Download
Share
Print this page
  1. Manuals
  2. Brands
  3. Intel Manuals
  4. Computer Accessories
  5. NetStructure 1520
  6. Administrator's manual

Intel NetStructure 1520 Administrator's Manual

Cache appliance
Hide thumbs

Advertisement

Quick Links

Download this manual
Intel
®
NetStructure
1520 Cache Appliance
Administrator's Guide

Advertisement

loading

Related Manuals for Intel NetStructure 1520

Summary of Contents for Intel NetStructure 1520

  • Page 1 Intel ® NetStructure ™ 1520 Cache Appliance Administrator’s Guide...
  • Page 2 (iii) ability or sufficiency of same to function accurately as a representation of any standard. Furthermore, Intel makes no commitment to update the information contained in this document, and Intel reserves the right to make changes at any time, without notice, the information contained in this document.
  • Page 4 Intel NetStructure Cache Appliance Administrator’s Guide Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 5 Contents...
  • Page 6 Intel NetStructure Cache Appliance Administrator’s Guide Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 7 Contents...
  • Page 8 Intel NetStructure Cache Appliance Administrator’s Guide Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 9 Contents...
  • Page 10 Intel NetStructure Cache Appliance Administrator’s Guide Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 11 This manual describes how to use and configure an Intel system (referred to as “appliance” in this manual) either as a single node or as a cluster of nodes. The manual covers the following topics: Chapter 1 contains an overview of the appliance and an overview of this guide.
  • Page 12 This manual is intended for system administrators who configure, run, and administer Intel NetStructure Cache Appliance systems. Consequently, the information in the manual was written with the assumption that the reader has experience in Web server administration and configuring TCP/IP networking.
  • Page 13 This chapter provides the following overviews: What is an Intel® NetStructure™ Cache Appliance?‚ on page 2 Intel NetStructure Cache Appliance features‚ on page 3 How to use this guide‚ on page 5...
  • Page 14 Fault tolerance (redundant boot images) Secure single-point administration (you can configure many nodes at once) See Intel NetStructure Cache Appliance features‚ on page 3 for more information about these features. You can use the appliance alone or with other enterprise software, including other caching products.
  • Page 15 Server accelerator The appliance can be configured as a web server to accelerate slower traditional web servers. Documents stored in cache are served at high speed, while documents not in cache are requested on demand from slower, traditional web servers. This server accelerator feature is also called reverse proxy.
  • Page 16 WCCP 2.0 HTTP cache hierarchy support In a hierarchy of proxy servers, the appliance can act either as a parent or child cache, either to other Intel NetStructure Cache Appliances, or to other caching products. Web server acceleration Through reverse proxy, the appliance can act as a web server accelerator, handling requests for and relieving stress from web servers.
  • Page 17 The appliance can be monitored and managed through SNMP network management facilities. The appliance supports two management information bases (MIBs). The first, MIB-2 is a well known standard MIB. The second, the proprietary Intel NetStructure Cache Appliance MIB provides more specific node and cluster information. Performance reporting You can get performance statistics at a glance from the Manager UI or from the command-line interface.

  • Page 19: Getting Started

    Getting Started This chapter contains the following sections: Starting the system for the first time‚ on page 8 Accessing the Manager UI‚ on page 12 Accessing the command-line interface‚ on page 15 Verifying that caching works‚ on page 15 Changing passwords‚ on page 15 Chapter 2...
  • Page 20 Attaching the supplied power cord to the appliance and plugging the cord into an approved receptacle. You can find instructions on how to physically set up your system in the Intel NetStructure Cache Appliance Quick Start. Safety regulations and warranty require that the front bezel mounts and panel Note must be in place during operation of the appliance.
  • Page 21 When the message appears, entries to the screen have been successfully changed and stored. The menu on this screen should appear as follows: network –timezone time view Initial Intel Cache Setup Install Intel Cache Commit Setup Changes Configure Network Configure Time Zone Configure Date and Time View Settings 192.168.1.10______________...
  • Page 22 –install commit From the main screen, highlight install and press the Enter key. Selecting install causes the settings to be written to the boot image. During the Intel NetStructure Cache Appliance Administrator’s Guide Eastern Central Mountain Pacific Configure Network...
  • Page 23 Once the software is running, you can access the system through a web browser by using the system’s IP Address with an appended information on accessing the manager UI, refer to Accessing the Manager UI‚ on page 12. Initial Intel Cache Setup Install Intel Cache Commit Setup Changes prompt appears, press the Enter...
  • Page 24 Security page, see Using the Security page‚ on page 39. Should you forget your password, contact Customer Service at Intel Note Corporation for assistance. For information on how to contact Intel Customer Service, see the Intel NetStructure Cache Appliance Product Support booklet that came with your system.
  • Page 25 Figure 1 The Dashboard page The Manager UI has two modes, Monitor and Configure: In Monitor mode, view performance statistics and graphs. To access Monitor mode, click the top of the MONITOR tab. In Configure mode, view and modify the appliance’s configuration options. To access Configure mode, click the top of the CONFIGURE tab.
  • Page 26 To save and restore an entire set of configuration files, refer to Using the Snapshots page‚ on page 47. For information about all the values you can set in Configuration mode, see Chapter 4‚ Configuring the Appliance. Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 27 You can access the command-line interface using one of two methods: Provide a serial connection to the Intel NetStructure Cache Appliance machine. Refer to the Intel NetStructure Cache Appliance Quick Start Guide for detailed information. Access the machine through a telnet connection. This method requires you to enter a telnet Administrator ID and password.
  • Page 28 To change the password for the Manager UI, see Using the Security page‚ on page 39. To change the password for the telnet or serial connection, see Changing the administrator password for telnet or serial access‚ on page 60. Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 29 Monitoring Appliance Performance This chapter describes how to use the Manager UI to collect and interpret performance statistics on the Intel NetStructure Cache Appliance. This chapter contains the following sections: Accessing monitor pages‚ on page 18 Using the Dashboard page‚ on page 18 Using the Node page‚...
  • Page 30 Should you forget your password, contact Customer Service at Intel Note Corporation for assistance. For information on how to contact Intel Customer Service, see the Intel NetStructure Cache Appliance Product Support booklet that came with your system.
  • Page 31 Use the Dashboard page to: Select a node See which nodes are on and which are off See if an alarm condition exists on any node If an alarm condition exists, you can click the alarm light to view a description of the alarm and resolve it.
  • Page 32 Manager UI session. Note Should you forget your password, contact Customer Service at Intel Corporation for assistance. For information on how to contact Intel Customer Service, see the Intel NetStructure Cache Appliance Product Support booklet that came with your system.
  • Page 33 The Graphs page provides a list of options for generating performance graphs for cache results, garbage collection, transfer rates, and object size for the currently selected node. Reaching the Graphs page Be sure you are in monitor mode. If not, click the MONITOR tab. Click the Graphs page button.
  • Page 34 You can also click on the daily view link at the bottom of the MRTG page to see daily statistics and on the weekly view link to see weekly statistics. Clicking on these links provides a more extensive selection of related graphs. Online help provides descriptions of the graphs. Note Intel NetStructure Cache Appliance Administrator’s Guide...

  • Page 35: Configuring The Appliance

    Configuring the Appliance This chapter describes the configuration options that control the Intel NetStructure Cache Appliance behavior and performance, and instructs you on how to set these values in the Manager UI. This chapter contains the following sections: Accessing configure pages‚ on page 24 Using the Server Basics page‚...
  • Page 36 Should you forget your password, contact Customer Service at Intel Note Corporation for assistance. For information on how to contact Intel Customer Service, see the Intel NetStructure Cache Appliance Product Support booklet that came with your system.
  • Page 37 The following table describes the general configuration settings in the Intel NetStructure Cache section. .com host_x y.com host_x.y.com .com .com www.inktomi.com .com .com Chapter 4 Configuring the Appliance www. inktomi...
  • Page 38 Using a proprietary management protocol, appliance nodes communicate their status with their peers. If a node fails, its peers notice the failure and quickly negotiate which of the remaining nodes will mask the fault by taking over the failed node’s virtual interface. Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 39 The following table describes the Virtual IP Addressing configuration settings. You can add or change entries in the Virtual IP address pool by modifying the appliance’s Virtual IP address list. Modifying the Virtual IP address list On the Server Basics page, scroll to the Virtual IP Addressing section. Click the Edit virtual IP addresses link.
  • Page 40 500 milliseconds and the upper limit is 1000 milliseconds. Given these limits, the following is true: If it takes the appliance more than 500 milliseconds to serve a fresh hit, it begins to shed load. Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 41 If it takes the appliance more than 750 milliseconds, it begins to shed 50% of its load. If the fresh-hit transaction time exceeds 1000 milliseconds, the appliance begins to shed 100% of its load. Load shedding is temporary; when hit-transaction times return to acceptable levels, the appliance reverts to handling all incoming requests.
  • Page 42 Click the Protocols page button. The Protocols page is divided into four sections for configuring HTTP, NNTP, HTTPS, and FTP. The HTTP section lets you configure the appliance’s handling of HTTP. The following table describes the section’s options. Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 43 From Referer User-Agent Cookie Client-ip Client-ip The NNTP section lets you configure basic NNTP options. While this section lets you configure basic options, you must use the command-line interface to configure the appliance to cache articles from particular NNTP servers and news groups as well as to set access restrictions and authentication requirements for news readers.
  • Page 44 The following table describes the options. Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 45 cancel newgroup rmgroup Chapter 4 Configuring the Appliance...
  • Page 46 The FTP section lets you configure FTP protocols. The following table describes the options. Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 47 The Cache page allows you to configure the following: Cache activation Object freshness Variable object content Reaching the Cache page Be sure you are in configure mode. If not, click the CONFIGURE tab. Click the Cache page button. The following sections describe the sections in the Cache page. The following table describes the cache activation configuration options.
  • Page 48 The following table describes the storage options. The following table describes the freshness options. Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 49 Chapter 4 Configuring the Appliance...
  • Page 50 The following table describes the variable configuration options. user- agent cookie Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 51 The Security page lets you configure access to the Manager UI. You can set administrator and guest IDs and passwords (guests have read-only access) for the selected node. Reaching the Security page Be sure you are in configure mode. If not, click the CONFIGURE tab. Click the Security page button.
  • Page 52 Click the Routing page button. The appliance can participate as a member of an HTTP cache hierarchy. You can point your appliance at a parent network cache—either another Intel NetStructure Cache Appliance or a different caching product—to form a cache hierarchy, wherein a child cache relies upon a parent cache in fulfilling user requests.
  • Page 53 In the ICP section you can establish ICP peers. The following table describes the ICP options. For ICP to work, the appliance must recognize its ICP neighbors (siblings and parents). Chapter 4 Configuring the Appliance...
  • Page 54 Click the Add Entry button. Enter the information for the ICP peer host. If you want to clear the entire form of information, you can press the Reset button. Click the Add button to save your changes. Intel NetStructure Cache Appliance Administrator’s Guide localhost...
  • Page 55 The Server Accelerator section allows you to configure the appliance as a Server Accelerator (also known as a reverse or server-side proxy). You can enable or disable this function as well as control how the appliance routes document requests to the slower traditional Web servers. For more information about setting up the appliance as a Server Accelerator, see Setting general controls‚...
  • Page 56 The Host Database page lets you view and change the following: Host database options Domain Name Service lookups Reaching the Host Database page Be sure you are in configure mode. If not, click the CONFIGURE tab. Click the Host DB page button. Intel NetStructure Cache Appliance Administrator’s Guide <scheme>://<host>:<port>/ <scheme>://...
  • Page 57 The appliance host database stores the domain name server (DNS) entries of servers that the appliance contacts to fulfill user requests. You configure the appliance host database by setting options in the Host Database Management section. The following table describes the options. Chapter 4 Configuring the Appliance...
  • Page 58 Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 59 The DNS Configuration section lets you configure DNS services. The following table describes the options. invalid hostname The Snapshots page lets you take snapshots of the selected appliance’s configurations or lets you restore previously saved configurations. A configuration snapshot consists of a complete set of appliance configuration files. It is a good idea to take a snapshot before doing system maintenance or Note attempting to tune system performance.
  • Page 60 If you do not remove the diskette from the drive and the system needs to be rebooted remotely, the system will attempt to reboot from the diskette, which does not have a bootable image. Intel NetStructure Cache Appliance Administrator’s Guide...

  • Page 61: Using The Command Line Interface

    Using the Command-Line Interface This chapter describes the command-line utility that you can use to configure the system’s network addresses and to control, configure, and monitor the Intel NetStructure Cache Appliance. This chapter contains the following sections: Starting the command-line interface‚ on page 50 Navigating the command-line interface‚...
  • Page 62 For instructions on how to start the appliance for the first time, see either the Intel NetStructure Cache Appliance Quick Start Guide or Starting the system for the first time‚ on page 8.
  • Page 63 These menu selections let you do the following: setup—Change the system’s network address configuration and time settings. See Using the setup menu‚ on page 52 for more information. main—Start or stop the cache and proxy services, check version information, clear statistics, and install and delete software. See Using the main menu‚ on page 54 for more information.
  • Page 64 Select ip and press Enter. Doing so displays the current IP address, hostname, and netmask. In the New IP Address field, enter the IP address that you want to assign to the appliance, and press Enter. Intel NetStructure Cache Appliance Administrator’s Guide root->monitor root->monitor->cache...
  • Page 65 In the New Hostname field, enter the hostname that you want to assign to the appliance, and press Enter. In the New Netmask field, enter the netmask address that you want to assign to the appliance system, and press Enter. Press CTRL-X to save your changes and return to the previous menu.
  • Page 66 You can view the current hostname, IP, DNS, and Gateway address settings by selecting view from the setup menu. The main menu lets you do the following: Check the status of the Server and Manager resident on the appliance. Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 67 Start the appliance cache and proxy services. Stop the appliance cache and proxy services. View and maintain the version of software installed on the appliance. Clear persistent statistics. Reboot the system. Halt the system. Change Administrator password for telnet and serial access. Reset the appliance to the factory settings.
  • Page 68 Each upgrade must exist in a separate directory. We recommend that the names you choose for your directories indicate the release. This example shows separate directories for application, patch, and OS/application upgrades: <ftp_dir>/app_3.0.9.0 <ftp_dir>/app_3.1.0.0 <ftp_dir>/patch_1 <ftp_dir>/patch_2 <ftp_dir>/os_1 <ftp_dir>/os_2 Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 69 Once the upgrade is complete, the system automatically reboots. The CLI displays this message: Final Message: Upgrade Complete. Intel (r) NetStructure (tm) 1520 Cache is rebooting. Please wait 2-3 minutes for an active console login. After the system has finished rebooting, follow the procedures in Starting the system for the first time in chapter 2.
  • Page 70 Once the upgrade is complete, the system automatically reboots, then the CLI displays this message: Final Message: Upgrade Complete. Intel (r) NetStructure (tm) 1520 Cache is rebooting. Please wait 2-3 minutes for an active console login. Continue to use the appliance as before. If the upgrade requires you to reset the application, you are warned in an upgrade message.
  • Page 71 You can delete a version of the appliance software when you need to add a newer version but you already have two versions installed. You cannot delete the currently running version of the appliance software. To Note delete that software, you must first switch to the second version and then delete the other version.
  • Page 72 The username remains the same. Should you forget your password, contact Customer Service at Intel Corporation Note for assistance. For information on how to contact Intel Customer Service, see the Intel NetStructure Cache Appliance Product Support booklet that came with your system.
  • Page 73 Select passwd, and press Enter. Doing so causes a prompt to appear requesting you to type and confirm the new administrator password. Enter and confirm the new password. Press CTRL-X to save your changes and return to the previous screen. Changing the password value using CLI changes only the password for telnet or Note serial access.
  • Page 74 To bounce the local appliance, select local bounce, and press Enter. See step four for further information. To set up an alarm email address, select email, and press Enter. Doing so displays the current alarm email address. You can enter the email Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 75 address you want to use in this field and press CTRL-X to save your changes and return to the previous screen. To see whether the appliance is in reverse or forward proxy mode, select view-mode, and press Enter. A message displays at the bottom of the screen that indicates reverse or forward proxy enabled.
  • Page 76 Enter. The configuration settings display on screen. To enable the appliance to cache and serve news articles select enable, and press Enter. Intel NetStructure Cache Appliance Administrator’s Guide identifies the agent making the request, usually a browser identifies the user that made the request identifies the user’s email address...
  • Page 77 To Disable the appliance from caching and serving news articles select disable, and press Enter. To allow NNTP server feeds, select the first feeds in the menu and press Enter. To inhibit NNTP server feeds select the second feeds in the menu and press Enter.
  • Page 78 The following table describes the tags you can use in a rule: hostname group-wildmat priority Intel NetStructure Cache Appliance Administrator’s Guide .block distributions distrib.pats *,!distrib.pats distrib.pats *,!alt.* alt.* talk.religion.*,!talk.religion.barney ,subscriptions talk.religion.* talk.religion.barney alt.* subscriptions...
  • Page 79 priority (continued) interface Chapter 5 Using the Command-Line Interface...
  • Page 80 Use the arrow keys to select the rule you want to delete and press Enter. Press CTRL-X to save your change and return to the previous screen. Intel NetStructure Cache Appliance Administrator’s Guide rec.soccer rec.*...
  • Page 81 Each rule must begin with a specific client group. You can use three ways to specify groups of clients: by IP range, domain, or host name. For example: ip=0.0.0.0-255.255.255.255 ip=127.0.0.1 domain=intel.com hostname=myhost.mydomain.com Following the client group is an access directive. The access directive is of the form access=value...
  • Page 82 Select the config menu, and press Enter. Select protocols, and press Enter. Select nntp, and press Enter. Select access, and press Enter. Select view, and press Enter. Doing so displays file containing the NNTP access rules. Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 83 You can view and specify the ports to which SSL is restricted. Viewing SSL ports Select the config menu, and press Enter. Select protocols, and press Enter. Select ssl, and press Enter. Select view, and press Enter. Doing so displays the ports to which SSL is restricted.
  • Page 84 You can use more than one secondary specifier in a rule. However, you Note cannot repeat a secondary specifier. The following table lists the primary destination tags and their allowed values: dest_domain dest_host dest_ip url_regex Intel NetStructure Cache Appliance Administrator’s Guide message. secondary specifier=value action=value...
  • Page 85 The secondary specifiers are optional. The following table lists the possible tags and their allowed values: time src_ip prefix suffix port method scheme The following table lists the possible action tags and their allowed values: action keep_hdr strip_hdr keep_hdr Examples The following rule tells the appliance to deny FTP document requests to the IP address 112.12.12.12.
  • Page 86 You can add, delete, and view remap rules. Adding remap rules Select the config menu, and press Enter. Select protocols, and press Enter. Intel NetStructure Cache Appliance Administrator’s Guide /viewpoint and whose path politics to the requested host...
  • Page 87 Select remap, and press Enter. Select add rules, and press Enter. Enter a remap rule, and press Enter. Press CTRL-X to save your changes and return to the previous screen. Each rule must consist of three fields: The following table describes the proper format for each field. type reverse_map target...
  • Page 88 To obey user requests to bypass the cache (obey client Cache Control: no-cache headers), select the second Bypass, and press Enter. After you press Enter, your selection displays at the bottom of the screen. Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 89 You can configure the cache to store only objects below a certain size and to store a limited number of alternates. Setting disk storage options Select the config menu, and press Enter. Select cache, and press Enter. Select storage, and press Enter. Doing so causes the Configure Cache Storage box to appear.
  • Page 90 The following table shows the options: Intel NetStructure Cache Appliance Administrator’s Guide Expires Cache-Control: max-age Expires Cache-Control: max-age headers Last-Modified...
  • Page 91 The appliance uses caching rules to determine how a particular group of URL addresses should be cached. You can add, delete, and view caching rules. Caching rules can specify: Whether to cache objects How long to keep (pin) particular objects in the cache How long to consider cached objects as fresh Whether to ignore no-cache directories from the server Adding caching rules...
  • Page 92 You can use more than one secondary specifier in a rule. However, you Note cannot repeat a secondary specifier. time src_ip prefix suffix port method scheme Intel NetStructure Cache Appliance Administrator’s Guide value secondary specifier value action value =<...
  • Page 93 The following table lists the possible action tags and their allowed values: action pin-in-cache revalidate Examples The following rule tells the appliance to never cache FTP documents requested from the IP address 112.12.12.12. dest_ip=112.12.12.12 scheme=ftp action=never-cache The following rule tells the appliance to keep in the cache for 12 hours documents whose URL addresses contain the regular expression and whose the paths contain the prefix politics...
  • Page 94 The following rule allows a specific subnet to use the appliance as a web proxy: src_ip=123.12.3.000-123.12.3.123 action=ip_allow Deleting IP Allow rules Select the config menu, and press Enter. Select security, and press Enter. Intel NetStructure Cache Appliance Administrator’s Guide field are src_ip...
  • Page 95 Select server, and press Enter. Select delete rules, and press Enter. Doing so displays a list of current rules. If no rules exist, a message displays at the bottom of the screen indicating such. Use the arrow keys to position the cursor over the rule you want to delete, and press Enter.
  • Page 96 Disable multicast Set ICP port numbers Set ICP query timeout Viewing and modifying ICP rules The appliance uses ICP rules to define parent and sibling caches. You can add, delete, and view ICP rules. Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 97 Adding ICP rules Select the config menu, and press Enter. Select routing, and press Enter. Select icp, and press Enter. Select rules, and press Enter. Select add rules, and press Enter. Add an ICP rule, and press Enter. Press CTRL-X to save your rule and return to the previous screen. Each rule must contain the name and configuration information for a single ICP peer in the following format: host:hostIP:cache_type:proxy_port:icp_port:MC_on:MC_IP:MC_TTL:...
  • Page 98 If no rules exist, a message displays at the bottom of the screen indicating such. Use the arrow keys to position the cursor over the rule you want to delete, and press Enter. Press CTRL-X to save your changes and return to the previous screen. Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 99 Viewing ICP rules Select the config menu, and press Enter. Select routing, and press Enter. Select icp, and press Enter. Select rules, and press Enter. Select view rules, and press Enter. Doing so causes the file containing the ICP rules to appear. Viewing current ICP settings You can find out if the ICP protocol is enabled or disabled, what the ICP port number is, whether ICP multicast is enabled or disabled, and the ICP query...
  • Page 100 Supply the port number in the data field, and press Enter. Press CTRL-X to save your changes and return to the previous screen. Setting the ICP query timeout You can set the ICP query timeout number. Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 101 Setting the ICP query timeout number Select the config menu, and press Enter. Select routing, and press Enter. Select icp, and press Enter. Select timeout, and press Enter. Doing so causes a field to appear that has the current timeout value in seconds displayed. Supply the new timeout value in seconds in the data field, and press Enter.
  • Page 102 The secondary specifiers are optional. The following table lists the possible tags and their allowed values: time src_ip prefix suffix port method scheme The following table lists the allowed action tags and their possible values: parent Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 103 round_robin go_direct Examples The following rule sets up a parent proxy hierarchy consisting of the appliance (which is the child) and two parents, requests, if they cannot be served by the appliance, are routed to the first parent server, routed to the second parent server, round_robin=true fashion.
  • Page 104 To enable multicast communication, select enable multicast, and press Enter. Doing so causes two fields to appear. Supply the multicast address in the top field and press Enter. Supply the multicast TTL in the Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 105 bottom field and press Enter. Finally, press CTRL-X to save your changes and return to the previous screen. To disable multicast communication, select disable multicast, and press Enter. To enable HTTP redirection, select enable HTTP, and press Enter. To disable HTTP redirection, select disable HTTP, and press Enter. To enable NNTP redirection, select enable NNTP, and press Enter.
  • Page 106 Select rules, and press Enter. Select add rules, and press Enter. Add a bypass rule, and press Enter. Press CTRL-X to save your rule and return to the previous screen. You can configure three types of bypass rules: Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 107 The bypass rules have the following format: bypass src src_IP 123.1.23.1 - 123.1.23.123 bypass dst dst_IP src_IP bypass src IP_address AND dst IP_address Examples The following examples show source, destination, and source/destination bypass rules: bypass src 1.1.1.0/24, 25.25.25.25, 128.252.11.11 - 128.252.11.255 bypass dst 24.24.24.0/24 bypass src 25.25.25.25 AND dst 24.24.24.0 Deleting ARM bypass rules...
  • Page 108 Select configure, and press Enter. Doing so displays current values for the options you can set. Supply a value for each field you want to change, and press Enter after filling in each field. Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 109 Press CTRL-X to save your changes and return to the previous screen. The following table describes the options: my.com my.com my.com Chapter 5 Using the Command-Line Interface...
  • Page 110 Select collation, and press Enter. Doing so displays current values in separate fields. Following are default values: Enter Collation FTP Host: Collation Interval (hours): 3 Enter Collation FTP User: admin Enter Collation FTP Password: admin Enter Collation FTP Directory: ~/logs Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 111 Supply a value for each field you want to change, and press Enter after filling in each field. Press CTRL-X to save your changes and return to the previous screen. Viewing logging options Select the config menu, and press Enter. Select logging, and press Enter.
  • Page 112 Select protocols, and press Enter. Doing so causes a list of protocols to appear on screen. Select the protocol you want to view and press Enter. The following table describes the statistics for the HTTP-trans protocol. Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 113 The following table describes the statistics for the HTTP protocol. Statistics exist for both the client and server. Chapter 5 Using the Command-Line Interface...
  • Page 114 The following table describes the protocol for the NNTP protocol. Statistics and descriptions exist for Client, Server, and Operations. Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 115 The following table describes the statistics for the FTP protocol: The following table describes the statistics for the ICP protocol. Statistics exist for queries originating from the node and for queries originating from ICP peers. Chapter 5 Using the Command-Line Interface...
  • Page 116 Viewing Cache statistics Select the monitor menu, and press Enter. Select cache, and press Enter. Doing so causes the statistics to display on the screen. The following table describes the statistics. Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 117 Other statistics report information about host database lookups, DNS lookups, cluster connections, and logging. Viewing host database statistics Select the monitor menu, and press Enter. Select other, and press Enter. Select hostdb, and press Enter. Doing so causes the statistics to display on the screen.
  • Page 118 Viewing cluster statistics Select the monitor menu, and press Enter. Select other, and press Enter. Select cluster, and press Enter. Doing so causes the statistics to display on the screen. The following table describes the statistics. Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 119 Viewing logging statistics Select the monitor menu, and press Enter. Select other, and press Enter. Select logging, and press Enter. Doing so causes the statistics to display on the screen. The following table describes the statistics. The expert menu lets you invoke a command shell. From the shell, you can execute the following commands to access features not included in the command-line interface or the Manager UI: ipnat, kill, last, less, ls, mpstat, netstat, ping, ps,...
  • Page 120 The logoff menu disconnects you from the appliance and logs you out of the system. Logging off the system Select the logoff menu and press Enter. Doing so causes the system to disconnect you and return control to the VT100 terminal emulator window. Intel NetStructure Cache Appliance Administrator’s Guide...

  • Page 121: Troubleshooting Problems

    When the system doesn’t seem to be operating correctly, you can use the information in this chapter to help you find a solution. If the information in this chapter doesn’t solve your problem, refer to the Intel NetStructure Caching Appliance Product Support booklet that came with your system.
  • Page 122 Rebooting the Intel NetStructure Cache Appliance causes the underlying operating system to reboot. Rebooting the appliance is not the same as starting and stopping the caching software on your system. For instructions on how to start and stop the caching software by using the command-line interface (CLI), refer to Starting the appliance‚...
  • Page 123 Periodically the caching application that runs on the Intel NetStructure Cache Appliance might need upgrading or might need to have a patch applied. In this case, visit Intel’s ISP web site at http://www.intel.com/isp and go to the product page for your appliance. That page contains information on the latest software versions and patches that might apply.
  • Page 125 Caching Solutions and Performance This appendix is an overview of the Web caching capabilities and performance of the Intel NetStructure Cache Appliance. This chapter covers the following topics. Web proxy caching‚ on page 114 Transparent proxy caching‚ on page 120 Server acceleration‚...
  • Page 126 The Intel NetStructure Cache Appliance is a high-performance caching proxy server. It is designed to efficiently handle multiple client connections simultaneously and supports HTTP, FTP, NNTP, ICP, and WCCP 2.0 protocols. The idea behind Web caching is to store copies of frequently accessed documents Caching close to users and serve this information to them on demand.
  • Page 127 Caching is more complex than the preceding overview suggests. In particular, the overview does not answer these questions: How does the Intel NetStructure Cache Appliance ensure freshness given the different protocols it supports? How does the appliance revalidate stale HTTP objects?
  • Page 128 In addition, documents can be revalidated, checking with the server if a document is still fresh. If an HTTP object is stale, the Intel NetStructure Cache Appliance revalidates the object. A revalidation is a query to the origin server that asks if the object is unchanged.
  • Page 129 For example, a client might request that a document not come from a cache, or if it does, the document cannot have been cached for more than 10 minutes. The Intel NetStructure Cache Appliance bases the servability of a cached document on Cache-Control client requests and server responses.
  • Page 130 For example, a document might be considered fresh, but if its age is greater than its You can configure the following freshness guidelines for the Intel NetStructure Cache Appliance: How often to revalidate (when to consider objects stale). See Configuring HTTP revalidation below.
  • Page 131 To configure caching of alternates, see Variable content‚ on page 38. Depending on the type of object, you can direct the Intel NetStructure Cache Appliance to cache or not cache an object: You can limit article caching to specific news groups.
  • Page 132 The following table lists the HTTP caching directives that the appliance follows. In nontransparent proxy caching, client browsers must be configured to send Web requests to the Intel NetStructure Cache Appliance proxy. Many sites have no direct control over user browser settings, making it necessary for site administrators to tell users to configure their browsers to direct requests to the...
  • Page 133 On the way back to the client, the ARM changes the source IP address to the Step 5 origin server IP address and the source port to the origin server port. The transparency routing solutions supported by the Intel NetStructure Cache Appliance are: Layer 4-aware switch. See Using a layer 4-aware switch to filter transparency requests‚...
  • Page 134 Intel recommends that you do not enable the virtual IP failover in this situation, because layer 4-aware switch failover is already in operation.
  • Page 135 A WCCP 2.0-enabled router can send all port 80 (HTTP) traffic to the Intel NetStructure Cache Appliance, as shown in Figure 4. After the WCCP router sends port 80 traffic, the ARM readdresses port 80 to the appliance proxy port (by default, port 8080).
  • Page 136 146 for details about virtual IP failover. Instead of the WCCP protocol, you can use the policy-routing capabilities of a router to send traffic to the Intel NetStructure Cache Appliance. WCCP or an L4 switch is generally preferable to policy-based routing because it has a performance impact on the router and does not support load balancing or heartbeat messaging.
  • Page 137 IP address and its destination port. Typically, HTTP packet destination IPs and ports are readdressed with the IP address of the Intel NetStructure Cache Appliance and the appliance’s HTTP proxy port (usually port 8080). Appendix A Caching Solutions and Performance...
  • Page 138 If the appliance uses a port other than 119 for NNTP, the destination NNTP port is readdressed as well. The Intel NetStructure Cache Appliance contains an adaptive learning module that recognizes inter operability problems caused by transparent proxy caching and automatically bypasses the traffic around the proxy without operator...
  • Page 139 Bypass rules can be either static or adaptive. Adaptive bypass rules are dynamically generated if you configure the appliance to bypass in the case of non-HTTP port 80 traffic or HTTP errors. Static and dynamic rules look exactly the same. However, the appliance creates Static and dynamic rules dynamic rules when it encounters particular problems, such as non-HTTP port 80...
  • Page 140 In Web proxy caching, the Intel NetStructure Cache Appliance handles arbitrary Web requests to distant Web servers on behalf of a set of users. Server acceleration (also known as reverse proxy caching or virtual Web hosting) is slightly different. In server acceleration, the appliance is the Web server to which the user is trying to connect.
  • Page 141 Server acceleration advantages are similar to Web proxy caching: The appliance is optimized for speed and multiple user connections and can be deployed close to users. Serving cached documents saves network bandwidth. Server acceleration offers the following server advantages: Web servers can be off-loaded, providing overload insurance. An appliance cluster dynamically mirrors content from heavily loaded Web servers.
  • Page 142 133. The map rule for the other Web server illustrated in Figure 6, which hosts map jazz.flute.org big.server.net/jazz/ Intel NetStructure Cache Appliance Administrator’s Guide www.janes_books.com real.janes_books.com file. In the preceding example, the rule to map real.janes_books.com...
  • Page 143 This map rule specifies the path on the server /jazz jazz.flute.org big.server.net Generally, you use reverse proxy mode to support more than one origin server. In this case, all of the advertised host names resolve to the IP address or virtual IP address of the appliance (see Figure 6).
  • Page 144 Intel NetStructure Cache Appliance Administrator’s Guide specifies the URL from which the request originates. specifies the URL the appliance uses in place of the target...
  • Page 145 In a typical Server Accelerator configuration, there should be a reverse-map rule for every map rule, with the origin URL and replacement URL of the map rule reversed. The following examples illustrate several important cases of rewrite rules. This map rule does not specify a path prefix in the target or replacement: Example 1 map http://www.x.com/ http:/server.hoster.com/x/ This rule results in the following translations:...
  • Page 146 For information on how to do this, see Setting server accelerator options‚ on page 43. Intel NetStructure Cache Appliance Administrator’s Guide file. remap.config header. The best...
  • Page 147 The Intel NetStructure Cache Appliance can function as a member of the following cache hierarchies:...
  • Page 148 If the Intel NetStructure Cache Appliance has ICP enabled, it sends out ICP queries to its sibling caches in the event of a cache miss on an HTTP request. If there are no hits on siblings, the appliance sends ICP queries to ICP parents.
  • Page 149 41). For information on how to configure ICP options using the command-line interface see Configuring and maintaining ICP peers‚ on page 84. Using an Intel NetStructure Cache Appliance as parent to another group of appliances can reduce load on a parent news server and take advantage of the large number of concurrent connections that server supports.
  • Page 150 The Intel NetStructure Cache Appliance can function as a news server or a caching news server. News, also known as USENET and discussions, is a system of online discussion groups. NNTP is the protocol used to retrieve and distribute these discussion groups. The appliance supports NNTP as specified in RFC 977 and many common and proposed extensions.
  • Page 151 Serves requested articles to users Accepts and numbers user postings to the supported news groups As a caching proxy news server for a particular news server, the Intel NetStructure Cache Appliance does the following: Maintains lists of the news groups on its parent NNTP servers. You can configure the frequency that the appliance updates its copies of group lists.
  • Page 152 Configuring NNTP servers‚ on page 65. You can configure large clusters of Intel NetStructure Cache Appliances to act as a single large virtual cache that has all the storage and serving power of the aggregate.
  • Page 153 The Intel NetStructure Cache Appliance sends user article postings to the parent news server. You can specify the parent news server that receives postings for a particular group or set of groups from the command-line interface. For procedural information, see Configuring NNTP servers‚...
  • Page 154 65. You can configure different types of user authentication based on source domain, host name, or IP range from the command-line interface. See Configuring NNTP access‚ on page 69 for more information. Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 155 Clients that attempt to exceed the bandwidth limit will have each operation slowed to keep their bandwidth consumption to the limit. See Configuring NNTP‚ on page 31 for more information. The Intel NetStructure Cache Appliance is designed for carrier class operation. It offers the following: High performance...
  • Page 156 The appliance uses soft clustering and managed clustering to meet the performance needs of today and to scale to the needs of tomorrow. You can increase the Intel NetStructure Cache Appliance performance incrementally by adding new nodes to the cluster. For more information about clustering, see Clustering‚...
  • Page 157 Intel NetStructure Cache Appliance. See Transparent proxy caching‚ on page 120 for more information. The Intel NetStructure Cache Appliance contains high-availability features that work together to increase reliability, minimizing the impact of hardware or software failures.
  • Page 158 The appliance also supports email notification for alarms. You set the email address to which alarms are sent from the command-line interface. The virtual IP failover option is available to clustered Intel NetStructure Cache Appliances. When virtual IP failover is enabled, the appliance maintains a pool of virtual IP addresses that it assigns to the nodes in the cluster.
  • Page 159 Overload conditions, such as network outages, misconfigured routers, or security attacks, can slow down the Intel NetStructure Cache Appliance’s response time. In transparent configurations, the appliance can use its ARM bypass functionality to forward overload requests directly to origin servers, bypassing the cache.
  • Page 160 SNMP managers. SNMP managers probe devices for status and SNMP agents report whether a device is functioning properly. The Intel NetStructure Cache Appliance supports two MIBs: MIB-2 (a Note standard MIB) and the Intel NetStructure Cache Appliance MIB. You can Intel NetStructure Cache Appliance Administrator’s Guide...
  • Page 161 SNMP access to either one or both of these MIBS on your Intel NetStructure Cache Appliance. See Enabling SNMP agents‚ on page 29. If a device fails, it can send a warning message or an SNMP trap to the SNMP monitoring station.

  • Page 163: Error Messages

    This appendix contains the following sections: HTML messages sent to clients‚ on page 152 describes the HTML error messages that the Intel NetStructure Cache Appliance sends to browser clients (not to be confused with standard HTTP response codes) Standard HTTP response messages‚ on page 154 describes the standard HTTP...
  • Page 164 A list of the more frequently encountered HTTP response codes is provided on page 154. The following table lists the appliance’s hard-coded HTTP messages and their corresponding HTTP response codes. Intel NetStructure Cache Appliance Administrator’s Guide port_number name server...
  • Page 165 proxy_name proxy port server name client request HTTP method server name server name server name server name name host name Appendix B Error Messages http:// server...
  • Page 166 The following standard HTTP response messages are provided for your information. For a more complete list and descriptions, see the Hypertext Transfer Protocol — HTTP/1.1 Specification. Intel NetStructure Cache Appliance Administrator’s Guide host name new URL name host...
  • Page 167 Appendix B Error Messages...
  • Page 169 ARM is an Intel NetStructure Cache Appliance component that redirects intercepted client traffic destined for an origin server to the Intel NetStructure Cache Appliance application. Before the traffic is redirected by the ARM, it is intercepted by an L4 switch or router.
  • Page 170 For information on the supported cluster schemes, see Management-only clustering and Soft Cluster. One of two modes in the Intel NetStructure Cache Appliance Manager. Configure mode lets you configure the Intel NetStructure Cache Appliance from a web browser. See also Monitor mode.
  • Page 171 Intel NetStructure Cache Appliance MIB, which provides more specific node and cluster information. One of two modes in the Intel NetStructure Cache Appliance Manager. Monitor mode lets you monitor the Intel NetStructure Cache Appliance’s performance from a web browser.
  • Page 172 2. Post Office Protocol. The basic protocols for addressing e-mail. See Web proxy server. A option that allows the Intel NetStructure Cache Appliance to be configured as a web server for convenient geographical distribution of server content. Reverse proxy also off loads...
  • Page 173 An option available to clustered Intel NetStructure Cache Appliances, where the appliance maintains a pool of virtual IP addresses that it assigns to the nodes of a cluster. If a node fails, the remaining nodes mask the fault and take over the failed node’s virtual interface.
  • Page 175 adaptive bypass 126 Adaptive Redirection Module about 145 what it does 121 alternates 119 about 145 WCCP and 124 what it does 121 bypass options 127 bypass rules dynamic 127 static 127 cache affinity 122 Cache-Control headers 117 child cache 135 clustering management-only 141 Configuring HTTP 30...
  • Page 176 141 push group 142 RAM cache about 144 redirects 131 revalidation 116 reverse proxy about 128 Intel NetStructure Cache Appliance Administrator’s Guide security NNTP access control 32 server accelerator about 128 configuring 43 Setting Virtual IP addressing 26 snapshots...