Protocol
The Protocol section is used to set the many advanced settings for the HTTP protocol.
Server too Busy
Suppose you have limited the Max Connections to your Real Servers; you can choose to present a friendly web page once this limit has been reached.
· Create a simple web page with your message. You may include external links to objects on another web servers and sites. Alternatively, if you want to have images on your web page, then use inline base64 encoded images
· Browse for your newly created web page HTM(L) file
· Click Upload
· If you wish to preview the page, you can do so with the Click Here link
Forwarded For
Forwarded For is the de facto standard for identifying the originating IP address of a client connecting to a web server through Layer- 7 load balancers and proxy servers.
Forwarded-For Output
|
Option
|
Description
|
|
Off
|
ADC does not alter the Forwarded-For header.
|
|
Add Address and Port
|
This choice will append the IP address and port, of the device or client connected to the ADC, to the Forwarded-For header.
|
|
Add Address
|
This choice will append the IP address, of the device or client connected to the ADC, to the Forwarded-For header.
|
|
Replace Address and Port
|
This choice will replace the value of the Forwarded-For header with the IP address and port of the device or client connected to the ADC.
|
|
Replace Address
|
This choice will replace the value of the Forwarded-For header with the IP address of the device or client connected to ADC.
|
Forwarded-For Header
This field allows you to specify the name given to the Forwarded-For header. Typically, this is “X-Forwarded-For” but may be changed for some environments.
Advanced Logging for IIS – Custom Logging
You can obtain the X-Forwarded-For information by installing the IIS Advanced logging 64-bit app. Once downloaded, create a Custom Logging Field called X-Forwarded-For with the settings below.
Select Default from the Source Type list from the Category list, select Request Header In the Source Name box, and type X-Forwarded-For.
HTTP://www.iis.net/learn/extensions/advanced-logging-module/advanced-logging-for-iis-custom-logging
Apache HTTPd.conf changes
You will want to make several changes to the default format to log the X-Forwarded-For client IP address or the actual client IP address if the X-Forwarded-For header does not exist.
Those changes are below:
|
Type
|
Value
|
|
LogFormat:
|
“%h %l %u %t \”%r\” %>s %b \”%{Referer}i\” \”%{User-Agent}i\”” combined
|
|
LogFormat:
|
“%{X-Forwarded-For}i %l %u %t \”%r\” %>s %b \”%{Referer}i\” \”%{User-Agent}i\”” proxy SetEnvIf X- Forwarded-For “^.*\..*\..*\..*” forwarded
|
|
CustomLog:
|
“logs/access_log” combined env=!forwarded
|
|
CustomLog:
|
“logs/access_log” proxy env=forwarded
|
This format takes advantage of Apache’s built-in support for conditional logging based upon environmental variables.
· Line 1 is the standard combined log formatted string from the default.
· Line 2 replaces the %h (remote host) field with the value(s) pulled from the X-Forwarded-For header and set the name of this log file pattern to “proxy”.
· Line 3 is a setting for the environment variable “forwarded” that contains a loose regular expression matching an IP address, which is ok in this case since we care more whether an IP address exists in the X-Forwarded-For header.
· Also, line 3 could be read as: “If there is an X-Forwarded-For value, use it.”
· Lines 4 and 5 tell Apache which log pattern to use. If an X-Forwarded-For value exists, use the “proxy” pattern, else use the “combined” pattern for the request. For readability, lines 4 and 5 do not take advantage of Apache’s rotate logs (piped) logging feature, but we assume that almost everyone uses it.
These changes will result in logging an IP address for every request.
HTTP Compression Settings
Compression is an acceleration feature and is enabled for each Service on the IP Services page.
WARNING – Take extreme care when adjusting these settings as inappropriate settings can adversely affect the performance of ADC
|
Option
|
Description
|
|
Initial Thread Memory [KB]
|
This value is the amount of memory each request received by ADC may initially allocate. For most efficient performance, this value should be set at a value just in excess of the largest uncompressed HTML file that the web servers are likely to send.
|
|
Maximum Thread Memory [KB]
|
This value is the maximum amount of memory that the ADC will allocate on one request. For maximum performance, ADC normally stores and compresses all content in memory. IF an exceptionally large content file exceeding this amount is processed, ADC will write to disk and compress the data there.
|
|
Increment Memory [KB]
|
This value sets the amount of memory added to the Initial Thread Memory Allocation when more is required. The default setting is zero. This means ADC will double the allocation when the data exceeds the current allocation (e.g. 128Kb, then 256Kb, then 512Kb, etc) up to the limit set by Maximum Memory Usage per Thread. This is efficient where the majority of pages are of a consistent size but there are occasional larger files. (e.g. Majority of pages are 128Kb or less, but occasional responses are 1Mb in size.) In the scenario where there are large variable sized files, it is more efficient to set a linear increment of a significant size (e.g. Responses are 2Mb to 10Mb in size, an initial setting of 1Mb with increments of 1Mb would be more efficient.).
|
|
Minimum Compression Size
[Bytes]
|
This value is the size, in bytes, under which the ADC will not attempt to compress. This is useful because anything much under 200-bytes does not compress well and may even grow in size due to the overheads of compression headers.
|
|
Safe Mode
|
Tick this option to prevent ADC from applying compression to style sheets of JavaScript. The reason for this is that even though ADC is aware of which individual browsers can handle compressed content, some other proxy servers, even though they claim to be HTTP/1.1 compliant are unable to transport compressed style sheets and JavaScript correctly. If problems are occurring with style sheets or JavaScript through a proxy server, then use this option to disable compression of these types. However, this will reduce the overall amount of compression of content.
|
|
Disable Compression
|
Tick this to stop ADC from compressing any response.
|
|
Compress As You Go
|
ON - Use Compress as You Go on this page. This compresses each block of data received from the server in a discrete chunk that is fully de-compressible.
OFF - Do not use Compress As you Go on this page.
By Page Request - Use Compress as You Go by page request.
|
Global Compression Exclusions
Any pages with the added extension in the exclusion list will not be compressed.
· Type in the individual file name.
· Click update.
· If you wish to add a file type, simply type “*.css” for all cascading style sheets to be excluded.
· Each file or file type should be added to a new line.
Persistence Cookies
This setting allows you to specify how Persistence Cookies are handled.
|
Field
|
Description
|
|
Same Site Cooke Attribute
|
None: All cookies are accessible to scripts
Lax: Prevents cookies being accessed across sites, but they are stored to become accessible and submitted to the owning site if it is visited
Strict: prevents any cookie for a different site from being accessed or stored
Off: returns to the browser’s default behavior
|
|
Secure
|
This checkbox, when checked, applies the persistence to secure traffic
|
|
HTTP Only
|
When checked, this allows Persistent Cookes only on HTTP traffic
|