin the TIME_WAIT state.
proxy.config.net.sock_mss_in
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0 |
Same as the command line option --accept_mss
that sets the MSS for all incoming requests.
proxy.config.net.sock_packet_mark_in
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0x0 |
Set the packet mark on traffic destined for the client(the packets that make up a client response).
See also
Traffic Shaping
proxy.config.net.sock_packet_mark_out
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0x0 |
Set the packet mark on traffic destined for the origin(the packets that make up an origin request).
See also
Traffic Shaping
proxy.config.net.sock_packet_tos_in
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0x0 |
Set the ToS/DiffServ Field on packets sent to the client(the packets that make up a client response).
See also
Traffic Shaping
proxy.config.net.sock_packet_tos_out
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 0x0 |
Set the ToS/DiffServ Field on packets sent to the origin(the packets that make up an origin request).
See also
Traffic Shaping
proxy.config.net.poll_timeout
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 10 (or 30 on Solaris) |
Same as the command line option --poll_timeout
, or -t
, whichspecifies the timeout used for the polling mechanism used. This timeout isalways in milliseconds (ms). This is the timeout to epoll_wait()
onLinux platforms, and to kevent()
on BSD type OSs. The default value is10
on all platforms.
Changing this configuration can reduce CPU usage on an idle system, sinceperiodic tasks gets processed at these intervals. On busy servers, thisoverhead is diminished, since polled events triggers morefrequently.However, increasing the setting can also introduce additional latency forcertain operations, and timed events. It’s recommended not to touch thissetting unless your CPU usage is unacceptable at idle workload. Somealternatives to this could be:
Reduce the number of worker threads (net-threads)
Reduce the number of disk (AIO) threads
Make sure accept threads are enabled
The relevant configurations for this are:
CONFIG proxy.config.exec_thread.autoconfig INT 0
CONFIG proxy.config.exec_thread.limit INT 2
CONFIG proxy.config.accept_threads INT 1
CONFIG proxy.config.cache.threads_per_disk INT 8
proxy.config.task_threads
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 2 |
Specifies the number of task threads to run. These threads are used forvarious tasks that should be off-loaded from the normal network threads.
proxy.config.allocator.thread_freelist_size
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 512 |
Sets the maximum number of elements that can be contained in a ProxyAllocator (per-thread)before returning the objects to the global pool
proxy.config.allocator.thread_freelist_low_watermark
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 32 |
Sets the minimum number of items a ProxyAllocator (per-thread) will guarantee to beholding at any one time.
proxy.config.http.enabled
¶
Scope: | CONFIG |
---|---|
Type: | INT |
Default: | 1 |
Turn on or off support for HTTP proxying. This is rarely used, the oneexception being if you run Traffic Server with a protocol plugin, and wouldlike for it to not support HTTP requests at all.
© Copyright 2014, dev@trafficserver.apache.org.