Chapter 3 Proxy Cache Array Configuration

• "Starting the Proxy Cache Administration Server"

  "Basic Proxy Cache Configuration"

  "Basic Array Configuration"

  "Basic Array Member Configuration"

  "Install Configuration"

  "Backing Up Your Configuration"

  "Updating the DNS"

This chapter explains how to configure an array of Netra Proxy Cache Servers. Except for the backup of your configuration, you perform these procedures on a single host in the array, the administrative host.

After completing the instructions in this chapter, you will have performed:

• Configuration of the proxy cache, array, and array member properties.

• Installation of the proxy cache and array configuration on each host in the array from the administrative host

• Configuration of your existing DNS so it can resolve the name of the Netra Proxy Cache Array

• Backing up of your complete Netra Proxy Cache configuration to diskette.

It is strongly recommended that you read Chapter 1, Preparing for Installation and Configuration," and fill out the tables in that chapter before starting the procedures described here.

If you want, you can perform the procedures described in this chapter using a command-line program, instead of using the web pages described here. See Chapter 4, Using a Serial Terminal to Configure a Netra Proxy Cache Array," for instructions.

Starting the Proxy Cache Administration Server

For this step, refer to the machine you specified in "Choosing an Administrative Host". You make all configuration changes for the proxy cache service, for the array software, and for the array members on a single machine, referred to as the administrative host. You then install those changes on all hosts in the array.

1. On a remote machine that is not part of your Netra Proxy Cache Array, point your browser at the administrative host, as follows:

   ---

   http://<administrative host>:81
   

   ---

   where <administrative host> is the host name of a Netra Proxy Cache Server. If the host name is not known to a network name service, you must specify the numeric IP address of the administrative host. Depending on the capabilities of your router, you might need to use the browser on a machine on the same subnet as the Netra Proxy Cache Array.

   Upon successful connection, you receive a prompt for an administrator's name and password. Enter the password you specified in Step 17 in "To Complete Initial Configuration". Following successful login, the Netra Proxy Cache Main Administration page is displayed, as shown below:

   Figure 3-1 Main Administration Page Following Initial Configuration

   
   

Regarding the reminder note at the top of the Main Administration page, you will backup you configuration later in the configuration procedure.

1. In the Main Administration page, click Proxy Cache Service.

   The Proxy Cache Administration page is displayed, as shown below.

   Figure 3-2 Proxy Cache Administration Page: Server Stopped

   
   

2. In the Proxy Cache Administration page, click Start Administration Server.

3. A page indicating a successful operation is displayed. In this page, click the up-arrow icon to return to the Proxy Cache Administration page.

   This time, the Proxy Cache Administration page displays a full set of options for configuration, as shown below.

Figure 3-3 Proxy Cache Administration Page: Server Started

Proceed to the next section for instructions on configuring the proxy cache service.

Basic Proxy Cache Configuration

The procedure described here presumes you have started the proxy cache administration server on your administrative host, as instructed in "Starting the Proxy Cache Administration Server".

To Configure the Proxy Cache Service

For the following procedure, use the data you gathered in Table 1-4 and Table 1-5.

When configuring the proxy cache service for the first time, use the basic proxy cache configuration link. After you have completed first-time configuration, you can use the advanced proxy cache configuration pages to fine-tune properties, such as access lists, timeouts, and object size limits.

1. In the Proxy Cache Administration page, click the Basic proxy cache configuration link.

The Basic Proxy Cache Configuration page is displayed, the top part of which is shown in Figure 3-4.

Figure 3-4 Basic Proxy Cache Configuration: Step One

1. In the Step One segment, shown in Figure 3-4, enter an HTTP port number or accept the default of 8080.

2. Scroll down (if necessary) to the Step Two segment of the page, shown in Figure 3-5.

   Figure 3-5 Basic Proxy Cache Configuration: Step Two

   
   

3. If the Netra Proxy Cache Server is inside a firewall, you can list the domains that are inside the firewall.

   For URLs containing domains not in this list, the Netra Proxy Cache Server always tries to fetch the object from a parent or sibling cache, if it does not have the object in its local cache. Domains added to this list are also added to the Local Domains property, described in Chapter 4 of the Netra Proxy Cache Array User's Manual.

4. When you are finished entering domain names or if your server is outside of a firewall, scroll down to display the Step Three segment, shown in Figure 3-6.

   Figure 3-6 Basic Proxy Cache Configuration: Step Three

   
   

5. If your Netra Proxy Cache Server has one or more parent proxy servers, enter the following data in the fields provided:

   • Name of parent proxy server

   • Port number at which the parent listens for HTTP requests

   • Port number at which the parent listens for Inter Cache Protocol (ICP) requests (if the parent supports ICP--a 0 in the field indicates non-support for ICP)

   • Whether the parent supports the tunneling of the Secure Socket Layer protocol

   • Whether the parent supports persistent connections

   Use the data you gathered in Table 1-5 to fill in the parent proxy information. Note that Netra Proxy Cache Servers support ICP, SSL tunneling, and persistent connections. If you are unsure whether a given proxy cache server supports SSL tunneling or persistence, do not click the check boxes.

   If you have more than five parent proxies, click the button to add additional rows to the table.

6. After adding all parent proxies, click OK.

   If you make an error, either the same page or a special error page is displayed. In both cases, the error is cited on the page. If the same page is displayed, correct the error and click OK to proceed. If an error page is displayed, correct the error, the use the browser's back button to return to the Basic Proxy Cache Configuration page. In this page, click OK to proceed.

   After you have submitted a correct set of proxy cache properties, a page is displayed indicating success and displaying your selections. An example of such a page is shown below.

   Figure 3-7 Successful Basic Proxy Cache Configuration

   
   

7. In the success window, click the up-arrow icon to return to the Proxy Cache Administration page.

   At this point, your proxy cache configuration is recorded in a configuration database. Later, you will install your configuration. Proceed to basic proxy cache array configuration.

Basic Array Configuration

The order of the basic proxy cache configuration and basic array configuration sequences is not significant. However, for these instructions, it is assumed you have completed the basic proxy cache configuration, as described in the preceding section.

To Perform Basic Array Configuration

To enter values for the array configuration properties, use the data you gathered in Table 1-6.

When configuring the proxy cache array for the first time, use the basic array configuration link. After you have completed first-time configuration, you can use the advanced array configuration pages to fine-tune properties, such as timeout values.

1. In the Proxy Cache Administration page, click the Basic Array Configuration link. The Basic Array Configuration page is displayed, as shown in Figure 3-8.

   Figure 3-8 Basic Array Configuration Page

   
   

2. In the Step One segment shown in Figure 3-8, enter the subnet number and netmask for your control network.

   Enter a subnet number with zero(s) in the host portion. For example, 192.168.89.0, for a Class C subnet address.

3. In the Step Two segment, also shown in Figure 3-8, enter the subnet number and netmask for your service network.

   An example subnet number is 129.144.118.0, for a Class C subnet address.

4. Scroll down to the Step Three segment, which is shown in Figure 3-9.

   Figure 3-9 Basic Array Configuration: Step Three

   
   

5. In the segment shown in Figure 3-9, enter the name of the DNS domain formed by the hosts in your array.

6. Scroll down to the Step Four segment, shown in Figure 3-10.

   Figure 3-10 Basic Array Configuration: Step Four

   
   

7. In the Step Four segment shown in Figure 3-10, enter the name of the DNS host for your array, as well as the DNS service address.

   For the DNS host name, enter only the host name, not the host name and the domain name.

8. Click OK.

   If you make an error, either the same page or a special error page is displayed. In both cases, the error is cited on the page. If the same page is displayed, correct the error and click OK to proceed. If an error page is displayed, correct the error, the use the browser's back button to return to the Basic Array Configuration page. In this page, click OK to proceed.

   After you have submitted a correct set of array properties, a page is displayed indicating success and displaying your selections. An example of such a page is shown below.

   Figure 3-11 Successful Basic Array Configuration

   
   

9. Click the up-arrow icon in the page shown in Figure 3-11.

   You return to the Main Administration page, as shown in Figure 3-12.

   At this point, your array configuration is recorded in a configuration database. Later, you will install your configuration. Proceed to basic array member configuration.

   Figure 3-12 Return from Basic Array Configuration

   
   

In Figure 3-12, note that the two host links, basic and advanced, are enabled, indicating that you have valid proxy cache and array configurations. Compare this figure to Figure 3-3.

Basic Array Member Configuration

You must have completed basic proxy cache and basic array configuration before starting the procedure described here. Pointing your browser at the administrative host, you must perform this procedure for each host in your Netra Proxy Cache Array, including the administrative host.

To Perform Basic Array Member Configuration

To fill in values for basic array member configuration, you need the data you gathered in Table 1-7.

1. In the Proxy Cache Administration page, click the Basic array member configuration link.

   The Basic Array Member Configuration page is displayed, as shown in Figure 3-13.

   Figure 3-13 Basic Array Member Configuration Page

   
   

2. In the Step One segment, enter the host name of the Netra Proxy Cache Array member and click OK.

   The Basic Array Member Configuration page redisplays, with the remaining configuration step displayed.

3. Scroll down to the Step Two segment, as shown in Figure 3-14.

   Figure 3-14 Basic Array Member Configuration: Step Two

   
   

4. In the Step Two segment of the page shown in Figure 3-14, enter the following items:

   • Host Address

   • Control Address

   • Service Address (for the proxy cache service)

5. Click OK.

   If you make an error, either the same page or a special error page is displayed. In both cases, the error is cited on the page. If the same page is displayed, correct the error and click OK to proceed. If an error page is displayed, correct the error, the use the browser's back button to return to the Basic Array Member Configuration page. In this page, click OK to proceed.

   After you have submitted a correct set of array member properties, a page is displayed indicating success and displaying your selections. An example of such a page is shown below.

   Figure 3-15 Successful Array Member Configuration

   
   

6. In the page shown in Figure 3-15, click the up-arrow icon.

   You return to the Proxy Cache Administration page, as shown in Figure 3-12.

You must perform array member configuration for each host in your array. For each additional machine, click the Basic Array Member Configuration link in the Proxy Cache Administration page and repeat the steps described here.

After you enter array member configuration information for all hosts in the array, you will install the updated configuration on those hosts, as described in the following section.

Install Configuration

Pointing your browser at the administrative host, you perform this procedure after you have completed the procedures described in the preceding sections.

To Install Your Software Configuration

At this point, your proxy cache, array, and array member configuration is recorded in a configuration database. You need to install the configuration on all of the hosts in the array (including the administrative host) for your choices to take effect.

1. In the Proxy Cache Administration page, click Install Configuration.

   The Install Configuration page is displayed, as shown in Figure 3-16.

   Figure 3-16 Install Configuration Page

   
   

The page shown in Figure 3-16 is an example. The Install Configuration page displays the hosts you have configured using the array member configuration procedure described in the preceding section. For first-time configuration, the icon for each host is displayed in orange, without a check mark, indicating the host needs updating with configuration information you have just specified.

1. Click Select All.

The Install Configuration is redisplayed, with the check boxes next to each host name filled in, indicating selection.

1. Click Install Selected Hosts.

   A page such as that shown in Figure 3-17 is displayed.

   Figure 3-17 Install Configuration Confirmation

   
   

2. Click OK to start installation.

   When installation completes, a page such as the following is displayed.

   Figure 3-18 Installation Success

   
   

   If installation fails for one or more hosts, note the reason in the page that reports the failure. The following conditions must be in effect for successful installation:

   • Each array member must be running and must be configured, as described in Chapter 2, Initial Host Configuration."

   • All host and service addresses must be unique and must have the same subnet number.

   • One host in the array must be configured as a DNS server for the array and must have a unique service address with the same subnet number as the host and proxy cache service addresses.

   • All control addresses must be unique and must have the same subnet number.

   • If you configured a local name service (not recommended), you might have made a mistake so that, for example, on one or more hosts, the loopback interface is configured with the host address.

   There are other, relatively remote possibilities, such as the update process being dead on a given array member. You could probably correct such an obscure problem by rebooting the affected host.

   In the event of installation failure, consult the error logs.

   To view installation error logs:

   1. Click the home icon to load the Main Administration page.

   2. Click Proxy Cache Service to load the Proxy Cache Administration page.

   3. Under the Monitoring heading, click Log Files.

   4. In the Proxy Cache Log Administration page, click View for the Administration Client Error log or the Configuration Installation Error log.

   5. Following a successful installation, click the up-arrow icon, to return to the Install Configuration page.

      The appearance of the host icons in the Install Configuration page changes to show a check mark. This check mark indicates that a host has received an updated configuration.

   6. Click the up-arrow icon.

      You return to the Proxy Cache Administration page.

   7. Following a successful installation, click on the home icon to return to the Main Administration page.

At this point, the only task remaining to make your Netra Proxy Cache Array fully operational is to configure the DNS to delegate the domain of the Netra Proxy Cache Array to the array DNS server (by that server's DNS service address). This task is described in "Updating the DNS".

Before performing DNS configuration, use a link in the Netra Main Administration page to backup your Netra Proxy Cache Server configuration. This configuration includes Solaris, proxy cache, and array data.

Backing Up Your Configuration

For this procedure, you need a formatted diskette. Perform this procedure on each host in your array. The procedure described here backs up your Solaris and proxy cache configuration.

To Backup a Netra Proxy Cache Server

1. Insert a formatted diskette in the drive of your Netra Proxy Cache Server.

   The server detects the presence of a diskette in its drive and does not offer you the option of backing up to diskette unless the diskette is in place.

2. Point your browser at the URL for the Netra Welcome page on the machine in which you have inserted a diskette:

   ---

   http://<netra server name>:81

   ---

3. Log in to the Netra Proxy Cache Server.

   Enter user name setup and the administration password for that server.

4. In the Welcome page, click the Administration link.

5. In the Main Administration page, under the System Administration heading, click Save and Restore Configuration.

   The Save and Restore Configuration Administration page is displayed, as shown below.

   Figure 3-19 Save and Restore Configuration Administration Page

   
   

   Because this is the first time the configuration is saved, there is no link for restoring a configuration.

6. Click Save configuration to diskette.

   A confirmation page is displayed.

7. Click OK to confirm the save operation.

   The copy operation begins. Upon completion, a success page, shown below, is displayed.

   Figure 3-20 Successful Save Operation

   
   

8. Click the up-arrow icon to return to the Save and Restore Configuration page.

9. Click the Eject diskette link.

   You are asked to verify the operation. Click OK. A success page is displayed.

10. In the success page, click the home icon to return to the Main Administration page.

    It is recommended that you label the diskette, switch the read-write tab to the read-only position, and store the diskette in a safe place.

See Appendix A of the Netra Proxy Cache Array User's Manual for instructions on restoring each machine in a Netra Proxy Cache Array from diskette.

Updating the DNS

After you finish installing your configuration to all hosts in your Netra Proxy Cache Array, you must update the DNS to make it aware of the existence of the subdomain formed by the array.

As you perform Netra Proxy Cache configuration, the configuration software collects data on your DNS configuration and creates a file in the /var/opt/SUNWscalr/dns directory called README.how_to_point_dns. The following is an example of such a file:

---

; Please delegate the cache zone in your main dns to
; the dns server on the proxy cache appliance array. 
; To do this add the following to the appropriate db file 
cache 3600    IN NS dns.cache.acme.com.
dns.cache.acme.com.    3600    IN A a.b.c.50

---

To Update Your DNS

1. From a machine not in the Netra Proxy Cache Array, use telnet to connect to the administrative host.

2. Use ftp to copy README.how_to_point_dns to the /tmp directory of the DNS server that points to the Netra Proxy Cache Array.

3. On the DNS server, copy the uncommented portion of the file README.how_to_point_dns to the database file.

4. As root, enter a command such as the following:

   ---

   {dns_server}# kill -HUP `cat /etc/named.pid`
   

   ---

Following this, clients can use the proxy cache service provided by the Netra Proxy Cache Array.

A Note on DNS Round Robin

For optimal operation of the array, the DNS server that resolves the name of the Netra Proxy Cache Array should support round robin. The default time-to-live (TTL) used by the DNS server in the array assumes round-robin support. With round robin, the array can respond to changes (including overloads and host failures) far more quickly than it can without round robin.

If your DNS server does not support round robin, you can reduce the TTL to a low value, such as 30 seconds. If your DNS server does not support a TTL as low as 30 seconds (for example, older DNS servers do not support TTL values of less than five minutes), it is recommended that you upgrade to a DNS server that supports round robin.

For support of round robin, the correct version of bind is 4.9.3 (or later). This version is shipped with Solaris 2.5.1 SHWP (the Solaris version shipped with the Netra Proxy Cache product) and is available in the following patches:

• For Solaris 2.4, patch #102479-07

• For Solaris 2.5, patch #103667-07

• For Solaris 2.5.1 (pre-SHWP), patch #103663-08

If your DNS server is a non-Solaris machine, you should upgrade that server to a 4.9.3 version of bind that has round-robin capability.

See Section 5.4 of the Netra Proxy Cache Array User's Manual for instructions on changing the DNS's TTL for the array.