You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Next »

While the current administration guide is a great place to start when configuring Apache Traffic Server,
there are enough "gotchas" that I thought I'd contribute back to the project and document them.

Please keep in mind the following only applies to creating a web proxy caching setup;
I'd document others but I use ATS purely on a personal basis.

The following lists the steps involved in getting a generic Traffic Server install,
from default configurations into a working setup. Once that's completed, feel free
to see my tuning guide for more information on performance settings.

Both Wiki pages use configuration examples from my running home Traffic Server setup.

IP Address Listening And Ports

Unlike Apache HTTP Server, Traffic Server takes a little more work to get things up and running.
The following settings are all located in the main configuration file, which by default is
/usr/local/etc/trafficserver/records.config.

Specifically, the following directive should set unless you want Traffic Server listening on
every possible interface:

LOCAL proxy.local.incoming_ip_to_bind STRING 127.0.0.1 ::1

Also, the next directive will tell Traffic Server which ports to listen on:

CONFIG proxy.config.http.server_ports STRING 8080:ipv6 8080

In this example, Apache Traffic Server will now listen on localhost, port 8080 for both IPv4 and IPv6.

DNS

Another step that's just a little different is specifying to Traffic Server which DNS servers to use.
It will NOT simply assume whatever is in /etc/resolv.conf is fine and run with that.

This directive allows you to set which DNS servers Traffic Server should use.
Most likely you'll use your own, I for now use Hurricane Electric's Chicago DNS:

CONFIG proxy.config.dns.nameservers STRING [2001:470:20::2] 74.82.42.42

IP-based Access Control List

To setup basic security in your Traffic Install, you'll have to configure a different file,
by default /usr/local/etc/trafficserver/ip_allow.config. If you've ever done firewall
work the theory is very similar...simply list to Traffic Server what is allowed,
followed by what is NOT allowed.

# Allow anything on localhost (this is the default configuration based on the
# depricated CONFIG proxy.config.http.quick_filter.mask INT 0x482)
src_ip=127.0.0.1                                  action=ip_allow method=ALL
src_ip=::1                                        action=ip_allow method=ALL
# Deny everything else.
src_ip=0.0.0.0-255.255.255.255                    action=ip_deny  method=ALL
src_ip=::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff action=ip_deny  method=ALL

Start It Up!

Once the above has been completed, it's time to give it all a try.

sudo /usr/local/bin/trafficserver start

At this point you should have a workable, albeit very default web caching proxy server.

P.S. Please let me know if I've missed anything.

  • No labels