Netra Proxy Cache Array User`s Manual
Contents
1. CHAPTER 1 3 Netra System Administration m Audio on page 95 a Host Name on page 96 m Solaris Log Files on page 97 m Restart and Shutdown on page 98 m Save and Restore Configuration on page 99 m System Administrator Alias on page 102 m System Defaults on page 102 This chapter describes the system administration modules accessible through the Netra Main Administration page Audio Use the Audio module to adjust the volume for configuration messages and audio files that are played through the Netra system speaker The volume level is tested by playing a sample sound when the level is set v To Adjust the Audio Volume 1 Choose System Administration Audio The Audio Administration page showing the current volume is displayed 2 Set the volume using Table 13 1 95 TABLE 13 1 Audio Settings Audio Volume An integer between 0 and 99 inclusive where 0 no sound 99 maximum volume Output Port The destination of the audio output Choose built in speaker line out or headphone jack Play Sample Plays a sound at the chosen volume on the Netra system speaker Sound Choices Yes No Host Name Use the Host Name module to change the name of the Netra server v To Change the Host Name 1 Choose System Administration Host Name The Host Name Administration page is displayed 2 Type the Netra server name See Table 13 2 TABLE 13 2 Host Name Host Name The nam2. Kem ee ST 7 td a oP Rak Cmo r iky lh lg SP Weve Cee ile li TT Map Te a F k p G2 Figure 7 1 SNMP Configuration Page 2 In the SNMP Configuration Page add the hostname s of machines that are to receive SNMP traps In the current release host names can not contain a period and therefore cannot contain a domain name Enter values or accept defaults for the following fields m SNMP Read Community m SNMP Write Community m SNMP Trap Community Click OK A page is displayed indicating the success or failure of your change If a change fails the page is redisplayed with the error indicated Correct the error and click OK again With some errors a new page containing an error message is displayed If this occurs click the Back button on your browser to return to the SNMP Configuration page Netra Proxy Cache Array User s Manual e Revision A March 1998 CHAPTER 8 Local Area Network Administration m Local Area Network Requirements on page 71 m LAN Procedures on page 72 This chapter describes how to configure the local area network LAN interfaces on the Netra Proxy Cache Server using the Local Area Network module Local Area Network Requirements A network interface consists of three elements m Network Port The network port provides the physical link between machines that comprise a network Ports can be built into the Netra server or they can be provided by PCI cards
3. Similar to the preceding point the software offers a flexible scheme for setting a cache object to non cacheable again based on its URL Supports dynamic parent failover If Netra Proxy Cache Server has multiple parents and is connected to a parent that fails the server fails over to the next available parent Furthermore the Netra Proxy Cache Server detects when the original parent comes back online Supports conditional retrievals for example can retrieve an object if it has been modified in the last day You can modify the time threshold to suit your needs Caching software imposes no limit on the amount of data cached Enables you to build hierarchies of or collections of peer proxy servers See Hierarchies on page 3 Offers a number of auditing features including hit statistics detailed user access logs bandwidth usage statistics and a number of other proxy and cache related statistics Ships with an SNMP MIB and agent so that you can manage a Netra Proxy Cache Server from an SNMP conformant management platform such as Solstice Domain Manager Offers a variety of filtering features including blocking and redirecting of HTTP requests based on URL hostname or user Shipped with a set of web based tools for product configuration and monitoring Netra Proxy Cache Array User s Manual e Revision A March 1998 Hierarchies An important feature of Netra Proxy Cache Server is the ability it gives you to cre
4. When you load the Host Status page a snapshot of current host activity is displayed If you want periodic updates specify a number of minutes in the Refresh field at the bottom of the page Click Reset to return the refresh value to 0 The tables in the Host Status page are described as follows Monitor Objects Monitoring a Netra Proxy Cache Array and Proxy Cache Service 115 Monitor objects identify the array software that provides a given service The object cache_monitor controls the array software for the proxy cache service The object dns_monitor controls the array software for the array s DNS A quiesced monitor object does not acquire new service addresses and withdraws its preferred service address from the array s DNS zone Thus a host could service an existing client but not acquire a new one You use the scalrcontrol 1 utility described in a man page to quiesce a monitor object Test Objects A test object is a software object that runs on a host to test a specific component of that host such as the integrity of an interface or the existence of a process A test object returns OK yes or not OK no for the object it tests There is a man page for each type of test object in opt SUNWscalr man man5 A failure return from a test object can result in the failure of the service as represented by the monitor object on a host That service on that host is considered to have failed and the array software moves t
5. Superuser Account on page 93 m Setting the Root Password on page 93 This chapter describes how to configure the superuser root password on a Netra Proxy Cache Server Superuser Account On UNIX systems there is a privileged account for the superuser who unlike normal users has access to all files and commands The user name of this account is root and it is used for system administration tasks that are not available to normal users The Root Password module enables the user to change the password for the superuser v Setting the Root Password To Set the Root Password 1 Choose Security Administration Root Password The Root Password Administration page is displayed 93 2 Type the information in the form using Table 12 1 TABLE 12 1 Information Required for Root Password Current Root Password The existing root password for the Netra server When the Netra server is unconfigured there is no root password so leave this field empty New Root Password The root password for the Netra server Re enter New Root Password A repetition of the password used to access the Netra server Because the password is not echoed as it is typed the first time the user is required to verify it by typing it a second time Note By default you can login as root only on the system console which requires you have a serial connection to the server 94 Netra Proxy Cache Array User s Manual e Revision A March 1998
6. Perform the TTY method for network interface configuration as described in Section 2 3 1 of the Netra Proxy Cache Array Configuration Guide on each host in the array 7 Using a browser to connect to your administrative host in the Netra Main Administration change your host name if the name is changing and make any other required changes such as name service configuration or time zone selection If any changes require a reboot the Netra Main Administration page reminds you of this requirement Use the Restart and Shutdown link to reboot your server 8 In the Proxy Cache Administration page complete proxy cache service and array configuration as described in Chapter 3 of the aforementioned Configuration Guide 108 Netra Proxy Cache Array User s Manual e Revision A March 1998 CHAPTER 1 5 Monitoring a Netra Proxy Cache Array and Proxy Cache Service m Proxy Cache and Array Monitoring Pages on page 109 m Array Status on page 110 m Host Status on page 114 m Proxy Cache Array Monitoring on page 117 m Proxy Cache Monitoring for Host on page 119 This chapter explains how to monitor a Netra Proxy Cache Array through the Netra Administration web pages You can also monitor the array through an SNMP conformant management platform This support is described in Chapter 16 Proxy Cache and Array Monitoring Pages v To Invoke the Array Status Monitor or Proxy Cache Monitoring You monitor a
7. dev dsk c0t11d0s0 dev rdsk c0t11d0s0 var opt SUNWcache cache5 this line continued from previous line ufs 2 yes dev dsk c0t12d0s0 dev rdsk c0t12d0s0 var opt SUNWcache cache6 this line continued from previous line ufs 2 yes dev dsk c0t13d0s0 dev rdsk c0t13d0s0 var opt SUNWcache cache7 this line continued from previous line ufs 2 yes dev dsk c0t14d0s0 dev rdsk c0t14d0s0 var opt SUNWcache cache8 this line continued from previous line ufs 2 yes 7 Note that the mount points var opt SUNWcache cache lt num gt are present in the Netra Proxy Cache software distribution 27 Reboot In the Netra Proxy Cache Main Administration page click Restart and Shutdown In the Restart and Shutdown Administration page click the Restart operation and leave the check box for Check for new devices upon restart set to Yes Click OK Upon rebooting in the console window you receive output such as the following Disk configuration has changed New filesystem detected var opt SUNWcache cache3 New filesystem detected var opt SUNWcache cache4 New filesystem detected var opt SUNWcache cache5 New filesystem detected var opt SUNWcache cache6 New filesystem detected var opt SUNWcache cache7 New filesystem detected var opt SUNWcache cache8 Disk configuration has changed Reconfiguring the cache Please wait This operation should take no more than 5 minutes Current time is Fri Dec 5 11 06 04 PST 1997 140 Netra Proxy Cach
8. on page 52 m Web Server Accelerator Options on page 53 m External Program Options on page 55 This chapter explains how to perform advanced configuration of the proxy cache service The chapter assumes you have completed configuration of your Netra Proxy Cache Array as described in the Netra Proxy Cache Array Configuration Guide Viewing and Modifying Advanced Proxy Cache Configuration Properties You view or modify advanced proxy cache configuration properties in web pages accessed through the Advanced Proxy Cache Configuration page You reach this page through the Proxy Cache Administration page See Chapter 3 for instructions on loading this page 27 v To View or Modify Advanced Proxy Cache Configuration Properties 1 In the Proxy Cache Administration page click Advanced Proxy Cache Configuration The Advanced Proxy Cache Configuration page shown in Figure 4 1 is displayed Li rearirzal husy Cha rhe ng umali nn m _ r m gt y tml eal Sone ng 4 Ti ri s Snes Ciena a Tres 4 lag Ao Dkm m Wad toe ee a hos Froga Glis G G2 Figure 4 1 Advanced Proxy Cache Configuration Page The Advanced Proxy Cache Configuration page presents a list of links shown in Figure 4 1 each of which corresponds to a category of proxy cache properties For all categories you follow the same procedure for viewing or modifying a property 1 In the Advanced Proxy Cache Configurati
9. A March 1998 CHAPTER 1 8 Adding a SCSI Disk A Netra Proxy Cache Server is equipped with two internal 4 2 GB SCSI hard disks Depending on the hit rate experienced by your server the size of cached objects and client usage patterns adding disk space can improve the performance of your server Such an improvement would be manifested in reduced response time for users and decreased network traffic between the proxy server and its parents For this procedure you need to have a serial connection to the Netra Proxy Cache Server See Appendix A of the Netra Proxy Cache Server Configuration Guide or Netra Proxy Cache Array Configuration Guide for instructions on connecting a serial terminal to your server v Adding a SCSI Disk In the procedure specified below for purposes of example we assume the following m You are adding a six disk MultiPack enclosure to the existing SCSI controller controller 0 or c0 m You will use all of the space on all of the disks in the enclosure for caching m You will use slice partition 0 for all of the available space on a disk m The disks in the MultiPack enclosure are formatted at the factory To Add a SCSI Disk 1 Set the address switch on the back of the MultiPack enclosure to 9 14 137 The two internal disks are c0t0 and cOt1 For controller 0 you can use target numbers other than 0 1 and 6 which is used by the CD ROM drive 2 Halt your machine In the Netra Proxy Cache Ma
10. F gt 7 EIT md m r1 om po i Aie ial ALAS mW lhe vac aes xHHT mi r1 MI a tere le etre Sod Ham orn Le hiill Figure 3 1 Proxy Cache Administration Page If the page is displayed as shown in Figure 3 2 below it indicates that the proxy cache administration server is not started Loading the Proxy Cache Administration Page 25 ray ace ad wdn atl alin Pore ah AU eon ara e d dus Pe dad he eden Ao dev maT fai Laa a j egie a iab Gaal Cm Ce Scr eked erat kdn en F el rg Filis Ht ATL Figure 3 2 Proxy Cache Administration Page Server Stopped Starting the Proxy Cache Administration Server Use the following procedure if your Proxy Cache Administration page displays as is shown in Figure 3 2 v To Start the Proxy Cache Administration Server 1 In the Proxy Cache Administration page click Start administration server 2 In the success page click the up arrow icon The Proxy Cache Administration page as it is shown in Figure 3 2 is displayed 26 Netra Proxy Cache Array User s Manual e Revision A March 1998 CHAPTER 4 Advanced Proxy Cache Configuration a Viewing and Modifying Advanced Proxy Cache Configuration Properties on page 27 a Primary Configuration on page 29 m Proxy Cascade on page 32 m Cache Policy on page 38 m Access Control on page 43 m Storage Management on page 48 m Timeouts on page 50 m Log File Options
11. Partitioning Multiple Arrays on the Same Subnet The Netra Proxy Cache Array software multicasts load and heartbeat information over the control network It also performs a redundant multicast of the same data over the service interface This raises the possibility of overlapping addresses if you have more than one array on a given subnet If you have more than one array on a subnet it is recommended you use different multicast addresses and not just different port numbers to distinguish each array See the description of the multicast address property in Networks on page 59 You can use snoop 1M to ensure uniqueness of a multicast address within your network Troubleshooting and Technical Information 151 System Administrator and Proxy Webmaster Aliases Netra Proxy Cache software enables you to establish email recipients for mail that is addressed to root lt netra host name gt or Postmaster lt netra host name gt When entering email addresses make sure you specify addresses in a form compatible with your sendmail configuration For example if your mail system expects an address of a form lt login gt lt nis domain name gt mail sent to lt login gt lt host name gt is undeliverable See System Administrator Alias on page 102 for a description of the system administrator alias and Primary Configuration on page 29 for a description of the proxy webmaster alias Parent Siblings and the ICP In the absence
12. Proxy Cache Server netra cache greece Parent pnruxwicache netra_cache uk Geographicregion Lowal dorain inside the firewall QYeece Ace com spain acme com UK acme com Figure B 1 Example of Use of Local Domain Property In Figure B 1 the effect of the configuration options for the machine netra_cache greece is that in general HTTP requests containing acme com are retrieved from the parent netra_cache uk However requests for the local domain greece are retrieved directly from the local web server Netra Proxy Cache Array User s Manual e Revision A March 1998 Limiting Access to the Server See Access Control on page 43 for a description of the properties you use to limit access to the Netra Proxy Cache Server To limit access to the server you define a filter in the Access List Definition property then specify one or more filters for the following properties m Client Access Control m Access to Cache via ICP m ACLs for Cache Host m URL Redirection When you specify multiple entries for any of the preceding properties list the lines in the order from the most exclusive smallest set toward the most inclusive largest set In processing multiple entries the proxy cache service evaluates entries from to bottom stopping at the first entry that matches a URL request When you specify multiple access lists for a given property those lists are ANDed Limiting by Source Address The following are
13. Router v To Configure the Netra System as a Dynamic Router 1 Choose Network Connection Administration RoutingConfigure dynamic router The Dynamic Router Administration page is displayed 2 Type the information in the form using Table 10 2 TABLE 10 2 Information Required for Dynamic Routing Destination Network Host address to which information is routed Network Host Address Gateway Host Host address of the gateway used for accessing the destination Address address If the router is unreachable when this form is configured then it is not used for routing until dynamic routing is reconfigured or the Netra system is restarted Hop Count A value of 0 or greater 0 means the Netra server is the router a value greater than 0 means that another system is the router Status Active or Passive Gateways marked active are removed from the routing information if they become inaccessible Gateways marked passive are part of the routing information until explicitly removed Routes to passive gateways are also not broadcast to the other systems on the network Dynamic Enables or disables RIP over PPP links Choices Yes or No Routing Information over Point to Point Links 86 Netra Proxy Cache Array User s Manual e Revision A March 1998 v To Modify a Dynamic Router 1 Choose Network Connection Administration Routing gt Modify dynamic router 2 Make the changes in the form using Table 10 2 Not a Router v To Con
14. System Router Alternatives With the addition of one or more network interfaces the Netra system can be configured as one of the following m A dynamic router a A static router m Nota router the default 83 Dynamic Router A dynamic router relies on information broadcast from other routers to update its routes and reflect changes in the network topology It also broadcasts this information to other dynamic routers Dynamic routers are typically required when systems act as gateways between networks or within large networks where route information is constantly changing The Netra server supports the following dynamic routing protocols m The Xerox NS Routing Information Protocol RIP m The Internet Control Message Protocol ICMP router discovery protocol If client host systems are required to use the dynamic router they must either run programs that can communicate using these protocols or they must specify the dynamic router as a default router Static Router A static router relies on the manual addition of routes Routing information is not exchanged with other routers Static routers are typically used in very stable simple networks If machines on the LAN require a static router it must be specified as a default router Not a Router A non gateway system need not be a router in networks that already have dynamic routers The Netra server listens for dynamic routers to broadcast route information using the RIP a
15. The number of requests for a URL fielded by the Netra Proxy Cache server Hits The number of URL requests for which the Netra Proxy Cache server was able to return an object from its own cache Hits The number of hits divided by the number of URLs accessed This is number tells you the extent to which the Netra Proxy Cache server is able to respond to URL requests from the local cache Under Delta since reset counter URLs sec The rate at which URL requests are being fielded by the Netra Proxy Cache server since the reset counter was last set to zero Hits sec The rate at which the Netra Proxy Cache server was able to find requested objects in a local cache since the reset counter was last set to zero Hits URLs accessed divided by the number of hits since the reset counter was last set to zero In the Proxy Cache Connections Statistics table Connection Type Has rows for HTTP and SSL connections and for established connections Totals since start Monitoring a Netra Proxy Cache Array and Proxy Cache Service 121 122 The total number of connections for each connection type HTTP and SSL since the last reboot of the host Current The number of current connections for each connection type HTTP and SSL and the number of current established connections In the Cached Object Statistics table Connection Type HTTP FTP WAIS or Gopher Size KB Cached The size of all objects cached for a given o
16. address Array DNS Control Port The port number the array software uses for multicast messages associated with the DNS See description of Control Port property above The default port number 1870 is registered with the IANA Array DNS Proxy Records Time To Live sec By default the array DNS host records host entries with a TTL of 30 seconds This value is appropriate if the DNS server that clients use to resolve the name of proxy cache subdomain uses round robin the recommended configuration If this DNS 62 Netra Proxy Cache Array User s Manual e Revision A March 1998 server does not use round robin the default value of 30 seconds will diminish the effectiveness of the load balancing within the array In such a case we recommend a low TTL such as 3 seconds Advanced Array Configuration 63 64 Netra Proxy Cache Array User s Manual e Revision A March 1998 CHAPTER 6 Advanced Array Member Configuration This chapter explains how to perform advanced array member configuration The chapter assumes you have completed configuration of your Netra Proxy Cache Array as described in the Netra Proxy Cache Array Configuration Guide You view or modify advanced array member configuration properties in the Advanced Array Configuration page You reach this page through the Proxy Cache Administration page See Chapter 3 for instructions on loading this page The advanced array member configuration pages differ from the basic
17. amp SUN microsystems Netra Proxy Cache Array User s Manual A Sun Microsystems Inc Business 901 San Antonio Road Palo Alto CA 94303 4900 Part No 805 3512 10 Revision A March 1998 USA 650 960 1300 fax 650 969 9131 S amp Sun microsystems Netra Proxy Cache Array ser s Manual Part No 805 3512 10 Revision A March 1998 Copyright 1998 Sun Microsystems Inc 901 San Antonio Road Palo Alto California 94303 4900 U S A All rights reserved All rights reserved This product or document is protected by copyright and distributed under licenses restricting its use copying distribution and decompilation No part of this product or document may be reproduced in any form by any means without prior written authorization of Sun and its licensors if any Portions of this product may be derived from the UNIX system licensed from Novell Inc and from the Berkeley 4 3 BSD system licensed from the University of California UNIX is a registered trademark in the United States and in other countries and is exclusively licensed by X Open Company Ltd Third party software including font technology in this product is protected by copyright and licensed from Sun s suppliers RESTRICTED RIGHTS Use duplication or disclosure by the U S Government is subject to restrictions of FAR 52 227 14 g 2 6 87 and FAR 52 227 19 6 87 or DFAR 252 227 7015 b 6 95 and DFAR 227 7202 3 a Sun Sun Microsystems the Sun logo
18. and releasing are intermediate states between unserved and online If a host is down indicated by a flashing red row examine the remaining array members to see which member has acquired the down host s service address Note the preferred address of the acquiring host Then note the service address that is not the acquiring host s preferred address This address is the preferred address of the down host failed over to the acquiring host Host Status A host status page presents information on a given host within the array v To Load the Host Status Page 1 In the Array Status page see Figure 15 1 click on the host name of the host whose status you want to check You can click the host name in either the Proxy Cache Service Group or DNS Service Group tables Note In the current release for a host name link to work the host name must be resolveable by the name service s configured on the server After clicking a host name a page such as that shown in Figure 15 2 is displayed 114 Netra Proxy Cache Array User s Manual e Revision A March 1998 Lard soms hos Thu hs 3 md T T la ahdar Gh Kt eem komo UK erou Coode a sida III NI N pad X t m7 or Dae lze y J bes Ub gds Rome Gmo UE re On lens Se a x zr gt zezzd ee feet eal ea Eam c_im t1 r fae nad d lanra 2d ime d E me Tual Oe pee ae 1 u3 gt d cn Ese Pe Figure 15 2 Host Status Page
19. and Solaris are trademarks or registered trademarks of Sun Microsystems Inc in the United States and in other countries All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International Inc in the United States and in other countries Products bearing SPARC trademarks are based upon an architecture developed by Sun Microsystems Inc TM The OPEN LOOK and Sun Graphical User Interfaces were developed by Sun Microsystems Inc for its users and licensees Sun acknowledges the pioneering efforts of Xerox Corporation in researching and developing the concept of visual or graphical user interfaces for the computer industry Sun holds a nonexclusive license from Xerox to the Xerox Graphical User Interface which license also covers Sun s licensees who implement OPEN LOOK GUIs and otherwise comply with Sun s written license agreements THIS PUBLICATION IS PROVIDED AS IS WITHOUT WARRANTY OF ANY KIND EITHER EXPRESS OR IMPLIED INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE OR NON INFRINGEMENT Copyright 1998 Sun Microsystems Inc 901 San Antonio Road Palo Alto Californie 94303 4900 U S A Tous droits r serv s Ce produit ou document est prot g par un copyright et distribu avec des licences qui en restreignent l utilisation la copie et la d compilation Aucune partie de ce produit ou de sa documentation associ e ne peut tre re
20. assigns preferred service addresses to member hosts and assigns orphaned service addresses to hosts capable of acquiring them Election of the leader occurs automatically as a result of the exchange of information messages among service group members A group always has only one leader The role of leader moves to a different member upon failure of the leader host The leader role might move to a different host upon addition or removal of a member host to or from the service group depending on the result of the election algorithm The interface through which a host provides a service to clients A service interface is identified by a service address The IP subnet over which a service group provides a service to clients See control network Glossary 179 service timeout sibling Secure Sockets Layer SSL tunneling test object unserved web object The maximum length of time a service address can be orphaned see orphaned service address Beyond this period the service group leader deinstalls the service address from the service group A proxy cache server that has a peer relationship with another proxy cache server If a proxy cache server receives a request for an object that it cannot fulfill it checks its parents and siblings to see whether they have the object A sibling server checks only its local cache and no further A parent checks its own cache and if the object is not there attempts to retrieve the object fro
21. byte offsets in pmatch i will delimit the last such match 2 If subexpression i is not contained within another subexpression and it did not participate in an otherwise successful match the byte offsets in pmatch i will be 1 A subexpression does not participate in the match when m or appears immediately after the subexpression in a basic regular expression or or appears immediately after the subexpression in an extended regular expression and the subexpression did not match matched zero times or m is used in an extended regular expression to select this subexpression or another and the other subexpression matched 1 If subexpression i is contained within another subexpression j and i is not contained within any other subexpression that is contained within j and a match 154 Netra Proxy Cache Array User s Manual e Revision A March 1998 of subexpression 3 is reported in pmatch j then the match or non match of subexpression i reported in pmatch i will be as described in 1 and 2 above but within the substring reported in pmatch j rather than the whole string 2 If subexpression i is contained in subexpression j and the byte offsets in pmatch 3 are 1 then the pointers in pmatch i also will be 1 3 If subexpression i matched a zero length string then both byte offsets in pmatch i will be the byte offset of the character or NULL terminator immediately following the zero length string Te
22. down the row for that host flashes and displays in red In the flashing row is displayed the cause of the host being absent from the array or a message status unknown The Proxy Cache Array Monitoring page has a single table Proxy Cache Array Statistics The fields in this table are as follows Host Name The host name associated with the array member and also associated with the host address see next item The Host Name entry is a link to a Proxy Cache Monitoring for Host page described below Note In the current release for a host name link to work the host name must be resolveable by the name service s configured on the server Host Addr The IP address of the array member That is the address associated with the host name State The state of the service address associated with the proxy cache service on a host Load and Capacity Divide the load by the capacity to arrive at a percentage that indicates the resources consumed on a host Under the Totals since start heading URLs accessed The number of requests for URLs fielded by the Netra Proxy Cache server Hits The number of URL requests for which the Netra Proxy Cache server was able to return an object from its own cache or the cache of another array member Hits The number of hits divided by the number of URLs accessed This number tells you the extent to which the Netra Proxy Cache server is able to respond to URL requests from local cache
23. following sequence occurs 1 Your server contacts host3 and host4 It does not contact host 2 because that host is not ICP capable host 1 is not contacted because you configured it to handle the edu domain 2 Both host3 and host4 return ICP misses 3 Your server fetches the URL from host 2 because it is the first parent in the parent sibling table that matches the com domain Control Interface Down In the Host Status page see Host Status on page 114 if the control interface test displays as not OK it indicates one of the following m The host being monitored has an incorrect control network number or an incorrect netmask for the control network m The preceding is true for other array members A possible but less likely alternative is that the control interface hardware is not working correctly Proxy Cache Connect Timeout and Parent Failover The Netra Proxy Cache Server supports parent failover in which if the server s parent fails the server switches to the next parent on its list See Proxy Cascade on page 32 for a description of the table of parent and sibling proxies Failover occurs if the Netra Proxy Cache Server s TCP connect call fails not if the proxy cache service s connect timeout 2 minutes by default is exceeded See Timeouts on page 50 for a description of the Timeout for Server Connections property A TCP connect call might fail because the operating system s timeout
24. from diskette option is only displayed if there is a diskette in the drive which contains valid Netra configuration information The option Restore configuration from file system is only displayed if a Netra configuration state has previously been saved to a file on the hard disk After saving or restoring the system configuration to or from a diskette the diskette is ejected at the end of the operation Note Only saving to diskette removes the reminder to save your configuration displayed on the Main Administration page Save and Restore Procedures v To Eject a Diskette 1 Choose System Administration Save and Restore Configuration gt Eject diskette The Eject Diskette Administration page is displayed indicating that the diskette has been ejected v To Save the System Configuration 1 If saving the configuration to diskette insert the diskette into the drive otherwise proceed to Step 1 on page 95 Make sure the diskette is not write protected 2 Choose System Administration Save and Restore Configuration 100 Netra Proxy Cache Array User s Manual e Revision A March 1998 The Save And Restore Configuration Administration page is displayed 3 Choose either Save configuration to diskette or Save configuration to file system then confirm the operation v To Restore the System Configuration 1 If restoring the configuration from a diskette insert a diskette into the drive otherwise proceed to Step 1 on page
25. help window opens and it displays a help page for the respective module being configured Some help pages have terms that are linked to the glossary page Figure 2 5 shows a help page for the Root Password module Hap E rat Paseo des Klee Purvi s Pope peers bie 124211291 borg Div rad bene HAA ek rere Circe cal Peed Fassel Pre T22 teased ee ues use I Lia dee re ir has ie eh peered tai baie Po ded ds hieny hee Rete T z e Tor pie rank parce ead ean Mat tpi Abr w ie Rice Fr ha k l4 H I Hyw deel faeries S Prk HH cope pole 1H wali Figure 2 5 Help Page In use the help window may open directly over the Netra Administration GUI and obscure the module administration page from view It is possible to move iconify or close the help window independent of the Netra Administration GUI Understanding the Netra Administration GUI 17 When moved or iconified the help window remains active Clicking the help icons of other module administration pages updates the help window with the respective help page When closed the help window is dismissed and cannot be accessed until a help icon is clicked again Glossary Page The glossary page is accessed using links in the help pages of a module When a term that is a link is chosen the term and its explanation are displayed at the top of the glossary page The glossary page is displayed in a scrolling window To return to the help page use the Back
26. is a description of the advanced proxy cache properties broken down by the categories reflected in the links on the Advanced Proxy Cache Configuration page Primary Configuration v To View or Modify Primary Configuration Properties 1 In the Advanced Proxy Cache Configuration page click Primary Configuration The Primary Configuration page is displayed as shown in Figure 4 2 Advanced Proxy Cache Configuration 29 30 Thamar manh urali n Frog y nimda l Wille ANI Append Domain Hame to Unqualified Host Names ECI F3 EA een sega 44I Fol ta H hz IB Sia F EzUE BF Port for Proy Cache Server Statistics Requests _ Kisat aF pU 2 H Jate Een a rUs ora wae 1 2z r r lr e n Esc Figure 4 2 Primary Configuration Page 2 In the Primary Configuration page accept or modify values for the following properties Proxy Webmaster An electronic mail address of the person or group who is to receive notices of abnormal conditions in the Netra Proxy Cache Server The default postmaster is root which means that the recipients you specified for the Netra System Administrator Alias see the Netra Proxy Cache Array Configuration Guide will receive mail bound for the Proxy Webmaster Visible Hostname Netra Proxy Cache Array User s Manual e Revision A March 1998 Error messages generated by the Netra Proxy Cache Server contain the hostname you specify here The default is th
27. job is that rotlog rotates all types of logs the default at 4 25 AM 12 25 PM and 8 25 PM daily enforcing a minimum available amount of space of 100 MB S 100 for all types of logs M a11 If the rot log command encounters less space than specified in an S option it deletes log files starting with the oldest until the specified amount of space is reached Using the M option you can establish minimum space thresholds for one or more log types including all log types The M option specifying log types for which to set minimum space thresholds is always used in conjunction with the S option which sets the minimum space threshold You might specify a cron job to use rotlog to copy logs to a remote file server For example 15 2 opt SUNWcache sbin rotlog F cache d pub logs h hepa u anonymous At 2 15 AM daily the preceding command copies logs of type cache F cache to the directory pub logs d pub logs on the server hepa h hepa using the user id for ftp purposes of anonymous u anonymous Following the successful copy operation rot log deletes the local log files that were copied On a remote host rot log renames a copied file to the following form lt type gt log YYYYMMDD where lt type gt is one of access cache store or hierarchy YYYY is the current year MM the current month and DD the current day If there are multiple local files of the same type for example access log 0 an
28. module associated with the task 13 Types of Pages The Netra Administration GUI has five types of administration pages described in the following subsections Navigation Page A navigation page is used to choose tasks A task is chosen by clicking on a link which may be displayed as an underlined or emphasized word or phrase Some navigation pages are dynamic they display only the options that are available on the particular Netra system If information that changes the available options is entered the navigation pages reflect these changes Figure 2 1 shows a navigation page for the Administration Web Server module Proxy Cache SWIMM STATION Veen Se ner Ali stra on sya dn niztrotice Moses e a bosch orcs I xRE Figure 2 1 Navigation Page Task Page A task page is also called a form There are two types of forms regular and special Regular forms provide the only way to change the system state When a form is displayed the values in the fields are either the current operating or default conditions Information is entered into a regular form by typing it into the text boxes or by selecting the radio button options Regular forms have an OK button If information is entered or changed in the form then the OK button must be clicked to save or activate the changes and hence change the system state Some forms also have a Reset button To discard the changes use the Reset button to return fields to thei
29. of siblings upon a miss an object not in its local cache a proxy cache server issues a HTTP request for the object to its parents or to the origin web server In an environment in which the Inter Cache Protocol ICP is supported as it is in the Netra Proxy Cache Server upon a miss a proxy cache server asks all of its parents and siblings if any of them has the requested object If no parent or sibling responds within a certain period the proxy cache server forwards the request to one its parents Note that a parent might be called upon to be responsible for returning the object to a requesting server A request to a sibling never goes beyond that sibling that is a sibling only checks its local cache and does not forward a request You can specify the use of certain parents or siblings for certain domains through the use of the Query Parent Cache for Domains property described in Proxy Cascade on page 32 The following example illustrates the use of ordering in the parent sibling table and the Query Parent Cache for Domains property Assume the following table host1 ICP capable parent host2 non ICP capable parent host3 ICP capable parent host4 sibling Assume further the Query Parent Cache for Domains property is defined as follows 152 Netra Proxy Cache Array User s Manual e Revision A March 1998 hostl edu host2 com host3 com host4 com Your server receives a request containing the domain acme eng com The
30. or subject The URL is http docs sun com The current Netra Proxy Cache documentation is not available on this web site Sun Welcomes Your Comments We are interested in improving our documentation and welcome your comments and suggestions You can email your comments to us at the address shown below Please include the part number of your document in the subject line of your email or fax message m Email smcc docs sun com xv Netra Proxy Cache Array User s Manual e Revision A March 1998 CHAPTER 1 Overview m Netra Proxy Cache Server Features on page 1 m Netra Proxy Cache Array Features on page 6 m Monitoring and Managing on page 11 The Netra Proxy Cache Server is a full featured proxy cache server that is available with the bonus of array software The array software enables multiple Netra Proxy Cache Servers to provide a single proxy cache service We refer to such a group of Netra Proxy Cache Servers as a Netra Proxy Cache Array The array software extends the reliability and availability of the proxy cache service It also makes it easy for you to add and remove servers to and from a Netra Proxy Cache Array A significant benefit of the array software is that in addition to the reliability availability and scalability it gives you members of your Netra Proxy Cache array become instant proxy cache siblings Under array control the Netra Proxy Cache Servers share cached data effectively exten
31. parents and siblings HTTP Port The HTTP port number on which the parent or sibling listens for HTTP requests ICP Port The ICP port number on which the parent or sibling listens for ICP requests A value of 0 means that the parent does not support ICP 34 Netra Proxy Cache Array User s Manual e Revision A March 1998 SSL A checkbox indicating whether a host supports the tunneling of the Secure Sockets Layer protocol Persistence A checkbox indicating whether a host supports the HTTP persistent connections feature sometimes referred to as keep alive Query Parent Cache for Domains The Netra Proxy Cache Server contacts parent or siblings specified for this property only for matching domain names An alternative form enables you to specify a host for non matching domain names Entries have the form lt hostname gt lt domain name gt or lt hostname gt lt domain name gt For example if you have a parent wbyeat s in the same domain as the Netra Proxy Cache Server to which you want directed all traffic related to URLs that contain the domain names sales acme comand eng acme com you make an entry wbyeats sales acme com eng acme com If you have multiple entries for one host for example in addition to the above if you had wbyeats fin com the domains in those entries are combined to form a single list You can also have a reverse match on domain names so that requests related to URLs that contain doma
32. relationship with one another which implies an ability to communicate via ICP You need not enter the host names in the array in this table If you want to establish a sibling relationship with a host or hosts not in the array specify the host s in the table If you have multiple parent proxies that do not support ICP the proxy cache service contacts those parents in the order you list them here If you have multiple parents that do support ICP the proxy cache service determines the closest parent by comparing response times to its ICP queries The headings in the table of parent and sibling caches are as follows Proxy Name Fully qualified host name of the parent or sibling proxy cache host If this host is not in the same domain as the Netra Proxy Cache host or array you must specify the domain name for example webcache eng acme com Type A toggle that can be either parent or neighbor sibling Upon a miss not having a requested object a Netra Proxy Cache Server checks its parents and siblings to see whether any have the object A sibling only checks its local cache if it does not have an object it does not ask a parent A parent by contrast is responsible for returning the object either from its own cache from its own parent further upstream toward the source web server or from the source web server See Parent Siblings and the ICP on page 152 for a discussion of the Netra Proxy Cache Server s support for
33. reset_min_interval 60 cache_test An object of type AndTest 5 Combines the outputs from cache_connect_test cache_process_test and service_interface_test Reports failure to the monitor object cache_monitor if any of these child test objects returns failure The parameters for this test object are as follows AndTest cache_test test_objects cache_connect_test cache_process_test reset_script etc init d scalr cache restart reset_min_interval 60 monitor_object cache_monitor 156 Netra Proxy Cache Array User s Manual e Revision A March 1998 control_interface_test An object of type PingTest 5 Tests the integrity of the control interface The parameters for this test object are as follows PingTest control_interface_test ping_addr 192 168 89 255 min_replies 1 exclude_same_host true interval 600 ping_timeout 5 retries 3 retry_interval 2 dns_connect_test An object of type ConnectTest 5 Tests the TCP port used by the array DNS 53 Also tests the service address es and control address used by the DNS The parameters for this test object are as follows ConnectTest dns_connect_test port 53 check_addr 0 0 0 0 interval 10 retries 3 retry_interval 2 reset_min_interval 60 monitor_object dns_monitor max_connect 99999999 check_control true persistent_connection false dns_process_test An object of type ProcessTest 5 Tests for the presence of the process associated with the array DNS The par
34. retries 3 retry_interval 2 Load Objects The load objects listed below are shipped with the Netra Proxy Cache product Their output is displayed in the Host Status page that you invoke from the Array Status page There is a man page for each load object type in opt SUNWscalr man man5 These man pages describe the parameters for each load object instance below 158 Netra Proxy Cache Array User s Manual e Revision A March 1998 cache_adjust_load An object of type AdjustLoad 5 Adjusts the output from the cpu_load object to account for special conditions such as startup and shutdown The parameters for this load object are as follows AdjustLoad cache_adjust_load interval 10 adjust_load_file tmp proxyload adjust max_adjust 100 load_object cpu_load cpu_load An object of type CPULoad 5 Returns the CPU utilization on a host The parameters for this test object are as follows CPULoad cpu_load interval 30 divide_by_cpus false divide_by_cpu_clocks false Relationships Among Objects The relationship among monitor test and load objects is illustrated in Figure 19 2 Troubleshooting and Technical Information 159 ma Che or tor Load Objects cache adjust _ Load copu load ache rtu rec E_ test WE Oe Lier Face terE cache procent _ test drs morit or Test Objects Load Objects Arns test Mone ch dlp _ tart chs pronare tort OLS _ COR t_tasrt EV DOS Drier face teourk mone cL _ 1
35. same type the Netra Proxy Cache Server when determining which list a URL is in works from top to bottom and stops after the first match An example of an access list adults domain sex com The preceding example creates an access list named adults of type domain This list includes all URLs containing a destination domain of sex com In the HTTP Access property described below you can for example deny access to the adults list The defaults for Access List Definition are shown in Figure 4 7 Client Access Control An entry of the form allow or deny lt access list gt This and the following properties are used in conjunction with the access lists you create For a given access list you can allow or deny access to the HTTP port on the Netra Proxy Cache Server The defaults for Client Access Control are shown in Figure 4 7 Access to Cache via ICP 46 Netra Proxy Cache Array User s Manual e Revision A March 1998 An entry of the form allow or deny lt access list gt This and the following property are used in conjunction with the access lists you create For a given access list you can allow or deny access to the ICP port on the Netra Proxy Cache Server The defaults for Access to Cache via ICP is to allow all accesses ACLs for the Cache Host An entry of the form lt cache server gt lt access list gt Enables you to limit the ICP queries sent to a given host sibling or ICP capab
36. service is now in its normal range it reintroduces the service address for that service in the DNS zone Troubleshooting and Technical Information 161 162 Netra Proxy Cache Array User s Manual e Revision A March 1998 APPENDIX A System Recovery This chapter specifies the procedure for recovery should the hard disk from which you boot fail You need the Netra Proxy Cache recovery CD to complete the recovery procedure This CD is shipped with the Netra Proxy Cache product Note A nearly indispensable aid to the recovery of a Netra Proxy Cache Server is the backup diskette you were instructed to create in the Netra Proxy Cache Array Configuration Guide If you do not have such a diskette you can still recover but you must repeat some of the configuration steps described in the Netra Proxy Cache Array Configuration Guide Solaris and Netra Proxy Cache Restoration The installation program on the recovery CD performs the following steps m Installs the Solaris operating environment m Formats your hard disks and installs the partition map appropriate for a Netra Proxy Cache Server m Installs the Netra Proxy Cache product packages 163 v To Restore the Solaris Operating Environment and Netra Proxy Cache PackagesTo Restore the Solaris Operating Environment and Netra Proxy Cache Packages 1 6 Replace the hard disk following the procedure specified in the Netra Proxy Cache Server Service Manual Ensure that you hav
37. table 138 Netra Proxy Cache Array User s Manual e Revision A March 1998 15 16 17 18 19 20 21 22 23 24 25 Press Return to accept the default partition number for example 6 for the free hog partition Enter the number of cylinders noted in Step 1 on page 137 for the size of partition 0 For example 4101c to indicate 4101 cylinders Except for the partition number for the free hog partition enter a size of 0 for the remaining partitions For the free hog partition press Return to accept the default After making or accepting an entry for each partition the partition table is displayed Press Return to OK the current partition table or enter n to make changes After confirming your partition table you are prompted to enter a table name Enter a name enclosed in quotes For example added_cache1 for the first disk in a MultiPack enclosure If the disk is not a new disk you are asked whether you are ready to label the disk Enter y to label the disk Enter q at the partition gt prompt Enter disk at the format gt prompt to return to the available disk menu Repeat Step 8 on page 138 through Step 21 on page 139 for each disk in the MultiPack enclosure For Step 1 on page 137 enter the number that corresponds to the disk whose partition map you are modifying After you modify the partition map for the last disk in your MultiPack enclosure enter q at the format gt p
38. the Host Status Page 114 Proxy Cache Array Monitoring 117 v To Load the Proxy Cache Array Monitoring Page 117 Proxy Cache Monitoring for Host 119 v To Load the Proxy Cache Monitoring for Host Page 119 Netra Proxy Cache Array MIBs and Traps 123 Netra Proxy Cache Software MIB Definitions 124 Array MIB Definitions 126 Traps 129 Monitoring Proxy Cache Log Files 131 Netra Proxy Cache Array User s Manual e Revision A March 1998 18 19 Loading the Proxy Cache Log Administration Page 131 v To Load the Proxy Cache Log Administration Page 131 Managing Proxy Cache Service Log Files 133 Adding a SCSI Disk 137 Adding a SCSI Disk 137 v To Adda SCSI Disk 137 Troubleshooting and Technical Information 143 Installation of Proxy Cache and Array Configuration Fails 143 v To View Installation Error Logs 144 Processes Associated with Netra Proxy Cache 145 Netra Proxy Cache Man Pages 147 Running the Netra Proxy Cache Array in an NIS only Environment 147 Load Distribution in an NIS only Environment 147 Resolving the Name of the Proxy Cache Service 148 Proxy Cache and Array Packages 148 Default Disk Partitions 150 Multiple Arrays on the Same Subnet 151 System Administrator and Proxy Webmaster Aliases 152 Parent Siblings and the ICP 152 Control Interface Down 153 Proxy Cache Connect Timeout and Parent Failover 153 Rules for Pattern Matching for TTL Selection Property 154 Test and Load Objects 155 Test Objects 156 Load Objects 158 Relationshi
39. the IP address specified here Operation Mode Choose between Proxy Cache the default and Proxy Only If you choose Proxy Only the Netra Proxy Cache Server does not cache any objects Advanced Proxy Cache Configuration 31 Proxy Cascade v To View or Modify Proxy Cascade Properties 1 In the Advanced Proxy Cache Configuration page click Proxy Cascade The Proxy Cascade page is displayed an example of which is shown in Figure 4 3 32 Netra Proxy Cache Array User s Manual e Revision A March 1998 avoucal Brae Coch L5auHaurrHrai my Crale Tanny Wamu Tapn TIP Mol 10 Pid BE Pera bnm aleme ali ie iel yip Fare Cge ie Leun Jan o iil 7 zall Figure 4 3 Proxy Cascade Page Top Portion Note that the values shown in Figure 4 3 are for example purposes only 1 In the top portion of the Proxy Cascade page accept or modify values for the following properties Table of Parent and Sibling Proxy Caches Advanced Proxy Cache Configuration 33 When you load the Proxy Cascade page the table of parents and siblings contains the hosts you entered when you last performed basic proxy cache configuration as described in the Netra Proxy Cache Array Configuration Guide or Netra Proxy Cache Server Configuration Guide The Netra Proxy Cache Server supports associations with both parent and sibling proxy caches In a Netra Proxy Cache Array sibling configuration is automatic That is hosts in the array have a sibling
40. then confirm the operation Local Area Network Administration 73 Note If you remove the interface by which your browser is connected to the server you can longer perform administrative procedures If the server has other network interfaces through which you can use your browser to connect to the server you can use such an interface to continue administration of the machine If there are no remaining interfaces you lose the ability to connect using a browser and have to rely on a serial connection as described in Appendix A of the Netra Proxy Cache Server Configuration Guide or Netra Proxy Cache Array Configuration Guide 74 Netra Proxy Cache Array User s Manual e Revision A March 1998 CHAPTER 9 Name Service Administration m Name Services Used by the Netra Proxy Cache Server on page 76 m Domain Name Service Background on page 76 m Options for Resolving Names on page 77 m Name Service Procedures on page 78 Note This chapter discusses the alternatives available for the resolution of the name of the Netra Proxy Cache Server or Array This name service resolution is independent of the activity of the Domain Name Service DNS within a Netra Proxy Cache Array The Netra Proxy Cache Server uses a name service whenever a URL is processed the host name part of a URL is mapped to its address Every machine on a network including the Internet must have a unique identifier to distinguish itself from other
41. up your configuration to diskette see preceding section you can restore that configuration to an individual server or to all of the hosts in your array Use the Save Restore link in the Netra Main Administration page If you suffer a complete failure such as the loss of the hard disk from which you boot follow the procedure in Appendix A v To Restore a Proxy Cache Configuration 1 Insert your backup diskette in the diskette drive of the host being restored 2 In the Netra Main Administration page click Save Restore 3 In the Save Restore page click Restore configuration from diskette 106 Netra Proxy Cache Array User s Manual e Revision A March 1998 Adding and Removing Hosts To add or remove a Netra Proxy Cache Server to or from your Netra Proxy Cache Array use the following procedures To Add a Host 1 Connect the new host to the service and control networks 2 Perform initial host configuration on the new host See Netra Proxy Cache Array Configuration Guide for detailed instructions 3 Connect to the administrative host and perform basic array member configuration for the new host Use the addresses chosen in Step 1 on page 106 4 Use the Install Configuration link to copy your array configuration to new the host To Remove a Host 1 Using the Advanced array member configuration link in the Proxy Cache Administration page remove the host from the array See Chapter 6 for detailed instructio
42. view a list of valid ftpget arguments invoke opt SUNWcache lib ftpget with no arguments No of Processes for DNS Lookups Number of processes spawned by the Netra Proxy Cache Server to service DNS name lookups This number indicates the maximum number of concurrent DNS lookups On heavily loaded caches you might want to increase the this value from a default of 5 to 10 The maximum is 32 56 Netra Proxy Cache Array User s Manual e Revision A March 1998 CHAPTER 5 Advanced Array Configuration m Viewing and Modifying Advanced Array Configuration Properties on page 57 m Networks on page 59 m Proxy Cache on page 60 m DNS on page 61 This chapter explains how to perform advanced array configuration The chapter assumes you have completed configuration of your Netra Proxy Cache Array as described in the Netra Proxy Cache Array Configuration Guide Consult that document for a description of service network control network multicast address and other array related concepts Viewing and Modifying Advanced Array Configuration Properties You view or modify advanced array configuration properties in the Advanced Array Configuration page You reach this page through the Proxy Cache Administration page See Chapter 3 for instructions on loading this page To View or Modify Advanced Array Configuration Properties 1 In the Proxy Cache Administration page click Advanced Array Configuration The Advance
43. 00 6 Service address 129 144 200 13 5 pache 229444 200 9 Service inter face an ot S6 secre m v gey P E ETE Figure 1 5 Example Netra Proxy Cache Configuration The Role of DNS The array software relies on the DNS to provide load balancing as described in Load Balancing on page 7 When all hosts and services are up and under a normal load the array s DNS works as a conventional DNS round robin It is when there is a host or service failure or if a host becomes overloaded that the array software intervenes to balance the load across the array The software accomplishes this by removing the service address of the failed or overloaded host from the array s DNS zone As a result of this intervention no new client requests will be connected to a service address associated with a failed or overloaded object The threshold at which a host becomes overloaded as well as the threshold at which a formerly overloaded host is considered available again are configurable parameters 10 Netra Proxy Cache Array User s Manual e Revision A March 1998 As part of its manipulation of the array s DNS zone in a situation where one or more hosts in the array is moving back and forth between overload and normal load the array software always keeps the least loaded hosts in the zone In support of the array software s modification of the DNS round robin you designate one host within the array as the DNS server for the domai
44. 00 minutes Other Max Request Size The maximum size of a request in KB The default is 100 This value should be large enough to accommodate users who use the POST method to upload files Quick Abort By default the Netra Proxy Cache Server completes the retrieval of an object even when the request for that object is aborted This is potentially a benefit because the cache will then have the object should it be requested subsequently and the machine resources and bandwidth consumed to the point of the aborting of the request are not wasted However this feature can be a detriment where you have slow links or very busy caches This feature also allows for the possibility of impatient users tying up a URL by repeatedly aborting and re requesting non cachable objects You have the option of turning this quick abort feature on meaning that object retrieval ceases if the request is aborted The default is off Access Control v To View or Modify Access Control Properties 1 In the Advanced Proxy Cache Configuration page click Access Control The Access Control page is displayed as shown in Figure 4 7 Advanced Proxy Cache Configuration 43 A i Aud meod Prog Waco roo hri Cini nl lL vey 0 0 0 0 000 0 0 Sik po by pot Ai ier H ng oot D ti C newer ad Eula A CaS MEDS Ew TWO phe ee HH g Cob TEE E ET n TER nar ahs F AC T w dn ida H c BL F _Ir gt n Figure 7 Access Control Proper
45. 3 minutes by default is exceeded or from some other cause If the proxy cache service s timeout is Troubleshooting and Technical Information 153 shorter than the operating system s as is true for the default case the connect attempt is terminated before an error is returned with the result that parent failover does not occur If your server experiences frequent connection timeouts when attempting to connect to a parent you can set the proxy cache service s connect timeout to be at least 10 seconds greater than the operating system s TCP connect timeout Alternatively if you have a serial connection to your server you can reduce the operating system s timeout To change the operating system s timeout use the ndd command which takes arguments in milliseconds For example ndd set dev tcp tcp_ip_abort_cinterval 30000 The preceding command sets the TCP connect timeout to 30 seconds To view the current TCP connect timeout enter ndd dev tcp tcp_ip_abort_cinterval Rules for Pattern Matching for TTL Selection Property Listed below are the rules for pattern matching used for the lt reg expression gt component of the TTL Selection Based on URL property described in URL Policy on page 42 These rules are taken from Section 3C of the Solaris regexec man page 1 If subexpression i in a regular expression is not contained within another subexpression and it participated in the match several times then the
46. 43 m Each array member must be running and must be configured as described in the Netra Proxy Cache Array Configuration Guide m All host and service addresses must be unique and must have the same subnet number m One host in the array must be configured as a DNS server for the array and must have a unique DNS service address with the same subnet number as the host and proxy cache service addresses m All control addresses must be unique and must have the same subnet number a If you configured a local name service not recommended you might have made a mistake so that for example on one or more hosts the loopback interface is configured with the host address There are other relatively remote possibilities such as the update process being dead on a given array member You could probably correct such an obscure problem by rebooting the affected host In the event of installation failure consult the error logs v To View Installation Error Logs 1 Click the home icon to load the Main Administration page 2 Click Proxy Cache Service to load the Proxy Cache Administration page 3 Under the Monitoring heading click Log Files 4 In the Proxy Cache Log Administration page click View for the Administration Client Error log or the Configuration Installation Error log In addition to the error logs a useful troubleshooting tool if you have a serial connection to a Netra Proxy Cache Server is ifconfig On an array member
47. 51 Log File Options v To View or Modify Log File Options 1 Click Log File Options in the Advanced Proxy Cache Configuration page The page shown in Figure 4 10 is displayed 1 Drow c ac Tap File ajina Zm du TFT m m Aa 7 Bo ires ln rm Fir 7 Ir 7 1 a IHF zila a dese Un kea C2 Figure 4 10 Logs File Options 2 Under the Logs File Options heading enter or accept values for the following properties Emulate HTTPD Log By default the server emulates the log file format used by many HTTP servers Accept the default of on or select off to turn this feature off No of Logfile Rotations 52 Netra Proxy Cache Array User s Manual e Revision A March 1998 Specifies the number of log file rotations the server performs upon receipt of a signal from an application such as the rotlog program With the default of 10 the software creates log files with extensions from 0 through 9 Set this property to 0 to turn off log file rotation See Managing Proxy Cache Service Log Files on page 133 for a description of rotlog Log Directory You do not have the option to change the default log storage directory var opt SUNWcache cachelogs in the current release Web Server Accelerator Options v To View or Modify Web Server Accelerator Options 1 Click Web Server Accelerator Options in the Advanced Proxy Cache Configuration page The page shown in Figure 4 11 is d
48. 53 for a discussion of the relationship to this property to the operating system s TCP connect timeout Read Timeout min The duration beyond which the Netra Proxy Cache Server disconnects a connection on which no activity is occurring The default value is 15 minutes Client Lifetime min The maximum duration a client browser is allowed to remain connected to the cache process This timeout prevents clients that go away without shutting down from consuming software resources The default 200 minutes 3 hours 20 minutes If you have high speed client connectivity or occasionally run out of file descriptors you might want to reduce the default number TTL for Negative Caching of Objects min The server caches the fact that a cache request failed for example the object identified by a specified URL cannot be found This negative caching lasts for the number of minutes specified for this property The default is five minutes TTL for Successful DNS Lookups min The server caches the result of a successful host name lookup for the duration specified for this property The default is six hours Note that the proxy cache service does not observe the TTL specified in a DNS record TTL for failed DNS Lookups min The server can cache the fact that a host name lookup failed The default is zero minutes which means that by default the server does not perform this type of negative caching Advanced Proxy Cache Configuration
49. 95 2 Choose System Administration Save and Restore Configuration The Save And Restore Configuration Administration page is displayed 3 Choose either Restore configuration from diskette or Restore configuration from file system The Restore Configuration Administration page is displayed 4 Make the entries in the form using Table 13 4 TABLE 13 4 Restoring System Configuration Restore entire configuration Restores all configurations from the diskette disk Restore selected configurations Restores only the selected configurations from the diskette disk If this option is chosen at least one configuration must also be chosen if any configuration is chosen this option must also be chosen Note It is strongly recommended that you restore only your entire configuration Netra System Administration 101 System Administrator Alias Use the System Administrator Alias module to create and maintain a list of people who receive mail addressed to the root user Each recipient on the list must be a valid email address v To Set Up an Administrator Alias 1 Choose System Administration System Administrator Alias The System Administrator Alias Administration page is displayed 2 Type the mail addresses of the alias members See Table 13 5 TABLE 13 5 Alias Members Alias Members A list of users one per line who receive mail sent to root System Defaults Use the System Defaults module to change the time zone of the Ne
50. Administration Password The Administration Password page is displayed 89 2 Type the information in the form using Table 11 1 TABLE 11 1 Information Required for Changing Administration Password Current Administration Password The existing administration password The administration password for an unconfigured Netra system is setup A password can be a combination of any characters New Administration Password A new password that is used to access the Netra server The password is not echoed as it is typed If the existing password is changed the browser has to be reauthenticated using the new password Re enter New Administration A repetition of the new administration password Password Because the password is not echoed as it is typed it is verified by typing it a second time Controlling Host Access v To Control Host Access 1 Choose Security Administration Administration Web Server Modify Host Access Control The Host Access Administration page is displayed 2 Choose one of the following m All hosts are allowed access m Specified host and network addresses are allowed access Type the address of the hosts or networks one per line that are permitted access to the administration modules 90 Netra Proxy Cache Array User s Manual e Revision A March 1998 Administration Web Server 91 92 Netra Proxy Cache Array User s Manual e Revision A March 1998 CHAPTER 1 2 Root Password Administration m
51. Arrow icon Success Page and Reminder Page Either of these pages is displayed once all the forms for a task have been filled out and the OK button has been chosen A success page contains a Success icon and a reminder page contains a Reminder icon A success page confirms that the system state has changed A reminder page does the same but also states a message indicating additional tasks are required Figure 2 6 shows a success page for the Host Access module oo Pro XF Cache Art Access h1 T I1ISFTATI an Ey Cerone limi sta lul at Pallewitt beet z1 seid te oors ttt nd vir sketet wtb 5 uer mall x lt F Figure 2 6 Success Page 18 Netra Proxy Cache Array User s Manual e Revision A March 1998 Types of Icons Navigation Icons The Netra Administration GUI uses navigation icons for moving from one page to another One or more of these navigation icons are located at the bottom of each administration page The five navigation icons are displayed in Table 2 2 TABLE 2 2 Navigation Icons Icon Description Home icon Returns to the Netra Main Administration page Selecting the banner also does this Help icon Opens the help window for displaying help pages that explain fields in the related form Back Arrow icon Goes back one page Top of Module icon Returns to a module s top level page Forward Arrow icon Continues to the next configuration task Displayed only during initial config
52. Bases MIBs shipped with the product Chapter 17 describes the categories of log files accessible through the Proxy Cache Administration page Chapter 18 presents a procedure for adding one or more SCSI disks to your Netra Proxy Cache Server Chapter 19 offers troubleshooting steps and provides technical details about the Netra Proxy Cache Server and Array Appendix A explains how to reinstall your Solaris operating environment and Netra Proxy Cache software should you ever experience a catastrophic disk failure Appendix B presents examples of the use of advanced proxy cache properties Appendix C presents security issues related to the propagation of configuration information in a Netra Proxy Cache Array The Glossary defines terms related to the proxy cache service and array software Using UNIX Commands This document does not contain information on basic UNIX commands and procedures such as shutting down the system booting the system and configuring devices See the Solaris 2 x Handbook for SMCC Peripherals included with the Netra Proxy Cache product for instructions on basic UNIX administration commands xiii Netra Proxy Cache Array User s Manual e Revision A March 1998 Typographic Conventions TABLE P 1 Typeface or Symbol AaBbCc123 AaBbCc123 AaBbCc123 Typographic Conventions Meaning The names of commands files and directories on screen computer output What yo
53. Cache Array The establishment of sibling relationships occur automatically when you configure the array Note that you can add one or more Netra Proxy Cache Servers to any single proxy server shown in Figure 1 1 Figure 1 2 or Figure 1 3 to form a Netra Proxy Cache Array For a proxy server that relies on a parent pointing to single machine is no different from pointing to a Netra Proxy Cache Array That is the child proxy requires no additional configuration and needs no awareness that the proxy service is provided by multiple hosts Netra Proxy Cache Array Features A Netra Proxy Cache Array consists of multiple hosts that together provide a single instance of a proxy cache service Array Features The array software offers the following features m reliability scalability m load balancing How these features are provided is described in the following subsections Reliability The array software provides reliability by 1 monitoring individual host hardware and software and upon failure of some component 2 moving the service address of a service instance on a host to a different host Existing clients of a moved service address continue to be served The DNS within the Netra Proxy Cache array removes the moved service address from proxy cache service provided by the array so that new clients are never connected to it 6 Netra Proxy Cache Array User s Manual e Revision A March 1998 Scalability The array sof
54. Configuration Guide or the Netra Proxy Cache Array Configuration Guide 3 Load the Proxy Cache Administration page The procedure for loading this page is described in Chapter 3 4 Perform proxy cache service configuration if the server s default values are not appropriate for your use If your machine is part of an array you can install the proxy cache array and array member configuration from your administrative host or another array member that is running the proxy cache administration server 5 Click the Install Configuration link In the Install Configuration page select the host you are restoring and click Install Selected Hosts See the Netra Proxy Cache Array Configuration Guide or Netra Proxy Cache Server Configuration Guide for details on the Install Configuration feature System Recovery 165 166 Netra Proxy Cache Array User s Manual e Revision A March 1998 APPENDIX B Advanced Proxy Cache Configuration Examples m Domains Inside Firewall and Local Domains Inside the Firewall on page 167 m Limiting Access to the Server on page 169 Domains Inside Firewall and Local Domains Inside the Firewall See Proxy Cascade on page 32 for a description of the properties described in this section If you have a hierarchy of proxy cache servers you can make use of the Netra Proxy Cache software s local domain features illustrated in Figure B 1 167 168 Configuration for Metra
55. IS This means that it uses NIS to resolve host names host addresses and host aliases Name Service Procedures DNS Administration v To Configure the Netra Server to Use DNS 1 Choose Network Services Administration Name Service DNS Domain Name System Configure DNS Resolver The DNS Administration page is displayed 2 Type the information in the form using Table 9 1 78 Netra Proxy Cache Array User s Manual e Revision A March 1998 TABLE 9 1 DNS Client Information DNS Domain Name Name Server 1 Name Server 2 optional Name Server 3 optional The DNS domain that is used to resolve partially qualified host names Usually this is the local domain name Example comedy tv net The host address of the DNS server that is tried first for all DNS queries Example 129 144 79 5 The host address of the DNS server to use if the first name server is unreachable Example 129 144 79 6 The host address of the DNS server to use if the first two name servers are unreachable Example 129 144 102 6 v To Modify DNS Resolver Configuration 1 Choose Network Services Administration Name Service DNS Domain Name System Modify DNS resolver The DNS Administration page is displayed 2 Make the changes in the form using Table 9 1 v To Delete A DNS Configuration 1 Choose Network Services Administration Name Service DNS Domain Name System Delete DNS resolver The Delete DNS Administration page is displa
56. In the Netra Welcome page choose Administration The Main Administration page is displayed If you are configuring a Netra Proxy Cache Server for the first time the initial configuration page is displayed Understanding the Netra Administration GUI 21 22 Netra Proxy Cache Array User s Manual e Revision A March 1998 CHAPTER 3 Loading the Proxy Cache Administration Page m Loading the Proxy Cache Administration Page on page 24 m Starting the Proxy Cache Administration Server on page 26 This chapter explains how to load the Proxy Cache Administration page It is through this page that you can access features associated with the proxy cache service provided by a Netra Proxy Cache Array or Server Most often you should load the Proxy Cache Administration page from the administrative host This is the host on which you make configuration changes as described in the Netra Proxy Cache Array Configuration Guide It is on this host that the proxy cache administration server is started From the administrative host you can monitor and make configuration changes to any host or set of hosts in the array The proxy cache administration server needs to be started for all proxy cache related functions except viewing log files and unconfiguring the proxy cache service For example if you want to make any configuration changes or monitor the proxy cache service the proxy cache administration server must be started The array soft
57. Netra Proxy Cache Array through links available in the Proxy Cache Administration page See Chapter 3 for instructions on loading this page 109 1 In the Proxy Cache Administration page click Array Status to monitor the Netra Proxy Cache Array or Proxy Cache Monitoring to view statistics related to the operation of the proxy cache service Array Status When you click the Array Status link in the Proxy Cache Administration page a page such as that shown in Figure 15 1 is displayed 110 Netra Proxy Cache Array User s Manual e Revision A March 1998 Ay lu ua Thua hae 14 geht PT psi Eco alin S002 coo Lasi A nirtzzz1 King Het di AEE Dur Oh land bosi ewes to eta one eta ee po bona Mee 7 lene Pa a Re I ai OF liT II I 2 ie bar ee ee 2 2 nowt 47x ite te et ai DMS senie dome H et Ada ae Taman Jin Fan E zeIrrrru thlr wile o a aaa n e tet aa e fi e han 7x p aee BAE ETIES LUIE UPS Saur bemid S 1 LE ST BILL l a BL ae Poel ae eh AN P le TE EIES Figure 15 1 Array Status Page The Proxy Cache Service Group and DNS Service Group tables have a row for each host in the array If a host is down the row for that host flashes and displays in red In the flashing row is displayed the cause of the host being absent from the array or a message status unknown When you load the Array Status page a snapshot of curre
58. Service NIS Network Information Name Service 2 Choose one of the following m To modify an NIS domain name choose Modify type a new NIS domain name and confirm the operation m To unconfigure an NIS domain name choose Unconfigure NIS and confirm the operation The Netra server no longer uses NIS to resolve host names and the NIS domain name is ignored Note You must reboot the server if you make changes to your NIS configuration Name Service Administration 81 82 Netra Proxy Cache Array User s Manual e Revision A March 1998 CHAPTER 1 0 Routing Administration m Netra System Router Alternatives on page 83 m Routing Procedures on page 84 This chapter describes how to configure the Netra Proxy Cache Server as a router Note You cannot configure a host in a Netra Proxy Cache Array as a router in its standard configuration in which the second network interface hme1 is reserved for the use of the control network To enable support for routing you must add an additional network interface to the server If you do this you must take care that no packets are forwarded over the control network interface Routing is the mechanism by which systems on different networks can communicate with each other Each network usually has at least one system called a router A router is a system that is connected to multiple networks it maintains information that defines routes between host systems and networks Netra
59. a front end See preceding property Main Memory for Caching Objects Percentage of memory used for keeping a number of web objects If you are using the Netra Proxy Cache Server as a front end for an HTTP server it is recommended you use a value of 12 5 percent Enable Proxy Mode Also This property determines whether a Netra Proxy Cache Server is acting as a front end caching only the URLs of the HTTP server being accelerated or caches URLs from all web servers Accept the default value of off or select on to enable caching of URLs from all servers External Program Options v To View or Modify External Program Options 1 Click External Program Options in the Advanced Proxy Cache Configuration page The page shown in Figure 4 12 is displayed Advanced Proxy Cache Configuration 55 Proxy Cache Li Adran Priza Carle infii trai uu LOT eS OL ep eee TT MT T NH4 Hua r Pr 1 1m hua awl ie E m E G G2 Figure 4 12 External Program Options Page 2 Under the External Program Options heading enter or accept values for the following properties FTP User The string supplied as the login password for anonymous ftp This enables you to supply an informative address if you want Options for ftpget The arguments supplied to the ftpget command The ftpget command retrieves FTP data for the cache HTTP and Gopher protocol support are built into the proxy cache software To
60. a Proxy Cache Array MIBs and Traps 129 Table 16 3 lists the traps supported by the array software TABLE 16 3 Array Traps serviceCannotAssignTrap Indicates that a service address cannot be assigned most likely because all hosts have a failed test object or are quiesced serviceReleaseFailedTrap Indicates a failure when a host attempted to release a service address serviceAcquireFailedTrap Indicates a failure when a host attempted to acquire a service address The proxy cache software supports a single trap serverNoResponse This trap occurs when the proxy cache service terminates on a Netra Proxy Cache Server 130 Netra Proxy Cache Array User s Manual e Revision A March 1998 CHAPTER 1 T Monitoring Proxy Cache Log Files m Loading the Proxy Cache Log Administration Page on page 131 m Managing Proxy Cache Service Log Files on page 133 This chapter explains how to view and manage the proxy cache service log files These log files are distinct from the log files accessed through the Log Files link on the Main Administration page The log files described in this chapter relate only to the activity of the proxy cache service on a Netra Proxy Cache Server You view through the Proxy Cache Log Administration page You reach this page through the Proxy Cache Administration page See Chapter 3 for instructions on loading this page Loading the Proxy Cache Log Administration Page v To Load the Proxy Cache L
61. a Router 87 Administration Web Server 89 Setting the Administration Password 89 v To Set the Administration Password 89 Controlling Host Access 90 v To Control Host Access 90 Root Password Administration 93 Superuser Account 93 Setting the Root Password 93 v To Set the Root Password 93 Netra System Administration 95 Audio 95 v To Adjust the Audio Volume 95 Host Name 96 v To Change the Host Name 96 Solaris Log Files 97 v To View or Clear Log Files 97 Restart and Shutdown 98 w To Restart or Shut Down the System 98 Save and Restore Configuration 99 Save and Restore Options 99 Save and Restore Procedures 100 v To Eject a Diskette 100 v To Save the System Configuration 100 v To Restore the System Configuration 101 System Administrator Alias 102 v To Set Up an Administrator Alias 102 Contents viii 14 Array 15 16 17 System Defaults 102 v To Set System Defaults 102 Performing Administrative Tasks for the Proxy Cache Service and 105 Modifying Your Configuration 105 Backing Up Your Configuration 106 Restoring Your Configuration 106 v To Restore a Proxy Cache Configuration 106 Adding and Removing Hosts 107 v To Adda Host 107 v To Remove a Host 107 Moving an Array 108 v To Move an Array 108 Monitoring a Netra Proxy Cache Array and Proxy Cache Service 109 Proxy Cache and Array Monitoring Pages 109 v To Invoke the Array Status Monitor or Proxy Cache Monitoring 109 Array Status 110 Host Status 114 v To Load
62. ameters for this test object are as follows ProcessTest dns_process_test process_id_script opt SUNWscalr scripts dns getpid interval 2 retries 3 retry_interval 2 reset_min_interval 60 dns_test An object of type AndTest 5 Combines the outputs from dns_connect_test dns_udp_test dns_process_test and service_interface_test Reports failure to the monitor object dns_monitor if any of these child test objects returns failure The parameters for this test object are as follows Troubleshooting and Technical Information 157 AndTest dns_test test_objects dns_connect_test dns_process_test dns_udp_test reset_script opt SUNWscalr scripts dns reset reset_min_interval 30 monitor_object dns_monitor dns_udp_test An object of type DNSTest 5 Tests the ability of the array DNS to resolve the name of a domain By default the name localhost is used The parameters for this test object are as follows DNSTest dns_udp_test domain_name localhost port 53 check_addr 0 0 0 0 interval 10 timeout 5 retries 3 retry_interval 2 reset_min_interval 60 monitor_object dns_monitor max_check 99999999 check_control true service_interface_test An object of type PingTest 5 Tests the integrity of the service interface used by a monitor object The parameters for this test object are as follows PingTest service_interface_test ping_addr 129 144 91 255 min_replies 1 exclude_same_host true interval 60 ping_timeout 5
63. array member configuration page in the following ways m The basic page enables you to add an array member the advanced pages do not m The advanced pages enable you to delete a member from the array the basic page does not Advanced Array Member Configuration Page The advanced array member configuration page enables you to change the host address control address and service address for any member of the array The page also enables you to remove a host from an array 65 v To View or Modify Advanced Array Member Configuration Properties 1 In the Proxy Cache Administration page click Advanced Array Configuration The Advanced Array Configuration page shown in Figure 6 1 is displayed eee Proxy Cache Hranrwl aras virmler nnflgmrarinm hosti L hostel sapit Hrlr y monhe a 124 narh ile 2 ce ar ee on oe sree Figure 6 1 Advanced Array Member Configuration Page All Array Members 2 In the page shown in Figure 6 1 click the host name or the icon for the host you want to modify or remove from the array A page such as that shown in Figure 6 2 is displayed 66 Netra Proxy Cache Array User s Manual e Revision A March 1998 ww ect hozi pad hilir Wa 74 GT T Cen illzz TH cn y Sur iia Adler 7H A v1 a kial y 71 Preis D0 Figure 6 2 Advanced Array Member Configuration Individual Member Rad Frad ire ars Tr 3 Make any changes you want to the addr
64. ate hierarchies of proxy cache servers or a related feature create collections of sibling servers You can create hierarchies simply by pointing proxy cache servers to succeeding proxy cache servers as you proceed toward a firewall Alternatively you can take advantage of Netra Proxy Cache software s support for the Inter Cache Protocol ICP to build sibling and parent relationships among proxy cache servers When you configure a set of Netra Proxy Cache Servers as an array automatically those servers become ICP siblings so that the cache is extended over all of the machines in the Netra Proxy Cache Array Figure 1 1 illustrates a simple hierarchy of proxy cache servers Browser points to prosy A Frosy Bis parent to Frosy Cis parentto B Netra Froww Cache browser Server Hetra Fronw Cache Server Hetra Frosy Cache Server Firewall HTTP Requests Responses Figure 1 1 Simple Hierarchy Referring to Figure 1 1 assume the client browser requests a web object that originated somewhere in the Internet and is at the moment not in Netra Proxy Cache Server A s cache The following sequence ensues 1 Machine A checks with its parent machine B Overview 3 2 Likewise B does not have the object in its cache and checks its parent machine C If C does not have the object it goes out through the firewall to the web server to obtain it 3 Machine C returns the object obtained f
65. bage collection Time of Day for GC HH MM SS Enables you to schedule garbage collection at an off peak time Time is expressed on a 24 hour clock For example if you want garbage collection to occur at 3 30 AM enter 03 30 00 Advanced Proxy Cache Configuration 49 Timeouts v To View or Modify Timeouts 1 Click Timeouts in the Advanced Proxy Cache Configuration page The page shown in Figure 4 9 is displayed i meee Proxy Cache 5 Ao Precay Wace i edison TimeaiulL WUE me h mear y pannud Vener FT ieee Concedice ae La x s i kegels pi corel Cee aime HZ rame TD are banae Cuna obeys a me Tac 0pE il sxe e e laze kes lh akas E krme D A Figure 4 9 Timeouts Properties 2 Under the Timeouts heading enter or accept values for the following properties 50 Netra Proxy Cache Array User s Manual e Revision A March 1998 ICP Neighbor Timeout sec The duration the Netra Proxy Cache Server waits for a response to an ICP query Beyond the timeout you specify the software gives up on the query target The default value for this property is 2 seconds You might consider increasing this value if the network connection between the local machine and a sibling is subject to delays Timeout for Server Connections sec The maximum duration in seconds the server waits for a connection to be established The default is two minutes Proxy Cache Connect Timeout and Parent Failover on page 1
66. bject type Under Number of Objects Cached Total Cached Disk amp Main Memory In effect total number of objects cached on host for a given object type Cached in Main Memory Number of objects cached in main memory Only small objects are cached in main memory as distinguished from disk Netra Proxy Cache Array User s Manual e Revision A March 1998 CHAPTER 1 6 Netra Proxy Cache Array MIBs and Traps m Netra Proxy Cache Software MIB Definitions on page 124 a Array MIB Definitions on page 126 m Traps on page 129 This chapter defines the variables in the Management Information Bases MIBs shipped with the Netra Proxy Cache product These MIBs enable you to use an SNMP conformant management platform such as Solstice Domain Manager to monitor your Netra Proxy Cache Server The following MIBs are shipped with the Netra Proxy Cache product m one for the Netra Proxy Cache proxy cache software proxycache mib m one for the array software scalrd mib m the standard Sun MIB sun mib m the SNMP master agent for Solstice Enterprise Agents snmpdx mib These MIBs are stored in var snmp mib Only the first two MIBs are described in this chapter A MIB contains attributes that collectively describe a network accessible object The proxy cache MIB describes the proxy cache server the array MIB describes the software that joins a set of Netra Proxy Cache servers to provide a single proxy cache server ins
67. correct ifconfig output is as follows ifconfig a 100 flags lt num gt lt UP LOOPBACK RUNNING MULTICAST gt mtu 8232 inet 127 0 0 1 netmask 000000 hme0 _ flags lt num gt lt UP BROADCAST NOTRAILERS RUNNING MULTICAST gt mtu 1500 inet lt host address gt netmask lt service net netmast gt broadcast lt service net number gt 255 ether lt ethernet address gt hme0 1 flags lt num gt lt UP BROADCAST NOTRAILERS RUNNING MULTICAST PRIVATE gt mtu 1500 inet lt proxy cache service address gt netmask lt service net netmast gt broadcast lt service net number gt 255 The following entry hme0 2 is present only on the array DNS server hmeQ 2 flags lt num gt lt UP BROADCAST NOTRAILERS RUNNING MULTICAST PRIVATE gt mtu 1500 144 Netra Proxy Cache Array User s Manual e Revision A March 1998 inet lt DNS service address gt netmask lt service net netmast gt broadcast lt service net number gt 255 hmel flags lt num gt lt UP BROADCAST NOTRAILERS RUNNING MULTICAST gt mtu 1500 inet lt control net address gt netmask lt control net netmast gt broadcast lt service net number gt 255 ether lt ethernet address gt In the preceding output note that spacing is altered for readability Also the broadcast addresses show examples of Class C broadcast addresses Your own broadcast address might differ depending on the netmask you use on your service and control networks Regarding ifconfig o
68. d access log 1 rotlog appends an integer extension to the remote file name starting with 1 for the oldest file and incrementing with each successive file of the 134 Netra Proxy Cache Array User s Manual e Revision A March 1998 same type Continuing with our example access log 0 and access log 1 are renamed as follows TABLE 17 1 Local and Remote Log File Names Local Name Remote Name access log 0 access log 19980202 2 access log 1 access log 19980202 1 Note that access log 1 the local file is the older of the two files In a rot log command you can use the x option to change the format of the file extension of a copied using the format specifications listed in the strftime 3C man page Use of x can prevent the overwriting of copied files when you copy log files more than once a day For example you can modify the preceding cron job as follows 15 2 12 opt SUNWcache sbin rotlog F cache d pub logs h hepa u anonymous x Y m sd H M This example is the same as the preceding except m The copy operation occurs twice a day at 2 15 AM and 12 15 PM m To copied files rot log appends a file extension of the form YYYYMMDDHHMM The addition of hours and minutes to the default file extension prevents the overwriting of copied files See the rot log 1M man page for a description of all of the rot log options Monitoring Proxy Cache Log Files 135 136 Netra Proxy Cache Array User s Manual e Revision
69. d Array Configuration page shown in Figure 5 1 is displayed 57 if x fF oe PUYOL TO AOE CI IZT DHIUL WH de vcra aac ve EE EO 0 UCU Amc Meck BE 25 ESE LEINE A ear x ot Si secre Nok Amin SBE eee abs ee nc TH _ 2 Prac Coch Tovi A ahbass Page crags i L wadia Fel a 1 cu ch Somme Sun SEMIS obs E Lit Law j E PE team de th tr kard li u Awt v Figure 5 1 Advanced Array Configuration Page Top 2 In the page shown in Figure 5 1 view or make changes to the value of a property Most properties have editable fields Two have pulldown menus 3 At the bottom of the category page click OK A page is displayed indicating the success or failure of your change If a change fails the page is redisplayed with the error indicated Correct the error and click OK again With some errors a new page containing an error message is displayed If this occurs click the Back button on your browser to return to the category page 58 Netra Proxy Cache Array User s Manual e Revision A March 1998 If you click Reset the values for the properties on the page revert to what they were when you first loaded the page 4 After a successful change click the up arrow icon to return to the Proxy Cache Administration page Alternatively you can click the home icon to return to the Netra Main Administration page 5 If you make any changes to advanced array properties you m
70. ding the cache over the entire set of machines This feature is discussed in Hierarchies on page 3 You have the option of configuring a Netra Proxy Cache Server as a single machine rather than as part of an array Netra Proxy Cache Server Features The Netra Proxy Cache hardware and software implement a proxy cache server with a set of comprehensive features The Netra Proxy Cache product is shipped with array software which where there are multiple Netra Proxy Cache Servers extends the reliability and availability of the proxy cache service Features Netra Proxy Cache Servers support the following features High performance CPU with memory and disk amounts chosen for optimum performance in proxying and caching Details of the hardware configuration are spelled out in the hardware documentation that accompanies the product Compatible with the Squid Harvest and CERN proxy standards Supports the Inter Cache Protocol ICP Caches HTTP 1 0 FTP and Gopher objects This list includes among other types GIF JPEG and exe Supports Secure Sockets Layer SSL tunneling Supports persistent HTTP connections commonly referred to as keep alives The cache persists across reboots Configurable cache object expiration times The Netra Proxy Cache software ages and deletes a cache object based on attributes specified in its uniform resource locator URL The product offers a flexible scheme for cache object expiration
71. e Array User s Manual e Revision A March 1998 0 1 2 3 4 5 min DONE The cache has been reconfigured oamserver in stop state The system is ready lt host name gt console login At this point the proxy cache service can begin to use the additional disks for caching web objects Adding a SCSI Disk 141 142 Netra Proxy Cache Array User s Manual e Revision A March 1998 CHAPTER 1 9 Troubleshooting and Technical Information m Installation of Proxy Cache and Array Configuration Fails on page 143 m Processes Associated with Netra Proxy Cache on page 145 m Netra Proxy Cache Man Pages on page 147 m Running the Netra Proxy Cache Array in an NIS only Environment on page 147 m Proxy Cache and Array Packages on page 148 m Default Disk Partitions on page 150 m Multiple Arrays on the Same Subnet on page 151 m System Administrator and Proxy Webmaster Aliases on page 152 m Parent Siblings and the ICP on page 152 m Control Interface Down on page 153 a Proxy Cache Connect Timeout and Parent Failover on page 153 m Rules for Pattern Matching for TTL Selection Property on page 154 a Test and Load Objects on page 155 Installation of Proxy Cache and Array Configuration Fails If installation fails for one or more hosts note the reason in the page that reports the failure The following conditions must be in effect for successful installation 1
72. e a terminal connected to your Netra Proxy Cache Server as described in Appendix A of the Netra Proxy Cache Array Configuration Guide or Netra Proxy Cache Server Configuration Guide With your Netra Proxy Cache Server connected to both service and control networks power up your server Insert the Netra Proxy Cache recovery CD in the server s CD drive Send the RS232 break signal to obtain the ok prompt For tip use lt return gt For telnet use Ctrl For other programs use the appropriate break signal At the ok prompt enter ok boot cdrom The Solaris boot process starts The following prompt is displayed Please confirm that you want to reinstall Netra Proxy Cache 1 0 This will ERASE ALL EXISTING DATA on the system Answer yes no or quit y Enter y to the preceding prompt The entire process takes about an hour The process completes when the server returns to the ok prompt 164 Netra Proxy Cache Array User s Manual e Revision A March 1998 v To Restore the Netra Proxy Cache Configuration PropertiesTo Restore the Netra Proxy Cache Configuration Properties If you have a backup diskette 1 Insert your backup diskette in the drive of the Netra Proxy Cache Server 2 At the ok prompt enter ok boot Restoration is complete If you do not have a backup diskette 1 At the ok prompt enter ok boot 2 Perform initial configuration as described in the Netra Proxy Cache Server
73. e any SNMP conformant management platform such as Solstice Domain Manager to monitor and manage a Netra Proxy Cache Server The software also supports a set of traps that notify you of critical events ranging from a down server to a failure report on a server component The Netra Proxy Cache Server and Array MIBs are described in detail in Chapter 16 Overview 11 12 Netra Proxy Cache Array User s Manual e Revision A March 1998 CHAPTER 2 Understanding the Netra Administration GUI m Netra Administration Modules on page 13 m Accessing the Netra Administration GUI on page 20 The Netra Proxy Cache Server uses a Hyper Text Mark up Language HTML based GUI for its administration Each screen is a hypertext document A browser running on a client accesses these documents from an administration web server running on the Netra server Netra Administration Modules An administration function in the Netra Administration GUI is called a module and is made up of a set of related tasks For example the User Accounts module contains tasks to add user accounts as well as to modify or delete them These modules are grouped into five categories m Network Services Administration m Network Connection Administration m Security Administration m System Administration m Documentation The modules are displayed as hypertext links on the Main Administration page of the GUI Choosing a link displays the administration page for the
74. e by which the Netra server is known 3 Restart the Netra server so that the new name is used 96 Netra Proxy Cache Array User s Manual e Revision A March 1998 Note If you change the host name of a host in a Netra Proxy Cache Array you must also modify the array member configuration for that host See Chapter 6 for instructions Solaris Log Files Note The log files described below are different from the proxy cache log files described in Chapter 17 Log files should be viewed and cleared periodically The Log Files module gives access to the following Mail log Contains mail debug information TM Message log Contains status on generic Solaris modules Netra log Contains information posted by Netra administration modules such as error conditions Super User Login log Records who logs in to the server as root Administration Web Server Error log Records the times that the Administration Web Server was unable to deliver a page Administration Web Server Access log Records all requests to the Administration Web Server v To View or Clear Log Files 1 2 Choose System Administration Log Files The Log Administration page is displayed Choose one of the following options Netra System Administration 97 m To look at a log file Choose View m To remove a log file Choose Clear then confirm the operation Restart and Shutdown Use the Restart and Shutdown module to restart or shutdown the Netra
75. e return from the hostname command Append Domain Name to Unqualified Host Names If a URL refers to a host name without a period in its name the domain name you specify for this property is appended to host name to form a fully qualified domain name Port for HTTP Client Requests The port number at which the Netra Proxy Cache Server listens for HTTP requests Most users can accept the default of 8080 Do not use 81 the Netra Proxy Cache product uses this number for administrative purposes Port for Neighboring Cache ICP Requests The UDP port number on which the host listens for Internet Cache Protocol ICP queries A value of 0 disables neighbor caching The default is 3130 Port for Proxy Cache Server Statistics Requests The TCP or UDP port on which the Netra Proxy Cache Server provides statistics The SNMP subagent shipped with the product uses this feature to export the statistics via SNMP Setting this property to 0 zero disables the providing of statistics The default is 3140 Entering a non zero value enables proxy cache monitoring which is described in Proxy Cache Array Monitoring on page 117 and Proxy Cache Monitoring for Host on page 119 Receive ICP Requests on this Address If you enter an address the Netra Proxy Cache Server accepts ICP requests only at the IP address specified here Send ICP Requests from this Address If you enter an address the Netra Proxy Cache Server sends ICP requests from
76. e that indicates the resources consumed on a host This percentage is significant to array software that monitors the load on individual array members When a host exceeds a high water mark for load the host is removed from the array DNS zone and is thus not available to new clients An overloaded host returns to availability when its load falls beneath a low water mark Service Addr The address associated with an instance of the proxy cache service Upon startup of a host a service address is associated with a given array member for which it is the preferred address Upon host failure a service address moves to a different host as distinguished from a host address which remains fixed to a host A given host might have two or more service addresses indicating that other hosts in the array have failed and that those addresses have been inherited by the host with multiple service addresses State The state of a service address A service address can be in one of four states unserved acquiring online and releasing The array software acts on a service address in only the unserved and online states An online address is one that Monitoring a Netra Proxy Cache Array and Proxy Cache Service 113 identifies a service for a requesting client Only online addresses are included in the array s DNS zone An unserved address is one that is not being served by any array member such an address is not displayed in the monitoring page Acquiring
77. ect type in opt SUNWscalr man man5 These man pages describe the parameters for each test object instance below There is also a man page for scalrcontrol in opt SUNWscalr man manl In the following object descriptions parameters are taken from scalrd conf Values for these parameters are the default values Troubleshooting and Technical Information 155 Test Objects The test objects listed below are shipped with the Netra Proxy Cache product Their output is displayed in the Host Status page that you invoke from the Array Status page cache_connect_test An object of type ConnectTest 5 Tests the TCP port used by the proxy cache service 8080 Also tests the service address es and control address used by the proxy cache service The test object instance is configured to test persistent TCP connections The parameters for this test object are as follows ConnectTest cache_connect_test port 8080 check_addr 0 0 0 0 interval 10 retries 3 retry_interval 2 reset_min_interval 60 monitor_object cache_monitor max_connect 99999999 check_control true persistent_connection true connection_test_object cache_http_test cache_process_test An object of type ProcessTest 5 Tests for the presence of the process associated with the proxy cache service The parameters for this test object are as follows ProcessTest cache_process_test process_id_script etc init d scalr cache getpid interval 2 retries 3 retry_interval 2
78. ents Software Developer Kit Solstice Enterprise Agents Simple Network Management Protocol Array daemon and supporting binaries Appliance setup Array software configuration files Netra Proxy Cache Array only Array software service monitor license Netra Proxy Cache Array only Array daemon SNMP agent Troubleshooting and Technical Information 149 150 Netra Proxy Cache Array User s Manual e Revision A March 1998 Default Disk Partitions Table 19 2 lists the disk partitions on the two internal drives of a Netra Proxy Cache Server You cannot change the disk partitioning without affecting the operation of the server If you experience a disk failure the procedure described in Appendix A automatically re creates the partitions specified in Table 19 2 TABLE 19 2 Disk Partitions for Netra Proxy Cache Server File System Mount Point var including proxy cache service logs swap swap overlap overlap var opt SUNWcache cachel var opt SUNWcache cache2 Disk Slice c0t0d0s0 c0t1d0s0 c0t0d0s1 c0t1d 0s1 c0t0d0s2 c0t1d0s2 c0t0d0s6 c0t1d0s6 Size 600 MB 600 MB 128 MB 128 MB 4092 MB 4092 MB 3044 MB or rest of disk whatever that number might be 3044 MB or rest of disk whatever that number might be The disk layout for the Netra Proxy Cache Server is illustrated in Figure 19 1 Disk 2 600 MIE fax Includes 200 ME for cache logs Figure 19 1 Disk
79. ept up to date on the health of each host Responding to these regular updates array software works to provide users with a continuous proxy cache service in the face of hardware and software failures and in spite of varying loads on individual servers resources The resource managed by array software is a service address This is a logical IP address that is associated with the proxy cache service on a given machine If a machine fails or becomes overloaded array software can remove the availability of the service address or move the address to a different machine in the array A service address is associated with the network interface over which proxy cache server client interactions occur In terms of a Netra Proxy Cache array this is the service interface and the network to which the interface is connected is the service network The service network is most often the local area network LAN over which clients access a variety of network services The concepts of control and service networks are illustrated in Figure 1 4 Netra Proxy Cache Array User s Manual e Revision A March 1998 Ethernet hub Metra Prov Cache tra Figure 1 4 Control and Service Networks Figure 1 5 illustrates the concepts of control and service interfaces and addresses Overview 9 Service address 128 144300 11 z poached 129 144 2001 Service address n J12 8 144200 12 Hub r Cat ng i To from clients z 11291 44 2
80. esses listed and click Modify Configuration or click Delete Host from Array to remove the host The host control and service addresses are described in the Netra Proxy Cache Array Configuration Guide If you made a modification a page is displayed indicating the success or failure of your change If a change fails the page is redisplayed with the error indicated Correct the error and click OK again With some errors a new page containing an error message is displayed If this occurs click the Back button on your browser to return to the category page If you clicked Delete Host from Array a page asking you for confirmation is displayed Click OK to confirm removal of the host from the array or click the up arrow or home icon to change pages The confirmation page reminds you that in addition to removing the host from the array you must shut down the proxy cache service on the host being removed If you click Reset the values for the properties on the page revert to what they were when you first loaded the page 4 After a successful change or deletion click the up arrow icon to return to the Proxy Cache Administration page Alternatively you can click the home icon to return to the Netra Main Administration page Advanced Array Member Configuration 67 5 If you make any changes to advanced array members properties you must use the Install Configuration function to install the changes on the machine s whose configuration
81. etwork over which the Netra Proxy Cache server interacts with clients This address is the subnet portion of the IP address you assigned to given Netra Proxy Cache server An example of a valid Class B subnet address is 129 144 0 0 a Class C example is 195 144 168 0 Netmask The netmask of the service network An example of a netmask for a network that subnets Class B addresses is 255 255 255 0 Multicast Address The multicast address used by array software to send heartbeat messages over the control network to all members of the array The Internet Authority for Network Addresses IANA has assigned the multicast address 224 0 1 62 to the Netra Proxy Cache server product It is recommended that you use this address If the default address is already in use you need to select another multicast address It is suggested that you use snoop 1M to ensure that an address you choose is not already in use Note If you have more than one Netra Proxy Cache array on the same subnet use different multicast addresses for the different arrays The array software uses the service network for a redundant multicast Using different multicast addresses to distinguish arrays is less prone to conflict than is using the same multicast address with different port numbers See the Control Port property below Proxy Cache v To View or Modify Advanced Array Configuration Properties Proxy Cache Category 1 Under the Networks heading see Figure 5 1 e
82. example access lists Under Access List Definition eng src 129 144 118 0 255 255 255 0 sales src 129 144 130 0 255 255 255 0 division sre 129 144 0 0 255 255 0 0 The preceding access lists might be used as follows Under Client Access Control allow eng sales deny division The preceding entries specify that machines on the subnets 129 144 118 0 and 129 144 130 0 are allowed HTTP access to the Netra Proxy Cache Server while machines in the division list are excluded You might want to restrict Inter Cache Protocol ICP access to a server to only those machines This is illustrated in the following example Advanced Proxy Cache Configuration Examples 169 Under Access List Definition arrayhosts src 129 144 107 1 255 255 255 255 129 144 107 2 255 255 255 255 129 144 107 3 255 255 255 255 127 0 0 1 255 255 255 255 all src 0 0 0 0 0 0 0 0 The list arrayhosts includes the host addresses of all machines in a Netra Proxy Cache Array The list might be used as follows Under Access to Cache via ICP allow arrayhosts deny all The preceding entries specify that only the array machines are allowed ICP access to the Netra Proxy Cache Server while all other machines are excluded Limiting by Time The following are example access lists Under Access List Definition nights time M F 17 01 07 59 weekends time A S 00 00 24 00 worktime time M F 08 00 1700 The preceding access lists might be used as follows Under Client Acce
83. figure the Netra System as Not a Router Note Once the Netra server is already configured as not a router this option is not displayed 1 Choose Network Connection Administration Routing gt Turn off routing then confirm the operation By default the Netra Proxy Cache Server is not a router Routing Administration 87 88 Netra Proxy Cache Array User s Manual e Revision A March 1998 CHAPTER 1 1 Administration Web Server m Setting the Administration Password on page 89 m Controlling Host Access on page 90 The Administration Web Server serves the administration pages through which the Netra administration modules are configured To protect the Netra Proxy Cache Server from unauthorized users access to the Web server is protected through a password obligatory and an access list optional If an access list is specified connections from machines that are not on the list are refused Connections from machines on the list are permitted access provided the user knows the password The account name for the Administration Web Server is setup When you click the Administration link the Netra Welcome page you are prompted for user name setup and password The Administration Web Server module enables the user to change the password and edit the access list v Setting the Administration Password To Set the Administration Password 1 Choose Security Administration Administration Web Server Change
84. ginal owner within a certain configurable span of time call the service timeout that service address is removed from the service group See Proxy Cache on page 60 for a description of the service timeout property A preferred address of 0 0 0 0 as in the DNS Service Group table indicates that a host is a hot spare For the proxy cache service an array member has its own service address and stands ready to inherit another host s service address if needed For the DNS only the array DNS server has its own service address the remaining members can inherit the service address but do not offer one of their own If the array DNS server fails you will note that its preferred address moves to another array member where it shows up in the inheriting member s Service Addr column At that point no host displays a preferred address for the DNS Quiesced Indicates whether the array member is quiesced or not In the quiesced state a host can service existing clients but cannot acquire any service addresses Also a quiesced host is excluded from the array s DNS zone so that it cannot acquire any new clients OK Indicates whether any of a host s test objects has returned an OK or a not OK that is failed status The test objects running on a host are displayed in the Host Status page accessible by clicking on the host name in the Host Name column Load and Capacity Divide the load by the capacity to arrive at a percentag
85. gure SNMP Properties 69 Local Area Network Administration 71 Local Area Network Requirements 71 LAN Procedures 72 Adding a Network Interface 72 v To Add a Network Interface 72 Modify a Network Interface 73 v To Modify a Network Interface 73 Delete a Network Interface 73 w To Delete a Network Interface 73 Name Service Administration 75 Contents vi Name Services Used by the Netra Proxy Cache Server 76 Domain Name Service Background 76 Options for Resolving Names 77 Using DNS to Resolve Names 77 Local Name Service 78 Network Information Service 78 Name Service Procedures 78 DNS Administration 78 v To Configure the Netra Server to Use DNS 78 w To Modify DNS Resolver Configuration 79 w To Delete A DNS Configuration 79 Local Name Server Administration 80 v To Configure the Netra Server to Use a Local Name Server 80 NIS Administration 80 v To Configure the Netra Server to Use NIS to Resolve Names 80 v To Modify or Unconfigure an NIS Domain Name 81 10 Routing Administration 83 Netra System Router Alternatives 83 Dynamic Router 84 Static Router 84 Not a Router 84 Routing Procedures 84 Static Router 84 v To Configure the Netra System as a Static Router 84 v To Modify a Static Router 85 Dynamic Router 86 v To Configure the Netra System as a Dynamic Router 86 v To Modify a Dynamic Router 87 vii Netra Proxy Cache Array User s Manual e Revision A March 1998 11 12 13 Not a Router 87 v To Configure the Netra System as Not
86. h 1998 APPENDIX C Security Issues This appendix describes security issues related to the activity of a Netra Proxy Cache Array Update Daemon The Netra Proxy Cache Array software uses an update daemon that enables a Netra Proxy Cache host to receive configuration updates from the administrative host By default this daemon opt SUNWoam 1ib oampushd enables updates from any host that knows its port number and is on the same subnet as the Netra Proxy Cache machine To disable updates on a given host use the oamcont rol command as follows opt SUNWscalr bin oamcontrol disable_updates To re enable updates use the enable_updates option to oamcont rol See the oamcont rol 1 man page for all of the arguments to that command 173 174 Netra Proxy Cache Array User s Manual e Revision A March 1998 Glossary Understanding of the following terms is useful in understanding the Netra Proxy Cache Array product Italicized terms in definitions are defined elsewhere in the glossary administrative host acquire message acquire script acquiring address states One host in a Netra Proxy Cache Array on which you perform administrative functions and from which you propagate configuration data to all members of the array It is recommended that the administrative host also act as DNS server for the array A control message sent by a service group leader requesting that a service group member acquire a service addres
87. he array DNS rotates proxy cache service addresses in round robin fashion Thus the name of your array is resolved to a different proxy cache service address upon each resolve operation The headings in the Proxy Cache Service Group and DNS Service Group tables are described as follows Host Name The host name associated with the array member and also associated with the host address see next item The Host Name entry is a link to a Host Status page described below Note In the current release for a host name link to work the host name must be resolveable by the name service s configured on the server Host Addr The IP address of the array member That is the address associated with the host name Unlike the preferred address see next item and the service address the host address remains fixed to a host Preferred Addr The service address assigned to a host when the host first joined the array This address might move to a different host in the array if the original owner fails However the address remains the preferred address of the original owner When a 112 Netra Proxy Cache Array User s Manual e Revision A March 1998 host fails you will note that its preferred address moves to a different host The inheriting host will have two or more addresses in the Service Addr column its own preferred address plus the service address of the failed host If a preferred address that has moved does not return to its ori
88. he releases that address at which point the address becomes an orphaned service address subject reassignment to a host other than its original owner At such time as the original owner returns to health it reacquires its preferred service address A host that can release but cannot acquire service addresses it cannot acquire its own preferred service address A quiesced host is in a state between failed and available As with a failed host the service addresses of a quiesced host are not included in the service group DNS zone Unlike a failed host a quiesced host can continue to serve its current service addresses A host is quiesced via the array daemon s SNMP interface or through a command line interface The quiesced state enables a system administrator to address resource problems on a host without removing the host from the service group A control message sent by a service group leader requesting that a service group member release a service address A leader sends a release message to a member that has been serving a previously orphaned preferred service address when the original owner of that preferred service address is ready to resume ownership A release message invokes a release script on the host releasing the service address Glossary 178 Netra Proxy Cache Array User s Manual e Revision A March 1998 release script releasing service address service group service group DNS zone service group leader se
89. he service address es associated with the failed service to the least loaded host in the array A quiesced test object reports its last value prior to quiescence You use the scalrcontrol 1 utility described in a man page to quiesce a test object Note that test objects run periodically for example every 10 minutes This means that a test object will not detect a corrected condition till the next time it runs so that in the Host Status page a test object displays not OK till the next time the test object code is run Load Objects A load object returns a load and capacity for the component whose usage it measures There is a man page for each load object in opt SUNWscalr man man5 If load divided by capacity is a percentage that exceeds the high water mark set for the proxy cache service the array software removes the service address es associated with the overloaded host from the array s DNS zone thus making the overloaded host inaccessible to new clients A quiesced load object reports its last value prior to quiescence You use the scalrcontrol 1 utility described in a man page to quiesce a load object See Test and Load Objects on page 155 for further discussion of test and load objects and the relationship of those objects to monitor objects See Netra Proxy Cache Man Pages on page 147 for instructions on accessing Netra Proxy Cache man pages If you have a serial connection to your server you can vie
90. hoose Add a TCP IP Interface An administration page for the TCP IP interface is displayed 3 Type the information in the form using Table 8 1 TABLE 8 1 Information Required to Add an Interface Host Address The host address or host name for the network interface Host Name This address should not be on the same network as any other configured interface Example 129 144 79 5 The host name is valid if it has been entered in the local name service See Chapter 9 for more information Netmask The netmask address that determines the network with which the host address is associated Example 255 255 255 0 72 Netra Proxy Cache Array User s Manual e Revision A March 1998 TABLE 8 1 Information Required to Add an Interface continued Modify a Network Interface To Modify a Network Interface 1 Choose Network Connection Administration Local Area Network The Local Area Network Administration page is displayed with a list of network interfaces to configure 2 Choose Modify a TCP IP Interface An administration page is displayed with existing configuration information for the chosen interface 3 Make the changes in the form using Table 8 1 Delete a Network Interface To Delete a Network Interface 1 Choose Network Connection Administration Local Area Network The Local Area Network Administration page is displayed with a list of network interfaces to delete 2 Choose Delete for the interface to be removed
91. in Administration page click Restart and Shutdown In the Restart and Shutdown Administration page click the Shutdown and power off operation and leave the check box for Check for new devices upon restart set to Yes Click OK 3 Ensure that the server is powered off after about 90 seconds The green indicator light on the front of your Netra Proxy Cache Server is off when the machine is powered off 4 Connect the MultiPack enclosure to the SCSI port on the back of the server See the Netra Proxy Cache 30 Hardware Installation Guide for instructions 5 Power up the enclosure 6 Power up the Netra Proxy Cache Server and log in as root 7 Invoke format format 8 In the available disk menu select 2 for the first available disk after the two internal disks In this menu there are eight disks 0 and 1 for the internal disks and 2 through 7 for the disks in the MultiPack enclosure 9 If the disk is new asked whether to label the disk Enter y to label the disk now 10 In the format menu enter p for partition 11 In the partition menu enter m to modify a partition table 12 In response to the Select partitioning base menu enter the number to select modify the current partition table The current partition table is displayed 13 In the displayed partition table make a note of the number of cylinders for slice partition 2 14 Press Return to indicate that yes you want to create a new partition
92. in names that do not match the specified domains are directed to the specified host So for example if you want wbyeats to field all requests related to domains other than the domain names sales acme com you make an entry wbyeats sales acme com Note that with the reverse match feature you can specify only one domain name either as the only domain name in an entry or as the last domain name in an entry If you want to prevent use of a given parent for multiple domains specify additional entries For example wbyeats sales acme com wbyeats eng acme com See Parent Siblings and the ICP on page 152 for an example of the use of this property Advanced Proxy Cache Configuration 35 Domains Inside Firewall When you load the Proxy Cascade page the Domains Inside Firewall field contains the domains you entered when you last performed basic proxy cache configuration as described in the Netra Proxy Cache Array Configuration Guide The Netra Proxy Cache Server considers domains you list for this property as being inside a firewall For URLs containing domains not in this list the software does not perform a name service resolution for example a DNS lookup of a host name specified in a URL Also for domains not in this list if the Netra Proxy Cache Server does not have a requested object in its local cache it always tries to fetch the object from a parent or sibling cache 1 Scroll down to the remaining properties in the Pro
93. in the server The Netra server supports Fast Ethernet 100 BASE T hme m Network Protocol The network protocol defines the communication that travels over the network The Netra server supports the TCP IP network protocols The TCP IP protocol suite supports the definition of multiple interfaces for a network hardware port and network protocol a Interface Definition The interface definition is the configuration information that is specific to the Netra server For example the Netra server requires host addresses for TCP IP interfaces 71 LAN Procedures The Netra server cannot be administered from a remote client without first defining the network interface Note It is strongly recommended that you not make any changes to the service network hme0 or control network hme1 interfaces If you do make changes to these interfaces make them in the Proxy Cache Administration page Such changes are reflected in the Local Area Network Administration page If you make any changes to the service network hme0 or control network hme1 interfaces in the LAN Administration page you must make corresponding changes to your array and array member configuration in the Proxy Cache Administration page Adding a Network Interface To Add a Network Interface 1 Choose Network Connection Administration Local Area Network The Local Area Network Administration page is displayed with a list of network interface hardware to configure 2 C
94. ine l X MITC Kru sit i au Thats ek Tro Figure 4 6 Remaining Cache Policy Properties FTP Policy Time To Live The limit on the length of time an FTP object can remain in the cache The default 4320 minutes is three days Max Object Size The limit on the size of an FTP object for caching The Netra Proxy Cache Server proxies for but does not cache FTP objects that exceed this limit The default is four MB Do not Cache URLs Containing Advanced Proxy Cache Configuration 41 The Netra Proxy Cache Server does not cache FTP URLs containing strings you add to this list There are no defaults URL Policy Do not Query Neighbors for URLs Containing For URLs containing strings you add to this list the Netra Proxy Cache Server looks in its own cache and does not query parent and sibling caches TTL Selection Based on URL The Netra Proxy Cache Server enables you to set the TTL for URLs containing strings that you specify You can specify the TTL in either of two ways as an absolute value or as a percentage of an object s age Entries have the following form lt reg expression gt lt absolute TTL gt lt percentage gt lt maximum TTL gt where the variables mean the following lt reg expression gt is a regular expression that is matched against a URL See Rules for Pattern Matching for TTL Selection Property on page 154 for rules for the regular expression lt absolute TTL gt is the TTL in minute
95. ins soap and comedy The database for comedy contains the host address for ren The DNS system of resolving names is strictly hierarchical Using the previous example the system that acts as the DNS server for the domain tv translates a host name to a host address only if that host name exists directly within the domain All other host names are forwarded to the appropriate sub domain for resolution Thus the name ren comedy tv net is forwarded from tv s DNS server to the DNS server for the subdomain tv for resolution Options for Resolving Names Using DNS to Resolve Names To enable the use of DNS to resolve host names the IP addresses of on or more DNS servers must be provided to the Netra Proxy Cache Server Name Service Administration 77 Local Name Service The Netra Proxy Cache Server can use a local name service to resolve host names In this case the Netra server contains a list of host name to host address mappings for its own use Unlike hostname address pairs in a DNS database the mappings specified by the local name service are only available to applications running on the Netra server Information entered in the local database is automatically available to programs running locally Network Information Service NIS provides name services and other information such as users on the network for a local network If there is a NIS server on the network use the Netra Name Service module to configure the Netra server to use N
96. ion Properties 28 Primary Configuration 29 v To View or Modify Primary Configuration Properties 29 Proxy Cascade 32 v To View or Modify Proxy Cascade Properties 32 Cache Policy 38 v To View or Modify Cache Policy Properties 38 HTTP Policy 39 Gopher Policy 40 FTP Policy 41 URL Policy 42 Other 43 Access Control 43 v To View or Modify Access Control Properties 43 Storage Management 48 v To View or Modify Storage Management Properties 48 Timeouts 50 v To View or Modify Timeouts 50 Log File Options 52 v To View or Modify Log File Options 52 Web Server Accelerator Options 53 w To View or Modify Web Server Accelerator Options 53 External Program Options 55 Netra Proxy Cache Array User s Manual e Revision A March 1998 v To View or Modify External Program Options 55 Advanced Array Configuration 57 Viewing and Modifying Advanced Array Configuration Properties 57 v To View or Modify Advanced Array Configuration Properties 57 Networks 59 w To View or Modify Advanced Array Configuration Properties Networks Category 59 Proxy Cache 60 w To View or Modify Advanced Array Configuration Properties Proxy Cache Category 60 DNS 61 w To View or Modify Advanced Array Configuration Properties DNS Category 61 Advanced Array Member Configuration 65 Advanced Array Member Configuration Page 65 v To View or Modify Advanced Array Member Configuration Properties 66 SNMP Configuration 69 Viewing and Modifying SNMP Properties 69 v To Confi
97. iple monitor objects A given monitor object can obtain data from multiple load objects See test object The failure to find a requested URL in a cache requiring further activity on the part of the cache server This activity might include any or all of sending ICP requests to parents and siblings sending requests to parents and sending a request to an origin web server A miss is distinguished from a hit To a large degree the success of a web cache depends on the expense associated with a miss A service specific module that is incorporated into the array daemon A monitor object manages the service addresses assigned to a service It performs failover where necessary and can address load balancing by modifying a service group DNS zone A monitor object is associated with one or more load objects and test objects Refers to parents and siblings of a proxy cache server One of four address states of a service address An online address is one that identifies a service that can perform work for a requesting client In a service group where DNS is employed only online addresses are included in the group s DNS zone A service group leader acts on service address in only the unserved and online states A service address not assigned to its preferred host If the preferred host of a service address fails and releases its service address that is its preferred service address that address is considered orphaned It remains orphaned un
98. isplayed Advanced Proxy Cache Configuration 53 feo Booey Wai CST Wyl Bere decade Aplin etd FT sled TF emer e BI tor IF bene kan Adesso Ciung Ube lt Fisk ry Hal Aa cad Figure 4 11 Web Server Accelerator Options Page 2 Under the Web Server Accelerator Options heading enter or accept values for the following properties Host for Real HTTP Server The Netra Proxy Cache Server can act as a front end for an HTTP server This function is sometimes referred to as an HTTP accelerator This feature can be useful under the following conditions m If the Netra Proxy Cache Server is more powerful or more highly available than the HTTP server m If the HTTP server is connected to a slow network while clients have relatively fast connectivity to the Netra Proxy Cache Server The Netra Proxy Cache Server hides the effects of the slow link m If the HTTP server is vulnerable to attack The Netra Proxy Cache intercepts all requests Also you can set up an access list to limit the effect of an attack A potential disadvantage of this feature is that the HTTP server does not have available the source IP address of clients 54 Netra Proxy Cache Array User s Manual e Revision A March 1998 Enter the fully qualified hostname of the server for which the Netra Proxy Cache Server is acting as a front end Port for Real HTTP Server The HTTP port on the server for which the Netra Proxy Cache Server is acting as
99. itory of URLs that lies between clients browsers and origin web servers Design issues for caches involve which pages to store for how long Caches are useful when the ratio of hits to misses is at least 30 approximately This threshold varies according to the types of objects being cached and the expense and bandwidth of the links between the cache and the origin web server For example a hit rate of 20 might be cost effective if the hits are for very large objects Similarly if the links between the cache and origin web server are very expensive even a low hit rate might prove cost effective Another important design issue is how expensive a miss is For example if a cache were of such size that an exhaustive search is a resource intensive activity it might be more cost effective not to have the cache IP address of a control interface Each control interface has a control address The monitor object s network interface to the control network The monitor object transmits and receive information messages over a control interface A release message or an acquire message multicast over a service group s control network A logical network over which service group members exchange information messages A control network is distinguished from a service network It might be an IP subnet distinct from or the same as the IP subnet used for the service network The sequence of steps initiated by a service s monitor object when a hos
100. le parent based on the content of an access list If you specify multiple access lists the Netra Proxy Cache Server applies the first list that matches for a given URL URL Redirection An entry of the form lt access list gt HOST lt hostname gt PATH lt path gt Enables you to redirect a URL to a specified host and path The access lists must be of types domain service or pattern For example the entry adults HOST restricted acme com PATH forbidden html redirects a URL that matches the adults access list to http restricted acme com forbidden html 1 To create a URL Redirection entry enter Advanced Proxy Cache Configuration 47 m The name of one or more access lists followed by a colon m The word HOST and a fully qualified hostname m The word PATH and an absolute pathname Storage Management v To View or Modify Storage Management Properties 1 Click Storage Management in the Advance Proxy Cache Configuration page The page shown in Figure 4 8 is displayed avout Frat Cocke L31uHaurrtirni Ama Yhn aml IE h re tokt Bac iH Loa wrs lark tor h C 1 eh SRE aad kE re aha 5 Lea TTE wakta i aha iia AT b1z 3 edic Si aean II St T1 F37 27 11 d Figure 4 8 Storage Management Properties 48 Netra Proxy Cache Array User s Manual e Revision A March 1998 2 Under the Storage Management heading enter or accept values for the following properties High water mark f
101. le through the Proxy Cache Administration page Chapter 5 describes the advanced array configuration properties accessible through the Proxy Cache Administration page Chapter 6 describes the advanced array member configuration page which enables you to modify an array member or remove a member from the array Chapter 7 explains how to configure properties related to the Netra Proxy Cache Server and Array SNMP agents Chapter 8 explains how to use the web pages that enable you to configure Local Area Network LAN interfaces on the server Preface xii Chapter 9 explains how to configure a Netra Proxy Cache Server as a name service client Chapter 10 explains how to configure a Netra Proxy Cache Server as a router Chapter 11 explains how to set the Netra administration password and how to control host access to the Netra Proxy Cache Server Chapter 12 explains how to set the root password on the Netra Proxy Cache Server Chapter 13 explains how to perform a variety of system administration task on the Netra Proxy Cache Server such as rebooting and monitoring Solaris log files Chapter 14 presents instructions for proxy cache service and array related tasks not covered in the Netra Proxy Cache Array Configuration Guide Chapter 15 tells you how to use the monitoring web pages accessible through the Proxy Cache Administration page Chapter 16 describes the Management Information
102. ll The Netra Proxy Cache Server retrieves URLs containing the IP addresses you specify here directly from the source and not from a parent or sibling These addresses should be a subset of the addresses you specify for IP Addresses Inside Firewall see description above Specify here addresses to which you have good network connectivity and from which users request relatively small objects For a given address consider whether going to a sibling cache to retrieve an object offers a large advantage over going directly to the source If it does not you might want to list the address here Note Use of this property degrades server response time because of the overhead associated with host name resolutions 38 Cache Policy v To View or Modify Cache Policy Properties 1 In the Advanced Proxy Cache Configuration page click Cache Policy The Cache Policy page is displayed as shown in Figure 4 5 Netra Proxy Cache Array User s Manual e Revision A March 1998 Wile aumal Tay Mahni figural inm Ladu EaHr HTTT Ph live os Tho air Pr T aid Tet Alea ine tri IUFT EH cy Ve 1 ray ered be Le cr acti Uo Cr NE Figure 4 5 Cache Policy Properties Top Portion 2 Under the Cache Policy heading enter or accept values for the properties described below The properties are divided into groups reflected in the following headings Following Gopher Policy parameters covered in Gopher Policy on page 40 yo
103. m its parent or from an origin web server Involves opening a direct socket between the client browser and a target web server for secure communication A tunneled connection might pass through one or more proxy cache servers A script or program that tests the functionality of a host resource A test object might return for a example a boolean indicating whether a control interface can transmit and receive Test objects return data to monitor objects A test object can be shared by multiple monitor objects A given monitor object can obtain data from multiple test objects See load object One of four address states of a service address An unserved address is one that is not being served by any service group member Under certain conditions a service group leader attempts to assign an unserved address to a host that has the largest amount of excess capacity determined by capacity minus the load as returned by a host s load object A service group leader acts on service addresses in only the unserved and online states A web page audio or video clip graphic file or other object that can be provided by a web server to a client most often a browser using the HyperText Transfer Protocol A proxy cache server caches web objects although not all proxy cache servers can cache all types of web objects Glossary 180 Netra Proxy Cache Array User s Manual e Revision A March 1998 Index Index 181
104. machines on the network Thus every machine is given a host address A host address has the form 129 144 79 5 where each of the four numbers separated by periods can be in the range of 0 to 255 Each machine is also given a host name that is associated with its host address Users generally use a host name such as stimpy comedy tv net to access a specific machine on a given network The process by which a host name is translated to its host address is called name resolution It is usually performed by a name service 75 Name Services Used by the Netra Proxy Cache Server The Netra Proxy Cache Server can use three types of name services a DNS Translation is provided by a DNS server Local name service Translation is done locally by looking up the name in a file a Network Information Service NIS Translation is done by an NIS server running on another host The Netra Proxy Cache Server can use any or all of the name services at the same time If more than one name service is used they are interrogated in the following order local name service NIS DNS For example suppose the Netra server is configured to use the local name service and DNS When a name service query is made the server attempts name resolution by looking up the host name in the local database first If the host name is found the server returns the host address If not the query is passed to the DNS server If the DNS server resolves the query it returns the i
105. me gt The variable lt day of the week gt is expressed as one of the following abbreviations TABLE 4 1 Day of Week Abbreviations 5 Sunday M Monday T Tuesday Ww Wednesday H Thursday F Friday A Saturday Advanced Proxy Cache Configuration 45 The lt start time gt lt end time gt variables are expressed as lt hour gt lt minutes gt using a 24 hour clock So for example to express a period in the mid afternoon you specify 14 15 16 30 meaning from 2 15 PM to 4 30 PM m patternMatches on a pattern specified in a URL It takes an argument of the form lt pattern to be matched gt You can specify multiple patterns m portMatches on a port number specified in a URL It takes an argument of the form lt port number gt You can specify multiple port numbers m protoMatches on a protocol specified in a URL It takes an argument of the form lt protocol gt HTTP FTP Gopher or WAIS You can specify multiple protocols m methodMatches on a method CONNECT HEAD POST or GET specified in a URL It takes an argument of the form lt method name gt You can specify multiple methods m serviceMatches on the service specified in a request It takes an argument of the form lt ip address gt lt netmask gt Service in this context is an instance of a service on a host in a Netra Proxy Cache Array as identified by a service address and netmask Note If you have multiple access lists of the
106. n Chapter 3 of the Netra Proxy Cache Server Configuration Guide or the Netra Proxy Cache Array Configuration Guide to make the changes take effect Managing Proxy Cache Service Log Files The Netra Proxy Cache product is shipped with a command line program rotlog that enables you to rotate and back up proxy cache service log files These files correspond to the following types referred to in the Proxy Cache Log Administration page m Proxy Cache Server log log type cache m Proxy Cache Access log log type access Proxy Cache Hierarchy log log type hierarchy Proxy Cache Store log log type store Monitoring Proxy Cache Log Files 133 For each type specified in the preceding list the rot log command can perform the following functions m Rotate the log files so that the current log file lt type gt 1og becomes lt type gt log 0 lt type gt 1log 0 becomes lt f pe gt 1og 1 lt type gt log 1 becomes lt type gt 1og 2 and so on The highest numbered and oldest file lt type gt 10g 9 is overwritten by lt f pe gt 1og 8 You can change the number of log files in the rotation See Log File Options on page 52 a Copy log files to a remote server using FTP Local log files are deleted following a successful file transfer By default on a Netra Proxy Cache Server rotlog is run by cron using the following entry 25 4 12 20 opt SUNWcache sbin rotlog M all S 100 The effect of this cron
107. n formed by the array The choice of which host is arbitrary The DNS itself operates under control of the array software so that if the DNS software or the host on which DNS is running fails the service address of the DNS moves to a different machine in the array Array software is designed so that one host runs the DNS and the remaining hosts in the array act as hot spares for the DNS host In addition to the array software s use of DNS for load balancing the software also relies on the DNS outside of the array to resolve the name of the subdomain formed by the Netra Proxy Cache Array This subdomain consists of the DNS zone formed by the service addresses in the array This means you must configure your existing DNS to point to the array s DNS to resolve the name of the array s proxy cache service An example of such a configuration is shown in Chapter 3 of the Netra Proxy Cache Array Configuration Guide Monitoring and Managing The Netra Proxy Cache Server offers web based tools that enable you to monitor m An individual server m An array m The state of the proxy cache service for an array and a server There are also web pages that enable you to monitor proxy cache related log files See Chapter 15 for a description of the monitoring web pages See Chapter 17 for a description of the various types of logs available The Netra Proxy Cache product is shipped with Management Information Bases MIBs that enable you to us
108. nd the ICMP router discovery protocols Routing Procedures Static Router v To Configure the Netra System as a Static Router 1 Choose Network Connection Administration Routing gt Configure static router The Static Router Administration page is displayed 84 Netra Proxy Cache Array User s Manual e Revision A March 1998 2 Type the information in the form using Table 10 1 TABLE 10 1 Information Required for Static Routing Default Router Host Host address of the default router for the network Address Destination Network Network Host address to which information is routed Host Address Router Host Address Host address of the router used for accessing the destination address Hop Count A value of 0 or greater 0 means the Netra server is the router a value greater than 0 means that another system is the router To Modify a Static Router 1 Choose Network Connection Administration Routing Modify static router 2 Make the changes in the form using Table 10 1 Note In certain Solaris versions there is a complication for setting the destination address of a subnetwork with a trailing non zero digit To construct a network gateway on a non zero subnetwork the etc init d inetinit file must be manually edited to contain the information in the following form route add net 194 125 10 32 194 125 10 2 1 netmask 255 255 255 224 The addresses shown above are for example only Routing Administration 85 Dynamic
109. nformation otherwise it returns not found Domain Name Service Background DNS gives different groups responsibility for subsets of names Each subset or level is called a domain At the top level of the DNS hierarchy are a small number of large domains such as com for commercial organizations Individual organizations set up their own domains within these domains sun com oracle com stanford edu Domains in turn can have subdomains Contact your ISP for a domain name which they can register for a fee The host name of a system together with its full domain specification makes up a complete DNS name For example Figure 9 1 shows such a DNS name ren comedy tv net The machine ren is a node residing in the subdomain comedy within the domain tv which is in the domain net 76 Netra Proxy Cache Array User s Manual e Revision A March 1998 sub domain of the domain net C sub domain of w net isp nel or mpeorld net Figure 9 1 Example of DNS Domains Every domain has two or more systems that keep a database of DNS names for that domain These systems also contain the DNS names of the subdomains unless this responsibility is delegated to systems in the subdomain Thus there are several systems that contain the database for the domain net In that database there is a delegation entry pointing to a system that keeps the database for tv The DNS database for tv contains entries for delegating the doma
110. ng utilization serviceDnsMinServers The array daemon does not allow fewer hosts than this number to be available even if some number of hosts are overloaded serviceDnsAl1ServersWhenLoadeWhen all hosts are overloaded the array daemon can keep all service addresses available host ServingCont rolAddr Control address of host serving a given service address host ServingServiceAddr Service address being served by a given control address host ServingOk Indicates whether service address is associated with a control address that passes the service test 128 Netra Proxy Cache Array User s Manual e Revision A March 1998 TABLE 16 2 Array MIB Definitions continued Group or Table Attribute Name Description host ServingQuiesce Indicates whether a serving host is quiesced host ServingState State of a service address on a serving host acquiring releasing or online host ServingLoad Load reported by a host for a service hostServingCapacity Capacity reported by a host for a service testName Name of a test object testResult Result of a test 0 for fail and 1 for pass loadQuiesce Indicates whether test is quiesced testQuiesce Indicates whether test is quiesced Traps SNMP provides for traps A trap enables you to be notified of a specified event on usually a remote machine You must use an SNMP conformant management platform such as Solstice Domain Manager to be able to receive notice of a trap Netr
111. nort LIrirn tae sel commie A TIT i frams fes LHI5z r seer line F alee LF ty r r Prose Carle Connedion Biali SMS Vem Ttiurtdu sirzti UTzzm WIE Cac Eal 1 AT Sant J Codes Uued Hoti im ERI SJaniler u Pik rt Pach m Minniin Tapn p Taal ochal Uoc iu HEH Cp chei 5 fist x Ffa k mmirx hi n himi EF z Hi Soh L Ra Tinal Garlel Bar oll Prrirnr1Ls 4 a Se way u inus Ca nex Figure 15 4 Proxy Cache Monitoring for Host Page When you load the Proxy Cache Monitoring for Host page a snapshot of current proxy cache statistics is displayed If you want periodic updates specify a number of minutes in the Refresh field at the bottom of the page Click Reset to return the refresh value to 0 120 Netra Proxy Cache Array User s Manual e Revision A March 1998 The tables in the Proxy Cache Monitoring for Host page are described as follows Proxy Cache URL Statistics Provides statistics on the rate of URL requests and the extent to which requests are serviced from the local cache Proxy Cache Connection Statistics Provides statistics on HTTP and SSL connections Cached Object Statistics Provides statistics on the number of objects cached for each type of object The headings in the just mentioned tables are described as follows In the Proxy Cache URL Statistics table Under Totals since start URLs accessed
112. ns on removing an array member 1 In the Proxy Cache Administration page on the host to be removed click Unconfigure proxy cache service You can perform the preceding steps in either order 1 After performing the preceding steps disconnect the machine from the service and control networks Note that the service address originally associated with the removed host will remain available to existing clients for the duration specified in the service timeout property See Proxy Cache on page 60 for a description of this property Performing Administrative Tasks for the Proxy Cache Service and Array 107 Moving an Array You can move an array from one subnet to another This means that all host addresses proxy cache service addresses and the DNS service address change You can continue to use the same control addresses both subnet and host You can use any machine as your administrative host v To Move an Array 1 If you use a name service register the new host addresses in the name service 2 In the Proxy Cache Administration page on each host in the array click Unconfigure Proxy Cache 3 In the Netra Main Administration page on each host in the array click on Restart and Shutdown then click on Shutdown in the Restart and Shutdown Administration page 4 Disconnect the array hosts from the service and control networks 5 Connect the array hosts to the new subnet and reconnect the hosts to the control network 6
113. nt array activity is displayed If you want periodic updates specify a number of minutes in the Refresh field at the bottom of the page Click Reset to return the refresh value to 0 Monitoring a Netra Proxy Cache Array and Proxy Cache Service 111 Mapan L Tim dalil r EET Rer ciLm de su LEI wa nant p1 Note In some browsers when you use the refresh feature the display of the Array Status page becomes disrupted as if pages are overlaying one another after about 40 updates This is a characteristic of the browser software No display disruption occurs with Netscape Navigator 4 04 as well as with other browsers Netscape and Netscape Navigator are trademarks of Netscape Communications Corporation The tables in the Array Status page are described as follows Proxy Cache Service Group Displays characteristics of all of the hosts in a Netra Proxy Cache Array that are collectively providing a single proxy cache service DNS Service Group Refers to the DNS that is internal to the Netra Proxy Cache Array One host in the array provides a DNS for the array with the remaining hosts acting as hot spares In Figure 15 1 and in your own Array Status page note that only one host has a service address the Service Addr column and when all hosts are up only one host has a non zero preferred address A preferred address of 0 0 0 0 indicates a host s role as a hot spare DNS Zone The subdomain formed by the array T
114. nter or accept the values for the following properties Service Address Timeout sec A Netra Proxy Cache array maintains a proxy cache service at a given service address in the event of host failure s However if the original owner of a service address has not reclaimed its address after some extended period 604800 seconds or 7 days by default the Netra Proxy Cache software assumes that the proxy cache 60 Netra Proxy Cache Array User s Manual e Revision A March 1998 service will no longer be offered at that address and removes the address from the list of service addresses in the Netra Proxy Cache array The default value cited above is probably appropriate for most installations Control Port The port number the array software uses for multicast messages associated with the proxy cache service The software uses the combination of the multicast address mentioned above and a port number for listening for multicast messages By default the software uses a port number of 1860 which has been registered with the IANA for use with the Netra Proxy Cache product You can select port numbers other than 1860 from the pulldown menu However only 1860 has been registered with the IANA Service Address Begin and Service Address End optional The array software enables you to specify a range of service addresses that are disabled at startup Service addresses are then assigned to hosts through normal array activity By disabling addre
115. od during which a service address continues to be served Timing out of a service address enables the deinstallation of hosts and service addresses serviceControlinterval Interval between the detection of a condition and the decision to act upon that condition serviceTransmitInterval Interval between transmission of heartbeat messages Should be smaller than serviceHostTimeout below and serviceControlTnterval serviceArpInterval ARP interval Interval between initiating ARP broadcasts to update service group members tables serviceHost Timeout Host timeout A period of inactivity beyond which a host is considered unavailable serviceTestObjects Comma separated list of test objects serviceLoadObjects Comma separated list of load objects serviceDnsUpdateInterval Minimum time between DNS zone modifications done for load balancing Netra Proxy Cache Array MIBs and Traps 127 TABLE 16 2 Array MIB Definitions continued Group or Table Attribute Name Description serviceDnsMaxUtilization Load based on which the array daemon removes a host from a service group from a DNS zone and returns a host to the zone when the host s load decreases The daemon computes high and low thresholds based on the number specified in this variable serviceDnsUtilizationDelta Value added and subtracted to serviceDnsMaxUtilization to determine high and low water marks for a service host serviceDnsUtilizationScale Scaling factor for computi
116. of errors that occur when you perform an Install Configuration operation as described in the Netra Proxy Cache Array Configuration Guide Administration Client Error log A log of errors that occur when the cgi bin programs run from the administration web pages This log can be useful when you encounter an unexpected and inexplicable failure when interacting with the web pages Administration Server log A log of the daemon that maintains the configuration database that is typically propagated to the hosts in an array Administration Server Error and Exception log Records the stdout and stderr of the daemon referred to in the preceding item Of use primarily to trained technical personnel In the list above for the proxy cache service note that server and access logging is enabled and that hierarchy and store logging is disabled To enable hierarchy and store logging you must edit the file proxycache conf stored in etc opt SUNWoam config proxy In this file if you want to enable for example both types of logging you must uncomment the lines for cache_hierarchy_log and cache_store_log In these lines replace the word none with the location of the proxy cache service log files The edited lines display as follows cache_store_log var opt SUNWcache cachelogs store log cache_hierarchy_log var opt SUNWcache cachelogs hierarchy log Following any changes to proxycache conf you must use the Install Configuration link described i
117. og Administration Page 1 In the Proxy Cache Administration page click Log Files The page shown in Figure 17 1 is displayed 131 t Proc Cache Prox Coche Lag Adimdulstvotlan a Mire She Poser Cache ders log 4 VAT y oer wer arhe ares T ae E Sea Pty Sadie Hinai los a Mire x Shee Poser Cache Ecos log ayira T 19T i artin ced thor ire r3 m1 ee EL mg Shee Aliri iever e 4 vi DS At mAr aver ier wmd ber oa rE Oo Figure 17 1 Proxy Cache Log Administration Page For each type of log file listed in Figure 17 1 you can view or clear the log file If you choose to clear a log file you are prompted to confirm the operation Click OK to confirm Note Clearing a log file truncates the log file The log file types are described as follows Proxy Cache Server log Lists status messages related to the activity of the proxy cache service By default this log is turned on Proxy Cache Access log Lists records of all client accesses to the Netra Proxy Cache Server By default this log is turned on Proxy Cache Hierarchy log Contains information about which parent or sibling satisfied each request By default this log is turned off Proxy Cache Store log A log of items stored in and removed from the cache with type protocol size and timestamp By default this log is turned off Configuration Installation Error log 132 Netra Proxy Cache Array User s Manual e Revision A March 1998 A log
118. on graphique cette licence couvrant aussi les licenci s de Sun qui mettent en place les utilisateurs d interfaces graphiques OPEN LOOK et qui en outre se conforment aux licences crites de Sun CETTE PUBLICATION EST FOURNIE EN L ETAT SANS GARANTIE D AUCUNE SORTE NI EXPRESSE NI IMPLICITE Y COMPRIS ET SANS QUE CETTE LISTE NE SOIT LIMITATIVE DES GARANTIES CONCERNANT LA VALEUR MARCHANDE L APTITUDE DES PRODUITS A REPONDRE A UNE UTILISATION PARTICULIERE OU LE FAIT QU ILS NE SOIENT PAS CONTREFAISANTS DE PRODUITS DE TIERS A m Y A BS Adobe PostScript Please Recycle Contents Preface xii Overview 1 Netra Proxy Cache Server Features 1 Features 2 Hierarchies 3 Netra Proxy Cache Array Features 6 Array Features 6 What Array Features Mean to You 7 Technical Details 8 The Role of DNS 10 Monitoring and Managing 11 Understanding the Netra Administration GUI 13 Netra Administration Modules 13 Types of Pages 14 Types of Icons 19 Accessing the Netra Administration GUI 20 v To Access the Netra Administration GUI 20 Loading the Proxy Cache Administration Page 23 Loading the Proxy Cache Administration Page 24 Contents iv v To Load the Proxy Cache Administration Page 24 Starting the Proxy Cache Administration Server 26 v To Start the Proxy Cache Administration Server 26 4 Advanced Proxy Cache Configuration 27 Viewing and Modifying Advanced Proxy Cache Configuration Properties 27 w To View or Modify Advanced Proxy Cache Configurat
119. on page click the link for the category in which a property resides 2 In the page for that category view or make changes to the value of a property Most properties have editable fields A few have toggles either one value or another or pulldown menus 3 At the bottom of the category page click OK A page is displayed indicating the success or failure of your change If a change fails the page is redisplayed with the error indicated Correct the error and click 28 Netra Proxy Cache Array User s Manual e Revision A March 1998 OK again With some errors a new page containing an error message is displayed If this occurs click the Back button on your browser to return to the category page If you click Reset the values for the properties on a page revert to what they were when you first loaded the page 4 After a successful change click the up arrow icon to return to the Advanced Proxy Cache Configuration page Alternatively you can click the home icon to return to the Netra Main Administration page 5 If you make any changes to advanced proxy cache properties you must use the Install Configuration function to install the changes on all machines in the array You access this function by clicking the Install Configuration link in the Proxy Cache Administration page See the Netra Proxy Cache Array Configuration Guide for instructions on the use of the Install Configuration function The remainder of this chapter
120. ond a firewall The following three properties relate to the relaying of WAIS URLs Wais Relay Host Enter the host name of the proxy server to which WAIS URLs will be relayed Wais Relay Port Enter the port number on the above named host name to which WAIS URLs are to be relayed Max Relay Object Size MB Enter the maximum size in MB of a WAIS object that can be received from the Wais Relay Host The Netra Proxy Cache Server does not relay WAIS objects that exceed this limit Local Domains Inside the Firewall When you load the Proxy Cascade page the Local Domains Inside the Firewall contains the domains you entered for the Domains Inside Firewall field when you last performed basic proxy cache configuration as described in the Netra Proxy Cache Array Configuration Guide The Netra Proxy Cache Server retrieves URLs containing the domains you specify here directly from the source and not from a parent or sibling These domains should be the same as or a subset of the domains you specify for Domains Inside Firewall see description above Specify here domains to which you have good network connectivity and from which users request relatively small objects For a given domain consider whether going to a sibling cache to retrieve an object offers a large Advanced Proxy Cache Configuration 37 advantage over going directly to the source If it does not you might want to list the domain here Local IP Addresses Inside the Firewa
121. or Memory Removing of the least recently used objects in memory begins when the high water mark is reached and ends when enough objects are removed so that the low water mark see following property is reached Note that objects removed from memory remain on disk Enter a percentage The default is 90 Low water mark for Memory See the description of the high water mark above Enter a percentage The default is 75 High water mark for Disk Cache Replacement of the least recently used objects in the disk cache begins when the high water mark is reached and ends when enough objects are removed so that the low water mark see following property is reached Enter a percentage The default is 90 Low water mark for Disk Cache See the description of the high water mark above Enter a percentage The default is 75 Garbage Collection GC Rate min Specifies how often in minutes the Netra Proxy Cache Server runs a full garbage collection Garbage collection involves checking the expiration time of every object in the cache In the course of normal operation the Netra Proxy Cache Server removes expired objects so that explicit garbage collection is not necessary This feature can be of use if you have a frequent need to reclaim disk space Note that the server does not process client requests during garbage collection Enter a number of minutes if you want to use this feature or leave the field blank to disable gar
122. oxy cache process all hosts in array opt SUNWcache sbin proxycache P var opt SUNWcache proxycache pid Solstice DMI to SNMP translator all hosts in array usr 1ib dmi snmpXdmid s lt host name gt Array software daemon all hosts in array opt SUNWscalr lib scalrd f etc opt SUNWscalr scalrd conf p var opt SUNWscalr SNMP master agent all hosts in array usr lib snmp snmpdx y c etc snmp conf 146 Netra Proxy Cache Array User s Manual e Revision A March 1998 Netra Proxy Cache Man Pages The Netra Proxy Cache Array and Server products have man pages available To access these pages add the paths shown below to your MANPATH For Netra Proxy Cache Server opt SUNWcache man opt SUNWoam man For Netra Proxy Cache Array add the preceding paths plus opt SUNWscalr man To add to your MANPATH add lines such as those shown below to your shell startup file For a C shell in your HOME cshrc file enter setenv MANPATH MANPATH opt SUNWscalr man opt SUNWcache man opt SUNWoam man For a Bourne or Korn shell in your HOME profile file enter MANPATH MANPATH opt SUNWscalr man opt SUNWcache man opt SUNWoam man export MANPATH Running the Netra Proxy Cache Array in an NIS only Environment Load Distribution in an NIS only Environment Load distribution in a Netra Proxy Cache Array is optimum in an environment where resolution of the name of proxy cache service provided b
123. parents has a requested object the child proxy always forwards the request to the default parent In addition to supporting hierarchies of parent proxies the Netra Proxy Cache Server supports sibling proxies The sibling scenario is illustrated in Figure 1 3 Browser points to proxy A Frosy Bis parentto Provies B Cand Dare siblings Frosy Eis parentto E Client i Browser Heta Frosy Cache Netra Prowy Cache Metra Frosy Cache Array HTTP Fagues ta Aas panes Frew all Figure 1 3 Sibling Proxies Referring to Figure 1 3 assume a client browser requests an object that is at the moment not in Netra Proxy Cache Server A s cache The following sequence ensues 1 Machine A checks with its parent machine B Machine A has no awareness of machines C and D 2 Likewise B does not have the object in its cache Using ICP over UDP machine B checks its siblings machines C and D If either of those machines has the object it returns the object to machine B which returns it to machine A Overview 5 If none of B C and D have the object the request is forwarded to B s parent machine E It is important to note that queries among siblings are over the relatively lightweight ICP exchanges while communication among parents and transfer of web objects occurs over the relatively more resource intensive TCP connections As indicated in Figure 1 3 the siblings B C and D form a Netra Proxy
124. produite sous aucune forme par quelque moyen que ce soit sans l autorisation pr alable et crite de Sun et de ses bailleurs de licence s il y en a Des parties de ce produit pourront tre deriv es du syst me UNIX licenci par Novell Inc et du syst me Berkeley 4 3 BSD licenci par l Universit de Californie UNIX est une marque enregistr e aux Etats Unis et dans d autres pays et licenci e exclusivement par X Open Company Ltd Le logiciel d tenu par des tiers et qui comprend la technologie relative aux polices de caract res est prot g par un copyright et licenci par des fournisseurs de Sun Sun Sun Microsystems le logo Sun et Solaris sont des marques d pos es ou enregistr es de Sun Microsystems Inc aux Etats Unis et dans d autres pays Toutes les marques SPARC utilis es sous licence sont des marques d pos es ou enregistr es de SPARC International Inc aux Etats Unis et dans d autres pays Les produits portant les marques SPARC sont bas s sur une architecture d velopp e par Sun Microsystems Inc TM Les utilisateurs d interfaces graphiques OPEN LOOK et Sun ont t d velopp s de Sun Microsystems Inc pour ses utilisateurs et licenci s Sun reconnait les efforts de pionniers de Xerox Corporation pour la recherche et le d veloppement du concept des interfaces d utilisation visuelle ou graphique pour l industrie de l informatique Sun d tient une licence non exclusive de Xerox sur l interface d utilisati
125. ps Among Objects 159 System Recovery 163 Solaris and Netra Proxy Cache Restoration 163 Contents x xi v To Restore the Solaris Operating Environment and Netra Proxy Cache Packages 164 w To Restore the Netra Proxy Cache Configuration Properties 165 B Advanced Proxy Cache Configuration Examples 167 Domains Inside Firewall and Local Domains Inside the Firewall 167 Limiting Access to the Server 169 Limiting by Source Address 169 Limiting by Time 170 Limiting by Domain in Request 170 Redirecting Requests 171 C Security Issues 173 Update Daemon 173 Glossary 175 Index 181 Netra Proxy Cache Array User s Manual e Revision A March 1998 Preface The Netra Proxy Cache Array User s Manual tells you how to perform system administration tasks for a Netra Proxy Cache Array Most of the manual describes the use of the Netra administration pages to perform these tasks This document is written for an experienced system administrator with a knowledge of the Solaris operating environment and network administration How This Book Is Organized Chapter 1 introduces you to the Netra Proxy Cache product with examples of its use Chapter 2 explains how to navigate the Netra Administration web pages Chapter 3 explains how to load the page that gives you access to the proxy cache and array functions of the Netra Proxy Cache Server or Array Chapter 4 describes the advanced proxy cache configuration properties accessib
126. r previous conditions The user input elements in a form are described in Table 2 1 14 Netra Proxy Cache Array User s Manual e Revision A March 1998 TABLE 2 1 User Input Elements Element Text Box Text Area Radio Buttons Check Box Pop up Menu Scrolling List Description Accepts one line of text input Accepts multiple lines of text input A group of one or more buttons only one of which can be chosen Click on a radio button to choose it This de selects any other chosen radio button in its group The only way to de select a radio button is to choose another one Selects an option Click on the button to change its state A list of options displayed in a menu Only one option can be chosen The chosen item is shown Click and hold on the menu to display the list of options Release over a new option to choose it A list of options displayed in a window Click on an option to choose it Scrolling lists permit multiple selections Figure 2 2 shows a form for the Host Access module al nee Filzi woli herz ow 2 hwrdd te ogei tot adil stret wob gover abys iae lies wa bea aal prh 660 Figure 2 2 Task Page Form Understanding the Netra Administration GUI 15 Special forms are based on regular forms There are two types of special forms an error form and a verify form m An error form or error page does not change the system state It displays an Error icon and enables the user to correct
127. ringing up this page Modifying Your Configuration Use of the basic links in the Proxy Cache Administration page to modify your Netra Proxy Cache Server or Array configuration is the same as it is for first time configuration and is described in the Netra Proxy Cache Array Configuration Guide and the Netra Proxy Cache Server Configuration Guide Advanced configuration is described in Chapter 4 for the proxy cache service and Chapter 5 for array properties When making changes to proxy cache service or array properties the significant points to keep in mind are 105 a For a server if you make any changes to the proxy cache service properties you must install those changes before they take effect m For an array if you make any changes to the proxy cache service or array properties you must install those changes on all hosts in the array including the administrative host m If you make any changes to an array member configuration you must install the changes on the modified host You install changes using the Install Configuration link in the Proxy Cache Administration page Backing Up Your Configuration You can backup your server or array configuration by using the Save Restore link in the Netra Main Administration page See Chapter 3 of the Netra Proxy Cache Array Configuration Guide or Netra Proxy Cache Server Configuration Guide for a detailed procedure Restoring Your Configuration Assuming you have backed
128. ritrstrfAcs_ test lindependentofmonitor object Figure 19 2 Relationships Among Objects The significance of the relationships illustrated in Figure 19 2 is as follows m For test objects a failure of a lowest level object indicated by a not OK status in the Host Status page causes the parent object cache_test and dns_test both of type AndTest to fail The failure of such a parent object in turn causes the monitor object return failure status This failure is also reflected in the Host Status page When a service on a host fails the monitor object removes the service address associated with that service from the array s DNS zone and moves the service address to the least loaded host in the array a For load objects the lowest level object cpu_load returns its load and capacity figures to its parent cache_adjust_load of type AdjustLoad Using our example the cache_adjust_load object performs any adjustments required and returns final load and capacity figures to the monitor object cache_monitor The monitor object compares figures obtained from cache_adjust_load to high and low water marks that it maintains for the service and takes action if one 160 Netra Proxy Cache Array User s Manual e Revision A March 1998 of these thresholds is crossed If a monitor object determines that a service is overloaded it removes its service address from the array s DNS zone If the monitor object determines that a formerly overloaded
129. rom a remote web server or its local cache to machine B 4 Machine B returns the object to machine A 5 Machine A then returns the object to the requesting client If the object is cacheable each proxy stores a copy upon receipt Note that communication between parent proxies is over TCP connections Netra Proxy Cache software also supports a variation of the preceding scenario This variation is illustrated in Figure 1 2 Browser points to prosy A Frosy E ano oop Care parents to Proxy Dis parent to Band C Client Metra BiDWeEli Proxy Cache Serer Hetra TATATATA At ce Proxy Cache a Ser er Proxy Cache E additional Netra parent Proxy Cache Frew all Sener HTTP Requests Respons Server Figure 1 2 Multiple Parent Proxies Referring to Figure 1 2 if a client requests an object of its proxy server machine A that is not in A s cache machine A relays the request to its two parents machines B and C If one of the parents has the object it returns the object to A If neither has Netra Proxy Cache Array User s Manual e Revision A March 1998 the object machine A forwards the request to the parent that responds faster assuming that machine to be less loaded and or have a better network connection If you configure multiple parents the Netra Proxy Cache software allows you to give greater weight to one or the other or set up one as the default When no parent of multiple
130. rompt see Step 1 on page 137 to exit format For each disk in the MultiPack enclosure enter a newfs command of the following form newfs dev rdsk cOt lt num gt d0s0 26 where lt num gt is in succession 9 10 11 12 13 and 14 Each instance of the newfs command takes a few minutes Edit etc vfstab to add the new partitions Adding a SCSI Disk 139 The original vfstab contains cat etc vfstab orig device device mount FS fsck mount mount to mount to fsck point type pass at boot options dev dsk c1d0s2 dev rdsk cld0s2 usr ufs 1 yes fd dev fd fd no proc proc proc no dev dsk c0t0d0s1 swap no dev dsk c0t1d0s1 swap no dev dsk c0t0d0s0 dev rdsk c0t0d0s0 ufs 1 no dev dsk c0t1d0s0 dev rdsk c0t1d0s0 var ufs 1 no dev dsk c0t0d0s6 dev rdsk c0t0 0s6 var opt SUNWcache cachel this line continued from previous line ufs 2 yes dev dsk c0t1d0s6 dev rdsk c0t1 0s6 var opt SUNWcache cache2 this line continued from previous line ufs 2 yes swap tmp tmpfs yes Using the disks in our example MultiPack enclosure add lines such as the following to vfstab The following disks were added to extend the cache dev dsk c0t9d0s0 dev rdsk c0t9d0s0 var opt SUNWcache cache3 this line continued from previous line ufs 2 yes dev dsk c0t10d0s0 dev rdsk c0t10d0s0 var opt SUNWcache cache4 this line continued from previous line ufs 2 yes
131. rvice interface service network A script invoked in response to a release message A release script releases the resources associated with a service For successful execution a monitor object needs to supply to a release script the service address being released and the name of the interface associated with that service One of four address states of a service address Releasing is an intermediate state between unserved and online A service group leader acts on service address in only the unserved and online states The releasing state allows a service to perform cleanup tasks because the service is releasing and not yet unserved the leader will not reassign the initializing service s address to another host before cleanup is complete The address at which a service group provides a network service to clients A set of service addresses is the essential entity managed by the monitor objects in a service group A set of hosts that collectively provide a network service to clients Members of a service group run an array daemon that multicasts heartbeat messages If a service or host in the group fails the address associated with that service host is transferred to another member of the group The DNS name space containing all hostname to IP address mappings in a service group The monitor object can modify the contents of a DNS zone depending on the vitality of the service group members The entity within a service group that
132. s 118 Netra Proxy Cache Array User s Manual e Revision A March 1998 Under the Delta since reset counter heading URLs sec The rate at which URL requests are being fielded by the Netra Proxy Cache Server since the reset counter was last set to zero Hits sec The rate at which the Netra Proxy Cache Server was able to find requested objects in a local cache since the reset counter was last set to zero Hits The number of hits divided by the number of URLs accessed since the reset counter was last set to zero The row Totals for all Array Members gives the same types of statistics as described above for all array members This row gives you a picture of the proxy cache performance of the entire array Proxy Cache Monitoring for Host A Proxy Cache Monitoring for host page presents proxy cache statistics for a given host within the array v To Load the Proxy Cache Monitoring for Host Page 1 In the Proxy Cache Array Monitoring page see Figure 15 3 click on the host name of the host whose statistics you want to check Note In the current release for a host name link to work the host name must be resolveable by the name service s configured on the server After clicking a host name a page such as that shown in Figure 15 4 is displayed Monitoring a Netra Proxy Cache Array and Proxy Cache Service 119 if L rr Paay Vac Mauoadwe doy Hea hosH T Mov IR AAS aT oT mm ode LL Hothan Tra ral sine s
133. s A leader sends an acquire message when a member first joins the service group when the new member first obtains its service address A leader also sends an acquire message when a member host service fails and the leader needs to reassign an orphaned service address Script that is executed upon the acquisition of a service address invoked in response to an acquire message For successful execution a monitor object needs to supply to an acquire script the service address being acquired and the name of the interface associated with that service One of four address states of a service address Acquiring is an intermediate state between unserved and online A service group leader acts on service address in only the unserved and online states The acquiring state allows a service to perform initialization tasks because the service is acquiring and not unserved the leader will not reassign the initializing service s address to another host A service address can be in one of four states unserved acquiring online and releasing A service group leader acts on service address in only the unserved and online states Acquiring and releasing are intermediate states between unserved and online Glossary 175 cache control address control interface control message control network failover hit HTTPS information message A store of information used for repeated fast access With respect to web pages a cache is a repos
134. s used by the Netra Proxy Cache Server if the percentage method is not used lt percentage gt is the percentage of the duration between an object s last modified timestamp and the current time lt maximum TTL gt is the upper limit in minutes on the TTL The proxy cache uses the percentage method of determining the TTL if a matched object has a last modified timestamp If an object does not have such a timestamp the absolute TTL is used instead You can specify a negative value for lt absolute TTL gt thereby forcing the percentage method to be used If a matched object then does not have the required timestamp the TTL is set from a value set under Cache Policy see Step 1 on page 28 under Cache Policy on page 38 If neither the absolute TTL nor percentage methods result in a TTL for a matched object the TTL is determined from the values set in the Cache Policy properties The Netra Proxy Cache Server checks all patterns in the list and uses the last match An example of a TTL selection entry http 1440 20 43200 42 Netra Proxy Cache Array User s Manual e Revision A March 1998 The preceding example matches URLs that start with http If a URL contains a last modified timestamp the TTL for that URL is set to 20 of the difference between the timestamp and the current time If the URL does not have such a timestamp the TTL is set to 1440 minutes In any event the URL will not stay in the cache longer than 432
135. server If the Netra server is used by normal users always try to notify them in advance if the system is to be shut down or restarted All users that are logged in when the process is initiated receive messages on their terminals informing them that the system is about to be shutdown If it is known that users are currently logged in on the server it is best to specify a reasonable delay to give them time to close applications and log out v To Restart or Shut Down the System 1 Choose System Administration Restart and Shutdown The Restart and Shutdown Administration page is displayed 2 Type the information in the form using Table 13 3 98 Netra Proxy Cache Array User s Manual e Revision A March 1998 TABLE 13 3 Shutdown Information Operation Shutdown shuts down the Netra server Shutdown and Power off shuts down and powers off the Netra server Restart shuts down and then starts up the Netra server Choice Shutdown Shutdown and Power off or Restart Check for new devices If Yes is chosen the operating system regenerates the during restart list of devices attached to the Netra server upon start up Select yes if adding or removing a tape drive CD ROM drive external hard disk or network interface hardware to the server Choice Yes or No Delay in minutes The time in minutes after which the Netra server shuts down or restarts Users who are logged on receive broadcast messages during the countdown that the s
136. ss Control deny nights weekends allow worktime Note that A is the abbreviation for Saturday and S for Sunday Limiting by Domain in Request The following are example access lists Under Access List Definition poets domain poetry rhyme sports domain espn cnnsi cooks domain culinary gourmet 170 Netra Proxy Cache Array User s Manual e Revision A March 1998 The preceding access lists might be used as follows Under Client Access Control deny poets sports cooks You might want to allow users access to the cache for non work hours web access The following example uses time based access lists defined in the preceding subsection Under Client Access Control deny worktime poets sports cooks allow nights weekends poets sports cooks Redirecting Requests The following are example access lists Under Access List Definition politics domain rightwing leftwing pop_culture domain disney twarner The preceding access lists might be used as follows Under URL Redirection politics HOST www vatican net PATH index html pop_culture HOST lcweb loc gov PATH homepage lchp html The effect of the preceding lines is that URL requests that match the politics filter are redirected to http www vatican net index html Requests that match pop_culture are redirected to http lcweb loc gov homepage 1chp html Advanced Proxy Cache Configuration Examples 171 172 Netra Proxy Cache Array User s Manual e Revision A Marc
137. sses at startup the Netra Proxy Cache Array starts with a clean slate and prevents the possibility of an incorrect address assignment that might linger following abnormal termination of one or more hosts in the array Use of this feature requires that your service addresses are in a consecutive range for example 129 144 102 1 129 144 102 2 and 129 144 102 3 DNS v To View or Modify Advanced Array Configuration Properties DNS Category 1 Scroll down the Advanced Array Configuration page so that the DNS properties come into view as shown in Figure 5 2 Advanced Array Configuration 61 air h l a lt 7 aA dh 2 tes Lag Hw j E Arrey UME Se ned Frol 17705 Arey TY rsy 3181147 eae ail lH Ok 3 G G2 Figure 5 2 Advanced Array Configuration Page DNS Properties 2 Under the DNS heading enter or accept values for the following properties Array DNS Host Name The host in the array that will act as DNS server for the subdomain formed by the array The choice of which machine is arbitrary It is strongly recommended that you use your administrative host as DNS primary host For the DNS all of the other hosts in the array act as hot spares for the machine you specify here Array DNS Service Address The service address of the DNS on the DNS primary host This address must have the same subnet number as a host s IP address that is the address associated with a machine s hostname and its proxy cache service
138. st and Load Objects Test and load objects are pieces of software that run in the context of the Netra Proxy Cache array daemon communicating the health of a service host instantiation to the monitor object cache_monitor or dns_monitor in that daemon The monitor object is responsible for monitoring a service on a given array host The format of the values returned by test and load objects are m From a test object a monitor object expects a boolean value indicating for example whether an interface is up or whether a service is available m From a load object a monitor object expects two integers one for current load the other for current capacity The return values for test and load objects can be applied to a wide variety of resources For example a memory intensive service might call for a load object to measure the availability of swap space In the current release of the Netra Proxy Cache product all array members have the same set of test and load objects These objects are selected for their appropriateness for a proxy cache service and an array DNS The array daemon configuration file scalrd conf contains parameter settings for each test and load object The file scalrd conf is stored in etc opt SUNWscalr If you have a serial connection to an array host you can use the scalrcontrol 1 utility stored in opt SUNWscalr bin to obtain the output from the test and load objects There is a man page for each test obj
139. t service failure is detected The result of these steps is that the service address associated with one host service instantiation is moved to a different host The finding of a requested URL in a cache obviating the need to request the object from a parent or an origin web server A hit is distinguished from a miss An advanced form of SSL tunneling supported by popular web browsers A message multicast at a regular interval over a service group s control network Each member of a service group multicasts an information message and listens for information messages sent by Glossary 176 Netra Proxy Cache Array User s Manual e Revision A March 1998 Inter Cache Protocol ICP leader load object miss monitor object neighbor online orphaned service address other members An information message is in itself a heartbeat and in addition communicates the load and capacity of host service instantiations and the address states of service addresses in the group A lightweight protocol used by a proxy cache server to inquire of its siblings and ICP capable parents as to whether they have a web object The ICP contains a metric response time that enables a requestor to choose among multiple caches See service group leader A script or program that measures the load and capacity of a host resource A load object returns two integers indicating current load and current capacity A load object can be shared by mult
140. tance MIB attributes are categorized by groups and tables 123 Netra Proxy Cache Software MIB Definitions Table 16 1 lists the groups and tables in the inpgcache mib file TABLE 16 1 Netra Proxy Cache Software MIB Definitions Group or Table Attribute Name Description proxyConfGroup proxyDescriptidsOxy server description proxyLocation Full pathname of server software proxyPort Port number on which the server is listening proxyMethods Methods supported by the server GET PUT POST and others proxyProtocol HTTP version number proxyVersion Server software version number proxyContact Contact person for server proxyHang Server response status 1 response received 0 no response proxyCacheGroup cacheMemEnt ry Number of entries in main memory cacheSwapEnt ry Number of entries on disk proxyClientStatGroup current Connect Naber of current client established connections 124 Netra Proxy Cache Array User s Manual e Revision A March 1998 TABLE 16 1 Netra Proxy Cache Software MIB Definitions continued Group or Table Attribute Name Description idleConnectionNumber of current client idle connections current SSLConndwembes of current client established SSL connections tota1lSSLConneciNgmber of total cumulative client SSL connections keepaliveUsea Number of used keep alives protoTable protoName Protocol name protoObjCount Object count protoSpaceUsagepace usage KB protoAccess Total n
141. temporarily without interrupting service to your user community m With minimal software configuration or by copying an existing configuration you can add a machine to an array Again this occurs without any disruption of service m The collection of proxy cache service instances automatically communicate via the Inter Cache Protocol which means that the cache of web objects is extended over all the machines in the array m User response is enhanced because of high availability and the extended cache provided by the array Overview 7 Technical Details The array software consists of a daemon and software objects that run on each of the machines in a Netra Proxy Cache array On a periodic basis the array software monitors the health reachability load presence of server processes of the hardware resources and proxy cache service on each machine The array software multicasts these individual host snapshots over an isolated network called a control network to which each member of the Netra Proxy Cache array is connected Netra Proxy Cache Servers are equipped with a second network interface to enable connection to a control network This second interface is referred to as the control interface Note The Internet Assigned Numbers Authority IANA has designated a multicast address 224 0 1 62 for use with Netra Proxy Cache Array software The result of the multicasts over the control network is that all hosts in the array are k
142. the error and re type information in the form Errors are marked on the form alongside the relevant field Figure 2 3 shows an error form for the Host Access module t t 7 Host Success Sun strat or re 3 rE Bee Proxy Cache 1 p Vou hove made 4n error EprrErr the Inkerman awd chags2 OK Eelam m CC KR A122 tem me Dorr Roe arc eth meee ZZT C EEE 4 my ld e rieg 12d 44a Figure 2 3 Error Form Note If the information typed into a form produces an error the system state is not changed The form is redisplayed with the erroneous data The data must be corrected m A verify form is used only to confirm a previous choice Figure 2 4 shows a verify form for the deleting an array member from a Netra Proxy Cache Array 16 Netra Proxy Cache Array User s Manual e Revision A March 1998 Proxy Cache Delen hosti IF ssia isr il dalal tha x3 y Tar Mia atey or berip is 1Lli8 synliga shiv Hal bae i IF ths ewt izr nting th s iperstisn t I Sud sF ak kis boc deet bil intitue si 29172 the p ae santt ieden a Moereb r ddr At ama pa nt pan 4551 Ta eae 4 TFR 32211 ea Re gan 73 3F F13 nA PAn hasn sa ee 4 ba 247221 PR A tlm os hise dein afle d gt letl n o ws bosti For crrae reomecers hl a Figure 2 4 Verify Form Help Page The Netra Administration GUI also provides help pages that contain information which may assist filling out a form By clicking on a help icon the
143. ties 2 Under the Access Control heading enter or accept values for the properties listed below Enter access control definitions one to a line To edit an entry click the entry in the table then make any changes you want Access List Definition Netra Proxy Cache Array User s Manual e Revision A March 1998 Access lists enable you to control access to the functions of the Netra Proxy Cache Server based on characteristics of a request To create an access list you create a name an arbitrary string specify the type of access list types are described below and specify an argument that is used to match against the request After creating an access list you can specify that list for the following properties m Client Access Control m Access to Cache via ICP m ACLs for Cache Host m URL Redirection These properties are described below Access list definitions have the following form lt name gt lt type gt lt argument gt Access list types are as follows m src Matches on the source address in a request It takes an argument of the form lt ip address gt lt netmask gt You can specify multiple pairings of IP address and netmask m domainMatches on the domain specified in a URL It takes an argument of the form lt domain name gt You can specify multiple domain names m timeMatches on a time period specified in a URL It takes an argument of the form lt day of the week gt lt start time gt lt end ti
144. til such time as it is reassigned to its preferred host or the expiration of the service timeout whichever occurs first Glossary 177 parent persistent connections preferred host of a service address preferred service address quiesced host release message An proxy cache server that is responsible for returning a requested object if a child server cannot retrieve the object from its own cache The parent attempts to locate the requested object in its own cache If it cannot it requests the object from its parents and siblings or in the absence of parents and siblings from the origin web server A parent might be ICP capable in which case it receives ICP queries for objects along with a proxy cache server s siblings A feature of HTTP 1 1 as implemented by popular web browsers wherein multiple different HTTP requests can be carried on the same TCP connection Sometimes referred to as HTTP keepalive The host that is originally assigned a service group address This becomes the host s preferred service address In response to host and service failures a service address might get moved from its preferred host However whenever conditions permit array activities return a service address to its preferred host The service address associated with a service on a host when that host becomes a member of a service group If there is a host or service failure on the host that owns a preferred service address t
145. tra server Note If the time zone or locale is changed restart the Netra server so that the new information takes effect v To Set System Defaults 1 Choose System Administration System Defaults The System Defaults page is displayed with the current time zone and locale 102 Netra Proxy Cache Array User s Manual e Revision A March 1998 There are lists from which time zone and locale are chosen The current time zone and locale are highlighted 2 Modify the information in the form using Table 13 6 TABLE 13 6 Timezone Information Default System The default time zone used by the Netra server Time Zone Default System The default locale used by the Netra server Locale Netra System Administration 103 104 Netra Proxy Cache Array User s Manual e Revision A March 1998 CHAPTER 1 4 Performing Administrative Tasks for the Proxy Cache Service and Array m Modifying Your Configuration on page 105 a Backing Up Your Configuration on page 106 m Restoring Your Configuration on page 106 m Adding and Removing Hosts on page 107 m Moving an Array on page 108 This chapter describes additional configuration procedures not described in the Netra Proxy Cache Array Configuration Guide or the Netra Proxy Cache Server Configuration Guide The starting point for most performing most proxy cache and array related tasks is the Proxy Cache Administration page See Chapter 3 for instructions on b
146. tware provides scalability by implementing a protocol that responds dynamically to changes in array membership At a frequent and regular interval the array daemon multicasts information messages over the control network These information messages are at once a heartbeat and a means of conveying health information about each host When a host is removed for example if a machine is receiving a software upgrade within milliseconds the array detects the machine s absence and removes the machine s service address es from availability Similarly if a machine is added to the array nearly immediately the array detects the new host and makes its service address available for incoming client requests Load Balancing The array software provides load balancing through a modified DNS round robin The Netra Proxy Cache array forms its own DNS zone that consists of the service addresses associated with the proxy cache service This zone is identified by its own domain name When a host fails or becomes overloaded the array software removes the host from the array s DNS round robin so that the down host receives no new client requests This process is discussed in greater detail in The Role of DNS on page 10 What Array Features Mean to You Some of the practical benefits of a Netra Proxy Cache Array are as follows m With no software configuration you can halt a machine and remove it from the array either permanently or
147. u must scroll down the web page to view the remaining Cache Policy parameters HTTP Policy Time To Live min Advanced Proxy Cache Configuration 39 The limit on the length of time an HTTP object can remain in the cache The default is 720 minutes 12 hours Max Object Size MB The limit on the size of an HTTP object for caching The Netra Proxy Cache Server proxies for but does not cache HTTP objects that exceed this limit The default is four MB Do not Cache URLs Containing The Netra Proxy Cache Server does not cache HTTP URLs containing strings you add to this list The defaults are cgi bin htbin WWW bin Gopher Policy Time To Live The limit on the length of time a Gopher object can remain in the cache The default 4320 minutes is three days Max Object Size The limit on the size of a Gopher object for caching The Netra Proxy Cache Server proxies for but does not cache Gopher objects that exceed this limit The default is four MB Do not Cache URLs Containing The Netra Proxy Cache Server does not cache Gopher URLs containing strings you add to this list The default is question mark Scroll down to view the remaining properties in the Cache Policy page as shown in Figure 4 6 40 Netra Proxy Cache Array User s Manual e Revision A March 1998 TC FTT Miliy Tim Tr liv fe Hae Ojos te Oo B l Tand Cart SRDS Te in o LIBEL Faiy ng TT dadie Saal n PP Ud
148. u type when contrasted with on screen computer output Book titles new words or terms words to be emphasized Command line variable replace with a real name or value Shell Prompts TABLE P 2 Shell Prompts Shell C shell C shell superuser Bourne shell and Korn shell Bourne shell and Korn shell superuser Examples Edit your login file Use 1s a to list all files You have mail su Password Read Chapter 6 in the User s Guide These are called class options You must be root to do this To delete a file type rm filename Prompt machine_names machine_name xiv TABLE P 2 Shell Prompts continued Related Books This manual the Netra Proxy Cache Array User s Manual is a companion to the Netra Proxy Cache Array Configuration Guide and to the hardware documentation that accompanies your Netra Proxy Cache Server Ordering Sun Documents The SunDocsSM program provides more than 250 manuals from Sun Microsystems Inc If you live in the United States Canada Europe or Japan you can purchase documentation sets or individual manuals using this program For a list of documents and how to order them see the catalog section of the SunExpress Internet site at http www sun com sunexpress Accessing Sun Documentation Online The docs sun com Web site enables you to access Sun technical documentation online You can browse the docs sun com archive or search for a specific book title
149. umber of accesses hits misses protoHits Number of cache hits protoHitRatio Hit percentage hits total access Netra Proxy Cache Array MIBs and Traps 125 Array MIB Definitions Table 16 2 lists the groups and tables in the scalrd mib file TABLE 16 2 Array MIB Definitions Group or Table Attribute Name Description a EOREY Revision number of daemon software infoDebug Debug level serviceName Service group name serviceOk Status of service on host True means test passed serviceQuiesce Whether service is quiesced on host When a service is quiesced the host cannot acquire any service addresses However it can release service addresses The host s preferred service address will not be advertised by the DNS server servicePort Port associated with service monitor Used to communicate the status of a service serviceHostId Host identifier within the service group 126 Netra Proxy Cache Array User s Manual e Revision A March 1998 TABLE 16 2 Array MIB Definitions continued Group or Table Attribute Name Description serviceAddrBegin Start of range of service addresses Service monitor disables all service addresses in this range upon startup and termination serviceAddrEnd End of range of service addresses Service monitor disables all service addresses in this range upon startup and termination serviceAddrTimeout Service address timeout After the host owning a service address has failed the peri
150. uration Information Icons Information icons are displayed when a task form is submitted They tell the user the status of the configuration task at hand The three information icons are displayed in Table 2 3 Understanding the Netra Administration GUI 19 TABLE 2 3 Information Icons Icon Description Reminder icon Shows that a task has been completed successfully but T calls attention to an important message indicating an additional task is required Error icon Calls attention to errors in form entries r Success icon Shows that a task has been completed successfully Accessing the Netra Administration GUI The HTML based Netra Administration GUI is accessed through a dedicated administration web server A web browser and knowledge of the system administrator user name and password are required to access this GUI Access the GUI as follows v To Access the Netra Administration GUI 1 Start a browser on a machine that is network accessible to the Netra Proxy Cache Server 2 Open the following URL http netra 81 Or http netra domain 81 20 Netra Proxy Cache Array User s Manual e Revision A March 1998 Where netra is the host name or host address for the Netra server and domain is the qualified domain The latter format may be needed if a proxy server is being used The Netra password screen is displayed Type setup for the User ID and then the password The Netra Welcome page is displayed
151. ust use the Install Configuration function to install the changes on all machines in the array You access this function by clicking the Install Configuration link in the Proxy Cache Administration page See the Netra Proxy Cache Array Configuration Guide for instructions on the use of the Install Configuration function The remainder of this chapter is a description of the advanced array properties Networks v To View or Modify Advanced Array Configuration Properties Networks Category 1 Under the Networks heading see Figure 5 1 enter or accept the values for the following properties Control Network The subnet number of the control network expressed in dotted decimal notation The host portion of the address is expressed in one or more zeroes We suggest the use of one subnet from 10 0 0 0 or 192 168 89 0 ideally one not used by anyone else in your organization Keep in mind that the control network is a private network distinct from the network over which a Netra Proxy Cache server interacts with clients No packets are forwarded between control and service networks Such traffic would be disruptive of array operation Netmask The netmask of the control network It is recommended you use 255 255 255 0 Service Network Advanced Array Configuration 59 The subnet number of the service network expressed in dotted decimal notation Express the host portion of the address in one or more zeroes The service network is the n
152. utput if a host cannot provide a service proxy cache or DNS the hme0 lt num gt entry will not be present for that service On the other hand a host might have additional hme0 lt num gt entries indicating that it has acquired additional service addresses from other array members Processes Associated with Netra Proxy Cache Most of the processes listed below are present on a Netra Proxy Cache Server as well as on the hosts in a Netra Proxy Cache Array OAM Server Process runs only on administrative host jre cp oamserver zip noasyncgc Djava rmi server hostname lt admin host gt Djava rmi HTTP Daemon runs on all hosts not just administrative host opt netra SUNWnetra bin httpd etc opt netra SUNWnetra conf httpd conf Update daemon runs on all hosts opt SUNWoam lib oampushd s d tmp oampushd e opt SUNWoam lib oamutil p 12 DNS server runs only on array DNS server usr sbin in named b named boot DNS name lookup process used by proxy cache service for DNS name lookups Troubleshooting and Technical Information 145 dnsserver t By default there are five of the preceding type of process You can increase this number to 32 Proxy cache service SNMP agent runs on all hosts in an array proxycachesnmpd Array software SNMP Agent runs on all hosts in array scalrsnmpd FTP get process used by proxy cache service all hosts in array opt SUNWcache lib ftpget S 39388 Pr
153. w the properties related to the test and load objects in etc opt SUNWscalr scalrd conf 116 Netra Proxy Cache Array User s Manual e Revision A March 1998 Proxy Cache Array Monitoring The Proxy Cache Array Monitoring page presents status of and statistics for the proxy cache service provided by the array v To Load the Proxy Cache Array Monitoring Page 1 In the Proxy Cache Administration page click Proxy Cache Monitoring A page such as that shown in Figure 15 3 is displayed z Eros Cache Thuy Fahu Arte onitwing Tor Boe 13 1I 41 54 P 1011 Pn Carle Array See Dans rine rt Do Late ect comic dea owe p ddy 5 Low E re ba mre oe cr Pri sae LHLz5t isser s 1er Lhat I 2 2 3 cn ey cl cl cl cp om tet 1H line Km ei el S a cy oo Low skabe unb navm tan fox oll ame bemes AE a e as Ton sin in inus Ik er RIE Figure 15 3 Proxy Cache Array Monitoring Page Monitoring a Netra Proxy Cache Array and Proxy Cache Service 117 When you load the Proxy Cache Array Monitoring page a snapshot of current array activity is displayed If you want periodic updates specify a number of minutes in the Refresh field at the bottom of the page Click Reset next to OK to return the refresh value to 0 Click Reset Counter to return the URLs sec and Hits sec numbers in the Delta column to zero The Proxy Cache Array Statistics table has a row for each host in the array If a host is
154. ware does not prevent you from starting the proxy cache administration server on a host other than the administrative host then making configuration changes on that host However such activity raises the possibility of changes being made on multiple hosts If this occurs the last set of changes that are installed through the Install Configuration link are the changes that take effect 23 Loading the Proxy Cache Administration Page The following procedure assumes you are loading the Proxy Cache Administration page from the administrative host on which the proxy cache administration server is already running v To Load the Proxy Cache Administration Page 1 On your administrative host open the Netra Main Administration page http lt administrative host name gt 81 2 In the pop up authentication window enter the administration name setup and the administration password for the Netra Proxy Cache Server 3 Following successful login click the Administration link in the Netra Welcome page 4 In the Main Administration page click Proxy Cache Service The Proxy Cache Administration page shown in Figure 3 1 is displayed 24 Netra Proxy Cache Array User s Manual e Revision A March 1998 Tisy Facha Ad mini u af Adminis s wer ia running ray edn Sinir cede Gane eS NB 4211 el eee Wks ee d men Concern 3171710 i atnan t gael 3 Stacia tree adi p m anes yaa j BA Seca aal ara 11 oes re 34ZI1 gt
155. was changed You access this function by clicking the Install Configuration link in the Proxy Cache Administration page See the Netra Proxy Cache Array Configuration Guide for instructions on the use of the Install Configuration function 68 Netra Proxy Cache Array User s Manual e Revision A March 1998 CHAPTER T SNMP Configuration This chapter explains how to perform SNMP configuration for the proxy cache service and array software that are part of the Netra Proxy Cache product The chapter assumes you have completed configuration of your Netra Proxy Cache Array as described in the Netra Proxy Cache Array Configuration Guide The SNMP Configuration page enables you to change defaults associated with the SNMP agents shipped with the Netra Proxy Cache product The Netra Proxy Cache software s support for SNMP enables you to use a SNMP conformant management platform to monitor your Netra Proxy Cache Array or Server See Chapter 16 for a description of the MIBs shipped with the Netra Proxy Cache product Viewing and Modifying SNMP Properties You view or modify SNMP configuration properties in the SNMP Configuration page You reach this page through the Proxy Cache Administration page See Chapter 3 for instructions on loading this page To Configure SNMP Properties 1 In the Proxy Cache Administration page click the SNMP Configuration link The SNMP Configuration page is displayed as shown in Figure 7 1 69 70
156. with the packages listed below installed Unless otherwise indicated packages are installed on both the array and server versions of the product TABLE 19 1 Product Packages Package Name Description SUNWcache Proxy cache server software SUNWcaoam Proxy cache user interface and configuration database software Netra Proxy Cache Server only SUNWcasnm SNMP agent for proxy cache software SUNWjvjit Java JIT compiler SUNWjvrt Java Virtual Machine run time environment includes Java appletviewer and classes zip file 148 Netra Proxy Cache Array User s Manual e Revision A March 1998 TABLE 19 1 Package Name SU SU SU SU SU SU SU SU SU SU SU SU SU NWmibii NWnsA NWntr NWntrA NWnt rpP NWoam NWprxyA NWsacom NWsadmi NWsasdk NWsasnm NWscalr NWscapp NWscoam NWscsml NWscsnm Product Packages continued Description Solstice Enterprise Agents SNMP daemon Netra HTML forms for configuring name systems DNS NIS client local Netra required library functions boot scripts and HTTP daemon Netra HTML forms for configuring common Solaris and Netra functionality Netra images and HTML forms for the proxy cache product Proxy cache plus array configuration files Netra HTML forms for configuring proxy cache Solstice Enterprise Agents files for root file system Solstice Enterprise Agents Desktop Management Interface Solstice Enterprise Ag
157. xy Cascade page as shown in Figure 4 4 IF wud irs Hee ee aL 3 FIN Ta Sor adda le oe staat or _ Nig Ka T eli sot Es kii Ler Ami ad r L ri IF Ailzr 5 riz ue ll mn Ks Figure 4 4 Remaining Proxy Cascade Properties 36 Netra Proxy Cache Array User s Manual e Revision A March 1998 IP Addresses Inside Firewall The Netra Proxy Cache Server considers addresses you list for this property as being inside a firewall When you specify one or more addresses the Netra Proxy Cache Server performs a host name resolution for example a DNS or NIS lookup of the address specified in a URL for all requests to determine whether the address is inside the firewall For addresses not in this list if the Netra Proxy Cache Server does not have a requested object in its local cache it always tries to fetch the object from a parent or sibling cache Note Use of this property degrades server response time because of the overhead associated with host name resolutions Source Ping Choose between off the default and on By default when the Netra Proxy Cache Server receives a request it pings sends ICP requests to its parents and siblings If Source Ping is on the software also pings the host specified in the URL of an object it retrieves This feature can be useful where parents and siblings are overloaded and the source web server is not Note that Source Ping packets are never sent bey
158. y the array occurs on a continual basis This occurs in a network where the name service acknowledges the time to live TTL of the name to address entries made available by the array DNS Examples of such a name service are the DNS using bind v 4 9 3 or later or NIS as shipped with Solaris 2 6 Troubleshooting and Technical Information 147 In an environment where name resolution is static or occurs infrequently such as with pre Solaris 2 6 NIS you might be able to use browser facilities such as the Proxy Access Control PAC file to force name service lookups on an ongoing basis Resolving the Name of the Proxy Cache Service For an NIS only environment the following are two alternatives for resolving the name of the proxy cache service provided by a Netra Proxy Cache Array Other alternatives are available m Configure the NIS server to forward unresolved queries to a DNS server that delegates the proxy cache s zone to the array Set the Array DNS Proxy Records Time To Live property in the Advanced array configuration page described in DNS on page 61 to a low value such as 3 seconds m Assign an NIS service name for each service address in the array By doing this you achieve failover functionality However the DNS configuration on the array becomes redundant m The browser s PAC file might have a facility for name resolution Proxy Cache and Array Packages A Netra Proxy Cache Array and Server products are shipped
159. yed 2 Click OK to confirm the operation Name Service Administration 79 Local Name Server Administration v To Configure the Netra Server to Use a Local Name Server 1 Choose Network Services Administration Name Service Local Name Service The Local Name Service Administration page is displayed 2 Type the information in the form using Table 9 2 TABLE 9 2 Host Name and Address Host The host addresses and corresponding host names and aliases The Addresses host names may be partially or fully qualified to be compatible with Host Names other name services However this database only resolves host names Aliases that have an exact match in the database Example st impy only matches stimpy not stimpy comedy tv net Maximum 2000 records NIS Administration v To Configure the Netra Server to Use NIS to Resolve Names 1 Choose Network Services Administration Name Service NIS Network Information Name Service The NIS Administration page is displayed 2 Type the information in the form using Table 9 3 TABLE 9 3 NIS Domain Name NIS Domain Name The NIS domain in which the Netra server resides 80 Netra Proxy Cache Array User s Manual e Revision A March 1998 TABLE 9 3 NIS Domain Name continued To Modify or Unconfigure an NIS Domain Name Note The Modify and Unconfigure options are only displayed when the Netra server is configured as an NIS client 1 Choose Network Service Administration Name
160. ystem is about to shut down Use 0 for immediate restart or shutdown 3 Click the OK button to confirm the operation Save and Restore Configuration The Save and Restore Configuration module enables m Saving a record of the current configuration of the Netra server to a diskette or to a file m Restoring the Netra server to a previous configuration using data which was saved to either media It is recommended that the system configuration be saved whenever it is changed Doing so enables a return to this configuration state should it become necessary Save and Restore Options The following options are available m Eject diskette This option ejects a diskette from the drive Netra System Administration 99 m Save configuration to diskette This option saves the current system configuration to the diskette in the drive If an unformatted diskette is inserted it is formatted as part of the save process m Save configuration to file system This option saves the current system configuration to a file on the hard disk m Restore configuration from diskette Either all or selected configurations on the diskette are restored to the Netra system m Restore configuration from file system Either all or selected configurations on the hard disk are restored to the Netra system The Eject Diskette and Save Configuration to diskette options are only displayed on the form if there is a diskette in the drive The Restore configuration
Download Pdf Manuals
Related Search