Versions Compared

Old Version 13

changes.mady.by.user Adam W. Dace

Saved on

compared with

New Version Current

changes.mady.by.user Adam W. Dace

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

...

Please keep in mind the following only applies to creating a forward-only web proxy caching setup;
I'd document others but I use ATS purely on a personal basis.

My personal goal here was to replace Squid with Traffic Server as a "drop-in" replacement.

The following lists the initial steps involved in getting a generic Traffic Server install ,
from default configurations into a working setup. Once that's completed, feel free
to see my tuning guide for more information on performance settings.up and running.

NOTE:  Please use the following with Apache Traffic Server v5.0.0 and higherBoth Wiki pages use configuration examples from my running home Traffic Server setup.


IP Address Listening And Ports

Unlike Apache HTTP Server, Traffic Server takes a little more work to get things up and running.
The following settings are all located in the main configuration file, which by default is
is /usr/local/etc/trafficserver/records.config.

Specifically, the following directive should be set unless you want Traffic Server listening on
every possible interface:

Code Block

LOCAL proxy.local.incoming_ip_to_bind STRING 127.0.0.1 ::1[2601:d:4880:6c3:426c:8fff:fe3a:43f1]

Also, the next directive will tell Traffic Server which ports to listen on:

Code Block

CONFIG proxy.config.http.server_ports STRING 8080:ipv6 8080

In this example, Apache Traffic Server will now listen on localhost, port my home machine's public IP, port 8080 for both IPv4 and IPv6 only.

DNS

Another step that's just a little different is specifying to Traffic Server which DNS servers to use.
It will NOT simply assume whatever is in /etc/resolv.conf is fine and run with that.

This directive allows you to set which DNS servers Traffic Server should use.
Most likely you'll use your own, I for now use Hurricane Electric's Chicago DNS:

I was originally using localhost, but after looking at the HTTP proxy headers that ATS produced, I decided to be more specific.

DNS Round-Robin

Unlike many applications, the default in ApachTraffic Server is to actually round-robin requests among your configured DNS servers.

I didn't like this much, so I disabled it.

Code Block
Code Block

CONFIG proxy.config.dns.round_robin_nameservers STRING [2001:470:20::2] 74.82.42.42
INT 0
Required Remapping

The Apache Traffic Server default install configures URL re-mapping as required.

This will not allow you to use trafficserver as a foward proxy until you disable it in records.config file or configure remapping specifically for your needs.

Code Block
CONFIG proxy.config.url_remap.remap_required INT 0
IP-based Access Control List

To setup basic security in your Traffic Server install, you'll have to configure a different file,
by  by default /usr/local/etc/trafficserver/ip_allow.config.

If you've ever done firewall
work firewall work the theory is very similar...simply list to Traffic Server what is allowed,
followed  followed by what is NOT allowed.

Code Block

# Allow anything on localhost (this is the default configuration based on the
# depricated CONFIG proxy.config.http.quick_filter.mask INT 0x482)
src_ip=127.0.0.1                                  action=ip_allow method=ALL
src_ip=::1  2601:d:4880:6c3:426c:8fff:fe3a:43f1                                      action=ip_allow method=ALL
# Deny everything else.
src_ip=0.0.0.0-255.255.255.255                    action=ip_deny  method=ALL
src_ip=::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff action=ip_deny  method=ALL

Web Cache Size

The Apache Traffic Server default install configures this to be 256MB, a rather small size
as size as is noted in the configuration file.

I eventually went with 2GB1GB. The following is found in the
config the config file /usr/local/etc/trafficserver/storage.config.

Code Block

var/trafficserver 2048M1024M

Web Cache Partitions

The Apache Also, to be sure that Traffic Server default install doesn't get confused, one should remove the existing
web cache database file if one exists.

...

really provide for this. I found over time this can cause all sorts of issues relating to disk lock contention.

The following is found in the config file /usr/local/

...

etc/trafficserver/volume.config.

Code Block
volume=1 scheme=http size=25%
volume=2 scheme=http size=25%
volume=3 scheme=http size=25%
volume=4 scheme=http size=25%cache.db

Start It Up!

Once the above has been completed, it's time to give it all a try.

Code Block

sudo /usr/local/bin/trafficserver start

At this point you should have a workable, albeit very default web caching proxy server.

Startup your favorite browser, configure it to use your new proxy server as a web proxy
for proxy for both HTTP and HTTPS, and watch your browsing speed improve immediately.

 

Next Page: WebProxyCacheTuningP.S. Please let me know if I've missed anything.