您的位置：首页 > 运维架构 > Apache

Apache traffic server 配置文件records.config的官方文档

2015-05-25 11:39 701 查看

records.config¶

The

records.config

file (by default, located in

/usr/local/etc/trafficserver/

) is a list of configurable variables
used bythe Traffic Server software. Many of the variables in the

records.config

file are
set automatically when you set configurationoptions in Traffic Line. After you modify the

records.config

file,run the command

traffic_line
-x

to apply the changes.When you apply changes to one node in a cluster, Traffic Serverautomatically applies the changes to all other nodes in the cluster.

Format¶

Each variable has the following format:

SCOPE variable_name DATATYPE variable_value

where

SCOPE

is related to clustering and is either

CONFIG

(all members ofthe cluster) or

LOCAL

(only the local machine)

DATATYPE

is one of

INT

(integer),

STRING

(string),

FLOAT

(floating point).:A variable marked as

Deprecated

is still functional but should be avoidedas it may be removed in a future release without warning.

A variable marked as

Reloadable

can be updated via the command:

traffic_line -x

INT

type configurations are expressed as any normal integer,e.g.
32768. They can also be expressed using more human readable valuesusing standard prefixes, e.g.
32K. The following prefixes are supportedfor all

INT

type configurations

Kilobytes (1024 bytes)

Megabytes (1024^2 or 1,048,576 bytes)

Gigabytes (1024^3 or 1,073,741,824 bytes)

Terabytes (1024^4 or 1,099,511,627,776 bytes)

Note
Traffic Server currently writes back configurations to disk periodically,and when doing so, will not preserve the prefixes.

Examples¶

In the following example, the variable
proxy.config.proxy_name isa

STRING

datatype with the value

my_server

. This means that thename of the Traffic Server proxy is

my_server

CONFIG proxy.config.proxy_name STRING my_server

If the server name should be

that_server

the line would be

CONFIG proxy.config.proxy_name STRING that_server

In the following example, the variable

proxy.config.arm.enabled

isa yes/no flag. A value of

(zero) disables the option; a value of

enables the option.

CONFIG proxy.config.arm.enabled INT 0

In the following example, the variable sets the cluster startup timeoutto 10 seconds.

CONFIG proxy.config.cluster.startup_timeout INT 10

The last examples configures a 64GB RAM cache, using a human readableprefix.

CONFIG proxy.config.cache.ram_cache.size INT 64G

Environment Overrides¶

Every

records.config

configuration variable can be overriddenby a corresponding environment variable. This can be useful insituations where you need a static

records.config

but stillwant to tweak one or two settings. The override variable is formedby converting the

records.config

variable name to uppercase, and replacing any dot separators with an underscore.

Overriding a variable from the environment is permanent and willnot be affected by future configuration changes made in

records.config

or applied with traffic_line.

For example, we could override the
proxy.config.product_company variablelike this:

$ PROXY_CONFIG_PRODUCT_COMPANY=example traffic_cop &
$ traffic_line -r proxy.config.product_company

Configuration Variables¶

The following list describes the configuration variables available inthe

records.config

file.

System Variables¶

proxy.config.product_company

Scope:	CONFIG
Type:	STRING
Default:	Apache Software Foundation

The name of the organization developing Traffic Server.

proxy.config.product_vendor

Scope:	CONFIG
Type:	STRING
Default:	Apache

The name of the vendor providing Traffic Server.

proxy.config.product_name

Scope:	CONFIG
Type:	STRING
Default:	Traffic Server

The name of the product.

proxy.config.proxy_name

Scope:	CONFIG
Type:	STRING
Default:	``build_machine``
Reloadable:	Yes

The name of the Traffic Server node.

proxy.config.bin_path

Scope:	CONFIG
Type:	STRING
Default:	bin

The location of the Traffic Server

bin

directory.

proxy.config.proxy_binary

Scope:	CONFIG
Type:	STRING
Default:	traffic_server

The name of the executable that runs the traffic_server process.

proxy.config.proxy_binary_opts

Scope:	CONFIG
Type:	STRING
Default:	-M

The command-line options for starting Traffic Server.

proxy.config.manager_binary

Scope:	CONFIG
Type:	STRING
Default:	traffic_manager

The name of the executable that runs the traffic_manager process.

proxy.config.env_prep

Scope:	CONFIG
Type:	STRING
Default:	NONE

The script executed before the traffic_manager process spawnsthe
traffic_server process.

proxy.config.config_dir

Scope:	CONFIG
Type:	STRING
Default:	etc/trafficserver

The directory that contains Traffic Server configuration files.This is a read-only configuration option that contains the

SYSCONFDIR

value specified at build time relative to theinstallation prefix.
The

$TS_ROOT

environment variable canbe used alter the installation prefix at run time.

proxy.config.syslog_facility

Scope:	CONFIG
Type:	STRING
Default:	LOG_DAEMON

The facility used to record system log files. Refer to
Understanding Traffic Server Log Files.

proxy.config.cop.core_signal

Scope:	CONFIG
Type:	INT
Default:	0

The signal sent to traffic_cop‘s managed processes to stop them.

A value of

means no signal will be sent.

proxy.config.cop.linux_min_memfree_kb

Scope:	CONFIG
Type:	INT
Default:	0

The minimum amount of free memory space allowed before Traffic Server stopsthe
traffic_server and traffic_manager processes toprevent the system from hanging.

proxy.config.cop.linux_min_swapfree_kb

Scope:	CONFIG
Type:	INT
Default:	0

The minimum amount of free swap space allowed before Traffic Server stopsthe
traffic_server and traffic_manager processes toprevent the system from hanging. This configuration variable applies ifswap is enabled in Linux 2.2 only.

proxy.config.cop.init_sleep_time

Scope:	CONFIG
Type:	INT
Default:	0

The minimum amount of addtional duration allowed before Traffic Server detectsthat the
traffic_server is not responsive and attempts a restartduring startup. This configuration variable allows Traffic Server a longer inittime to load potentially large configuration files such as remap config. Note thatthis applies
only during startup of Traffic Server and does not apply to the runtime heartbeat checking.

proxy.config.output.logfile

Scope:	CONFIG
Type:	STRING
Default:	traffic.out

The name and location of the file that contains warnings, status messages, and error messages produced by the Traffic Serverprocesses. If no path is specified, then Traffic Server creates the file in its logging directory.

proxy.config.snapshot_dir

Scope:	CONFIG
Type:	STRING
Default:	snapshots

The directory in which Traffic Server stores configurationsnapshots on the local system. Unless you specify an absolutepath, this directory is located in the Traffic Server

SYSCONFDIR

directory.

proxy.config.exec_thread.autoconfig

Scope:	CONFIG
Type:	INT
Default:	1

When enabled (the default,

), Traffic Server scales threads according to the available CPU cores. See the config option below.

proxy.config.exec_thread.autoconfig.scale

Scope:	CONFIG
Type:	FLOAT
Default:	1.5

Factor by which Traffic Server scales the number of threads. The multiplier is usually the number of available CPU cores. By defaultthis is scaling factor is

1.5

proxy.config.exec_thread.limit

Scope:	CONFIG
Type:	INT
Default:	2

The number of threads Traffic Server will create if proxy.config.exec_thread.autoconfig is set to0, otherwise this option is ignored.

proxy.config.accept_threads

Scope:	CONFIG
Type:	INT
Default:	1

When enabled (

), runs a separate thread for accept processing. If disabled (

), then only 1 thread can be created.

proxy.config.thread.default.stacksize

Scope:	CONFIG
Type:	INT
Default:	1048576

The new default thread stack size, for all threads. The original default is set at 1 MB.

proxy.config.exec_thread.affinity

Scope:	CONFIG
Type:	INT
Default:	0

Bind threads to specific processing units.


Value	Effect
0	assign threads to machine
1	assign threads to NUMA nodes
2	assign threads to sockets
3	assign threads to cores
4	assign threads to processing units

Note
This option only has an affect when Traffic Server has been compiled with

--enable-hwloc

proxy.config.system.file_max_pct

Scope:	CONFIG
Type:	FLOAT
Default:	0.9

Set the maximum number of file handles for the traffic_server process as a percentage of the the fs.file-max proc value in Linux. The default is 90%.

proxy.config.crash_log_helper

Scope:	CONFIG
Type:	STRING
Default:	traffic_crashlog

This option directs traffic_server to spawn a crashlog helper at startup. The value should be the path to anexecutable program. If the path is not absolute, it is locatedrelative to configured

bin

directory. Any user-providedprogram specified here must behave in a fashion compatible withtraffic_crashlog. Specifically, it must implementthe

traffic_crashlog
--wait

behavior.
This setting not reloadable because the helper must be spawnedbefore
traffic_server drops privilege. If this variableis set to

NULL

, no helper will be spawned.

proxy.config.restart.active_client_threshold

Scope:	CONFIG
Type:	INT
Default:	0 :reloadable:

This setting specifies the number of active client connectionsfor use by

traffic_line
--drain

Network¶

proxy.config.net.connections_throttle

Scope:	CONFIG
Type:	INT
Default:	30000

The total number of client and origin server connections that the servercan handle simultaneously. This is in fact the max number of filedescriptors that the
traffic_server process can have open at anygiven time. Roughly 10% of these connections are reserved for origin serverconnections, i.e. from the default, only ~9,000 client connections can behandled. This should be tuned according
to your memory size, and expectedwork load.

proxy.config.net.default_inactivity_timeout

Scope:	CONFIG
Type:	INT
Default:	86400
Reloadable:	Yes

The connection inactivity timeout (in seconds) to apply whenTraffic Server detects that no inactivity timeout has been appliedby the HTTP state machine. When this timeout is applied, theproxy.process.net.default_inactivity_timeout_applied metricis
incremented.

proxy.config.net.inactivity_check_frequency

Scope:	CONFIG
Type:	INT
Default:	1

How frequent (in seconds) to check for inactive connections. If you dealwith a lot of concurrent connections, increasing this setting can reducepressure on the system.

proxy.local.incoming_ip_to_bind

Scope:	LOCAL
Type:	STRING
Default:	0.0.0.0 [::]

Controls the global default IP addresses to which to bind proxy server ports. The value is a space separated list of IP addresses, one per supported IP address family (currently IPv4 and IPv6).

Unless explicitly specified in
proxy.config.http.server_ports the server port will be bound to one of these addresses, selected by IP address family. The built in default is any address. This is used if no address for a family is specified. This setting is useful if most or all server
ports should be bound to the same address.

Note
This is ignored for inbound transparent server ports because they must be able to accept connections on arbitrary IP addresses.

Example
Set the global default for IPv4 to

192.168.101.18

and leave the global default for IPv6 as any address.:

LOCAL proxy.local.incoming_ip_to_bind STRING 192.168.101.18

Example
Set the global default for IPv4 to

191.68.101.18

and the global default for IPv6 to

fc07:192:168:101::17

LOCAL proxy.local.incoming_ip_to_bind STRING 192.168.101.18 [fc07:192:168:101::17]

proxy.local.outgoing_ip_to_bind

Scope:	LOCAL
Type:	STRING
Default:	0.0.0.0 [::]

This controls the global default for the local IP address for outbound connections to origin servers. The value is a list of space separated IP addresses, one per supported IP address family (currently IPv4 and IPv6).
Unless explicitly specified in
proxy.config.http.server_ports one of these addresses, selected by IP address family, will be used as the local address for outbound connections. This setting is useful if most or all of the server ports should use the same outbound IP addresses.

Note
This is ignored for outbound transparent ports as the local outbound address will be the same as the client local address.

Example
Set the default local outbound IP address for IPv4 connections to

192.168.101.18

LOCAL proxy.local.outgoing_ip_to_bind STRING 192.168.101.18

Example
Set the default local outbound IP address to

192.168.101.17

for IPv4 and

fc07:192:168:101::17

for IPv6.:

LOCAL proxy.local.outgoing_ip_to_bind STRING 192.168.101.17 [fc07:192:168:101::17]

Cluster¶

proxy.local.cluster.type

Scope:	LOCAL
Type:	INT
Default:	3

Sets the clustering mode:


Value	Effect
1	full-clustering mode
2	management-only mode
3	no clustering

proxy.config.cluster.ethernet_interface

Scope:	CONFIG
Type:	INT
Default:	eth0

The network interface to be used for cluster communication. This has to beidentical on all members of a clsuter. ToDo: Is that reasonable ?? Shouldthis be local”

proxy.config.cluster.rsport

Scope:	CONFIG
Type:	INT
Default:	8088

The reliable service port. The reliable service port is used to send configuration information between the nodes in a cluster. All nodesin a cluster must use the same reliable service port.

proxy.config.cluster.threads

Scope:	CONFIG
Type:	INT
Default:	1

The number of threads for cluster communication. On heavy cluster, the number should be adjusted. It is recommend that take the threadCPU usage as a reference when adjusting.

proxy.config.clustger.ethernet_interface

Scope:	CONFIG
Type:	STRING
Default:	NONE

Set the interface to use for cluster communications.

proxy.config.http.cache.cluster_cache_local

Scope:	CONFIG
Type:	INT
Default:	0

This turns on the local caching of objects in cluster mode. The point ofthis is to allow for popular or
hot content to be cached on all nodesin a cluster. Be aware that the primary way to configure this behavior isvia the

cache.config

configuration file using

action=cluster-cache-local

directives.
This particular

records.config

configuration can be controlled pertransaction or per remap rule. As such, it augments the

cache.config

directives, since you can turn on the local cachingfeature without complex regular expression matching.
This implies that turning this on in your global

records.config

isalmost never what you want; instead, you want to use this either viae.g.

conf_remap.so

overrides for a certain remap rule, or through acustom plugin using the appropriate APIs.

Local Manager¶

proxy.config.lm.sem_id

Scope:	CONFIG
Type:	INT
Default:	11452

The semaphore ID for the local manager.

proxy.config.admin.autoconf_port

Scope:	CONFIG
Type:	INT
Default:	8083

The autoconfiguration port.

proxy.config.admin.number_config_bak

Scope:	CONFIG
Type:	INT
Default:	3

The maximum number of copies of rolled configuration files to keep.

proxy.config.admin.user_id

Scope:	CONFIG
Type:	STRING
Default:	nobody

Option used to specify who to run the traffic_server process as; also used to specify ownership of config and log files.

The nonprivileged user account designated to Traffic Server.

As of version 2.1.1 if the user_id is prefixed with pound character (#) the remaining of the string is considered to bea

numeric user identifier. If the value is set to

#-1

TrafficServer will not change the user during startup.

Setting

user_id

root

#0

is now forbidden toincrease security. Trying to do so, will cause thetraffic_server fatal failure. However there are two ways tobypass that restriction

Specify

-DBIG_SECURITY_HOLE

CXXFLAGS

during compilation.
Set the

user_id=#-1

and start trafficserver as root.

proxy.config.admin.api.restricted

Scope:	CONFIG
Type:	INT
Default:	1

This setting specifies whether the management API should be restrictedto root processes. If this is set to

, then on platforms thatsupport passing process credentials, non-root processes will beallowed to make read-only management API calls. Any management APIcalls that modify server state (eg. setting
a configuration variable)will still be restricted to root processes.

This setting is not reloadable, since it is must be applied whenprogram:traffic_manager initializes.

Note
In Traffic Server 6.0, the default value of

proxy.config.admin.api.restricted

will be changed to

Process Manager¶

proxy.config.process_manager.mgmt_port

Scope:	CONFIG
Type:	INT
Default:	8084

The port used for internal communication between the traffic_manager and
traffic_server processes.

Alarm Configuration¶

proxy.config.alarm_email

Scope:	CONFIG
Type:	STRING
Default:	NONE
Reloadable:	Yes

The address to which the alarm script should send email.

proxy.config.alarm.bin

Scope:	CONFIG
Type:	STRING
Default:	example_alarm_bin.sh
Reloadable:	Yes

Name of the script file that can execute certain actions whenan alarm is signaled. The script is invoked with up to 4 arguments:

the alarm message
the value of

proxy.config.product_name

the value of

proxy.config.admin.user_id

the value of

proxy.config.alarm_email

proxy.config.alarm.abs_path

Scope:	CONFIG
Type:	STRING
Default:	NULL
Reloadable:	Yes

The absolute path to the directory containing the alarm script.If this is not set, the script will be located relative to

proxy.config.bin_path

proxy.config.alarm.script_runtime

Scope:	CONFIG
Type:	INT
Default:	5
Reloadable:	Yes

The number of seconds that Traffic Server allows the alarm scriptto run before aborting it.

HTTP Engine¶

proxy.config.http.server_ports

Scope:	CONFIG
Type:	STRING
Default:	8080

Ports used for proxying HTTP traffic.

This is a list, separated by space or comma, of
port descriptors. Each descriptor is a sequence of keywords and values separated by colons. Not all keywords have values, those that do are specifically noted. Keywords with values can have an optional ‘=’ character separating the keyword and value.
The case of keywords is ignored. The order of keywords is irrelevant but unspecified results may occur if incompatible options are used (noted below). Options without values are idempotent. Options with values use the last (right most) value specified, except
for

ip-out

as detailed later.

Quick reference chart.


Name	Note	Definition
number	Required	The local port.
blind		Blind ( CONNECT ) port.
compress	N/I	Compressed. Not implemented.
ipv4	Default	Bind to IPv4 address family.
ipv6		Bind to IPv6 address family.
ip-in	Value	Local inbound IP address.
ip-out	Value	Local outbound IP address.
ip-resolve	Value	IP address resolution style.
proto	Value	List of supported session protocols.
ssl		SSL terminated.
tr-full		Fully transparent (inbound and outbound)
tr-in		Inbound transparent.
tr-out		Outbound transparent.
tr-pass		Pass through enabled.

numberLocal IP port to bind. This is the port to which ATS clients will connect.blind
Accept only the

CONNECT

method on this port.
Not compatible with:

tr-in

ssl

.
compressCompress the connection. Retained only by inertia, should be considered “not implemented”.ipv4Use IPv4. This is the default and is included primarily for completeness. This forced if the

ip-in

option is used with an IPv4 address.ipv6Use IPv6. This is forced if the

ip-in

option is used with an IPv6 address.ssl
Require SSL termination for inbound connections. SSL
must be configured for this option to provide a functional server port.
Not compatible with:

blind

.
protoSpecify the
session level protocols supported. These should beseparated by semi-colons. For TLS proxy ports the default value isall available protocols. For non-TLS proxy ports the default is HTTPonly. SPDY can be enabled on non-TLS proxy ports but that
must be done explicitly.tr-full
Fully transparent. This is a convenience option and is identical to specifying both

tr-in

and

tr-out

.
Not compatible with: Any option not compatible with

tr-in

tr-out

.tr-in
Inbound transparent. The proxy port will accept connections to any IP address on the port. To have IPv6 inbound transparent you must use this and the

ipv6

option. This overrides

proxy.local.incoming_ip_to_bind

for this port.
Not compatible with:

ip-in

blind

tr-out
Outbound transparent. If ATS connects to an origin server for a transaction on this port, it will use the client’s address as its local address. This overrides

proxy.local.outgoing_ip_to_bind

for this port.
Not compatible with:

ip-out

ip-resolve

tr-passTransparent pass through. This option is useful only for inbound transparent proxy ports. If the parsing of the expected HTTP header fails, then the transaction is switched to a blind tunnel instead of generating an error response to the client. It effectively
enables

proxy.config.http.use_client_target_addr

for the transaction as there is no other place to obtain the origin server address.ip-in
Set the local IP address for the port. This is the address to which clients will connect. This forces the IP address family for the port. The

ipv4

ipv6

can be used but it is optional and is an error for it to disagree with the IP address family of this value. An IPv6 address
must be enclosed in square brackets. If this option is omitted

proxy.local.incoming_ip_to_bind

is used.
Not compatible with:

tr-in

.
ip-out
Set the local IP address for outbound connections. This is the address used by ATS locally when it connects to an origin server for transactions on this port. If this is omitted

proxy.local.outgoing_ip_to_bind

is used.
This option can used multiple times, once for each IP address family. The address used is selected by the IP address family of the origin server address.

Not compatible with:

tr-out

.
ip-resolve
Set the

host
resolution style

for transactions on this proxy port.
Not compatible with:

tr-out

- this option requires a value of

client;none

which is forced and should not be explicitly specified.

Example
Listen on port 80 on any address for IPv4 and IPv6.:

80 80:ipv6

Example
Listen transparently on any IPv4 address on port 8080, andtransparently on port 8080 on local address

fc01:10:10:1::1

(which implies

ipv6

).:

IPv4:tr-FULL:8080 TR-full:IP-in=[fc02:10:10:1::1]:8080

Example
Listen on port 8080 for IPv6, fully transparent. Set up an SSL port on 443. These ports will use the IP address from

proxy.local.incoming_ip_to_bind

. Listen on IP address

192.168.17.1

, port 80, IPv4, and connect to origin servers using the local address

10.10.10.1

for IPv4 and

fc01:10:10:1::1

for IPv6.:

8080:ipv6:tr-full 443:ssl ip-in=192.168.17.1:80:ip-out=[fc01:10:10:1::1]:ip-out=10.10.10.1

Example
Listen on port 9090 for TSL enabled SPDY or HTTP connections, accept no other session protocols.:

9090:proto=spdy;http:ssl

proxy.config.http.connect_ports

Scope:	CONFIG
Type:	STRING
Default:	443 563

The range of origin server ports that can be used for tunneling via

CONNECT

.

Traffic Server allows tunnels only to the specified ports.Supports both wildcards (‘*’) and ranges (“0-1023”).

Note
These are the ports on the origin server, not Traffic Server

proxy
ports

proxy.config.http.insert_request_via_str

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

Set how the

Via

field is handled on a request to the origin server.


Value	Effect
0	Do not modify / set this via header
1	Update the via, with normal verbosity
2	Update the via, with higher verbosity
3	Update the via, with highest verbosity

Note
The

Via

header string can be decoded with the

Via Decoder Ring.

proxy.config.http.insert_response_via_str

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Set how the

Via

field is handled on the response to the client.


Value	Effect
0	Do not modify / set this via header
1	Update the via, with normal verbosity
2	Update the via, with higher verbosity
3	Update the via, with highest verbosity

Note
The

Via

header string can be decoded with the

Via Decoder Ring.

proxy.config.http.send_100_continue_response

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

You can specify one of the following:

ATS buffer the request until the post body has been recieved and then send the request to origin.

immediately return a 100 Continue from ATS without waiting for the post body

proxy.config.http.response_server_enabled

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

You can specify one of the following:

no Server: header is added to the response.

the Server: header is added (see string below).

the Server: header is added only if the response from origin does not have one already.

proxy.config.http.insert_age_in_response

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

This option specifies whether Traffic Server should insert an

Age

header in the response. The Age field value is the cache’sestimate of the amount of time since the response was generated or revalidated by the origin server.

Age

header is added

the

Age

header is added

proxy.config.http.response_server_str

Scope:	CONFIG
Type:	STRING
Default:	ATS/
Reloadable:	Yes

The Server: string that ATS will insert in a response header (if requested, see above). Note that the current version number isalways appended to this string.

proxy.config.http.enable_url_expandomatic

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Enables (

) or disables (

)

.com

domain expansion. This configures the Traffic Server to resolve unqualified hostnames byprepending with

www.

and appending with

.com

before redirecting to the expanded address. For example: if a client makesa request to

host

, then Traffic Server redirects the request to

www.host.com

proxy.config.http.chunking_enabled

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

Specifies whether Traffic Sever can generate a chunked response:

Never

Always

Generate a chunked response if the server has returned HTTP/1.1 before

= Generate a chunked response if the client request is HTTP/1.1 and the origin server has returned HTTP/1.1 before

Note
If HTTP/1.1 is used, then Traffic Server can usekeep-alive connections with pipelining to origin servers. IfHTTP/0.9 is used, then Traffic Server does not use

keep-alive

connections to origin servers. If HTTP/1.0 is used, then TrafficServer can use

keep-alive

connections without pipelining toorigin servers.

proxy.config.http.send_http11_requests

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

Specifies when and how Traffic Sever uses HTTP/1.1 to communicate with the origin server

Never

Always

If the server has returned HTTP/1.1 before

If the client request is HTTP/1.1 and the server has returned HTTP/1.1 before

Note
If

proxy.config.http.use_client_target_addr

is set to 1, options 2 and 3 cause the proxy to usethe client HTTP version for upstream requests.

proxy.config.http.share_server_sessions

Scope:	CONFIG
Type:	INT
Default:	2
Deprecated:	Yes

Enables (

) or disables (

) the reuse of server sessions. Thedefault (

)
is similar to enabled, except it creates a server sessionpool per network thread. This has the best performance characteristics.Note that setting this parameter to (

) will not work correctly unlessthe
dedicated SSL threads are disabled (

proxy.config.ssl.number.threads

is
set to (

-1

)).

proxy.config.http.auth_server_session_private

Scope:	CONFIG
Type:	INT
Default:	1

If enabled (

) anytime a request contains a (

Authorization

), (

Proxy-Authorization

)or
(

Www-Authenticate

) header the connection will be closed and not reused. This marksthe connection as private. When disabled (

) the
connection will be available for reuse.

proxy.config.http.server_session_sharing.match

Scope:	CONFIG
Type:	STRING
Default:	both

Enable and set the ability to re-use server connections across client connections. The valid values are
noneDo not match, do not re-use server sessions.ipRe-use server sessions, check only that the IP address and port of the origin server matches.hostRe-use server sessions, check only that the fully qualified domain name matches.bothRe-use server sessions, but only if the IP address and fully qualified domain name match.
It is strongly recommended to use either none or
both for this value unless you have a specific need to use ipor
host. The most common reason is virtual hosts that share an IP address in which case performance can be enhancedif those sessions can be re-used. However, not all web servers support requests for different virtual hosts on thesame connection so usewith caution.

proxy.config.http.server_session_sharing.pool

Scope:	CONFIG
Type:	STRING
Default:	thread

Control the scope of server session re-use if it is enabled by

proxy.config.http.server_session_sharing.match

. The valid values are
globalRe-use sessions from a global pool of all server sessions.threadRe-use sessions from a per-thread pool.

proxy.config.http.attach_server_session_to_client

Scope:	CONFIG
Type:	INT
Default:	0

Control the re-use of an server session by a user agent (client) session.
If a user agent performs more than one HTTP transaction on its connection to Traffic Server a server session must beobtained for the second (and subsequent) transaction as for the first. This settings affects how that server sessionis
selected.
If this setting is

then after the first transaction the server session for that transaction is released to theserver pool (if any). When a server session is needed for
subsequent transactions one is selected from the serverpool or created if there is no suitable server session in the pool.
If this setting is not

then the current server session for the user agent session is “sticky”. It will bepreferred to any other server session (either from the pool or
newly created). The server session will be detachedfrom the user agent session only if it cannot be used for the transaction. This is determined by the

proxy.config.http.server_session_sharing.match

value. If the server session matches the next transactionaccording to this setting then it will be used, otherwise it will be released to the pool and a different sessionselected or created.

proxy.config.http.record_heartbeat

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Enables (

) or disables (

)
traffic_cop heartbeat logging.

proxy.config.http.use_client_target_addr

Scope:	CONFIG
Type:	INT
Default:	0

For fully transparent ports use the same origin server address as the client.

This option causes Traffic Server to avoid where possible doing DNSlookups in forward transparent proxy mode. The option is onlyeffective if the following three conditions are true -

Traffic Server is in forward proxy mode.
The proxy port is inbound transparent.
The target URL has not been modified by either remapping or a plugin.

If any of these conditions are not true, then normal DNS processingis done for the connection.

There are three valid values.* 0 - Disables the feature.* 1 - Enables the feature with address verification. The Proxy does theregular DNS processing. If the client-specified origin address is not in theset of addresses found by the Proxy, the request continues
to the clientspecified address, but the result is not cached.* 2 - Enables the feature with no address verification. No DNS processingis performed. The result is cached (if allowed otherwise). This option isvulnerable to cache poisoning if an incorrect Host
header is specified, sothis option should be used with extreme caution. See bug
TS-2954 fordetails.

If all of these conditions are met, then the origin server IPaddress is retrieved from the original client connection, ratherthan through HostDB or DNS lookup. In effect, client DNS resolutionis used instead of Traffic Server DNS.

This can be used to be a little more efficient (looking up thetarget once by the client rather than by both the client and TrafficServer) but the primary use is when client DNS resolution can differfrom that of Traffic Server. Two known uses cases are:

Embedded IP addresses in a protocol with DNS load sharing. Inthis case, even though Traffic Server and the client both makethe same request to the same DNS resolver chain, they may getdifferent origin server addresses. If the address is embedded inthe protocol
then the overall exchange will fail. One currentexample is Microsoft Windows update, which presumably embeds theaddress as a security measure.
The client has access to local DNS zone information which is notavailable to Traffic Server. There are corporate nets with localDNS information for internal servers which, by design, is notpropagated outside the core corporate network. Depending anetwork
topology it can be the case that Traffic Server canaccess the servers by IP address but cannot resolve suchaddresses by name. In such as case the client supplied targetaddress must be used.

This solution must be considered interim. In the longer term, itshould be possible to arrange for much finer grained control of DNSlookup so that wildcard domain can be set to use Traffic Server orclient resolution. In both known use cases, marking specific
domainsas client determined (rather than a single global switch) wouldsuffice. It is possible to do this crudely with this flag byenabling it and then use identity URL mappings to re-disable it forspecific domains.

proxy.config.http.keep_alive_enabled_in

Scope:	CONFIG
Type:	INT
Default:	1

Enables (

) or disables (

) incoming keep-alive connections.

proxy.config.http.keep_alive_enabled_out

Scope:	CONFIG
Type:	INT
Default:	1

Enables (

) or disables (

) outgoing keep-alive connections.

Note
Enabling keep-alive does not automatically enable purging of keep-aliverequests when nearing the connection limit, that is controlled by

proxy.config.http.server_max_connections

proxy.config.http.keep_alive_post_out

Scope:	CONFIG
Type:	INT
Default:	1

Controls wether new POST requests re-use keep-alive sessions (

) orcreate new connections per request (

proxy.config.http.send_408_post_timeout_response

Scope:	CONFIG
Type:	INT
Default:	0

Controls wether POST timeout sends a HTTP status 408 response (

)

proxy.config.http.disallow_post_100_continue

Scope:	CONFIG
Type:	INT
Default:	0

Allows you to return a 405 Method Not Supported with Posts alsocontaining an Expect: 100-continue.
When a Post w/ Expect: 100-continue is blocked the statproxy.process.http.disallowed_post_100_continue will be incremented.

Parent Proxy Configuration¶

proxy.config.http.parent_proxy_routing_enable

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Enables (

) or disables (

) the parent caching option. Refer to

Hierarchical Caching.

proxy.config.http.parent_proxy.retry_time

Scope:	CONFIG
Type:	INT
Default:	300
Reloadable:	Yes

The amount of time allowed between connection retries to a parent cache that is unavailable.

proxy.config.http.parent_proxy.fail_threshold

Scope:	CONFIG
Type:	INT
Default:	10
Reloadable:	Yes

The number of times the connection to the parent cache can fail before Traffic Server considers the parent unavailable.

proxy.config.http.parent_proxy.total_connect_attempts

Scope:	CONFIG
Type:	INT
Default:	4
Reloadable:	Yes

The total number of connection attempts allowed to a parent cache before Traffic Server bypasses the parent or fails the request(depending on the

go_direct

option in the

parent.config

file).

proxy.config.http.parent_proxy.per_parent_connect_attempts

Scope:	CONFIG
Type:	INT
Default:	2
Reloadable:	Yes

The total number of connection attempts allowed per parent, if multiple parents are used.

proxy.config.http.parent_proxy.connect_attempts_timeout

Scope:	CONFIG
Type:	INT
Default:	30
Reloadable:	Yes

The timeout value (in seconds) for parent cache connection attempts.

proxy.config.http.forward.proxy_auth_to_parent

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Configures Traffic Server to send proxy authentication headers on to the parent cache.

proxy.config.http.no_dns_just_forward_to_parent

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Don’t try to resolve DNS, forward all DNS requests to the parent. This is off (

) by default.

HTTP Connection Timeouts¶

proxy.config.http.keep_alive_no_activity_timeout_in

Scope:	CONFIG
Type:	INT
Default:	115
Reloadable:	Yes

Specifies how long Traffic Server keeps connections to clients open for asubsequent request after a transaction ends. A value of

will disablethe no activity timeout.

proxy.config.http.keep_alive_no_activity_timeout_out

Scope:	CONFIG
Type:	INT
Default:	120
Reloadable:	Yes

Specifies how long Traffic Server keeps connections to origin servers openfor a subsequent transfer of data after a transaction ends. A value of

will disable the no activity timeout.

proxy.config.http.transaction_no_activity_timeout_in

Scope:	CONFIG
Type:	INT
Default:	30
Reloadable:	Yes

Specifies how long Traffic Server keeps connections to clients open if a transaction stalls.

proxy.config.http.transaction_no_activity_timeout_out

Scope:	CONFIG
Type:	INT
Default:	30
Reloadable:	Yes

Specifies how long Traffic Server keeps connections to origin servers open if the transaction stalls.

proxy.config.http.transaction_active_timeout_in

Scope:	CONFIG
Type:	INT
Default:	900
Reloadable:	Yes

The maximum amount of time Traffic Server can remain connected to a client. If the transfer to the client is not complete before thistimeout expires, then Traffic Server closes the connection.

The value of

specifies that there is no timeout.

proxy.config.http.transaction_active_timeout_out

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

The maximum amount of time Traffic Server waits for fulfillment of a connection request to an origin server. If Traffic Server does notcomplete the transfer to the origin server before this timeout expires, then Traffic Server terminates the connection request.

The default value of

specifies that there is no timeout.

proxy.config.http.accept_no_activity_timeout

Scope:	CONFIG
Type:	INT
Default:	120
Reloadable:	Yes

The timeout interval in seconds before Traffic Server closes a connection that has no activity.

proxy.config.http.background_fill_active_timeout

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Specifies how long Traffic Server continues a background fill before giving up and dropping the origin server connection.

proxy.config.http.background_fill_completed_threshold

Scope:	CONFIG
Type:	FLOAT
Default:	0.0
Reloadable:	Yes

The proportion of total document size already transferred when a client aborts at which the proxy continues fetching the documentfrom the origin server to get it into the cache (a
background fill).

Origin Server Connect Attempts¶

proxy.config.http.connect_attempts_max_retries

Scope:	CONFIG
Type:	INT
Default:	6
Reloadable:	Yes

The maximum number of connection retries Traffic Server can make when the origin server is not responding.Each retry attempt lasts for

proxy.config.http.connect_attempts_timeout seconds. Once the maximum number of retries isreached, the origin is marked dead. After this, the setting

proxy.config.http.connect_attempts_max_retries_dead_serveris used to limit the number of retry attempts to the known dead origin.

proxy.config.http.connect_attempts_max_retries_dead_server

Scope:	CONFIG
Type:	INT
Default:	3
Reloadable:	Yes

Maximum number of connection retries Traffic Server can make while an origin is marked dead. Typically this value is smaller thanproxy.config.http.connect_attempts_max_retries
so an error is returned to the client faster and also to reduce the load on the dead origin.The timeout interval

proxy.config.http.connect_attempts_timeout in seconds is used with this setting.

proxy.config.http.server_max_connections

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Limits the number of socket connections across all origin servers to the value specified. To disable, set to zero (

).

Note
This value is used in determining when and if to prune active origin sessions. Without this value set connectionsto origins can consume all the way up to ts:cv:proxy.config.net.connections_throttle connections, which in turn canstarve
incoming requests from available connections.

proxy.config.http.origin_max_connections

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Limits the number of socket connections per origin server to the value specified. To enable, set to one (

proxy.config.http.origin_min_keep_alive_connections

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

As connection to an origin server are opened, keep at least ‘n’ number of connections open to that origin, even ifthe connection isn’t used for a long time period. Useful when the origin supports keep-alive, removing the timeneeded to set up a new connection
fromthe next request at the expense of added (inactive) connections. To enable, set to one (

proxy.config.http.connect_attempts_rr_retries

Scope:	CONFIG
Type:	INT
Default:	3
Reloadable:	Yes

The maximum number of failed connection attempts allowed before a round-robin entry is marked as ‘down’ if a serverhas round-robin DNS entries.

proxy.config.http.connect_attempts_timeout

Scope:	CONFIG
Type:	INT
Default:	30
Reloadable:	Yes

The timeout value (in seconds) for time to first byte for an origin server connection.

proxy.config.http.post_connect_attempts_timeout

Scope:	CONFIG
Type:	INT
Default:	1800
Reloadable:	Yes

The timeout value (in seconds) for an origin server connection when the client request is a

POST

PUT

request.

proxy.config.http.down_server.cache_time

Scope:	CONFIG
Type:	INT
Default:	300
Reloadable:	Yes

Specifies how long (in seconds) Traffic Server remembers that an origin server was unreachable.

proxy.config.http.down_server.abort_threshold

Scope:	CONFIG
Type:	INT
Default:	10
Reloadable:	Yes

The number of seconds before Traffic Server marks an origin server as unavailable after a client abandons a requestbecause the origin server was too slow in sending the response header.

proxy.config.http.uncacheable_requests_bypass_parent

Scope:	CONFIG
Type:	INT
Default:	1

When enabled (1), Traffic Server bypasses the parent proxy for a request that is not cacheable.

Congestion Control¶

proxy.config.http.congestion_control.enabled

Scope:	CONFIG
Type:	INT
Default:	0

Enables (

) or disables (

) the Congestion Control option, which configures Traffic Server to stop forwardingHTTP requests to origin
servers when they become congested. Traffic Server sends the client a message to retry thecongested origin server later. Refer to

Using Congestion Control.

proxy.config.http.flow_control.enabled

Scope:	CONFIG
Type:	INT
Default:	0

Transaction buffering / flow control is enabled if this is set to a non-zero value. Otherwise no flow control is done.

proxy.config.http.flow_control.high_water

Scope:	CONFIG
Type:	INT
Default:	0
Metric:	bytes

The high water mark for transaction buffer control. External source I/O is halted when the total buffer space in useby the transaction exceeds this value.

proxy.config.http.flow_control.low_water

Scope:	CONFIG
Type:	INT
Default:	0
Metric:	bytes

The low water mark for transaction buffer control. External source I/O is resumed when the total buffer space in useby the transaction is no more than this value.

Negative Response Caching¶

proxy.config.http.negative_caching_enabled

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

When enabled (

), Traffic Server caches negative responses (such as

404 Not
Found

) when a requested page doesnot exist. The next time a client requests the same page, Traffic Server serves the negative response directly fromcache. When disabled (

)
Traffic Server will only cache the response if the response has

Cache-Control

headers.

Note
The following negative responses are cached by Traffic Server::

204  No Content
305  Use Proxy
400  Bad Request
403  Forbidden
404  Not Found
405  Method Not Allowed
500  Internal Server Error
501  Not Implemented
502  Bad Gateway
503  Service Unavailable
504  Gateway Timeout

The cache lifetime for objects cached from this setting is controlled via

proxy.config.http.negative_caching_lifetime

proxy.config.http.negative_caching_lifetime

Scope:	CONFIG
Type:	INT
Default:	1800

How long (in seconds) Traffic Server keeps the negative responses valid in cache. This value only affects negativeresponses that do have explicit

Expires:

Cache-Control:

lifetimes set by the server.

Proxy User Variables¶

proxy.config.http.anonymize_remove_from

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

When enabled (

), Traffic Server removes the

From

header to protect the privacy of your users.

proxy.config.http.anonymize_remove_referer

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

When enabled (

), Traffic Server removes the

Referrer

header to protect the privacy of your site and users.

proxy.config.http.anonymize_remove_user_agent

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

When enabled (

), Traffic Server removes the

User-agent

header to protect the privacy of your site and users.

proxy.config.http.anonymize_remove_cookie

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

When enabled (

), Traffic Server removes the

Cookie

header to protect the privacy of your site and users.

proxy.config.http.anonymize_remove_client_ip

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

When enabled (

), Traffic Server removes

Client-IP

headers for more privacy.

proxy.config.http.anonymize_insert_client_ip

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

When enabled (

), Traffic Server inserts

Client-IP

headers to retain the client IP address.

proxy.config.http.anonymize_other_header_list

Scope:	CONFIG
Type:	STRING
Default:	NULL
Reloadable:	Yes

Comma separated list of headers Traffic Server should remove from outgoing requests.

proxy.config.http.insert_squid_x_forwarded_for

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

When enabled (

), Traffic Server adds the client IP address to the

X-Forwarded-For

header.

proxy.config.http.normalize_ae_gzip

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

Enable (

) to normalize all

Accept-Encoding:

headers to one of the following:

Accept-Encoding:
gzip

(if the header has

gzip

x-gzip

with any

) OR
blank (for any header that does not include

gzip

)

This is useful for minimizing cached alternates of documents (e.g.

gzip, deflate

vs.

deflate,gzip

). Enabling this option isrecommended if your origin servers use no encodings other than

gzip

Security¶

proxy.config.http.push_method_enabled

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Enables (

) or disables (

) the HTTP

PUSH

option, which allows you to deliver content directly to the cache without a userrequest.

Important
If you enable this option, then you must also specifya filtering rule in the ip_allow.config file to allow only certainmachines to push content into the cache.

proxy.config.http.max_post_size

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

This feature is disabled by default with a value of (

), any positivevalue will limit the size of post bodies. If a request is received with apost body larger than this limit the response will
be terminated with413 - Request Entity Too Large and logged accordingly.

Cache Control¶

proxy.config.cache.enable_read_while_writer

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

Specifies when to enable the ability to read a cached object while anotherconnection is completing the write to cache for that same object. The goalhere is to avoid multiple origin connections for the same cacheable objectupon a cache
miss. The possible values of this config are:

= never read while writing

= always read while writing

= always read while writing, but allow non-cached Range requests through to the origin

The

option is useful to avoid delaying requests which can not easilybe satisfied by the partially written response.
Several other configuration values need to be set for this to beusable. See
Reducing Origin Server Requests.

proxy.config.cache.force_sector_size

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Forces the use of a specific hardware sector size (512 - 8192 bytes).

proxy.config.http.cache.http

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

Enables (

) or disables (

) caching of HTTP requests.

proxy.config.http.cache.allow_empty_doc

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

Enables (

) or disables (

) caching objects that have an emptyresponse body. This is particularly useful for caching 301 or 302
responseswith a

Location

header but no document body. This only works if theorigin response also has a

Content-Length

header.

proxy.config.http.cache.ignore_client_no_cache

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

When enabled (

), Traffic Server ignores client requests to bypass the cache.

proxy.config.http.cache.ims_on_client_no_cache

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

When enabled (

), Traffic Server issues a conditional request to the origin server if an incoming request has a

No-Cache

header.

proxy.config.http.cache.ignore_server_no_cache

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

When enabled (

), Traffic Server ignores origin server requests to bypass the cache.

proxy.config.http.cache.cache_responses_to_cookies

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

Specifies how cookies are cached:

= do not cache any responses to cookies

= cache for any content-type

= cache only for image types

= cache for all but text content-types

proxy.config.http.cache.ignore_authentication

Scope:	CONFIG
Type:	INT
Default:	0

When enabled (

), Traffic Server ignores

WWW-Authentication

headers in responses

WWW-Authentication

headers are removed andnot cached.

proxy.config.http.cache.cache_urls_that_look_dynamic

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

Enables (

) or disables (

) caching of URLs that look dynamic, i.e.: URLs that end in
``.asp`` or contain a questionmark (``?``), a semicolon (``;``), or
``cgi``. For a full list, please refer toHttpTransact::url_looks_dynamic

proxy.config.http.cache.enable_default_vary_headers

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Enables (

) or disables (

) caching of alternate versions of HTTP objects that do not contain the

Vary

header.

proxy.config.http.cache.when_to_revalidate

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Specifies when to revalidate content:

= use cache directives or heuristic (the default value)

= stale if heuristic

= always stale (always revalidate)

= never stale

= use cache directives or heuristic (0) unless the request
has an

If-Modified-Since

header

If the request contains the

If-Modified-Since

header, thenTraffic Server always revalidates the cached content and uses theclient’s

If-Modified-Since

header for the proxy request.

proxy.config.http.cache.required_headers

Scope:	CONFIG
Type:	INT
Default:	2
Reloadable:	Yes

The type of headers required in a request for the request to be cacheable.

= no headers required to make document cacheable

= either the

Last-Modified

header, or an explicit lifetime header,

Expires

Cache-Control: max-age

, is required

= explicit lifetime is required,

Expires

Cache-Control: max-age

proxy.config.http.cache.max_stale_age

Scope:	CONFIG
Type:	INT
Default:	604800
Reloadable:	Yes

The maximum age allowed for a stale response before it cannot be cached.

proxy.config.http.cache.range.lookup

Scope:	CONFIG
Type:	INT
Default:	1

When enabled (

), Traffic Server looks up range requests in the cache.

proxy.config.http.cache.range.write

Scope:	CONFIG
Type:	INT
Default:	0

When enabled (

), Traffic Server will attempt to write (lock) the URLto cache. This is rarely useful (at the moment), since it’ll only be ableto write to cache if the origin has ignored the

Range:`
header. For a
usecase where
you know the
origin will respond
with a full
(``200

) response,you can turn this on to allow it to be cached.

proxy.config.http.cache.ignore_accept_mismatch

Scope:	CONFIG
Type:	INT
Default:	2
Reloadable:	Yes

When enabled with a value of

, Traffic Server serves documents from cache with a

Content-Type:

header even if it does not match the

Accept:

header of therequest. If set to

(default), this logic only happens in the absence of a

Vary

header in the cached response (which is the recommended and safe use).

Note
This option should only be enabled with

if you’re havingproblems with caching and you origin server doesn’t set the

Vary

header. Alternatively, if the origin is incorrectly setting

Vary:
Accept

or doesn’t respond with

406 (Not Acceptable)

,you can also enable this configuration with a

proxy.config.http.cache.ignore_accept_language_mismatch

Scope:	CONFIG
Type:	INT
Default:	2
Reloadable:	Yes

When enabled with a value of

, Traffic Server serves documents from cache with a

Content-Language:

header even if it does not match the

Accept-Language:

header of the request. If set to

(default), this logic only happens in the absence of a

Vary

header in the cached response (which is the recommended and safe use).

Note
This option should only be enabled with

if you’re havingproblems with caching and you origin server doesn’t set the

Vary

header. Alternatively, if the origin is incorrectly setting

Vary:
Accept-Language

or doesn’t respond with

406 (Not Acceptable)

,you can also enable this configuration with a

proxy.config.http.cache.ignore_accept_encoding_mismatch

Scope:	CONFIG
Type:	INT
Default:	2
Reloadable:	Yes

When enabled with a value of

, Traffic Server serves documents from cache with a

Content-Encoding:

header even if it does not match the

Accept-Encoding:

header of the request. If set to

(default), this logic only happens in the absence of a

Vary

header in the cached response (which is the recommended and safe use).

Note
This option should only be enabled with

if you’re havingproblems with caching and you origin server doesn’t set the

Vary

header. Alternatively, if the origin is incorrectly setting

Vary:
Accept-Encoding

or doesn’t respond with

406 (Not Acceptable)

you can also enable this configuration with a

proxy.config.http.cache.ignore_accept_charset_mismatch

Scope:	CONFIG
Type:	INT
Default:	2
Reloadable:	Yes

When enabled with a value of

, Traffic Server serves documents from cache with a

Content-Type:

header even if it does not match the

Accept-Charset:

headerof the request. If set to

(default), this logic only happens in the absence of a

Vary

header in the cached response (which is the recommended and safe use).

Note
This option should only be enabled with

if you’re havingproblems with caching and you origin server doesn’t set the

Vary

header. Alternatively, if the origin is incorrectly setting

Vary:
Accept-Charset

or doesn’t respond with

406 (Not Acceptable)

,you can also enable this configuration with a

proxy.config.http.cache.ignore_client_cc_max_age

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

When enabled (

), Traffic Server ignores any

Cache-Control:max-age

headers from the client. This technically violates the HTTP RFC,but avoids a problem where a client can forcefully invalidate a cached object.

proxy.config.cache.max_doc_size

Scope:	CONFIG
Type:	INT
Default:	0

Specifies the maximum object size that will be cached.

is unlimited.

proxy.config.cache.permit.pinning

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

When enabled (

), Traffic Server will keep certain HTTP objects in the cache for a certain time as specified in cache.config.

proxy.config.cache.hit_evacuate_percent

Scope:	CONFIG
Type:	INT
Default:	0

The size of the region (as a percentage of the total content storage in a

cache stripe) in front of thewrite cursor that constitutes a recent access hit
for evacutating the accessed object.
When an object is accessed it can be marked for evacuation, that is to be copied over the write cursor andthereby preserved from being overwritten. This is done if it is no more than a specific number of bytes in front ofthe write
cursor. The number of bytes is a percentage of the total number of bytes of content storage in the cachestripe where the object is stored and that percentage is set by this variable.
By default, the feature is off (set to 0).

proxy.config.cache.hit_evacuate_size_limit

Scope:	CONFIG
Type:	INT
Default:	0
Metric:	bytes

Limit the size of objects that are hit evacuated.
Objects larger than the limit are not hit evacuated. A value of 0 disables the limit.

proxy.config.cache.limits.http.max_alts

Scope:	CONFIG
Type:	INT
Default:	5

The maximum number of alternates that are allowed for any given URL.Disable by setting to 0.

proxy.config.cache.target_fragment_size

Scope:	CONFIG
Type:	INT
Default:	1048576

Sets the target size of a contiguous fragment of a file in the disk cache.When setting this, consider that larger numbers could waste memory on slowconnections, but smaller numbers could increase (waste) seeks.

RAM Cache¶

proxy.config.cache.ram_cache.size

Scope:	CONFIG
Type:	INT
Default:	-1

By default the RAM cache size is automatically determined, based ondisk cache size; approximately 10 MB of RAM cache per GB of disk cache.Alternatively, it can be set to a fixed value such as20GB (21474836480)

proxy.config.cache.ram_cache_cutoff

Scope:	CONFIG
Type:	INT
Default:	4194304

Objects greater than this size will not be kept in the RAM cache.This should be set high enough to keep objects accessed frequentlyin memory in order to improve performance.4MB (4194304)

proxy.config.cache.ram_cache.algorithm

Scope:	CONFIG
Type:	INT
Default:	0

Two distinct RAM caches are supported, the default (0) being the CLFUS(Clocked Least Frequently Used by Size). As an alternative, a simplerLRU (Least Recently Used) cache is also available, by changing
thisconfiguration to 1.

proxy.config.cache.ram_cache.use_seen_filter

Scope:	CONFIG
Type:	INT
Default:	0

Enabling this option will filter inserts into the RAM cache to ensure thatthey have been seen at least once. For the
LRU, this provides scanresistance. Note that CLFUS already requires that a document have historybefore it is inserted, so for
CLFUS, setting this option means that adocument must be seen three times before it is added to the RAM cache.

proxy.config.cache.ram_cache.compress

Scope:	CONFIG
Type:	INT
Default:	0

The CLFUS RAM cache also supports an optional in-memory compression.This is not to be confused with

Content-Encoding:gzip

compression.The RAM cache compression is intended to try to save space in the RAM,and is not visible to the User-Agent (client).
Possible values are:

= no compression

= fastlz (extremely fast, relatively low compression)

= libz (moderate speed, reasonable compression)

= liblzma (very slow, high compression)

Note
Compression runs on task threads. To use more cores for RAM cache compression, increase

proxy.config.task_threads

Heuristic Expiration¶

proxy.config.http.cache.heuristic_min_lifetime

Scope:	CONFIG
Type:	INT
Default:	3600
Reloadable:	Yes

The minimum amount of time an HTTP object without an expiration date can remain fresh in the cache before isconsidered to be stale.

proxy.config.http.cache.heuristic_max_lifetime

Scope:	CONFIG
Type:	INT
Default:	86400
Reloadable:	Yes

The maximum amount of time an HTTP object without an expiration date can remain fresh in the cache before isconsidered to be stale.

proxy.config.http.cache.heuristic_lm_factor

Scope:	CONFIG
Type:	FLOAT
Default:	0.10
Reloadable:	Yes

The aging factor for freshness computations. Traffic Server stores an object for this percentage of the time thatelapsed since it last changed.

proxy.config.http.cache.fuzz.time

Scope:	CONFIG
Type:	INT
Default:	240
Reloadable:	Yes

How often Traffic Server checks for an early refresh, during the period before the document stale time. The intervalspecified must be in seconds. See

Fuzzy Revalidation

proxy.config.http.cache.fuzz.probability

Scope:	CONFIG
Type:	FLOAT
Default:	0.005
Reloadable:	Yes

The probability that a refresh is made on a document during the specified fuzz time.

proxy.config.http.cache.fuzz.min_time

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Handles requests with a TTL less than fuzz.time – it allows for different times to evaluate the probability of revalidation for small TTLs and big TTLs. Objects with small TTLs will start “rolling the revalidation dice” near the fuzz.min_time, while objectswith large TTLs would start at fuzz.time. A logarithmic like function between determines the revalidation evaluation start time (which will be between fuzz.min_time and fuzz.time). As the object gets closer to expiring, the window start becomes more likely.
By default this setting is not enabled, but should be enabled anytime you have objects with small TTLs. The default value is

Dynamic Content & Content Negotiation¶

proxy.config.http.cache.vary_default_text

Scope:	CONFIG
Type:	STRING
Default:	NULL
Reloadable:	Yes

The header on which Traffic Server varies for text documents.

For example: if you specify

User-agent

, then Traffic Server cachesall the different user-agent versions of documents it encounters.

proxy.config.http.cache.vary_default_images

Scope:	CONFIG
Type:	STRING
Default:	NULL
Reloadable:	Yes

The header on which Traffic Server varies for images.

proxy.config.http.cache.vary_default_other

Scope:	CONFIG
Type:	STRING
Default:	NULL
Reloadable:	Yes

The header on which Traffic Server varies for anything other than text and images.

proxy.config.http.cache.open_read_retry_time

Scope:	CONFIG
Type:	INT
Default:	10
Reloadable:	Yes

The number of milliseconds a cacheable request will wait before requesting the object from cache if an equivalent request is in flight.

proxy.config.http.cache.max_open_read_retries

Scope:	CONFIG
Type:	INT
Default:	-1
Reloadable:	Yes

The number of times to attempt fetching an object from cache if there was an equivalent request in flight.

Customizable User Response Pages¶

proxy.config.body_factory.enable_customizations

Scope:	CONFIG
Type:	INT
Default:	1

Specifies whether customizable response pages are language specificor not:

= enable customizable user response pages in the default directory only

= enable language-targeted user response pages

proxy.config.body_factory.enable_logging

Scope:	CONFIG
Type:	INT
Default:	0

Enables (

) or disables (

) logging for customizable response pages. When enabled, Traffic Server records a message inthe error
log each time a customized response page is used or modified.

proxy.config.body_factory.template_sets_dir

Scope:	CONFIG
Type:	STRING
Default:	etc/trafficserver/body_factory

The customizable response page default directory. If this is arelative path, Traffic Server resolves it relative to the

PREFIX

directory.

proxy.config.body_factory.response_suppression_mode

Scope:	CONFIG
Type:	INT
Default:	0

Specifies when Traffic Server suppresses generated response pages:

= never suppress generated response pages

= always suppress generated response pages

= suppress response pages only for intercepted traffic

proxy.config.http_ui_enabled

Scope:	CONFIG
Type:	INT
Default:	0

Specifies which http UI endpoints to allow within

remap.config

= disable all http UI endpoints

= enable only cache endpoints

= enable only stats endpoints

= enable all http UI endpoints

To enable any enpoint there needs to be an entry in

remap.config

whichspecifically enables it. Such a line would look like:

map / http://{stat}

The following are the cache endpoints:

cache

= UI to interact with the cache

The following are the stats endpoints:

cache-internal

= statistics about cache evacuation and volumes

hostdb

= lookups against the hostdb

http

= HTTPSM details, this endpoint is also gated by
proxy.config.http.enable_http_info

net

= lookup and listing of open connections

stat

= list of all records.config options and metrics

test

= test callback page

proxy.config.http.enable_http_info

Scope:	CONFIG
Type:	INT
Default:	0

Enables (

) or disables (

) access to an endpoint within
proxy.config.http_ui_enabledwhich shows details about inflight transactions (HttpSM).

DNS¶

proxy.config.dns.search_default_domains

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Enables (

) or disables (

) local domain expansion.

Traffic Server can attempt to resolve unqualified hostnames byexpanding to the local domain. For example if a client makes arequest to an unqualified host (

host_x

) and the Traffic Serverlocal
domain is

y.com

, then Traffic Server will expand thehostname to

host_x.y.com

proxy.config.dns.splitDNS.enabled

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Enables (

) or disables (

) DNS server selection. When enabled, Traffic Server refers to the

splitdns.config

file forthe selection specification. Refer to

Configuring DNS Server Selection (Split DNS).

proxy.config.dns.url_expansions

Scope:	CONFIG
Type:	STRING
Default:	NULL

Specifies a list of hostname extensions that are automatically added to the hostname after a failed lookup. For example: if you wantTraffic Server to add the hostname extension .org, then specify

org

as the value for this variable (Traffic Server automaticallyadds the dot (.)).

Note
If the variable

proxy.config.http.enable_url_expandomatic

is set to

(the default value), then you do not have toadd
``www.`` and ``.com`` to this list because Traffic Server automatically tries www. and .com after trying the valuesyou’ve specified.

proxy.config.dns.resolv_conf

Scope:	CONFIG
Type:	STRING
Default:	/etc/resolv.conf

Allows to specify which

resolv.conf

file to use for finding resolvers. While the format of this file must be the same as thestandard

resolv.conf

file, this option allows an administrator to manage the set of resolvers in an external configuration file,without affecting how the rest of the operating system uses DNS.

proxy.config.dns.round_robin_nameservers

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

Enables (

) or disables (

) DNS server round-robin.

proxy.config.dns.nameservers

Scope:	CONFIG
Type:	STRING
Default:	NULL
Reloadable:	Yes

The DNS servers.

proxy.config.srv_enabled

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Indicates whether to use SRV records for orgin server lookup.

proxy.config.dns.dedicated_thread

Scope:	CONFIG
Type:	INT
Default:	0

Create and dedicate a thread entirely for DNS processing. This is probablymost useful on system which do a significant number of DNS lookups,typically forward proxies. But even on other systems, it can avoid somecontention on the first worker thread (which
otherwise takes on the burden ofall DNS lookups).

proxy.config.dns.validate_query_name

Scope:	CONFIG
Type:	INT
Default:	0

When enabled (1) provides additional resilience against DNS forgery (for instancein DNS Injection attacks), particularly in forward or transparent proxies, butrequires that the resolver populates the queries section of the response properly.

HostDB¶

proxy.config.hostdb.lookup_timeout

Scope:	CONFIG
Type:	INT
Default:	120
Metric:	seconds
Reloadable:	Yes

Time to wait for a DNS response in seconds.

proxy.config.hostdb.serve_stale_for

Scope:	CONFIG
Type:	INT
Default:	NONE
Metric:	seconds
Reloadable:	Yes

The number of seconds for which to use a stale NS record while initiating abackground fetch for the new data.
If not set then stale records are not served.

proxy.config.hostdb.storage_size

Scope:	CONFIG
Type:	INT
Default:	33554432
Metric:	bytes

The amount of space (in bytes) used to store

hostdb

.The value of this variable must be increased if you increase the size of theproxy.config.hostdb.size
variable.

proxy.config.hostdb.size

Scope:	CONFIG
Type:	INT
Default:	120000

The maximum number of entries that can be stored in the database.

Note
For values above

, you must increase

proxy.config.hostdb.storage_size

by at least 44 bytes per entry.

proxy.config.hostdb.ttl_mode

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

A host entry will eventually time out and be discarded. This variable controls how that time is calculated. A DNSrequest will return a TTL value and an internal value can be set with

proxy.config.hostdb.timeout

. Thisvariable determines which value will be used.


Value	TTL
0	The TTL from the DNS response.
1	The internal timeout value.
2	The smaller of the DNS and internal TTL values. The internal timeout value becomes a maximum TTL.
3	The larger of the DNS and internal TTL values. The internal timeout value become a minimum TTL.

proxy.config.hostdb.timeout

Scope:	CONFIG
Type:	INT
Default:	1440
Metric:	minutes
Reloadable:	Yes

Internal time to live value for host DB entries,
in minutes.
See

proxy.config.hostdb.ttl_mode

for when this value is used.

proxy.config.hostdb.strict_round_robin

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Set host resolution to use strict round robin.

When this and

proxy.config.hostdb.timed_round_robin

are both disabled (set to

), Traffic Server alwaysuses the same origin server for the same client, for as long as the origin server is available. Otherwise if this isset then IP address is rotated on every request. This
setting takes precedence over

proxy.config.hostdb.timed_round_robin

proxy.config.hostdb.timed_round_robin

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Set host resolution to use timed round robin.

When this and

proxy.config.hostdb.strict_round_robin

are both disabled (set to

), Traffic Server alwaysuses the same origin server for the same client, for as long as the origin server is available. Otherwise if this isset to
N the IP address is rotated if more than N seconds have past since the first time thecurrent address was used.

proxy.config.hostdb.host_file.path

Scope:	CONFIG
Type:	STRING
Default:	/etc/hosts

Set the file path for an external host file.

If this is set (non-empty) then the file is presumed to be a hosts file in the standard

host file format. It is read and the entries there added to the HostDB. The file is periodically checked for a more recent modification date in which case it is reloaded. The interval is set by the value

proxy.config.hostdb.host_file.interval

.

While not technically reloadable, the value is read every time the file is to be checked so that if changed the newvalue will be used on the next check and the file will be treated as modified.

proxy.config.hostdb.host_file.interval

Scope:	CONFIG
Type:	INT
Default:	86400
Metric:	seconds
Reloadable:	Yes

Set the file changed check timer for

proxy.config.hostdb.host_file.path

.

The file is checked every this many seconds to see if it has changed. If so the HostDB is updated with the new values in the file.

proxy.config.hostdb.ip_resolve

Scope:	CONFIG
Type:	STRING
Default:	NULL

Set the host resolution style.

This is an ordered list of keywords separated by semicolons that specify how a host name is to be resolved to an IP address. The keywords are caseinsensitive.


Keyword	Meaning
ipv4	Resolve to an IPv4 address.
ipv6	Resolve to an IPv6 address.
client	Resolve to the same family as the client IP address.
none	Stop resolving.

The order of the keywords is critical. When a host name needs to be resolved it is resolved in same order as thekeywords. If a resolution fails, the next option in the list is tried. The keyword

none

means to give up resolutionentirely. The keyword list has a maximum length of three keywords, more are never needed. By default there is animplicit

ipv4;ipv6

attached to the end of the string unless the keyword

none

appears.

Example
Use the incoming client family, then try IPv4 and IPv6.

client;ipv4;ipv6

Because of the implicit resolution this can also be expressed as just

client

Example
Resolve only to IPv4.

ipv4;none

Example
Resolve only to the same family as the client (do not permit cross family transactions).

client;none

This value is a global default that can be overridden by

proxy.config.http.server_ports

.

Note
This style is used as a convenience for the administrator. During a resolution the
resolution order will beone family, then possibly the other. This is determined by changing

client

ipv4

ipv6

based on theclient IP address and then removing duplicates.

Important
This option has no effect on outbound transparent connections The local IP address used in the connection to theorigin server is determined by the client, which forces the IP address family of the address used for the originserver. In effect,
outbound transparent connections always use a resolution style of “

client

”.

Logging Configuration¶

proxy.config.log.logging_enabled

Scope:	CONFIG
Type:	INT
Default:	3
Reloadable:	Yes

Enables and disables event logging:

= logging disabled

= log errors only

= log transactions only

= full logging (errors + transactions)

Refer to
Working with Log Files.

proxy.config.log.max_secs_per_buffer

Scope:	CONFIG
Type:	INT
Default:	5
Reloadable:	Yes

The maximum amount of time before data in the buffer is flushed to disk.

proxy.config.log.max_space_mb_for_logs

Scope:	CONFIG
Type:	INT
Default:	25000
Metric:	megabytes
Reloadable:	Yes

The amount of space allocated to the logging directory (in MB).

Note
All files in the logging directory contribute to the space used, even if they are not log files. In collation clientmode, if there is no local disk logging, or

proxy.config.log.max_space_mb_for_orphan_logs

is set to a highervalue than

proxy.config.log.max_space_mb_for_logs

, TS will take

proxy.config.log.max_space_mb_for_orphan_logs

for maximum allowed log space.

proxy.config.log.max_space_mb_for_orphan_logs

Scope:	CONFIG
Type:	INT
Default:	25
Metric:	megabytes
Reloadable:	Yes

The amount of space allocated to the logging directory (in MB) if this node is acting as a collation client.

Note
When max_space_mb_for_orphan_logs is take as the maximum allowed log space in the logging system, the same rule applyto proxy.config.log.max_space_mb_for_logs also apply to proxy.config.log.max_space_mb_for_orphan_logs, ie: All filesin the logging
directory contribute to the space used, even if they are not log files. you may need to consider thiswhen you enable full remote logging, and bump to the same size as proxy.config.log.max_space_mb_for_logs.

proxy.config.log.max_space_mb_headroom

Scope:	CONFIG
Type:	INT
Default:	1000
Metric:	megabytes
Reloadable:	Yes

The tolerance for the log space limit (in megabytes). If the variable

proxy.config.log.auto_delete_rolled_files

is set to

(enabled), then autodeletion of log files is triggered when the amount of free space available in the logging directory is less thanthe value specified here.

proxy.config.log.hostname

Scope:	CONFIG
Type:	STRING
Default:	localhost
Reloadable:	Yes

The hostname of the machine running Traffic Server.

proxy.config.log.logfile_dir

Scope:	CONFIG
Type:	STRING
Default:	var/log/trafficserver
Reloadable:	Yes

The path to the logging directory. This can be an absolute pathor a path relative to the

PREFIX

directory in which TrafficServer is installed.

Note
The directory you specify must already exist.

proxy.config.log.logfile_perm

Scope:	CONFIG
Type:	STRING
Default:	rw-r–r–
Reloadable:	Yes

The log file permissions. The standard UNIX file permissions are used (owner, group, other). Permissible values are:

no permission

read permission

write permission

execute permission
Permissions are subject to the umask settings for the Traffic Server process. This means that a umask setting of

will not allowwrite permission for others, even if specified
in the configuration file. Permissions for existing log files are not changed when theconfiguration is changed.

proxy.config.log.custom_logs_enabled

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

Enables (

) or disables (

) custom logging.

proxy.config.log.squid_log_enabled

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

Enables (

) or disables (

) the

squid log file format.

proxy.config.log.squid_log_is_ascii

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

The squid log file type:

= ASCII

= binary

proxy.config.log.squid_log_name

Scope:	CONFIG
Type:	STRING
Default:	squid
Reloadable:	Yes

The
squid log filename.

proxy.config.log.squid_log_header

Scope:	CONFIG
Type:	STRING
Default:	NULL

The
squid log file header text.

proxy.config.log.common_log_enabled

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Enables (

) or disables (

) the
Netscape common log file format.

proxy.config.log.common_log_is_ascii

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

The Netscape common log file type:

= ASCII

= binary

proxy.config.log.common_log_name

Scope:	CONFIG
Type:	STRING
Default:	common
Reloadable:	Yes

The Netscape common log filename.

proxy.config.log.common_log_header

Scope:	CONFIG
Type:	STRING
Default:	NULL
Reloadable:	Yes

The Netscape common log file header text.

proxy.config.log.extended_log_enabled

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Enables (

) or disables (

) the

Netscape extended log file format.

proxy.config.log.extended_log_is_ascii

Scope:	CONFIG
Type:	INT
Default:	0

The Netscape extended log file type:

= ASCII

= binary

proxy.config.log.extended_log_name

Scope:	CONFIG
Type:	STRING
Default:	extended

The Netscape extended log filename.

proxy.config.log.extended_log_header

Scope:	CONFIG
Type:	STRING
Default:	NULL
Reloadable:	Yes

The Netscape extended log file header text.

proxy.config.log.extended2_log_enabled

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Enables (

) or disables (

) the

Netscape Extended-2 log fileformat.

proxy.config.log.extended2_log_is_ascii

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

The Netscape Extended-2 log file type:

= ASCII

= binary

proxy.config.log.extended2_log_name

Scope:	CONFIG
Type:	STRING
Default:	extended2
Reloadable:	Yes

The Netscape Extended-2 log filename.

proxy.config.log.extended2_log_header

Scope:	CONFIG
Type:	STRING
Default:	NULL
Reloadable:	Yes

The Netscape Extended-2 log file header text.

proxy.config.log.separate_icp_logs

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

When enabled (

), configures Traffic Server to store ICP transactions in a separate log file.

= separation is disabled, all ICP transactions are recorded in the same file as HTTP transactions

= all ICP transactions are recorded in a separate log file.

-1

= filter all ICP transactions from the default log files; ICP transactions are not logged anywhere.

proxy.config.log.separate_host_logs

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

When enabled (

), configures Traffic Server to create a separate log file for HTTP transactions for each origin server listed in the

log_hosts.config

file. Refer to
HTTP Host Log Splitting.

proxy.local.log.collation_mode

Scope:	LOCAL
Type:	INT
Default:	0
Reloadable:	Yes

Set the log collation mode.


Value	Effect
0	collation is disabled
1	this host is a log collation server
2	this host is a collation client and sends entries using standard formats to the collation server
3	this host is a collation client and sends entries using the traditional custom formats to the collation server
4	this host is a collation client and sends entries that use both the standard and traditional custom formats to the collation server

For information on sending XML-based custom formats to the collationserver, refer to

logs_xml.config

.

Note
Although Traffic Server supports traditional custom logging, you should use the more versatile XML-based custom formats.

proxy.config.log.collation_host

Scope:	CONFIG
Type:	STRING
Default:	NULL

The hostname of the log collation server.

proxy.config.log.collation_port

Scope:	CONFIG
Type:	INT
Default:	8085
Reloadable:	Yes

The port used for communication between the collation server and client.

proxy.config.log.collation_secret

Scope:	CONFIG
Type:	STRING
Default:	foobar
Reloadable:	Yes

The password used to validate logging data and prevent the exchange of unauthorized information when a collation server is being used.

proxy.config.log.collation_host_tagged

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

When enabled (

), configures Traffic Server to include the hostname of the collation client that generated the log entry in each entry.

proxy.config.log.collation_retry_sec

Scope:	CONFIG
Type:	INT
Default:	5
Reloadable:	Yes

The number of seconds between collation server connection retries.

proxy.config.log.rolling_enabled

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

Specifies how log files are rolled. You can specify the following values:

= disables log file rolling

= enables log file rolling at specific intervals during the day (specified with the
proxy.config.log.rolling_interval_sec and

proxy.config.log.rolling_offset_hr variables)

= enables log file rolling when log files reach a specific size (specified with the

proxy.config.log.rolling_size_mb variable)

= enables log file rolling at specific intervals during the day or when log files reach a specific size (whichever occurs first)

= enables log file rolling at specific intervals during the day when log files reach a specific size (i.e., at a specified
time if the file is of the specified size)

proxy.config.log.rolling_interval_sec

Scope:	CONFIG
Type:	INT
Default:	86400
Reloadable:	Yes

The log file rolling interval, in seconds. The minimum value is

(1 minute). The maximum, and default, value is 86400 seconds (one day).

Note
If you start Traffic Server within a few minutes of the next rolling time, then rolling might not occur until the next rolling time.

proxy.config.log.rolling_offset_hr

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

The file rolling offset hour. The hour of the day that starts the log rolling period.

proxy.config.log.rolling_size_mb

Scope:	CONFIG
Type:	INT
Default:	10
Reloadable:	Yes

The size that log files must reach before rolling takes place.

proxy.config.log.auto_delete_rolled_files

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

Enables (

) or disables (

) automatic deletion of rolled files.

proxy.config.log.sampling_frequency

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

Configures Traffic Server to log only a sample of transactions rather than every transaction. You can specify the following values:

= log every transaction

= log every second transaction

= log every third transaction and so on...

proxy.config.http.slow.log.threshold

Scope:	CONFIG
Type:	INT
Default:	0
Metric:	milliseconds
Reloadable:	Yes

If set to a non-zero value N then any connection that takes longer than
N milliseconds from accept tocompletion will cause its timing stats to be written to the

debugging
log file

. This is identifying data about the transaction and all of the

transaction
milestones

Diagnostic Logging Configuration¶

proxy.config.diags.output.diag

Scope:	CONFIG
Type:	STRING
Default:	E

proxy.config.diags.output.debug

Scope:	CONFIG
Type:	STRING
Default:	E

proxy.config.diags.output.status

Scope:	CONFIG
Type:	STRING
Default:	L

proxy.config.diags.output.note

Scope:	CONFIG
Type:	STRING
Default:	L

proxy.config.diags.output.warning

Scope:	CONFIG
Type:	STRING
Default:	L

proxy.config.diags.output.error

Scope:	CONFIG
Type:	STRING
Default:	SL

proxy.config.diags.output.fatal

Scope:	CONFIG
Type:	STRING
Default:	SL

proxy.config.diags.output.alert

Scope:	CONFIG
Type:	STRING
Default:	L

proxy.config.diags.output.emergency

Scope:	CONFIG
Type:	STRING
Default:	SL

The diagnosic output configuration variables control where TrafficServer should log diagnostic output. Messages at each diagnostic levelcan be directed to any combination of diagnostic destinations.Valid diagnostic message destinations
are:

‘O’ = Log to standard output
‘E’ = Log to standard error
‘S’ = Log to syslog
‘L’ = Log to diags.log

Example
To log debug diagnostics to both syslog and diags.log:

CONFIG proxy.config.diags.output.debug STRING SL

proxy.config.diags.show_location

Scope:	CONFIG
Type:	INT
Default:	1

Annotates diagnostic messages with the source code location.

proxy.config.diags.debug.enabled

Scope:	CONFIG
Type:	INT
Default:	0

Enables logging for diagnostic messages whose log level is diag or
debug.

proxy.config.diags.debug.tags

Scope:	CONFIG
Type:	STRING
Default:	http.\|dns.

Each Traffic Server diag and debug level message is annotatedwith a subsytem tag. This configuration contains a regularexpression that filters the messages based on the tag. Somecommonly used debug tags are:


Tag	Subsytem usage
dns	DNS query resolution
http_hdrs	Logs the headers for HTTP requests and responses
privileges	Privilege elevation
ssl	TLS termination and certificate processing

Traffic Server plugins will typically log debug messages usingthe

TSDebug()

API, passing the plugin name as the debugtag.

Reverse Proxy¶

proxy.config.reverse_proxy.enabled

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

Enables (

) or disables (

) HTTP reverse proxy.

proxy.config.header.parse.no_host_url_redirect

Scope:	CONFIG
Type:	STRING
Default:	NULL
Reloadable:	Yes

The URL to which to redirect requests with no host headers (reverseproxy).

URL Remap Rules¶

proxy.config.url_remap.filename

Scope:	CONFIG
Type:	STRING
Default:	remap.config

Sets the name of the

remap.config

file.

proxy.config.url_remap.default_to_server_pac

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Enables (

) or disables (

) requests for a PAC file on the proxyservice port (8080 by default) to be redirected to the PACport.
For this type of redirection to work, the variableproxy.config.reverse_proxy.enabled must be set to

proxy.config.url_remap.default_to_server_pac_port

Scope:	CONFIG
Type:	INT
Default:	-1
Reloadable:	Yes

Sets the PAC port so that PAC requests made to the Traffic Serverproxy service port are redirected this port.

-1

is the defaultsetting that sets the PAC port to the autoconfiguration port (thedefault autoconfiguration port is 8083). This variable can be usedtogether with the

proxy.config.url_remap.default_to_server_pacvariable to get a PAC file from a different port. You must createand run a process that serves a PAC file on this port. For example:if you create a Perl script that listens on port 9000 and writes aPAC file in
response to any request, then you can set this variableto

. Browsers that request the PAC file from a proxy serveron port 8080 will get the PAC file served by the Perl script.

proxy.config.url_remap.remap_required

Scope:	CONFIG
Type:	INT
Default:	1
Reloadable:	Yes

Set this variable to

if you want Traffic Server to serverequests only from origin servers listed in the mapping rules of the

remap.config

file. If a request does not match, then the browserwill receive an error.

proxy.config.url_remap.pristine_host_hdr

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Set this variable to

if you want to retain the client hostheader in a request during remapping.

SSL Termination¶

proxy.config.ssl.SSLv2

Scope:	CONFIG
Type:	INT
Default:	0

Enables (

) or disables (

) SSLv2. Please don’t enable it.

proxy.config.ssl.SSLv3

Scope:	CONFIG
Type:	INT
Default:	0

Enables (

) or disables (

) SSLv3.

proxy.config.ssl.TLSv1

Scope:	CONFIG
Type:	INT
Default:	1

Enables (

) or disables (

) TLSv1.

proxy.config.ssl.TLSv1_1

Scope:	CONFIG
Type:	INT
Default:	1

Enables (

) or disables (

) TLS v1.1. If not specified, enabled by default. [Requires OpenSSL v1.0.1 and higher]

proxy.config.ssl.TLSv1_2

Scope:	CONFIG
Type:	INT
Default:	1

Enables (

) or disables (

) TLS v1.2. If not specified, DISABLED by default. [Requires OpenSSL v1.0.1 and higher]

proxy.config.ssl.client.certification_level

Scope:	CONFIG
Type:	INT
Default:	0

Sets the client certification level:

= no client certificates are required. Traffic Server does
not verify client certificates during the SSL handshake. Accessto Traffic Server depends on Traffic Server configuration options(such as access control lists).

= client certificates are optional. If a client has a
certificate, then the certificate is validated. If the clientdoes not have a certificate, then the client is still allowedaccess to Traffic Server unless access is denied through otherTraffic Server configuration options.

= client certificates are required. The client must be
authenticated during the SSL handshake. Clients without acertificate are not allowed to access Traffic Server.

proxy.config.ssl.number.threads

Scope:	CONFIG
Type:	INT
Default:	0

Sets the number of SSL threads to use, this defaults to 0 (autoconfigure).

= autoconfigure, this will allow Traffic Server to determinethe appropriate number of threads

-1

= disable, this makes ET_NET threads behave like ET_SSL threadsNote: this does not disable SSL, it simply allows another thread poolto assist in SSL tasks without dedicated SSL threads.

>0

= Use a non-zero number of SSL threads

proxy.config.ssl.server.multicert.filename

Scope:	CONFIG
Type:	STRING
Default:	ssl_multicert.config

The location of the

ssl_multicert.config

file, relativeto the Traffic Server configuration directory. In the followingexample, if the Traffic Server configuration directory is/etc/trafficserver,
the Traffic Server SSL configuration fileand the corresponding certificates are located in/etc/trafficserver/ssl:

CONFIG proxy.config.ssl.server.multicert.filename STRING ssl/ssl_multicert.config
CONFIG proxy.config.ssl.server.cert.path STRING etc/trafficserver/ssl
CONFIG proxy.config.ssl.server.private_key.path STRING etc/trafficserver/ssl

proxy.config.ssl.server.cert.path

Scope:	CONFIG
Type:	STRING
Default:	/config

The location of the SSL certificates and chains used for acceptingand validation new SSL sessions. If this is a relative path,it is appended to the Traffic Server installation PREFIX. Allcertificates and certificate chains listed in

ssl_multicert.config

will be loaded relative to this path.

proxy.config.ssl.server.private_key.path

Scope:	CONFIG
Type:	STRING
Default:	NULL

The location of the SSL certificate private keys. Change thisvariable only if the private key is not located in the SSLcertificate file. All private keys listed in

ssl_multicert.config

will be loaded relative to thispath.

proxy.config.ssl.server.cert_chain.filename

Scope:	CONFIG
Type:	STRING
Default:	NULL

The name of a file containing a global certificate chain thatshould be used with every server certificate. This file is onlyused if there are certificates defined in

ssl_multicert.config

.Unless this is an absolute path, it is loaded relative to thepath specified by

proxy.config.ssl.server.cert.path

proxy.config.ssl.server.dhparams_file

Scope:	CONFIG
Type:	STRING
Default:	NULL

The name of a file containing a set of Diffie-Hellman key exchangeparameters. If not specified, 2048-bit DH parameters from

RFC 5114 areused. These parameters are only used if a DHE (or EDH) cipher suite hasbeen selected.

proxy.config.ssl.CA.cert.path

Scope:	CONFIG
Type:	STRING
Default:	NULL

The location of the certificate authority file that clientcertificates will be verified against.

proxy.config.ssl.CA.cert.filename

Scope:	CONFIG
Type:	STRING
Default:	NULL

The filename of the certificate authority that client certificateswill be verified against.

proxy.config.ssl.server.ticket_key.filename

Scope:	CONFIG
Type:	STRING
Default:	ssl_ticket.key

The location of the

ssl_ticket.key

file, relative to the

proxy.config.ssl.server.cert.path

directory.

proxy.config.ssl.max_record_size

Scope:	CONFIG
Type:	INT
Default:	0

This configuration specifies the maximum number of bytes to writeinto a SSL record when replying over a SSL session. In somecircumstances this setting can improve response latency by reducingbuffering at the SSL layer. This setting
can have a value between 0and 16383 (max TLS record size).
The default of

means to always write all available data intoa single SSL record.
A value of

-1

means TLS record size is dynamically determined. Thestrategy employed is to use small TLS records that fit into a singleTCP segment for the first ~1 MB of
data, but, increase the record size to16 KB after that to optimize throughput. The record size is reset back toa single segment after ~1 second of inactivity and the record size rampingmechanism is repeated again.

proxy.config.ssl.session_cache

Scope:	CONFIG
Type:	INT
Default:	2

Enables the SSL Session Cache:-

= Disables the session cache entirely

= Enables the session cache using OpenSSLs implementation.

= (default) Enables the session cache using Traffic Server’s implementation.
This implentation should perform much better than the OpenSSLimplementation.

proxy.config.ssl.session_cache.timeout

Scope:	CONFIG
Type:	INT
Default:	0

This configuration specifies the lifetime of SSL session cacheentries in seconds. If it is

, then the SSL library will usea default value, typically 300 seconds. Note: This option has no affectwhen using the Traffic Server session cache (option

proxy.config.ssl.session_cache

)

proxy.config.ssl.session_cache.auto_clear

Scope:	CONFIG
Type:	INT
Default:	1

This will set the OpenSSL auto clear flag. Auto clear is enabled bydefault with

it can be disabled by changing this setting to

proxy.config.ssl.session_cache.size

Scope:	CONFIG
Type:	INT
Default:	102400

This configuration specifies the maximum number of entriesthe SSL session cache may contain.

proxy.config.ssl.session_cache.num_buckets

Scope:	CONFIG
Type:	INT
Default:	1024

This configuration specifies the number of buckets to use with theTraffic Server SSL session cache implementation. The TS implementationis a fixed size hash map where each bucket is protected by a mutex.

proxy.config.ssl.session_cache.skip_cache_on_bucket_contention

Scope:	CONFIG
Type:	INT
Default:	0

This configuration specifies the behavior of the Traffic Server SSL sessioncache implementation during lock contention on each bucket:

= (default) Don’t skip session caching when bucket lock is contented.

= Don’t use the SSL session cache for this connection during lock contention.

proxy.config.ssl.hsts_max_age

Scope:	CONFIG
Type:	INT
Default:	-1

This configuration specifies the max-age value that will be usedwhen adding the Strict-Transport-Security header. The value is in seconds.A value of

will set the max-age value to

and should remove theHSTS entry from the client. A value of

-1

will disable this feature andnot set the header. This option is only used for HTTPS requests and theheader will not be set on HTTP requests.

proxy.config.ssl.hsts_include_subdomains

Scope:	CONFIG
Type:	INT
Default:	0

Enables (

) or disables (

) adding the includeSubdomain valueto the Strict-Transport-Security header. proxy.config.ssl.hsts_max_ageneeds
to be set to a non

-1

value for this configuration to take effect.

proxy.config.ssl.allow_client_renegotiation

Scope:	CONFIG
Type:	INT
Default:	0

This configuration specifies whether the client is able to initiaterenegotiation of the SSL connection. The default of

, meansthe client can’t initiate renegotiation.

proxy.config.ssl.cert.load_elevated

Scope:	CONFIG
Type:	INT
Default:	0

Enables (

) or disables (

) elevation of traffic_serverprivileges during loading of SSL certificates. By
enabling this, SSLcertificate files’ access rights can be restricted to help reduce thevulnerability of certificates.
This feature requires Traffic Server to be built with POSIXcapabilities enabled.

Client-Related Configuration¶

proxy.config.ssl.client.verify.server

Scope:	CONFIG
Type:	INT
Default:	0

Configures Traffic Server to verify the origin server certificatewith the Certificate Authority (CA).

proxy.config.ssl.client.cert.filename

Scope:	CONFIG
Type:	STRING
Default:	NULL

The filename of SSL client certificate installed on Traffic Server.

proxy.config.ssl.client.cert.path

Scope:	CONFIG
Type:	STRING
Default:	/config

The location of the SSL client certificate installed on TrafficServer.

proxy.config.ssl.client.private_key.filename

Scope:	CONFIG
Type:	STRING
Default:	NULL

The filename of the Traffic Server private key. Change this variableonly if the private key is not located in the Traffic Server SSLclient certificate file.

proxy.config.ssl.client.private_key.path

Scope:	CONFIG
Type:	STRING
Default:	NULL

The location of the Traffic Server private key. Change this variableonly if the private key is not located in the SSL client certificatefile.

proxy.config.ssl.client.CA.cert.filename

Scope:	CONFIG
Type:	STRING
Default:	NULL

The filename of the certificate authority against which the originserver will be verified.

proxy.config.ssl.client.CA.cert.path

Scope:	CONFIG
Type:	STRING
Default:	NULL

Specifies the location of the certificate authority file againstwhich the origin server will be verified.

ICP Configuration¶

proxy.config.icp.enabled

Scope:	CONFIG
Type:	INT
Default:	0

Sets ICP mode for hierarchical caching:

= disables ICP

= allows Traffic Server to receive ICP queries only

= allows Traffic Server to send and receive ICP queries

Refer to <admin-icp-peering>.

proxy.config.icp.icp_interface

Scope:	CONFIG
Type:	STRING
Default:	your_interface

Specifies the network interface used for ICP traffic.

Note
The Traffic Server installation script detects yournetwork interface and sets this variable appropriately. If yoursystem has multiple network interfaces, check that this variablespecifies the correct interface.

proxy.config.icp.icp_port

Scope:	CONFIG
Type:	INT
Default:	3130
Reloadable:	Yes

Specifies the UDP port that you want to use for ICP messages.

proxy.config.icp.query_timeout

Scope:	CONFIG
Type:	INT
Default:	2
Reloadable:	Yes

Specifies the timeout used for ICP queries.

HTTP/2 Configuration¶

proxy.config.http2.enabled

Scope:	CONFIG
Type:	INT
Default:	0

Enable the experimental HTTP/2 feature. This implements most of thespecifications, with the one big exception being server PUSH.

Note
This configuration will be eliminated for v6.0.0, where HTTP/2 isenabled by default and controlled via the ports configuration.

proxy.config.http2.max_concurrent_streams_in

Scope:	CONFIG
Type:	INT
Default:	100
Reloadable:	Yes

The maximum number of concurrent streams per inbound connection.

Note
Reloading this value affects only new HTTP/2 connections, not theones already established.

proxy.config.http2.initial_window_size_in

Scope:	CONFIG
Type:	INT
Default:	1048576
Reloadable:	Yes

The initial window size for inbound connections.

proxy.config.http2.max_frame_size

Scope:	CONFIG
Type:	INT
Default:	16384
Reloadable:	Yes

Indicates the size of the largest frame payload that the sender is willingto receive.

proxy.config.http2.header_table_size

Scope:	CONFIG
Type:	INT
Default:	4096
Reloadable:	Yes

The maximum size of the header compression table used to decode headerblocks.

proxy.config.http2.max_header_list_size

Scope:	CONFIG
Type:	INT
Default:	4294967295
Reloadable:	Yes

This advisory setting informs a peer of the maximum size of header listthat the sender is prepared to accept blocks. The default value, which isthe unsigned int maximum value in Traffic Server, implies unlimited size.

SPDY Configuration¶

proxy.config.spdy.accept_no_activity_timeout

Scope:	CONFIG
Type:	INT
Default:	30
Reloadable:	Yes

How long a SPDY connection will be kept open after an accept without any streams created.

proxy.config.spdy.no_activity_timeout_in

Scope:	CONFIG
Type:	INT
Default:	30
Reloadable:	Yes

How long a stream is kept open without activity.

proxy.config.spdy.initial_window_size_in

Scope:	CONFIG
Type:	INT
Default:	65536
Reloadable:	Yes

The initial window size for inbound connections.

proxy.config.spdy.max_concurrent_streams_in

Scope:	CONFIG
Type:	INT
Default:	100
Reloadable:	Yes

The maximum number of concurrent streams per inbound connection.

Note
Reloading this value affects only new SPDY connections, not theones already established..

Scheduled Update Configuration¶

proxy.config.update.enabled

Scope:	CONFIG
Type:	INT
Default:	0

Enables (

) or disables (

) the Scheduled Update option.

proxy.config.update.force

Scope:	CONFIG
Type:	INT
Default:	0
Reloadable:	Yes

Enables (

) or disables (

) a force immediate update. Whenenabled, Traffic Server overrides the scheduling expiration time forall
scheduled update entries and initiates updates until this optionis disabled.

proxy.config.update.retry_count

Scope:	CONFIG
Type:	INT
Default:	10
Reloadable:	Yes

Specifies the number of times Traffic Server can retry the scheduledupdate of a URL in the event of failure.

proxy.config.update.retry_interval

Scope:	CONFIG
Type:	INT
Default:	2
Reloadable:	Yes

Specifies the delay (in seconds) between each scheduled update retryfor a URL in the event of failure.

proxy.config.update.concurrent_updates

Scope:	CONFIG
Type:	INT
Default:	100
Reloadable:	Yes

Specifies the maximum simultaneous update requests allowed at anytime. This option prevents the scheduled update process fromoverburdening the host.

Plug-in Configuration¶

proxy.config.plugin.plugin_dir

Scope:	CONFIG
Type:	STRING
Default:	config/plugins

Specifies the location of Traffic Server plugins.

proxy.config.remap.num_remap_threads

Scope:	CONFIG
Type:	INT
Default:	0

When this variable is set to

, plugin remap callbacks areexecuted in line on network threads. If remap processing takessignificant time, this can be cause additional request latency.Setting
this variable to causes remap processing to take placeon a dedicated thread pool, freeing the network threads to serviceadditional requests.

SOCKS Processor¶

proxy.config.socks.socks_needed

Scope:	CONFIG
Type:	INT
Default:	0

Enables (

) or disables (

) the SOCKS processor

proxy.config.socks.socks_version

Scope:	CONFIG
Type:	INT
Default:	4

Specifies the SOCKS version (

) or (

)

proxy.config.socks.socks_config_file

Scope:	CONFIG
Type:	STRING
Default:	socks.config

The socks_onfig file allows you to specify ranges of IP addressesthat will not be relayed to the SOCKS server. It can also be usedto configure AUTH information for SOCKSv5 servers.

proxy.config.socks.socks_timeout

Scope:	CONFIG
Type:	INT
Default:	100

The activity timeout value (in seconds) for SOCKS server connections.

proxy.config.socks.server_connect_timeout

Scope:	CONFIG
Type:	INT
Default:	10

The timeout value (in seconds) for SOCKS server connection attempts.

proxy.config.socks.per_server_connection_attempts

Scope:	CONFIG
Type:	INT
Default:	1

The total number of connection attempts allowed per SOCKS server,if multiple servers are used.

proxy.config.socks.connection_attempts

Scope:	CONFIG
Type:	INT
Default:	4

The total number of connection attempts allowed to a SOCKS serverTraffic Server bypasses the server or fails the request

proxy.config.socks.server_retry_timeout

Scope:	CONFIG
Type:	INT
Default:	300

The timeout value (in seconds) for SOCKS server connection retry attempts.

proxy.config.socks.default_servers

Scope:	CONFIG
Type:	STRING
Default:	NONE

Default list of SOCKS servers and their ports.

proxy.config.socks.server_retry_time

Scope:	CONFIG
Type:	INT
Default:	300

The amount of time allowed between connection retries to a SOCKSserver that is unavailable.

proxy.config.socks.server_fail_threshold

Scope:	CONFIG
Type:	INT
Default:	2

The number of times the connection to the SOCKS server can failbefore Traffic Server considers the server unavailable.

proxy.config.socks.accept_enabled

Scope:	CONFIG
Type:	INT
Default:	0

Enables (1) or disables (0) the SOCKS proxy option. As a SOCKSproxy, Traffic Server receives SOCKS traffic (usually on port1080) and forwards all requests directly to the SOCKS server.

proxy.config.socks.accept_port

Scope:	CONFIG
Type:	INT
Default:	1080

Specifies the port on which Traffic Server accepts SOCKS traffic.

proxy.config.socks.http_port

Scope:	CONFIG
Type:	INT
Default:	80

Specifies the port on which Traffic Server accepts HTTP proxy requestsover SOCKS connections..

Sockets¶

proxy.config.net.defer_accept

Scope:	CONFIG
Type:	INT
Default:	1

default:

meaning

on

all Platforms except Linux:

seconds
This directive enables operating system specific optimizations for a listening socket.

defer_accept

holds a call to

accept(2)

back until data has arrived. In Linux’ special case this is up to a maximum of 45 seconds.

proxy.config.net.sock_send_buffer_size_in

Scope:	CONFIG
Type:	INT
Default:	0

Sets the send buffer size for connections from the client to Traffic Server.

proxy.config.net.sock_recv_buffer_size_in

Scope:	CONFIG
Type:	INT
Default:	0

Sets the receive buffer size for connections from the client to Traffic Server.

proxy.config.net.sock_option_flag_in

Scope:	CONFIG
Type:	INT
Default:	0x5

Turns different options “on” for the socket handling client connections::

TCP_NODELAY  (1)
SO_KEEPALIVE (2)
SO_LINGER (4) - with a timeout of 0 seconds

Note
This is a bitmask and you need to decide what bits to set. Therefore,you must set the value to

if you want to enable nodelay andkeepalive options above.

proxy.config.net.sock_send_buffer_size_out

Scope:	CONFIG
Type:	INT
Default:	0

Sets the send buffer size for connections from Traffic Server to the origin server.

proxy.config.net.sock_recv_buffer_size_out

Scope:	CONFIG
Type:	INT
Default:	0

Sets the receive buffer size for connections from Traffic Server tothe origin server.

proxy.config.net.sock_option_flag_out

Scope:	CONFIG
Type:	INT
Default:	0x1

Turns different options “on” for the origin server socket::

TCP_NODELAY  (1)
SO_KEEPALIVE (2)
SO_LINGER (4) - with a timeout of 0 seconds

Note
This is a bitmask and you need to decide what bits to set. Therefore,you must set the value to

if you want to enable nodelay andkeepalive options above.

When SO_LINGER is enabled, the linger timeout time is setto 0. This is useful when Traffic Server and the origin serverare co-located and large numbers of sockets are retainedin the TIME_WAIT state.

proxy.config.net.sock_mss_in

Scope:	CONFIG
Type:	INT
Default:	0

Same as the command line option

--accept_mss

that sets the MSS for all incoming requests.

proxy.config.net.sock_packet_mark_in

Scope:	CONFIG
Type:	INT
Default:	0x0

Set the packet mark on traffic destined for the client(the packets that make up a client response).

See also
Traffic Shaping

proxy.config.net.sock_packet_mark_out

Scope:	CONFIG
Type:	INT
Default:	0x0

Set the packet mark on traffic destined for the origin(the packets that make up an origin request).

See also
Traffic Shaping

proxy.config.net.sock_packet_tos_in

Scope:	CONFIG
Type:	INT
Default:	0x0

Set the ToS/DiffServ Field on packets sent to the client(the packets that make up a client response).

See also
Traffic Shaping

proxy.config.net.sock_packet_tos_out

Scope:	CONFIG
Type:	INT
Default:	0x0

Set the ToS/DiffServ Field on packets sent to the origin(the packets that make up an origin request).

See also
Traffic Shaping

proxy.config.net.poll_timeout

Scope:	CONFIG
Type:	INT
Default:	10 (or 30 on Solaris)

Same as the command line option

--poll_timeout

, or

-t

, whichspecifies the timeout used for the polling mechanism used. This timeout isalways in milliseconds (ms). This is the timeout to

epoll_wait()

onLinux platforms, and to

kevent()

on BSD type OSs. The default value is

on all platforms.
Changing this configuration can reduce CPU usage on an idle system, sinceperiodic tasks gets processed at these intervals. On busy servers, thisoverhead is diminished, since polled events triggers morefrequently.However, increasing
the setting can also introduce additional latency forcertain operations, and timed events. It’s recommended not to touch thissetting unless your CPU usage is unacceptable at idle workload. Somealternatives to this could be:

Reduce the number of worker threads (net-threads)
Reduce the number of disk (AIO) threads
Make sure accept threads are enabled

The relevant configurations for this are:

CONFIG proxy.config.exec_thread.autoconfig INT 0
CONFIG proxy.config.exec_thread.limit INT 2
CONFIG proxy.config.accept_threads INT 1
CONFIG proxy.config.cache.threads_per_disk INT 8

proxy.config.task_threads

Scope:	CONFIG
Type:	INT
Default:	2

Specifies the number of task threads to run. These threads are used forvarious tasks that should be off-loaded from the normal network threads.

proxy.config.allocator.thread_freelist_size

Scope:	CONFIG
Type:	INT
Default:	512

Sets the maximum number of elements that can be contained in a ProxyAllocator (per-thread)before returning the objects to the global pool

proxy.config.allocator.thread_freelist_low_watermark

Scope:	CONFIG
Type:	INT
Default:	32

Sets the minimum number of items a ProxyAllocator (per-thread) will guarantee to beholding at any one time.

proxy.config.http.enabled

Scope:	CONFIG
Type:	INT
Default:	1

Turn on or off support for HTTP proxying. This is rarely used, the oneexception being if you run Traffic Server with a protocol plugin, and wouldlike for it to not support HTTP requests at all.

Next
Previous

© Copyright 2014, dev@trafficserver.apache.org.

Built with Sphinx using a
theme provided by Read the Docs.

内容来自用户分享和网络整理，不保证内容的准确性，如有侵权内容，可联系管理员处理

标签：

相关文章推荐

新的分享

章节导航