Re: Traffic Server on DragonFly BSD

What's line 242 in ocsp.h? I suspect it's something that expected to be defined but isn't.

Re: Randomly high read rates

One thing to check for is (1) large objects in the cache and (2) multi-range requests. In this case ATS will read the entire object and filter out that parts that aren't in the range requests. The standard range acceleration only works for single range requests. Every object resides on a single

Re: ATS without DNS

Hmmm. Nothing comes to mind about how to do that. All I can suggest is to setup or write your own DNS server that just returns NXDOMAIN for all requests. Although it does seem kind of a bug to not internally fail the DNS lookup if there are no nameservers.

Re: vary User-Agent storing only two versions

Yes, I've worked with a client who does effectively the same thing. You want to look at HTTP Alternate Selection — Apache Traffic Server 5.3.0 documentation which lets a plugin control the set of alternates and their selection for a single URL. |   | |   |   |   |   |   | | HTTP Alternate

Re: [VOTE] Release v5.2.1

I checked out 5.2.1-rc0, did a clean build and installed fresh. I made the following changes to records.config proxy.config.url.remap.remap_required INT 0proxy.config.http.redirection_enabled INT 1proxy.config.http.number_of_redirections INT 3 If I start this and do curl --proxy localhost:8080

Re: Weird DNS issue failover issue

Do you have proxy.config.dns.nameservers set, or any splitDNS enabled (in the splitdns.config file)? On Tuesday, March 24, 2015 12:12 PM, Jason J. W. Williams jasonjwwilli...@gmail.com wrote: Thanks Jason. Is there anyway to query ATS to dump which resolvers it thinks it's using?

Re: Implementing a cdn using apache traffic server

Yes, as far as ATS is concerned the content of any request is just an octet stream.

Re: Having queries in Apache Traffic Server

4. On what factors ATS maintain its cache??[If you worked on Varnish, which maintains it's cache on the basis of HOST + REQUEST_URI by default... i mean it generate hash values on these two factors... also provide flexibility to change that too.. how this is done by ATS and how to

Re: about event hooks for https messages

That said, the shift to TLS everywhere is going to be very difficult for forward proxies.

Re: Negative DNS caching in hosts.db?

Have you tried setting proxy.config.hostdb.fail.timeout ?

Re: Negative DNS caching in hosts.db?

Well, that doesn't work to get in to the Wiki (which is an entirely different bit of content). I would recommend forking ATS on github, editing the file doc/reference/configuration/records.config.en.rst, then sending those changes back as a pull request.

Re: Weird DNS issue failover issue

You could also turn on the dns debug tag. On Tuesday, March 24, 2015 1:31 PM, Jason Strongman jasonstrongman2...@gmail.com wrote: the system trace will tell you where ATS is grabbing the name servers in question. its brute force in that you are capturing all the open and read

Re: Reload Remap Rules without ATS restart

One thing to note is the new remap configuration is loaded, or it is not. The change over is atomic (for new transactions - already existing transactions continue with the old remap configuration). I have to agree with James that I've never heard of ATS becoming unresponsive during a

Re: It was awesome presentation

With regard to port numbers, ATS will by default go to port number specified in the request header. So if the request is for http://google.com; ATS will connect to port 80 on google.com regardless of what port the user agent connected to for explicit proxy (where the user agent hits ATS

Re: Transparent proxy with 1 NIC in ATS server

Probably. In that case you set use iptables to do the DNAT operation and rewrite the destination address of inbound connections to be the address:port of an ATS proxy port. The problem would be in the routing. You would likely need additional support from an external router. Consider an origin

Re: Transparent proxy with 1 NIC in ATS server

Yes, that's what I meant by using iptables to do the NAT. As noted, if you do that you don't need TPROXY at all and the port should *not* be marked transparent. I originally worked this out back when TPROXY wasn't standard and it's still useful for people who don't want to mess with it (TPROXY

Re: Transparent proxy with 1 NIC in ATS server

you lose the client resolved origin.. but i havent tried using redirect. looks like something to answer for myself today. On Fri, Jun 26, 2015 at 9:55 AM, Alan Carroll solidwallofc...@yahoo-inc.com wrote: Yes, that's what I meant by using iptables to do the NAT. As noted, if you do that you

Re: Removing CHANGES file from git

+1 on making CHANGES automated and not manual.

Re: Deploying HTTP transparent proxy cache on Apache Traffic server

I would try enabling debug tags and using the string tproxy. That should give you some information about the ATS transparency setup and determine if ATS is actually coming up in transparent mode. I would also check error.log and diags.log to see if there are any relevant messages. On

Re: why my data didn't cached?

You can enable debugging tags in records.config and set the tag string to cache (no quotes).You should then get a lot of messages about the request and why or why not ATS cached it. On Wednesday, July 22, 2015 8:39 AM, Reindl Harald h.rei...@thelounge.net wrote: Am 22.07.2015 um

Re: Dedicated External Server Socket Interface from ATS ??

Yes. In the deployments I have seen that do this, the connection is placed in a separate thread and the hook function use standard inter-thread communications to send jobs to the dedicated thread (locked queues, thread safe containers, etc.). The dedicated thread can schedule an event for the

Re: header_rewrite to modify destination port based on request header

Yes, I don't see why this would be a problem. On Friday, October 9, 2015 12:19 PM, Sudheer Vinukonda wrote: Hi Daniel, +1 on the proposal.. AFAIK, header_rewrite is by no means deprecated or plan to be deprecated (not in the near future, anyway) and it

Re: Problem ATS Proxy reverse

I haven't done that much with remap but I played with it a bit this morning and I ended up unclear on what the actual goal is. My recommendation would be to add an additional identity rule for ula.ve map http://www.ula.ve/ http://www.ula.ve map http://190.168.24.33:8080/ula/

Re: Problem ATS Proxy reverse

Why are the IP addresses different between your remap.config (190.168.24.33:8080) and your requests (10.10.17.103:8080)? It seems to me that the rules won't match the request for this reason.

Re: [DISCUSS] Relax minimum OS version requirements ?

"This is not a reason to go nuts and use every damn C++11 and STL feature there is" Exactly. One doesn't need a reason for that. Yes, I think we should move this up. Two feature at least that I think would help making the code cleaner are "auto" and lambdas. For the latter there is no

Re: Problems with caching / retrieving from cache from a particular origin

Yes, I would think so. I missed that setting on my first pass through. On Monday, February 29, 2016 10:09 AM, jhasle wrote: First of all thanks for pointing that out. But shouldn't /CONFIG proxy.config.http.cache.ignore_server_no_cache INT 1/ prevent that? Is there

Re: Problems with caching / retrieving from cache from a particular origin

If you can, I would set up a Traffic Server configured like your production machines, turn on the 'http' and 'cache' debug tags and run a connection to the problematic origin through it and see what shows up. That might indicate why ATS doesn't want to cache the asset. I double checked the

Re: Problems with caching / retrieving from cache from a particular origin

I'm not sure ATS handles Cache-Control: no-cache="set-cookie, set-cookie2" correctly. It may simply be reading the "no-cache" and acting on that, which is permitted by the HTTP specification. On Monday, February 29, 2016 6:59 AM, jhasle wrote: Hi there, I have ATS

Re: Using ATS as transparent proxy for non-HTTP traffic

Yes, Leif is correct. I meant that you can write alternate protocol plugins for ATS and those should work just as well for transparent as for non-transparent. Another option, although it's not really proxying, is to enable the transparent by-pass. In this case if ATS can't parse the incoming

Re: Setting up Transparent Proxy

on-port 8080 === On 1/25/2016 8:55 PM, Alan Carroll wrote: You configuration to enable debugging is correct but there is no point in adding it to traffic_logstat, it will have no effect. The debug output should be placed in the var/log/trafficserver/traffic.out f

Re: ERR_CLIENT_ABORT/200 Error

master/tools/slow_log_report.pl On Friday, January 22, 2016 1:41 PM, Adi Mallikarjuna Reddy V <adimallikarjunare...@gmail.com> wrote: I am newbie. Can you elaborate on enabling slow logging? ThanksAdi On Fri, Jan 22, 2016 at 7:58 AM, Alan Carroll <solidwallofc...@yahoo-inc.com&

Re: Setting up Transparent Proxy

You configuration to enable debugging is correct but there is no point in adding it to traffic_logstat, it will have no effect. The debug output should be placed in the var/log/trafficserver/traffic.out file. I need to check my notes (it's been a while since I worked with this) but I think you

Re: Using ATS as transparent proxy for non-HTTP traffic

Yes, it should be possible. I don't think it would be much different from the non-transparent case. On Tuesday, January 19, 2016 2:20 PM, S Pramod wrote: Hi,Is it possible to use ATS as a transparent proxy for non-HTTP traffic? For example by just looking

Re: Need help with a particular usage scenario

Hmmm. A parent proxy set up might work better. The logging of empty URLs is a bug in the logging code which has been fixed (current ATS version is 6.0). If you are doing remap, you need a forward map as well like map http://mediawiki.mycompany.com:8080/ http://mediawiki.mycompany/ reverse_map,

Re: Need help with a particular usage scenario

help!     From: Alan Carroll [mailto:solidwallofc...@yahoo-inc.com] Sent: Wednesday, January 20, 2016 2:09 PM To: users@trafficserver.apache.org Subject: Re: Need help with a particular usage scenario   Hmmm. A parent proxy set up might work better. The logging of empty URLs is a bug in the log

Re: Setting up Transparent Proxy

1:09:35 2016 On 1/26/2016 12:06 AM, Alan Carroll wrote: Two recommendations: What is the output of ip route show table 100 Also you should look at the iptable rule counts to see if those rules are being hit at all. On Monday, January 25, 2016 12:50 PM, Muhammad Faisal

Re: Need help with a particular usage scenario

t sitting there and printing packet hashmarks, but no content.   So it looks like trafficserver is not merely not getting a response, it’s never actually making the request… as long as the client is remote. If the client is local, everything works as expected.     From: Alan Carroll [mailto:sol

Re: Problems with caching / retrieving from cache from a particular origin

Yes. Based on that logging, the first request is cached and it is found on the second request. But once found ATS decides that authentication is needed and so doesn't use the cached data. You can see the code that does this in HttpTransact::need_to_revalidate. Ultimate what happens is ATS looks

Re: update.config get removed in 6.x release

My understanding was the feature didn't work reliably. I know I tried to configure and run it at one point and never succeeded in making it work. Have you actually used it in production? On Wednesday, March 2, 2016 10:14 AM, iruler wrote: Could somebody

Re: Problems with caching / retrieving from cache from a particular origin

That request is a heartbeat request, not your request. You can tell by this line [Mar 1 16:44:33.000] Server {0x2b927cbd9440} DEBUG: (http) PATH: "synthetic.txt", PATH_LEN: 13, "synthetic.text" is the magic path used to indicate the heartbeat request. These happen about every 10 seconds

Re: Cache Write Algorithm

There is a long discussion here[1] but short answers are 1) The cache key is hashed and that value used to select a stripe (span). 2) It's a circular buffer so the first 50M are written at the end and the next 150M at the beginning after wrapping. See[2] for more detail, scroll down to where a

Re: ATS returning cache hit on partially cached response

This may be related to the "read while write" settings. I would guess in the first case the second connection is attempting to do read while write (so that the origin response to the first user agent is also streamed to the second user agent without an additional request). But somehow the

Re: HTTP/2 and HTTP plug-ins

Yes. To a large extent HTTP/2 is invisible to plugins. Each HTTP/2 stream is treated as a HTTP/1.1 transaction. On Tuesday, August 9, 2016 10:26 AM, Rob Maidment wrote: Hello Does Traffic Server call HTTP plug-ins when it is proxying HTTP/2 ? TIA, Rob

Re: ATS Access control

It's certainly possible to do in a custom plugin. I'm working on one right now, actually, to do that, although it's unfortunately proprietary. Another way to consider is to use map or regex_remap in remap.config to map all requests to a domain to an error page. The standard header-rewrite plugin

Re: Corrupted cache? Looping on directory cleaning.

Hmmm. I think that's too old for using the stripe inspector. There's at least one JIRA ticket on this already, at this point unfortunately I think your only option is to clear the cache, although you said you had already done that? On the other hand it shouldn't be cleaning anything if the

Re: strange cache miss problem

I wonder if it's lock contention. There are still a good number of hits but they seem somewhat random. It would be interesting to see what the Age: value for those hits are, whether it's missing on something that's really in the cache or re-fetching it. You might try turning on read_while_write

Re: question for dest_ip block

The bug is TS-4593[1] if you want to look up the commits that implemented the feature. I'm not sure this is even in 7.0, it might be just for 7.1. [1] https://issues.apache.org/jira/browse/TS-4593

Re: ATS and Let's Encrypt automation

It depends on how much coding you're willing to do. You could write a plugin to do an intercept on a specific URL and have it serve local file content. That doesn't scale but if you've only got a few files, it should work well.

Re: Help regarding traffic_cts

traffic_ctl does IPC over a UNIX pipe to communicate with traffic_manager which will, if needed, communicate with traffic_server. The file name of the pipe is a compile time constant in traffic_ctl and traffic_manager. Therefore which Traffic Server instance is affected is based on which

Re: QUIC support in ATS

apache/trafficserver | | | | | | | | | | | apache/trafficserver trafficserver - Mirror of Apache Traffic Server | | | On Tuesday, June 27, 2017, 8:37:50 AM CDT, Kapil Sharma (kapsharm) wrote: Is there any ongoing plan/effort to add QUIC support in

Re: getting source/destination ip-address/port number in plugin

There is and it is accessible through the API Masakazu pointed out. Caching can affect the result because if there is a cache hit no connection to the origin is created and therefore no IP address for it is present. ATS doesn't do an IP address lookup on the request FQDN if that address won't be

Re: Traffic Server as Forward Proxy

ip_allow.config would also work to allow inbound connections only from specific (client) IP addresses. Note that remap works for forward proxy therefore a remap.config could force all requests to the target. Alternatively, since ip_allow.config now supports outbound controls that could be set

Re: Understanding ioBufAllocator behvaiour

d goes up then flat), so I was thinking it was more likely something to do with my configuration or use-case.   I’d also just like to understand, at a high level, how the ioBufAllocators are used.   Thanks,   Nick   From: Alan Carroll <solidwallofc...@yahoo-inc.com> Repl

Re: Understanding ioBufAllocator behvaiour

Honestly it sounds like a leak. Can you specify which version of Traffic Server this is? On Wednesday, May 24, 2017, 8:22:46 AM CDT, Dunkin, Nick wrote: Hi   I have a load test that I’ve been running for a number of days now.  I’m using the memory dump logging in

Re: Understanding ioBufAllocator behvaiour

e size limit…. In the past a there was some prototype of reclaimable buffer support added in ATS, but I believe it was removed in 7.0? Also there is recent discussion of adding jmalloc? On May 24, 2017, at 11:01 AM, Alan Carroll <solidwallofc...@yahoo-inc.com> wrote: One issue is that

Re: Understanding ioBufAllocator behvaiour

, ATS will now keep allocating 1M chunks, again capping at 64GB. But in the end ATS would have allocated 128GB well over RAM cache size limit….     In the past a there was some prototype of reclaimable buffer support added in ATS, but I believe it was removed in 7.0? Also there is recent

Re: Openssl 1.1.0f Support

Susan has also run some performance tests with 7.1.x and openSSL 1.1 vs. openSSL 1.0.2. On Tue, Sep 19, 2017 at 5:55 PM, Leif Hedstrom wrote: > > On Sep 19, 2017, at 2:20 PM, Jeremy Payne wrote: > > I can link ATS 7.x and 8.x against openssl 1.1.0f,

Re: ATS 6.2.1 + cache read

I think this is a known issue for a long time. What's happening is the requests are trying to get the write lock on the object and failing, which results in giving up and going direct to origin. There might be a collapsed forwarding plugin which sort of mitigates this. There is on going work on

Re: Openssl 1.1.0f Support

he Intel QAT engine? > Understood patches/commits are welcome, but just figured there may be > some behind the scene works already started. > > Thanks! > > On Tue, Sep 19, 2017 at 6:31 PM, Alan Carroll <solidwallofc...@oath.com> > wrote: > > Susan has also r

Re: Openssl 1.1.0f Support

with a much > > simpler application. It's effectively it's own async engine, long > jumping > > across the stack, and doesn't play well or add value to ATS's more > > extensive model to do similar not to mention mutually exclusive in > their > > current forms. > > &

Re: disable dns completely

Looks like it should be possible by setting proxy.config.dns.nameservers and proxy.config.dns.resolv.conf to disable nameservers, but you'll get a warning message on every DNS attempt when it can't find a nameserver. A nice patch would be to be able to turn off DNS at the HostDB level. That

Re: How to catch 502 Error

It should be possible to detect this the SEND_RESPONSE_HDR_HOOK. Be sure you've attached to that hook, to make sure you get the event at the appropriate time. On Sat, Sep 23, 2017 at 8:35 PM, Velusamy, Gandhimathi < gvelu...@central.uh.edu> wrote: > Hi, > I am working on Trafficserver-7.0.0. > >

Re: map_with_referer

What version of ATS is this? Looking at the code, it should work in 5.3 but appears to be broken in 7.1.0.

Re: ATS proxy closes the connection "close" even if client sends "keep-alive"

>From your description it's hard to tell what's going on. In particular, is a request made upstream to the origin? Where does the base response to the user agent come from - your plugin or an upstream server? I note in the response this field: < Connection: close which seems to indicate the

Re: [VOTE] Release Apache Traffic Server 7.1.1 (RC1)

Is that addressed by https://docs.trafficserver.apache.org/en/latest/admin-guide/files/records.config.en.html?highlight=records%20config#proxy-config-disable-configuration-modification ? On Fri, Sep 1, 2017 at 12:48 AM, Reindl Harald wrote: > frankly can somebody fix

Re: map_with_referer

Correct. It is not broken in 7.1.0. On Tue, Aug 29, 2017 at 5:52 PM, Leif Hedstrom <zw...@apache.org> wrote: > > On Aug 25, 2017, at 7:39 AM, Alan Carroll <solidwallofc...@oath.com> > wrote: > > See PR #2426. I think map_with_referer is broken in 7.1.0. > > >

Re: Avoiding TCP_REFRESH_HIT

You might try fiddling with the 'cache.config' file and set a cache TTL of 10 years or so. On Thu, Nov 23, 2017 at 10:11 AM, Veiko Kukk wrote: > Hi David, > > Objects are not fetched from ATS via browser. ATS is just internal cache. > Only problem is to trick ATS into

Re: Understanding ATS memory usage

It's a complex subject hard to put in an email. A few notes: 1) You shouldn't let an ATS box swap. That almost always ends badly. Adding more ram or adjusting the configuration to avoid it is better. I think we set swappiness to 0. 2) The cache directory takes memory independent of the ram

Using plantuml and requiring Java to build TS docs

I have been using plantuml to generate diagrams and I have found it works well. You can see some examples of it in use here - https://solidwallofcode.github.io/tls-bridge.en.html The source for the diagrams is here - https://github.com/SolidWallOfCode/ts-docs/tree/apache/uml Although it's quite

Issue 1971 and possible changes to remap.config for ATS 8.0

Based on discussions for issue #1971, I have some proposed changes for how remap rule filters are applied. The current style is not well documented, but it is "deny match" where filters are checked until a deny is found, at which the request is denied. Only if no deny is found is the request

Re: [VOTE] Release Apache Traffic Server 7.1.2 (RC1)

+1. It builds and runs for me. On Wed, Dec 20, 2017 at 10:42 AM, Gancho Tenev wrote: > +1, worked with Leif on validating the new release. > > > > On Dec 19, 2017, at 10:04 PM, Leif Hedstrom wrote: > > > > +1 from me, tested on 10 prod boxes with no issues.

Re: [PROPOSAL] C++17, gcc 7, and clang 5 for ATS 8.0.0

+1 On Tue, May 8, 2018 at 5:37 AM, Bryan Call wrote: > Devtoolset 7 for RHEL6 has gcc 7. > > -Bryan > > > On May 7, 2018, at 4:10 PM, Phil Sorber wrote: > > On Mon, May 7, 2018 at 9:07 AM Bryan Call wrote: > >> I would like to propose

Re: Help understanding a connection error log meaning

This is known bug. The response was a 502 but the reason was not updated correctly. See https://github.com/apache/trafficserver/pull/1526 https://github.com/apache/trafficserver/pull/2825 It should be fixed for 8.0. I would think it would be fixed in 7.1.3. On Fri, Jun 15, 2018 at 9:48 AM,

Re: Transaction ID

Sort of. There is this - https://docs.trafficserver.apache.org/en/latest/developer-guide/api/functions/TSUuidCreate.en.html#c.TSProcessUuidGet That will get you a process unique ID. You can combine that with the transaction ID to get a globally unique transaction ID. Look at TSClientRequestUuidGet

Re: HostDB Strict Round Robin

Not in the near future. We're hoping to do better in the long run as we update parent selection and related mechanisms. Do you really want that to be overridable per transaction or per host? On Tue, May 1, 2018 at 3:44 PM, Jeremy Payne wrote: > In looking at 7.1.3 and master

Re: Redundant origin server support

If it's a GET, ATS should retry the request on the next available server. POST is a bit trickier, ATS shouldn't retry if any bytes have been sent but that won't be the case if the server is really dead and doesn't accept a connection. There's a finish number of retries and if all of those fail,

Re: Redundant origin server support

You can also use DNS round robin along with setting the server retries to a non-zero value. On Sat, Dec 23, 2017 at 10:07 AM, Leif Hedstrom wrote: > Yeh you can do this with parent.config or possibly the escalate plugin. > I’d favor the former if possible, it has a new feature

Re: CARP Status

It's complex, although Aaron should chime in here. The history is Eric Schwartz tried to open source the CARP plugin but the code was such a mess that we never pushed through on that. Aaron has done a lot of cleanup in the plugin so we may try open sourcing it again. However, everyone (including

Re: [ANNOUNCE] Apache Traffic Server v7.1.2 is Released!

Yes, although it can be a bit tricky to find all the binaries that need to be replaced. I'd recommend installing, as `make install` should preserve your configuration files. Internally here we have all the configuration stored independently of deployed systems so upgrading is a clean install and

Re: Connection rejected for MTLS forward proxy

t; 2018-02-20T10:46:49.496+00:00 gmt-dvor-vcsc1 traffic_server[7634]: > {0x7f66f43fb740} DEBUG: (sslServerHandShakeEvent)> (ssl) SSL handshake error: EOF > > <<< > > > Is there any indication from this information - or do we need any more > information from the system ? > > cou

Re: Connection rejected for MTLS forward proxy

I meant more what *units* the handshake_timer is. Looking at the code, it seems to be in seconds meaning it is unlikely that is the problem (if the handshake took .5s with a 20s timeout). I'd recommend having any configuration value at most once, although I don't think it would break anything.

Re: Connection rejected for MTLS forward proxy

/docs.trafficserver.apache.org/en/latest/admin-guide/files/records.config.en.html?highlight=proxy%20config%20ssl%20ca%20cert%20filename#proxy.config.ssl.CA.cert.filename> >> >> records.config — Apache Traffic Server 8.0.0 documentation >> >> >> <ht

Re: Connection rejected for MTLS forward proxy

You can enable the debug tag 'ssl' to get more data. See https://docs.trafficserver.apache.org/en/7.1.x/developer-guide/debugging/debug-tags.en.html?highlight=debug%20enable#other-useful-internal-debug-tags

Re: [VOTE] Release Apache Traffic Server 7.1.2 (RC2)

+1, retested. On Wed, Dec 20, 2017 at 8:38 PM, Leif Hedstrom wrote: > Still +1 from me. > > — Leif > > > On Dec 20, 2017, at 5:16 PM, Leif Hedstrom wrote: > > > > I've prepared a release for 7.1.2 (RC2), which is a bug fix release on > the previous v7.1.1.

Re: Certificate mimicking/spoofing in ATS

Currently you would need to manually install certificates on the ATS box that match the upstream destinations. This works well for reverse proxy but is somewhat problematic in the forward case. There is an experimental plugin, "plugins/experimental/certifier" in the ATS 9.0 release which should be

Re: [VOTE] Release Apache Traffic Server 7.1.3 (RC0)

+1 On Sun, Apr 15, 2018 at 6:58 PM, Steven R. Feltner wrote: > +1 - I've compiled 7.1.3-RC0 on CentOS 6 using devtoolset-6 [gcc (GCC) > 6.3.1 20170216 (Red Hat 6.3.1-3)] and on CentOS 7 using stock gcc-4.8.5. I > ran all regression tests on both version and all passed.

Re: Proxy response after hooks in ATS

Proxy response should be after most hooks, i.e. what is sent back to the user agent. If you really want to be sure, I'd use wireshark. If you are doing a transform, you will generally need wireshark to see the transformed content. On Wed, Feb 28, 2018 at 6:06 AM, supraja sridhar

Alan's Notes on the 2018 Fall Summit

https://solidwallofcode.github.io/notes/ATS-2018-Fall-Summit.en.html These are my personal notes and focus on things I need to remember, or take action on, from the summit. I offer them in case anyone else finds them useful. -- *Beware the fisherman who's casting out his line in to a dried up

Re: invalid VIA header in trafficserver 8.0

I'm kind of curious as to how and when this became broken. On Sat, Oct 13, 2018 at 4:53 PM Shu Kit Chan wrote: > I think this is a bug. I just created a PR to fix it - > https://github.com/apache/trafficserver/pull/4407 > > Also for one of your examples, you are missing an empty space at the

Re: Memory usage - Virtual Machine - 7.1.x

Looking at the memory dump, my first guess would be you have a lot of stalled transactions that never got cleaned up. This is based on the ioBufAllocator[5], which IIRC is the default size for the initial read. The hdrStrHeap and hdrHeap are used for storing request / response headers in memory.

Re: ERROR: log: unsupported key 'name'

In your first example, why do you have a '-' in front of 'name'? In the second one you have to define a "log object" which you can then refer to by name. On Mon, Nov 5, 2018 at 8:57 AM Jin wrote: > I noticed an error reported in diags.log in ats 8.0.0 > > [Nov 5 09:52:08.869] {0x2b3b4a96fd00}

Re: log real ip using X-Forwarded-For header

%<{X-Real-IP}chq> ? https://docs.trafficserver.apache.org/en/8.0.x/admin-guide/logging/formatting.en.html?highlight=chi#admin-logging-fields-headers On Tue, Nov 13, 2018 at 12:24 PM ezko wrote: > Hi, > we are running ATS 7.1.5 and looking for a way to log the real client IPs. > we have NGINX

Re: log real ip using X-Forwarded-For header

Yeah, I realized I typo'd it as soon as I sent it, but since you had the link I was confident you'd figure it out.

Re: Traffic server suddenly drop the packets and crashed

Looks like a problem with the "stale-while-revalidate" plugin. I know that's been problematic. I'm not sure what the current state is. On Fri, Nov 16, 2018 at 8:43 AM Vasanth Mathivanan < vasant...@evolutiondigital.com> wrote: > Yes , its generating core dump file in traffic server root path

Re: ATS 7.1.5 incoming_ip_to_bind

No. You'll need to do that in the proxy ports, `proxy.config.http.server_ports`. Something like "8080:ip-in=10.1.1.2 8080:ip-in=127.0.0.1".

Re: subscribe

Let's be nice to the newbie :-) On Tue, Jan 15, 2019 at 11:36 AM John Rushford wrote: > Thanks Krasmir! > > On Tue, Jan 15, 2019 at 10:31 AM Krasimir Velichkov < > krasimirvelich...@gmail.com> wrote: > >> Welcome aboard, John! >> >> On Tue, Jan 15, 2019 at 5:40 PM John Rushford >> wrote: >>

Re: Change in shn response (logging)

One of the issues with this is what exactly was the difference between `pqsn` and `shn`? Did they different when using parent.config? On Fri, Jan 11, 2019 at 11:54 AM Steve Malenfant wrote: > Was doing some testing this morning and noticed that I couldn't find my > traffic by the origin server

Re: Questions on forwarding proxy in hierarchical mode

Sorry, was out at a conference last week. If you're getting "Tunnel Forbidden" it means a `CONNECT` request is going through ATS and getting blocked because `proxy.config.http.connect_ports` [1] doesn't allow the remote port. This may have changed between 5 and 8. I suspect that the HTTPS change

Re: cache.config : ttl-in-cache

, Dec 6, 2018 at 6:58 PM Leif Hedstrom wrote: > Can you specify both >= and <= ? Such that we ignore a cc that would go > below the minimum, yet caps the upper limit? > > — Leif > > On Dec 6, 2018, at 16:39, Alan Carroll wrote: > > There's been an internal request to ex

cache.config : ttl-in-cache

There's been an internal request to extend the meaning of the "ttl-in-cache" directive for the cache.config configuration file. After several failed attempts, this is my current approach. The time operators '<' and '>' are added for the ttl-in-cache directive. These mean "at most" and "at least"

  1   2   >