注册 登录  
 加关注
   显示下一条  |  关闭
温馨提示!由于新浪微博认证机制调整,您的新浪微博帐号绑定已过期,请重新绑定!立即重新绑定新浪微博》  |  关闭

itoedr的it学苑

记录从IT文盲学到专家的历程

 
 
 

日志

 
 

trafficserver 布署之bypass.config:实现特殊url免代理  

2013-09-05 14:13:29|  分类: trafficserver编 |  标签: |举报 |字号 订阅

  下载LOFTER 我的照片书  |

The bypass.config file contains static bypass rules that Traffic Server uses in transparent proxy caching mode. Static bypass rules instruct Traffic Server to bypass certain incoming client requests so they are served by the origin server. The bypass.config file also accepts Dynamic Deny Bypass Rules.

You can configure three types of static bypass rules:

  • Source bypass rules configure Traffic Server to bypass a particular source IP address or range of IP addresses. For example: bypass clients that do not want to use caching.

  • Destination bypass rules configure Traffic Server to bypass a particular destination IP address or range of IP addresses. For example: bypass origin servers that use IP authentication based on the client's real IP address.
    IMPORTANT: Destination bypass rules prevent Traffic Server from caching an entire site. You will experience hit rate impacts if the site you bypass is popular.

  • Source/destination pair bypass rules configure Traffic Server to bypass requests that originate from the specified source to the specified destination. For example: route around specific client-server pairs that experience broken IP authentication or out-of-band HTTP traffic problems when cached. Source/destination bypass rules can be preferable to destination rules because they block a destination server only for users that experience problems.

IMPORTANT: After you modify the bypass.config file, you must restart Traffic Server.

Format

Bypass rules follow the format below:
bypass src ipaddress | dst ipaddress | src ipaddress AND dst ipaddress

The following table describes the variables.

Option

Description

src ipaddress

Specifies the source (client) IP address in incoming requests Traffic Server must bypass.

The variable ipaddress can be one of the following:

- A simple IP address, such as 123.45.67.8
- In CIDR (Classless Inter-Domain Routing) format, such as 1.1.1.0/24
- A range separated by a dash, such as 1.1.1.1-2.2.2.2
- Any combination of the above separated by commas, such as 1.1.1.0/24, 25.25.25.25, 123.1.23.1-123.1.23.123

dst ipaddress

Specifies the destination (origin server) IP address in incoming requests Traffic Server must bypass.

The variable ipaddress can be one of the following:

- A simple IP address, such as 123.45.67.8
- In CIDR (Classless Inter-Domain Routing) format, such as 1.1.1.0/24
- A range separated by a dash, such as 1.1.1.1-2.2.2.2
- Any combination of the above separated by commas, such as 1.1.1.0/24, 25.25.25.25, 123.1.23.1-123.1.23.123

src ipaddress AND dst ipaddress

Specifies the source and destination IP address pair Traffic Server must bypass.

The variable ipaddress must be a single IP address, such as 123.45.67.8

Dynamic Deny Bypass Rules

In addition to static bypass rules, the bypass.config file also accepts dynamic deny bypass rules that prevent Traffic Server from bypassing certain incoming client requests dynamically (a deny bypass rule can prevent Traffic Server from bypassing itself). Dynamic deny bypass rules can be source, destination, or source/destination and have the following format:
deny_dyn_bypass src ipaddress | dst ipaddress | src ipaddresss AND ipaddress

For a description of the options, refer to the table above. For the dynamic deny bypass rules to work, you must set the variable proxy.config.arm.bypass_dynamic_enabled to 1 in the records.config file.

IMPORTANT: Static bypass rules overwrite dynamic deny bypass rules. If a static bypass rule and a dynamic bypass rule contain the same IP address, then the dynamic deny bypass rule will be ignored.

Examples

The following example shows source, destination, and source/destination bypass rules:
bypass src 1.1.1.0/24, 25.25.25.25, 128.252.11.11-128.252.11.255
bypass dst 24.24.24.0/24
bypass src 25.25.25.25 AND dst 24.24.24.0

The following example shows source, destination, and source/destination dynamic deny bypass rules:
deny_dyn_bypass src 128.252.11.11-128.252.11.255
deny_dyn_bypass dst 111.111.11.1
deny_dyn_bypass src 111.11.11.1 AND dst 111.11.1.1

  评论这张
 
阅读(211)| 评论(0)
推荐 转载

历史上的今天

在LOFTER的更多文章

评论

<#--最新日志,群博日志--> <#--推荐日志--> <#--引用记录--> <#--博主推荐--> <#--随机阅读--> <#--首页推荐--> <#--历史上的今天--> <#--被推荐日志--> <#--上一篇,下一篇--> <#-- 热度 --> <#-- 网易新闻广告 --> <#--右边模块结构--> <#--评论模块结构--> <#--引用模块结构--> <#--博主发起的投票-->
 
 
 
 
 
 
 
 
 
 
 
 
 
 

页脚

网易公司版权所有 ©1997-2017