While the current administration guide is a great place to start when configuring Apache Traffic Server,
there are enough "gotchas" that I thought I'd contribute back to the project and document them.
Please keep in mind the following only applies to creating a web proxy caching setup;
I'd document others but I use ATS purely on a personal basis.
The following lists the steps involved in getting a generic Traffic Server install,
from default configurations into a working setup. Once that's completed, feel free
to see my tuning guide for more information on performance settings.
Both Wiki pages use configuration examples from my running home Traffic Server setup.
IP Address Listening And Ports
Unlike Apache HTTP Server, Traffic Server takes a little more work to get things up and running.
The following settings are all located in the main configuration file, which by default is
/usr/local/etc/trafficserver/records.config.
Specifically, the following directive should set unless you want Traffic Server listening on
every possible interface:
LOCAL proxy.local.incoming_ip_to_bind STRING 127.0.0.1 ::1
Also, the next directive will tell Traffic Server which ports to listen on:
CONFIG proxy.config.http.server_ports STRING 8080:ipv6 8080
In this example, Apache Traffic Server will now listen on localhost, port 8080 for both IPv4 and IPv6.
DNS
Another step that's just a little different is specifying to Traffic Server which DNS servers to use.
It will NOT simply assume whatever is in /etc/resolv.conf is fine and run with that.
This directive allows you to set which DNS servers Traffic Server should use.
Most likely you'll use your own, I for now use Hurricane Electric's Chicago DNS:
CONFIG proxy.config.dns.nameservers STRING [2001:470:20::2] 74.82.42.42
IP-based Access Control List
To setup basic security in your Traffic Install, you'll have to configure a different file,
by default /usr/local/etc/trafficserver/ip_allow.config. If you've ever done firewall
work the theory is very similar...simply list to Traffic Server what is allowed,
followed by what is NOT allowed.
# Allow anything on localhost (this is the default configuration based on the # depricated CONFIG proxy.config.http.quick_filter.mask INT 0x482) src_ip=127.0.0.1 action=ip_allow method=ALL src_ip=::1 action=ip_allow method=ALL # Deny everything else. src_ip=0.0.0.0-255.255.255.255 action=ip_deny method=ALL src_ip=::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff action=ip_deny method=ALL
Start It Up!
Once the above has been completed, it's time to give it all a try.
sudo /usr/local/bin/trafficserver start
At this point you should have a workable, albeit very default web caching proxy server.
P.S. Please let me know if I've missed anything.