You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 23 Next »

While the current administration guide is a great place to start when configuring Apache Traffic Server,
there are enough "gotchas" that I thought I'd contribute back to the project and document them.

Please keep in mind the following only applies to creating a web proxy caching setup;
I'd document others but I use ATS purely on a personal basis.

The following lists the steps involved in getting a generic Traffic Server install,
from default configurations into a working setup. Once that's completed, feel free
to see my tuning guide for more information on performance settings.

All three Wiki pages use configuration examples from my running home Traffic Server setup.

IP Address Listening And Ports

Unlike Apache HTTP Server, Traffic Server takes a little more work to get things up and running.
The following settings are all located in the main configuration file, which by default is
/usr/local/etc/trafficserver/records.config.

Specifically, the following directive should be set unless you want Traffic Server listening on
every possible interface:

LOCAL proxy.local.incoming_ip_to_bind STRING [2601:d:4880:53:426c:8fff:fe3a:43f1]

Also, the next directive will tell Traffic Server which ports to listen on:

CONFIG proxy.config.http.server_ports STRING 8080:ipv6

In this example, Apache Traffic Server will now listen on my home machine's public IP,
port 8080 for IPv6 only. I was originally using localhost, but after looking at the
HTTP proxy headers that ATS produced, I decided to be more specific.

DNS

Another step that's just a little different is specifying to Traffic Server which DNS servers to use.
It will NOT simply assume whatever is in /etc/resolv.conf is fine and run with that.

This directive allows you to set which DNS servers Traffic Server should use.
Most likely you'll use your own, I for now use Hurricane Electric's Chicago DNS:

CONFIG proxy.config.dns.nameservers STRING [2001:470:20::2] 74.82.42.42

IP-based Access Control List

To setup basic security in your Traffic Server install, you'll have to configure a different file,
by default /usr/local/etc/trafficserver/ip_allow.config. If you've ever done firewall
work the theory is very similar...simply list to Traffic Server what is allowed,
followed by what is NOT allowed.

# Allow anything on localhost (this is the default configuration based on the
# depricated CONFIG proxy.config.http.quick_filter.mask INT 0x482)
src_ip=2601:d:4880:53:426c:8fff:fe3a:43f1         action=ip_allow method=ALL
# Deny everything else.
src_ip=0.0.0.0-255.255.255.255                    action=ip_deny  method=ALL
src_ip=::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff action=ip_deny  method=ALL

Web Cache Size

The Apache Traffic Server default install configures this to be 256MB, a rather small size
as is noted in the configuration file. I eventually went with 2GB. The following is found in the
config file /usr/local/etc/trafficserver/storage.config.

NOTE: Apache Traffic Server does slow down a bit with filesystem caches above 2GB.
However, more than one cache database file currently isn't supported.

var/trafficserver 2G

Start It Up!

Once the above has been completed, it's time to give it all a try.

sudo /usr/local/bin/trafficserver start

At this point you should have a workable, albeit very default web caching proxy server.
Startup your favorite browser, configure it to use your new proxy server as a web proxy
for both HTTP and HTTPS, and watch your browsing speed improve immediately.

  • No labels