THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Please keep in mind the following only applies to creating a forward-only web proxy caching setup;
I'd document others but I use ATS purely on a personal basis.
My personal goal here was to replace Squid with Traffic Server as a "drop-in" replacement.
The following lists the initial steps involved in getting a generic Traffic Server install ,
from default configurations into a working setup. Once that's completed, feel free
to see my tuning guide for more information on performance settings.up and running.
NOTE: Please use the following with Apache Traffic Server v5.0.0 and higherAll three Wiki pages use configuration examples from my running home Traffic Server setup.
IP Address Listening And Ports
Unlike Apache HTTP Server, Traffic Server takes a little more work to get things up and running.
The following settings are all located in the main configuration file, which by default is
is /usr/local/etc/trafficserver/records.config.
Specifically, the following directive should be set unless you want Traffic Server listening on
every possible interface:
| Code Block |
|---|
LOCAL proxy.local.incoming_ip_to_bind STRING [2601:d:4880:536c3:426c:8fff:fe3a:43f1] |
Also, the next directive will tell Traffic Server which ports to listen on:
| Code Block |
|---|
CONFIG proxy.config.http.server_ports STRING 8080:ipv6
|
In this example, Apache Traffic Server will now listen on my home machine's public IP,
port port 8080 for IPv6 only.
I was originally using localhost, but after looking at the
HTTP the HTTP proxy headers that ATS produced, I decided to be more specific.
DNS
...
Round-Robin
Unlike many applications, the default in ApachTraffic Server is to actually round-robin requests among your configured DNS servers.
I didn't like this much, so I disabled it.
| Code Block |
|---|
CONFIG proxy.config.dns.round_robin_nameservers INT 0 |
Required Remapping
The Apache Traffic Server default install configures URL re-mapping as required.
This will not allow you to use trafficserver as a foward proxy until you disable it in records.config file or configure remapping specifically for your needs.
| Code Block |
|---|
Another step that's just a little different is specifying to Traffic Server which DNS servers to use.
It will NOT simply assume whatever is in /etc/resolv.conf is fine and run with that.
This directive allows you to set which DNS servers Traffic Server should use.
Most likely you'll use your own, I for now use Hurricane Electric's Chicago DNS:
| Code Block |
|---|
CONFIG proxy.config.dns.nameservers STRING [2001:470:20::2] 74.82.42.42 url_remap.remap_required INT 0 |
IP-based Access Control List
To setup basic security in your Traffic Server install, you'll have to configure a different file,
by by default /usr/local/etc/trafficserver/ip_allow.config.
If you've ever done firewall
work firewall work the theory is very similar...simply list to Traffic Server what is allowed,
followed followed by what is NOT allowed.
| Code Block |
|---|
# Allow anything on localhost (this is the default configuration based on the # depricated CONFIG proxy.config.http.quick_filter.mask INT 0x482) src_ip=2601:d:4880:536c3:426c:8fff:fe3a:43f1 action=ip_allow method=ALL # Deny everything else. src_ip=0.0.0.0-255.255.255.255 action=ip_deny method=ALL src_ip=::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff action=ip_deny method=ALL |
Web Cache Size
The Apache Traffic Server default install configures this to be 256MB, a rather small size
as size as is noted in the configuration file.
I eventually went with 4GB1GB. The following is found in the
config the config file /usr/local/etc/trafficserver/storage.config.
NOTE: Apache Traffic Server does slow down a bit with filesystem caches above 2GB.
However, more than one cache database file currently isn't supported.
| Code Block |
|---|
var/trafficserver 1024M
|
Web Cache Partitions
The Apache Traffic Server default install doesn't really provide for this. I found over time this can cause all sorts of issues relating to disk lock contention.
The following is found in the config file /usr/local/etc/trafficserver/volume.config.
| Code Block |
|---|
volume=1 scheme=http size=25%
volume=2 scheme=http size=25%
volume=3 scheme=http size=25%
volume=4 scheme=http size=25% |
| Code Block |
var/trafficserver 4096M
|
Start It Up!
Once the above has been completed, it's time to give it all a try.
| Code Block |
|---|
sudo /usr/local/bin/trafficserver start
|
At this point you should have a workable, albeit very default web caching proxy server.
Startup your favorite browser, configure it to use your new proxy server as a web proxy
for proxy for both HTTP and HTTPS, and watch your browsing speed improve immediately.
Next Page: WebProxyCacheTuningP.S. Please let me know if I've missed anything.