Go to main content
1/146
Contents
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
Part I Getting Started
1
Getting Started with Oracle Traffic Director
1.1
What's New in this Release?
1.2
Features of Oracle Traffic Director
1.3
Typical Network Topology
1.4
Oracle Traffic Director Terminology
1.5
Oracle Traffic Director Deployment Scenarios
1.6
Administration Framework of Oracle Traffic Director
1.6.1
Overview of the Administration Framework
1.6.2
Administration Server
1.6.3
Administration Node
1.6.4
Administration Interfaces
1.6.5
Configuration Store
1.6.6
Instance Configuration Files
1.7
Overview of Administration Tasks
1.8
Setting Up a Simple Load Balancer Using Oracle Traffic Director
1.8.1
Example Topology
1.8.2
Creating the Load Balancer for the Example Topology
1.8.3
Verifying the Load-Balancing Behavior of the Oracle Traffic Director Instance
2
Managing the Administration Server
2.1
Creating the Administration Server
2.2
Starting the Administration Server
2.3
Accessing the Administration Interfaces
2.3.1
Accessing the Command-Line Interface
2.3.2
Accessing the Administration Console
2.4
Stopping and Restarting the Administration Server
2.5
Viewing Administration Server Settings
2.6
Changing Administration Server Settings
2.7
Removing the Administration Server Instance
3
Managing Administration Nodes
3.1
Creating an Administration Node
3.2
Viewing a List of Administration Nodes
3.3
Starting an Administration Node
3.4
Changing the Properties of an Administration Node
3.5
Stopping and Restarting an Administration Node
3.6
Removing an Administration Node
Part II Basic Administration
4
Managing Configurations
4.1
Creating a Configuration
4.2
Viewing a List of Configurations
4.3
Deploying a Configuration
4.4
Modifying a Configuration
4.5
Synchronizing Configurations Between the Administration Server and Nodes
4.6
Copying a Configuration
4.7
Deleting a Configuration
4.8
Viewing a List of Configuration Backups
4.9
Restoring a Configuration from a Backup
5
Managing Instances
5.1
Creating Oracle Traffic Director Instances
5.2
Viewing a List of Oracle Traffic Director Instances
5.3
Starting, Stopping, and Restarting Oracle Traffic Director Instances
5.4
Updating Oracle Traffic Director Instances Without Restarting
5.5
Deleting Oracle Traffic Director Instances
5.6
Controlling Oracle Traffic Director Instances Through Scheduled Events
6
Managing Origin-Server Pools
6.1
Creating an Origin-Server Pool
6.2
Viewing a List of Origin-Server Pools
6.3
Modifying an Origin-Server Pool
6.4
Deleting an Origin-Server Pool
6.5
Configuring an Oracle WebLogic Server Cluster as an Origin-Server Pool
6.5.1
How Dynamic Discovery Works
6.5.2
Enabling Dynamic Discovery
6.6
Configuring a Custom Maintenance Page
7
Managing Origin Servers
7.1
Adding an Origin Server to a Pool
7.2
Viewing a List of Origin Servers
7.3
Modifying an Origin Server
7.4
Managing Ephemeral Ports
7.5
Removing an Origin Server from a Pool
8
Managing Virtual Servers
8.1
Creating a Virtual Server
8.2
Viewing a List of Virtual Servers
8.3
Modifying a Virtual Server
8.4
Configuring Routes
8.5
Copying a Virtual Server
8.6
Deleting a Virtual Server
8.7
Caching in Oracle Traffic Director
8.8
Reviewing Caching Settings and Metrics for an Instance
8.9
Tunable Caching Parameters
8.10
Configuring Caching Parameters
9
Managing TCP Proxies
9.1
Creating a TCP Proxy
9.2
Viewing a List of TCP Proxies
9.3
Modifying a TCP Proxy
9.4
Deleting a TCP Proxy
10
Managing Listeners
10.1
Creating a Listener
10.2
Viewing a List of Listeners
10.3
Modifying a Listener
10.4
Deleting a Listener
Part III Advanced Administration
11
Managing Security
11.1
Securing Access to the Administration Server
11.1.1
Changing the Administrator User Name and Password
11.1.2
Configuring LDAP Authentication for the Administration Server
11.1.3
Enabling the Pin for the Administration Server's PKCS#11 Token
11.1.4
Renewing Administration Server Certificates
11.2
Configuring SSL/TLS Between Oracle Traffic Director and Clients
11.2.1
Overview of the SSL/TLS Configuration Process
11.2.2
Configuring SSL/TLS for a Listener
11.2.3
Associating Certificates with Virtual Servers
11.2.4
Configuring SSL/TLS Ciphers for a Listener
11.2.5
Certificate-Selection Logic
11.2.6
About Strict SNI Host Matching
11.2.7
SSL/TLS Concepts
11.3
Configuring SSL/TLS Between Oracle Traffic Director and Origin Servers
11.3.1
About One-Way and Two-Way SSL/TLS
11.3.2
Configuring One-Way SSL/TLS Between Oracle Traffic Director and Origin Servers
11.3.3
Configuring Two-Way SSL/TLS Between Oracle Traffic Director and Origin Servers
11.4
Managing Certificates
11.4.1
Creating a Self-Signed Certificate
11.4.2
Obtaining a CA-Signed Certificate
11.4.3
Installing a Certificate
11.4.4
Viewing a List of Certificates
11.4.5
Renewing a Server Certificate
11.4.6
Deleting a Certificate
11.4.7
Configuring Oracle Traffic Director to Trust Certificates
11.5
Managing PKCS#11 Tokens
11.6
Managing Certificate Revocation Lists
11.6.1
Installing and Deleting CRLs Manually
11.6.2
Installing CRLs Automatically
11.7
Managing Web Application Firewalls
11.7.1
Overview of Web Application Firewalls
11.7.2
Configuring Web Application Firewalls
11.7.2.1
Enabling and Installing Web Application Firewall Rule Sets
11.7.3
Listing the Rule Set Files
11.7.4
Removing Rule Set Files
11.7.5
Supported Web Application Firewall Directives, Variables, Operators, Actions, Functions, Persistent Storages and Phases
11.8
Configuring Client Authentication
11.9
Preventing Denial-of-Service Attacks
11.9.1
Request Limiting Parameters
11.9.2
Configuring Request Limits for a Virtual Server
12
Managing Logs
12.1
About the Oracle Traffic Director Logs
12.1.1
Access Log
12.1.2
Server Log
12.2
Viewing Logs
12.3
Configuring Log Preferences
12.4
About Log Rotation
12.5
Rotating Logs Manually
12.6
Configuring Oracle Traffic Director to Rotate Logs Automatically
13
Monitoring Oracle Traffic Director Instances
13.1
Methods for Monitoring Oracle Traffic Director Instances
13.2
Configuring Statistics-Collection Settings
13.3
Configuring URI Access to Statistics Reports
13.4
Viewing Statistics Using the CLI
13.4.1
Automating Retrieval of Monitoring Statistics
13.5
Viewing stats-xml and perfdump Reports Through a Browser
13.6
Monitoring Using SNMP
13.6.1
Configuring Oracle Traffic Director Instances for SNMP Support
13.6.2
Configuring the SNMP Subagent
13.6.3
Starting and Stopping the SNMP Subagent
13.6.4
Viewing Statistics Using snmpwalk
13.7
Sample XML (stats-xml) Report
13.8
Sample Plain-Text (perfdump) Report
14
Configuring Oracle Traffic Director for High Availability
14.1
Overview of High-Availability Features
14.2
Creating and Managing Failover Groups
14.2.1
How Failover Works
14.2.2
Failover Modes
14.2.3
Creating Failover Groups
14.2.4
Managing Failover Groups
14.3
Configuring Health-Check Settings for Origin-Server Pools
14.3.1
Using an External Health-Check Executable to Check the Health of a Server
14.3.1.1
Configuring Health-Check Settings to Use an External Executable
14.3.1.2
Passing Parameters to the External Health Check Executable
14.3.1.3
Logging
15
Tuning Oracle Traffic Director for Performance
15.1
General Tuning Guidelines
15.2
Tuning Connection Handling Settings
15.2.1
Tuning the Thread Pool and Connection Queue
15.2.1.1
Connection Handling Overview
15.2.1.2
Reviewing Connection Queue Metrics for an Instance
15.2.1.3
Reviewing Thread Pool Metrics for an Instance
15.2.1.4
Tuning the Thread Pool and Connection Queue Settings
15.2.2
Tuning HTTP Listener Settings
15.2.3
Tuning Keep-Alive Settings
15.2.3.1
About Keep-Alive Connections
15.2.3.2
Reviewing Keep-Alive Connection Settings and Metrics
15.2.3.3
Tuning Keep-Alive Settings
15.3
Tuning the File Descriptor Limit
15.4
Tuning HTTP Request and Response Limits
15.5
Tuning DNS Caching Settings
15.5.1
Viewing DNS Cache Settings and Metrics
15.5.2
Configuring DNS Cache Settings
15.6
Tuning SSL/TLS-Related Settings
15.6.1
SSL/TLS Session Caching
15.6.2
Ciphers and Certificate Keys
15.7
Configuring Access-Log Buffer Settings
15.8
Enabling and Configuring Content Compression
15.9
Tuning Connections to Origin Servers
15.10
Solaris-specific Tuning
15.10.1
Files Open in a Single Process (File Descriptor Limits)
15.10.2
Failure to Connect to HTTP Server
15.10.3
Tuning TCP Buffering
15.10.4
Reduce File System Maintenance
15.10.5
Long Service Times on Busy Volumes or Disks
15.10.6
Short-Term System Monitoring
15.10.7
Long-Term System Monitoring
15.10.8
Tuning for Performance Benchmarking
16
Diagnosing and Troubleshooting Problems
16.1
Roadmap for Troubleshooting Oracle Traffic Director
16.1.1
Troubleshooting High Availability Configuration Issues
16.2
Solutions to Common Errors
16.2.1
Startup failure: could not bind to port
16.2.2
Unable to start server with HTTP listener port 80
16.2.3
Unable to restart SSL/TLS-enabled server after changing the PKCS#11 token pin
16.2.4
Unable to start the SNMP subagent
16.2.5
Unable to communicate with the administration server: connection refused
16.2.6
Oracle Traffic Director consumes excessive memory at startup
16.2.7
Operating system error: Too many open files in system
16.2.8
Unable to stop instance after changing the temporary directory
16.2.9
Unable to restart the administration server
16.2.10
Oracle Traffic Director does not maintain session stickiness
16.3
Frequently Asked Questions
16.3.1
How do I reset the password for the administration server user?
16.3.2
What is a "configuration"?
16.3.3
How do I access the administration console?
16.3.4
Why do I see a certificate warning when I access the administration console for the first time?
16.3.5
Can I manually edit configuration files?
16.3.6
In the administration console, what is the difference between saving a configuration and deploying it?
16.3.7
Why is the "Deployment Pending" message displayed in the administration console?
16.3.8
Why is the "Instance Configuration Deployed" message is displayed in the administration console?
16.3.9
Why does the administration console session end abruptly?
16.3.10
How do I access the CLI?
16.3.11
Why does "tadm --user=admin --host=myhost subcommand" take me into a command shell instead of executing the specified subcommand?
16.3.12
Why is a certificate warning message displayed when I tried to access the CLI for the first time?
16.3.13
How do I find out the short names for the options of a CLI command?
16.3.14
Can I configure the CLI to not prompt for a password every time I access it?
16.3.15
Why am I unable to select TCP as the health-check protocol when dynamic discovery is enabled?
16.3.16
After I changed the origin servers in a pool to Oracle WebLogic Servers, they are not discovered automatically, though dynamic discovery is enabled. Why?
16.3.17
How do I view the request and response headers sent and received by Oracle Traffic Director?
16.3.18
How do I enable SSL/TLS for an Oracle Traffic Director instance?
16.3.19
How do I find out which SSL/TLS cipher suites are supported and enabled?
16.3.20
How do I view a list of installed certificates?
16.3.21
How do I issue test requests to an SSL/TLS-enabled Oracle Traffic Director instance?
16.3.22
How do I analyze SSL/TLS connections?
16.3.23
How do I view details of SSL/TLS communication between Oracle Traffic Director instances and Oracle WebLogic Server origin servers?
16.3.24
Why are certain SSL/TLS-enabled origin servers marked offline after health checks, even though the servers are up?
16.3.25
Does Oracle Traffic Director rewrite the source IP address of clients before forwarding requests to the origin servers?
16.3.26
Why does Oracle Traffic Director return a 405 status code?
16.3.27
What is the minimum supported JDK version, and JAVA_HOME variable?
16.4
Contacting Oracle for Support
A
Metrics Tracked by Oracle Traffic Director
A.1
Instance Metrics
A.2
Process Metrics
A.3
Thread Pool Metrics
A.4
Connection Queue Metrics
A.5
Compression and Decompression Metrics
A.6
Virtual Server Metrics
A.7
CPU Metrics
A.8
Origin Server Metrics
A.9
Failover Instance Metrics
A.10
Proxy Cache Metrics
A.11
DNS Cache Metrics
B
Web Application Firewall Examples and Use Cases
B.1
Basics of Rules
B.2
Rules Against Major Attacks
B.2.1
Brute Force Attacks
B.2.2
SQL Injection
B.2.3
XSS Attacks
C
Securing Oracle Traffic Director Deployment
C.1
Securing Oracle Traffic Director
Scripting on this page enhances content navigation, but does not change the content in any way.