CINXE.COM

What’s New in ATS v9.x? — Apache Traffic Server 9.2.7 documentation

<!DOCTYPE html> <html class="writer-html5" lang="en"> <head> <meta charset="utf-8" /><meta name="generator" content="Docutils 0.19: https://docutils.sourceforge.io/" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <title>What’s New in ATS v9.x? &mdash; Apache Traffic Server 9.2.7 documentation</title> <link rel="stylesheet" type="text/css" href="../_static/pygments.css" /> <link rel="stylesheet" type="text/css" href="../_static/css/theme.css" /> <link rel="stylesheet" type="text/css" href="../_static/graphviz.css" /> <link rel="stylesheet" type="text/css" href="../_static/override.css" /> <link rel="shortcut icon" href="../_static/favicon.ico"/> <script src="../_static/jquery.js"></script> <script src="../_static/_sphinx_javascript_frameworks_compat.js"></script> <script data-url_root="../" id="documentation_options" src="../_static/documentation_options.js"></script> <script src="../_static/doctools.js"></script> <script src="../_static/sphinx_highlight.js"></script> <script src="../_static/js/theme.js"></script> <link rel="index" title="Index" href="../genindex.html" /> <link rel="search" title="Search" href="../search.html" /> <link rel="next" title="Upgrading to ATS v9.x" href="upgrading.en.html" /> <link rel="prev" title="Release Notes" href="index.en.html" /> </head> <body class="wy-body-for-nav"> <div class="wy-grid-for-nav"> <nav data-toggle="wy-nav-shift" class="wy-nav-side"> <div class="wy-side-scroll"> <div class="wy-side-nav-search" > <a href="../index.html" class="icon icon-home"> Apache Traffic Server <img src="../_static/trans_logo_tm_380x69.png" class="logo" alt="Logo"/> </a> <div role="search"> <form id="rtd-search-form" class="wy-form" action="../search.html" method="get"> <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" /> <input type="hidden" name="check_keywords" value="yes" /> <input type="hidden" name="area" value="default" /> </form> </div> </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu"> <ul class="current"> <li class="toctree-l1"><a class="reference internal" href="../preface/index.en.html">Preface</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/index.en.html">Getting Started</a></li> <li class="toctree-l1 current"><a class="reference internal" href="index.en.html">Release Notes</a><ul class="current"> <li class="toctree-l2 current"><a class="current reference internal" href="#">What’s New in ATS v9.x?</a><ul class="simple"> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="#version-9-0-x-updates">Version 9.0.x Updates</a><ul> <li class="toctree-l3"><a class="reference internal" href="#new-features">New Features</a><ul> <li class="toctree-l4"><a class="reference internal" href="#proxy-protocol">PROXY protocol</a></li> <li class="toctree-l4"><a class="reference internal" href="#developer-features">Developer features</a></li> <li class="toctree-l4"><a class="reference internal" href="#command-line-tools">Command line tools</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="#new-configurations">New configurations</a><ul> <li class="toctree-l4"><a class="reference internal" href="#http-2">HTTP/2</a></li> <li class="toctree-l4"><a class="reference internal" href="#parent-selection">Parent Selection</a></li> <li class="toctree-l4"><a class="reference internal" href="#sni">SNI</a></li> <li class="toctree-l4"><a class="reference internal" href="#plugin-reload">Plugin reload</a></li> <li class="toctree-l4"><a class="reference internal" href="#updated-host-matching-settings">Updated host matching settings</a></li> <li class="toctree-l4"><a class="reference internal" href="#ram-cache-per-volumes">RAM cache per volumes</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="#incompatible-records-config-settings">Incompatible records.config settings</a><ul> <li class="toctree-l4"><a class="reference internal" href="#connection-management">Connection management</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="#logging-and-metrics">Logging and Metrics</a><ul> <li class="toctree-l4"><a class="reference internal" href="#new-origin-metrics">New origin metrics</a></li> <li class="toctree-l4"><a class="reference internal" href="#metric-scaling">Metric scaling</a></li> <li class="toctree-l4"><a class="reference internal" href="#tls-version-metrics">TLS version metrics</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="#plugins">Plugins</a><ul> <li class="toctree-l4"><a class="reference internal" href="#statichit">statichit</a></li> <li class="toctree-l4"><a class="reference internal" href="#maxmind">maxmind</a></li> <li class="toctree-l4"><a class="reference internal" href="#memory-profile">memory_profile</a></li> <li class="toctree-l4"><a class="reference internal" href="#slice">slice</a></li> <li class="toctree-l4"><a class="reference internal" href="#xdebug">xdebug</a></li> <li class="toctree-l4"><a class="reference internal" href="#cert-reporting-tool">cert_reporting_tool</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="#plugin-apis">Plugin APIs</a><ul> <li class="toctree-l4"><a class="reference internal" href="#user-arg-slots">User Arg Slots</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="#version-9-2-x-updates">Version 9.2.x Updates</a><ul> <li class="toctree-l3"><a class="reference internal" href="#id1">New Features</a><ul> <li class="toctree-l4"><a class="reference internal" href="#log-throttling">Log throttling</a></li> <li class="toctree-l4"><a class="reference internal" href="#parent-selection-improvements">Parent Selection Improvements</a></li> <li class="toctree-l4"><a class="reference internal" href="#remap-inspector">Remap inspector</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="#id2">HTTP/2</a></li> <li class="toctree-l3"><a class="reference internal" href="#new-configuration-options">New configuration options</a></li> <li class="toctree-l3"><a class="reference internal" href="#misc-changes">Misc changes</a></li> <li class="toctree-l3"><a class="reference internal" href="#id3">Plugins</a><ul> <li class="toctree-l4"><a class="reference internal" href="#header-rewrite">header_rewrite</a></li> <li class="toctree-l4"><a class="reference internal" href="#generator">generator</a></li> <li class="toctree-l4"><a class="reference internal" href="#cache-promote">cache_promote</a></li> <li class="toctree-l4"><a class="reference internal" href="#id4">xdebug</a></li> <li class="toctree-l4"><a class="reference internal" href="#regex-revalidate">regex_revalidate</a></li> <li class="toctree-l4"><a class="reference internal" href="#url-sig">url_sig</a></li> <li class="toctree-l4"><a class="reference internal" href="#prefetch">prefetch</a></li> <li class="toctree-l4"><a class="reference internal" href="#authproxy">authproxy</a></li> <li class="toctree-l4"><a class="reference internal" href="#id5">slice</a></li> <li class="toctree-l4"><a class="reference internal" href="#cache-range-requests">cache_range_requests</a></li> <li class="toctree-l4"><a class="reference internal" href="#rate-limit">rate_limit</a></li> <li class="toctree-l4"><a class="reference internal" href="#static-hit">static_hit</a></li> <li class="toctree-l4"><a class="reference internal" href="#otel-tracer">otel_tracer</a></li> <li class="toctree-l4"><a class="reference internal" href="#http-stats">http_stats</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="#id6">Plugin APIs</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="upgrading.en.html">Upgrading to ATS v9.x</a></li> <li class="toctree-l2"><a class="reference internal" href="roadmap.en.html">ATS Release Roadmap</a></li> </ul> </li> <li class="toctree-l1"><a class="reference internal" href="../admin-guide/index.en.html">Administrator’s Guide</a></li> <li class="toctree-l1"><a class="reference internal" href="../developer-guide/index.en.html">Developer’s Guide</a></li> <li class="toctree-l1"><a class="reference internal" href="../appendices/index.en.html">Appendices</a></li> </ul> </div> </div> </nav> <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" > <i data-toggle="wy-nav-top" class="fa fa-bars"></i> <a href="../index.html">Apache Traffic Server</a> </nav> <div class="wy-nav-content"> <div class="rst-content"> <div role="navigation" aria-label="Page navigation"> <ul class="wy-breadcrumbs"> <li><a href="../index.html" class="icon icon-home" aria-label="Home"></a></li> <li class="breadcrumb-item"><a href="index.en.html">Release Notes</a></li> <li class="breadcrumb-item active">What’s New in ATS v9.x?</li> <li class="wy-breadcrumbs-aside"> <a href="../_sources/release-notes/whats-new.en.rst.txt" rel="nofollow"> View page source</a> </li> </ul> <hr/> </div> <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article"> <div itemprop="articleBody"> <section id="what-s-new-in-ats-v9-x"> <span id="whats-new"></span><h1>What’s New in ATS v9.x?<a class="headerlink" href="#what-s-new-in-ats-v9-x" title="Permalink to this heading"></a></h1> <p>ATS v9.x is the current major release train, with many new features and improvements. This document describes new features and changes in these releases. Currently three minor versions have been released:</p> <ul class="simple"> <li><p><a class="reference internal" href="#version-9-0-x"><span class="std std-ref">ATS v9.0.x</span></a> (last version was <code class="docutils literal notranslate"><span class="pre">v9.0.2</span></code>)</p></li> <li><p>ATS v9.1.x (last version was <code class="docutils literal notranslate"><span class="pre">v9.1.4</span></code>)</p></li> <li><p><a class="reference internal" href="#version-9-2-x"><span class="std std-ref">ATS v9.2.x</span></a> (current stable version <code class="docutils literal notranslate"><span class="pre">v9.2.0</span></code>)</p></li> </ul> <p>Keep in mind that only the latest (current) minor version is actively maintained, which is <cite>v9.2.x</cite>. This is expected to the the last minor relase in this train, with an upcoming <cite>v10.0.0</cite> release.</p> <div class="toctree-wrapper compound"> </div> </section> <section id="version-9-0-x-updates"> <span id="version-9-0-x"></span><h1>Version 9.0.x Updates<a class="headerlink" href="#version-9-0-x-updates" title="Permalink to this heading"></a></h1> <section id="new-features"> <h2>New Features<a class="headerlink" href="#new-features" title="Permalink to this heading"></a></h2> <p>This version of ATS has a number of new features (details below), but we’re particularly excited about the following features:</p> <ul class="simple"> <li><p>Experimental QUIC support (draft 27 and 29)</p></li> <li><p>TLS v1.3 0RTT support</p></li> <li><p>Significant HTTP/2 performance improvement</p></li> <li><p>PROXY protocol support</p></li> <li><p>Significant improvments to parent selection, including a new configuration file <a class="reference internal" href="../admin-guide/files/strategies.yaml.en.html#std-configfile-strategies.yaml"><code class="xref std std-file docutils literal notranslate"><span class="pre">strategies.yaml</span></code></a></p></li> <li><p>Several new plugins</p></li> </ul> <p>A new infrastructure and tool chain for end-to-end testing and replaying traffic is introduced, the Proxy Verifier.</p> <section id="proxy-protocol"> <h3>PROXY protocol<a class="headerlink" href="#proxy-protocol" title="Permalink to this heading"></a></h3> <p>ATS now supports the <a class="reference external" href="https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt">PROXY</a> protocol, on the inbound side. The incoming PROXY data gets transformed into the <code class="docutils literal notranslate"><span class="pre">Forwarded</span></code> header.</p> </section> <section id="developer-features"> <h3>Developer features<a class="headerlink" href="#developer-features" title="Permalink to this heading"></a></h3> <ul class="simple"> <li><p>Add support for dtrace style markers (SDT) and include a few markers at locations of interest to users of SystemTap, dtrace, and gdb. See <a class="reference internal" href="../developer-guide/debugging/debug-builds.en.html#developer-debug-builds"><span class="std std-ref">Debug Builds</span></a>.</p></li> </ul> </section> <section id="command-line-tools"> <h3>Command line tools<a class="headerlink" href="#command-line-tools" title="Permalink to this heading"></a></h3> <ul class="simple"> <li><p>The <strong class="program">traffic_server</strong> program now has two new maintenance commands: <code class="docutils literal notranslate"><span class="pre">verify_global_plugin</span></code> and <code class="docutils literal notranslate"><span class="pre">verify_remap_plugin</span></code>. These commands load a plugin’s shared object file and verify it meets minimal global or remap plugin API requirements.</p></li> </ul> </section> </section> <section id="new-configurations"> <h2>New configurations<a class="headerlink" href="#new-configurations" title="Permalink to this heading"></a></h2> <p>Some new configurations were added, on existing features.</p> <section id="http-2"> <h3>HTTP/2<a class="headerlink" href="#http-2" title="Permalink to this heading"></a></h3> <p>The following new configurations are available to rate limit some potentially abusive clients.</p> <ul class="simple"> <li><p><a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-http2-max-settings-per-frame" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.http2.max_settings_per_frame</span></code></a></p></li> <li><p><a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-http2-max-settings-per-minute" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.http2.max_settings_per_minute</span></code></a></p></li> </ul> <p>Overall, the performance for HTTP/2 is significantly better in ATS v9.x.</p> </section> <section id="parent-selection"> <h3>Parent Selection<a class="headerlink" href="#parent-selection" title="Permalink to this heading"></a></h3> <p>A new directive, <cite>ignore_self_detect</cite>, is added to the <a class="reference internal" href="../admin-guide/files/parent.config.en.html#std-configfile-parent.config"><code class="xref std std-file docutils literal notranslate"><span class="pre">parent.config</span></code></a> format. This allows you to parent proxy to sibling proxies, without creating loops. The setting for <cite>proxy.config.http.parent_proxy_routing_enable</cite> is no longer needed, it’s implicit by the usage of the <a class="reference internal" href="../admin-guide/files/parent.config.en.html#std-configfile-parent.config"><code class="xref std std-file docutils literal notranslate"><span class="pre">parent.config</span></code></a> configuration file.</p> <p>A new option was added to <a class="reference internal" href="../admin-guide/files/parent.config.en.html#std-configfile-parent.config"><code class="xref std std-file docutils literal notranslate"><span class="pre">parent.config</span></code></a> for which status codes triggers a simple retry, <cite>simple_server_retry_responses</cite>.</p> <p>A configuration file for the new parent selection strategy is added, <a class="reference internal" href="../admin-guide/files/strategies.yaml.en.html#std-configfile-strategies.yaml"><code class="xref std std-file docutils literal notranslate"><span class="pre">strategies.yaml</span></code></a>.</p> </section> <section id="sni"> <h3>SNI<a class="headerlink" href="#sni" title="Permalink to this heading"></a></h3> <p>A new option to control how host header and SNI name mismatches are handled has been added. With this new setting, <a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-http-host-sni-policy" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.http.host_sni_policy</span></code></a>, when set to <cite>0</cite>, no checking is performed. If this setting is <cite>1</cite> or <cite>2</cite> (the default), the host header and SNI values are compared if the host header value would have triggered a SNI policy.</p> <p>A new blind tunneling option was added, <cite>partial_blind_route</cite>, which is similar to the existing <cite>forward_route</cite> feature.</p> <p>The captured group from a FQDN matching in <a class="reference internal" href="../admin-guide/files/sni.yaml.en.html#std-configfile-sni.yaml"><code class="xref std std-file docutils literal notranslate"><span class="pre">sni.yaml</span></code></a> can now be used in the <cite>tunnel_route</cite>, as e.g. <cite>$1</cite> and <cite>$2</cite>.</p> </section> <section id="plugin-reload"> <h3>Plugin reload<a class="headerlink" href="#plugin-reload" title="Permalink to this heading"></a></h3> <p>A new setting was added to turn off the dynamic plugin reload, <a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-plugin-dynamic-reload-mode" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.plugin.dynamic_reload_mode</span></code></a>. By default, the feature is still enabled.</p> </section> <section id="updated-host-matching-settings"> <h3>Updated host matching settings<a class="headerlink" href="#updated-host-matching-settings" title="Permalink to this heading"></a></h3> <p>The options for host matching configuration, ts:cv:<cite>proxy.config.http.server_session_sharing.match</cite> has been augmented significantly, the full list of host matches now are:</p> <blockquote> <div><table class="docutils align-default"> <thead> <tr class="row-odd"><th class="head"><p>Value</p></th> <th class="head"><p>Description</p></th> </tr> </thead> <tbody> <tr class="row-even"><td><p><code class="docutils literal notranslate"><span class="pre">none</span></code></p></td> <td><p>Do not match and do not re-use server sessions.</p></td> </tr> <tr class="row-odd"><td><p><code class="docutils literal notranslate"><span class="pre">ip</span></code></p></td> <td><p>Re-use server sessions, checking only that the IP address and port of the origin server matches.</p></td> </tr> <tr class="row-even"><td><p><code class="docutils literal notranslate"><span class="pre">host</span></code></p></td> <td><p>Re-use server sessions, checking that the fully qualified domain name matches. In addition, if the session uses TLS, it also checks that the current transaction’s host header value matchs the session’s SNI.</p></td> </tr> <tr class="row-odd"><td><p><code class="docutils literal notranslate"><span class="pre">both</span></code></p></td> <td><p>Equivalent to <code class="docutils literal notranslate"><span class="pre">host,ip</span></code>.</p></td> </tr> <tr class="row-even"><td><p><code class="docutils literal notranslate"><span class="pre">hostonly</span></code></p></td> <td><p>Check that the fully qualified domain name matches.</p></td> </tr> <tr class="row-odd"><td><p><code class="docutils literal notranslate"><span class="pre">sni</span></code></p></td> <td><p>Check that the SNI of the session matches the SNI that would be used to create a new session. Only applicable for TLS sessions.</p></td> </tr> <tr class="row-even"><td><p><code class="docutils literal notranslate"><span class="pre">cert</span></code></p></td> <td><p>Check that the certificate file name used for the server session matches the certificate file name that would be used for the new server session. Only applicable for TLS sessions.</p></td> </tr> </tbody> </table> </div></blockquote> </section> <section id="ram-cache-per-volumes"> <h3>RAM cache per volumes<a class="headerlink" href="#ram-cache-per-volumes" title="Permalink to this heading"></a></h3> <p>In <a class="reference internal" href="../admin-guide/files/volume.config.en.html#std-configfile-volume.config"><code class="xref std std-file docutils literal notranslate"><span class="pre">volume.config</span></code></a>, you can now specify if a volume should have a RAM cache or not. This can be particularly useful when a volume is assigned to a RAM disk already. The new option flag is <cite>ramcache</cite>, with a value of <cite>true</cite> or <cite>false</cite>.</p> </section> </section> <section id="incompatible-records-config-settings"> <h2>Incompatible records.config settings<a class="headerlink" href="#incompatible-records-config-settings" title="Permalink to this heading"></a></h2> <p>These are the changes that are most likely to cause problems during an upgrade. Take special care making sure you have updated your configurations accordingly.</p> <section id="connection-management"> <h3>Connection management<a class="headerlink" href="#connection-management" title="Permalink to this heading"></a></h3> <p>The old settings for origin connection management included the following settings:</p> <ul class="simple"> <li><p><code class="docutils literal notranslate"><span class="pre">proxy.config.http.origin_max_connections</span></code></p></li> <li><p><code class="docutils literal notranslate"><span class="pre">proxy.config.http.origin_max_connections_queue</span></code></p></li> <li><p><code class="docutils literal notranslate"><span class="pre">proxy.config.http.origin_min_keep_alive_connections</span></code></p></li> </ul> <p>These are all gone, and replaced with the following set of configurations:</p> <ul class="simple"> <li><p><a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-http-per-server-connection-max" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.http.per_server.connection.max</span></code></a> (overridable)</p></li> <li><p><a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-http-per-server-connection-match" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.http.per_server.connection.match</span></code></a> (overridable)</p></li> <li><p><a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-http-per-server-connection-alert-delay" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.http.per_server.connection.alert_delay</span></code></a></p></li> <li><p><a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-http-per-server-connection-queue-size" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.http.per_server.connection.queue_size</span></code></a></p></li> <li><p><a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-http-per-server-connection-queue-delay" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.http.per_server.connection.queue_delay</span></code></a></p></li> <li><p><a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-http-per-server-connection-min" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.http.per_server.connection.min</span></code></a></p></li> </ul> </section> </section> <section id="logging-and-metrics"> <h2>Logging and Metrics<a class="headerlink" href="#logging-and-metrics" title="Permalink to this heading"></a></h2> <p>In addition to logging indivdiual headers, we now have comparable log tags that dumbs the entire header. This table shows the additions, and what they correspond with.</p> <blockquote> <div><table class="docutils align-default"> <thead> <tr class="row-odd"><th class="head"><p>Original Field</p></th> <th class="head"><p>All Headers Variant</p></th> </tr> </thead> <tbody> <tr class="row-even"><td><p>cqh</p></td> <td><p>cqah</p></td> </tr> <tr class="row-odd"><td><p>pqh</p></td> <td><p>pqah</p></td> </tr> <tr class="row-even"><td><p>psh</p></td> <td><p>psah</p></td> </tr> <tr class="row-odd"><td><p>ssh</p></td> <td><p>ssah</p></td> </tr> <tr class="row-even"><td><p>cssh</p></td> <td><p>cssah</p></td> </tr> </tbody> </table> </div></blockquote> <p>A new log field for the elliptic curve was introduced, <cite>cqssu</cite>. Also related to TLS, the new log field <cite>cssn</cite> allows logging the SNI server name from the client handshake.</p> <section id="new-origin-metrics"> <h3>New origin metrics<a class="headerlink" href="#new-origin-metrics" title="Permalink to this heading"></a></h3> <p>A large number of metrics were added for the various cases where ATS closes an origin connection. This includes:</p> <ul class="simple"> <li><p><a class="reference internal" href="../admin-guide/monitoring/statistics/core/origin.en.html#proxy-process-http-origin-shutdown-pool-lock-contention" title="records.config"><code class="xref ts ts-stat docutils literal notranslate"><span class="pre">proxy.process.http.origin_shutdown.pool_lock_contention</span></code></a></p></li> <li><p><a class="reference internal" href="../admin-guide/monitoring/statistics/core/origin.en.html#proxy-process-http-origin-shutdown-migration-failure" title="records.config"><code class="xref ts ts-stat docutils literal notranslate"><span class="pre">proxy.process.http.origin_shutdown.migration_failure</span></code></a></p></li> <li><p><a class="reference internal" href="../admin-guide/monitoring/statistics/core/origin.en.html#proxy-process-http-origin-shutdown-tunnel-server" title="records.config"><code class="xref ts ts-stat docutils literal notranslate"><span class="pre">proxy.process.http.origin_shutdown.tunnel_server</span></code></a></p></li> <li><p><a class="reference internal" href="../admin-guide/monitoring/statistics/core/origin.en.html#proxy-process-http-origin-shutdown-tunnel-server-no-keep-alive" title="records.config"><code class="xref ts ts-stat docutils literal notranslate"><span class="pre">proxy.process.http.origin_shutdown.tunnel_server_no_keep_alive</span></code></a></p></li> <li><p><a class="reference internal" href="../admin-guide/monitoring/statistics/core/origin.en.html#proxy-process-http-origin-shutdown-tunnel-server-eos" title="records.config"><code class="xref ts ts-stat docutils literal notranslate"><span class="pre">proxy.process.http.origin_shutdown.tunnel_server_eos</span></code></a></p></li> <li><p><a class="reference internal" href="../admin-guide/monitoring/statistics/core/origin.en.html#proxy-process-http-origin-shutdown-tunnel-server-plugin-tunnel" title="records.config"><code class="xref ts ts-stat docutils literal notranslate"><span class="pre">proxy.process.http.origin_shutdown.tunnel_server_plugin_tunnel</span></code></a></p></li> <li><p><a class="reference internal" href="../admin-guide/monitoring/statistics/core/origin.en.html#proxy-process-http-origin-shutdown-tunnel-transform-read" title="records.config"><code class="xref ts ts-stat docutils literal notranslate"><span class="pre">proxy.process.http.origin_shutdown.tunnel_transform_read</span></code></a></p></li> <li><p><a class="reference internal" href="../admin-guide/monitoring/statistics/core/origin.en.html#proxy-process-http-origin-shutdown-release-no-sharing" title="records.config"><code class="xref ts ts-stat docutils literal notranslate"><span class="pre">proxy.process.http.origin_shutdown.release_no_sharing</span></code></a></p></li> <li><p><a class="reference internal" href="../admin-guide/monitoring/statistics/core/origin.en.html#proxy-process-http-origin-shutdown-release-no-keep-alive" title="records.config"><code class="xref ts ts-stat docutils literal notranslate"><span class="pre">proxy.process.http.origin_shutdown.release_no_keep_alive</span></code></a></p></li> <li><p><a class="reference internal" href="../admin-guide/monitoring/statistics/core/origin.en.html#proxy-process-http-origin-shutdown-release-invalid-response" title="records.config"><code class="xref ts ts-stat docutils literal notranslate"><span class="pre">proxy.process.http.origin_shutdown.release_invalid_response</span></code></a></p></li> <li><p><a class="reference internal" href="../admin-guide/monitoring/statistics/core/origin.en.html#proxy-process-http-origin-shutdown-release-invalid-request" title="records.config"><code class="xref ts ts-stat docutils literal notranslate"><span class="pre">proxy.process.http.origin_shutdown.release_invalid_request</span></code></a></p></li> <li><p><a class="reference internal" href="../admin-guide/monitoring/statistics/core/origin.en.html#proxy-process-http-origin-shutdown-release-modified" title="records.config"><code class="xref ts ts-stat docutils literal notranslate"><span class="pre">proxy.process.http.origin_shutdown.release_modified</span></code></a></p></li> <li><p><a class="reference internal" href="../admin-guide/monitoring/statistics/core/origin.en.html#proxy-process-http-origin-shutdown-release-misc" title="records.config"><code class="xref ts ts-stat docutils literal notranslate"><span class="pre">proxy.process.http.origin_shutdown.release_misc</span></code></a></p></li> <li><p><a class="reference internal" href="../admin-guide/monitoring/statistics/core/origin.en.html#proxy-process-http-origin-shutdown-cleanup-entry" title="records.config"><code class="xref ts ts-stat docutils literal notranslate"><span class="pre">proxy.process.http.origin_shutdown.cleanup_entry</span></code></a></p></li> <li><p><a class="reference internal" href="../admin-guide/monitoring/statistics/core/origin.en.html#proxy-process-http-origin-shutdown-tunnel-abort" title="records.config"><code class="xref ts ts-stat docutils literal notranslate"><span class="pre">proxy.process.http.origin_shutdown.tunnel_abort</span></code></a></p></li> </ul> </section> <section id="metric-scaling"> <h3>Metric scaling<a class="headerlink" href="#metric-scaling" title="Permalink to this heading"></a></h3> <p>In previous versions of ATS, you had to rebuild the software to increase the maximum number of metrics that the system could handle. This is replaced with a new command line option for <strong class="program">traffic_manager</strong>, <cite>–maxRecords</cite>. The old build configure option for this, <cite>–with-max-api-stats</cite>, is also eliminated.</p> </section> <section id="tls-version-metrics"> <h3>TLS version metrics<a class="headerlink" href="#tls-version-metrics" title="Permalink to this heading"></a></h3> <p>A set of new metrics for SSL and TLS versions have been added:</p> <ul class="simple"> <li><p>proxy.process.ssl.ssl_total_sslv3</p></li> <li><p>proxy.process.ssl.ssl_total_tlsv1</p></li> <li><p>proxy.process.ssl.ssl_total_tlsv11</p></li> <li><p>proxy.process.ssl.ssl_total_tlsv12</p></li> <li><p>proxy.process.ssl.ssl_total_tlsv13</p></li> </ul> </section> </section> <section id="plugins"> <h2>Plugins<a class="headerlink" href="#plugins" title="Permalink to this heading"></a></h2> <section id="statichit"> <h3>statichit<a class="headerlink" href="#statichit" title="Permalink to this heading"></a></h3> <p>This is a new, generic static file serving plugin. This can replace other plugins as well, for example the <strong class="program">healthchecks</strong>.</p> </section> <section id="maxmind"> <h3>maxmind<a class="headerlink" href="#maxmind" title="Permalink to this heading"></a></h3> <p>A new geo-ACL plugin was merged, <strong class="program">maxmind</strong>. This should support the newer APIs from MaxMind, and should likely replace the old plugin in future release of ATS.</p> </section> <section id="memory-profile"> <h3>memory_profile<a class="headerlink" href="#memory-profile" title="Permalink to this heading"></a></h3> <p>This is a helper plugin for debugging and analyzing memory usage with e.g. JEMalloc.</p> </section> <section id="slice"> <h3>slice<a class="headerlink" href="#slice" title="Permalink to this heading"></a></h3> <p>The <strong class="program">slice</strong> plugin has had a major overhaul, and has a significant number of new features and configurations. If you use the slice plugin, we recommend you take a look at the documentation again.</p> </section> <section id="xdebug"> <h3>xdebug<a class="headerlink" href="#xdebug" title="Permalink to this heading"></a></h3> <ul class="simple"> <li><p>A new directive, <cite>fwd=&lt;n&gt;</cite> to control the number of hops the header is forwarded for.</p></li> </ul> </section> <section id="cert-reporting-tool"> <h3>cert_reporting_tool<a class="headerlink" href="#cert-reporting-tool" title="Permalink to this heading"></a></h3> <p>This is a new plugin to log examine and log information on loaded certificates.</p> </section> </section> <section id="plugin-apis"> <h2>Plugin APIs<a class="headerlink" href="#plugin-apis" title="Permalink to this heading"></a></h2> <p>The API for server push is promoted to stable, and modified to return an error code, to be consistent with other similar APIs. The new prototype is:</p> <div class="highlight-c notranslate"><div class="highlight"><pre><span></span><span class="n">TSReturnCode</span><span class="w"> </span><span class="nf">TSHttpTxnServerPush</span><span class="p">(</span><span class="n">TSHttpTxn</span><span class="w"> </span><span class="n">txnp</span><span class="p">,</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="n">url</span><span class="p">,</span><span class="w"> </span><span class="kt">int</span><span class="w"> </span><span class="n">url_len</span><span class="p">);</span> </pre></div> </div> <p>A new set of APIs for scheduling continuations on a specific set of threads has been added:</p> <div class="highlight-c notranslate"><div class="highlight"><pre><span></span><span class="n">TSAction</span><span class="w"> </span><span class="n">TSContScheduleOnPool</span><span class="p">(</span><span class="n">TSCont</span><span class="w"> </span><span class="n">contp</span><span class="p">,</span><span class="w"> </span><span class="n">TSHRTime</span><span class="w"> </span><span class="n">timeout</span><span class="p">,</span><span class="w"> </span><span class="n">TSThreadPool</span><span class="w"> </span><span class="n">tp</span><span class="p">)</span> <span class="n">TSAction</span><span class="w"> </span><span class="n">TSContScheduleOnThread</span><span class="p">(</span><span class="n">TSCont</span><span class="w"> </span><span class="n">contp</span><span class="p">,</span><span class="w"> </span><span class="n">TSHRTime</span><span class="w"> </span><span class="n">timeout</span><span class="p">,</span><span class="w"> </span><span class="n">TSEventThread</span><span class="w"> </span><span class="n">ethread</span><span class="p">)</span> </pre></div> </div> <p>There is a new API for redoing a cache lookup, typically after a URL change, or cache key update:</p> <div class="highlight-c notranslate"><div class="highlight"><pre><span></span><span class="n">TSReturnCode</span><span class="w"> </span><span class="n">TSHttpTxnRedoCacheLookup</span><span class="p">(</span><span class="n">TSHttpTxn</span><span class="w"> </span><span class="n">txnp</span><span class="p">,</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="n">url</span><span class="p">,</span><span class="w"> </span><span class="kt">int</span><span class="w"> </span><span class="n">length</span><span class="p">)</span> </pre></div> </div> <p>New APIs for TLS client context retrievals were added:</p> <div class="highlight-c notranslate"><div class="highlight"><pre><span></span><span class="n">TSReturnCode</span><span class="w"> </span><span class="n">TSSslClientContextsNamesGet</span><span class="p">(</span><span class="kt">int</span><span class="w"> </span><span class="n">n</span><span class="p">,</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">**</span><span class="n">result</span><span class="p">,</span><span class="w"> </span><span class="kt">int</span><span class="w"> </span><span class="o">*</span><span class="n">actual</span><span class="p">)</span> <span class="n">TSSslContext</span><span class="w"> </span><span class="n">TSSslClientContextFindByName</span><span class="p">(</span><span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="n">ca_paths</span><span class="p">,</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="n">ck_paths</span><span class="p">)</span> </pre></div> </div> <p>In addition to these, a new set of APIs were added for the effective TLS handshake with the client. These APIs also have equivalent Lua APIs:</p> <div class="highlight-c notranslate"><div class="highlight"><pre><span></span><span class="kt">int</span><span class="w"> </span><span class="n">TSVConnIsSslReused</span><span class="p">(</span><span class="n">TSVConn</span><span class="w"> </span><span class="n">sslp</span><span class="p">)</span> <span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="n">TSVConnSslCipherGet</span><span class="p">(</span><span class="n">TSVConn</span><span class="w"> </span><span class="n">sslp</span><span class="p">)</span> <span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="n">TSVConnSslProtocolGet</span><span class="p">(</span><span class="n">TSVConn</span><span class="w"> </span><span class="n">sslp</span><span class="p">)</span> <span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="n">TSVConnSslCurveGet</span><span class="p">(</span><span class="n">TSVConn</span><span class="w"> </span><span class="n">sslp</span><span class="p">)</span> </pre></div> </div> <p>We have also added two new alert mechanisms for plugins:</p> <div class="highlight-c notranslate"><div class="highlight"><pre><span></span><span class="kt">void</span><span class="w"> </span><span class="n">TSEmergency</span><span class="p">(</span><span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="n">fmt</span><span class="p">,</span><span class="w"> </span><span class="p">...)</span><span class="w"> </span><span class="n">TS_PRINTFLIKE</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span><span class="w"> </span><span class="mi">2</span><span class="p">)</span> <span class="kt">void</span><span class="w"> </span><span class="n">TSFatal</span><span class="p">(</span><span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="n">fmt</span><span class="p">,</span><span class="w"> </span><span class="p">...)</span><span class="w"> </span><span class="n">TS_PRINTFLIKE</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span><span class="w"> </span><span class="mi">2</span><span class="p">)</span> </pre></div> </div> <p>A new API was added to allow control over whether the plugin will participate in the dynamic plugin reload mechanism:</p> <div class="highlight-c notranslate"><div class="highlight"><pre><span></span><span class="n">TSReturnCode</span><span class="w"> </span><span class="n">TSPluginDSOReloadEnable</span><span class="p">(</span><span class="kt">int</span><span class="w"> </span><span class="n">enabled</span><span class="p">)</span> </pre></div> </div> <section id="user-arg-slots"> <h3>User Arg Slots<a class="headerlink" href="#user-arg-slots" title="Permalink to this heading"></a></h3> <p>The concept of user argument slots for plugins was completely redesigned. The old behavior still exists, but we now have a much cleaner, and smaller, set of APIs. In addition, it also adds a new slot type, <cite>global</cite>, which allows a slot for plugins to retain global data across reloads and cross-plugins.</p> <p>The new set of APIs has the following signature:</p> <div class="highlight-c notranslate"><div class="highlight"><pre><span></span><span class="k">typedef</span><span class="w"> </span><span class="k">enum</span><span class="w"> </span><span class="p">{</span> <span class="w"> </span><span class="n">TS_USER_ARGS_TXN</span><span class="p">,</span><span class="w"> </span><span class="c1">///&lt; Transaction based.</span> <span class="w"> </span><span class="n">TS_USER_ARGS_SSN</span><span class="p">,</span><span class="w"> </span><span class="c1">///&lt; Session based</span> <span class="w"> </span><span class="n">TS_USER_ARGS_VCONN</span><span class="p">,</span><span class="w"> </span><span class="c1">///&lt; VConnection based</span> <span class="w"> </span><span class="n">TS_USER_ARGS_GLB</span><span class="p">,</span><span class="w"> </span><span class="c1">///&lt; Global based</span> <span class="w"> </span><span class="n">TS_USER_ARGS_COUNT</span><span class="w"> </span><span class="c1">///&lt; Fake enum, # of valid entries.</span> <span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="n">TSUserArgType</span><span class="p">;</span> <span class="n">TSReturnCode</span><span class="w"> </span><span class="nf">TSUserArgIndexReserve</span><span class="p">(</span><span class="n">TSUserArgType</span><span class="w"> </span><span class="n">type</span><span class="p">,</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="n">name</span><span class="p">,</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="n">description</span><span class="p">,</span><span class="w"> </span><span class="kt">int</span><span class="w"> </span><span class="o">*</span><span class="n">arg_idx</span><span class="p">);</span> <span class="n">TSReturnCode</span><span class="w"> </span><span class="nf">TSUserArgIndexNameLookup</span><span class="p">(</span><span class="n">TSUserArgType</span><span class="w"> </span><span class="n">type</span><span class="p">,</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="n">name</span><span class="p">,</span><span class="w"> </span><span class="kt">int</span><span class="w"> </span><span class="o">*</span><span class="n">arg_idx</span><span class="p">,</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">**</span><span class="n">description</span><span class="p">);</span> <span class="n">TSReturnCode</span><span class="w"> </span><span class="nf">TSUserArgIndexLookup</span><span class="p">(</span><span class="n">TSUserArgType</span><span class="w"> </span><span class="n">type</span><span class="p">,</span><span class="w"> </span><span class="kt">int</span><span class="w"> </span><span class="n">arg_idx</span><span class="p">,</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">**</span><span class="n">name</span><span class="p">,</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">**</span><span class="n">description</span><span class="p">);</span> <span class="kt">void</span><span class="w"> </span><span class="nf">TSUserArgSet</span><span class="p">(</span><span class="kt">void</span><span class="w"> </span><span class="o">*</span><span class="n">data</span><span class="p">,</span><span class="w"> </span><span class="kt">int</span><span class="w"> </span><span class="n">arg_idx</span><span class="p">,</span><span class="w"> </span><span class="kt">void</span><span class="w"> </span><span class="o">*</span><span class="n">arg</span><span class="p">);</span> <span class="kt">void</span><span class="w"> </span><span class="o">*</span><span class="nf">TSUserArgGet</span><span class="p">(</span><span class="kt">void</span><span class="w"> </span><span class="o">*</span><span class="n">data</span><span class="p">,</span><span class="w"> </span><span class="kt">int</span><span class="w"> </span><span class="n">arg_idx</span><span class="p">);</span> </pre></div> </div> <p>One fundamental change here is that the opaque <cite>data</cite> parameter to <cite>TSUserArgSet</cite> and <cite>TSUserArgGet</cite> are context aware. If you pass in a <cite>Txn</cite> pointer, it behaves as a transaction user arg slot. If you pass in a nullptr, it becomes the new <cite>global</cite> slot behavior (since there is no context). The valid contexts are:</p> <blockquote> <div><table class="docutils align-default"> <thead> <tr class="row-odd"><th class="head"><p>data type</p></th> <th class="head"><p>Semantics</p></th> </tr> </thead> <tbody> <tr class="row-even"><td><p><code class="docutils literal notranslate"><span class="pre">TSHttpTxn</span></code></p></td> <td><p>The implicit context is for a transaction (<code class="docutils literal notranslate"><span class="pre">TS_USER_ARGS_TXN</span></code>)</p></td> </tr> <tr class="row-odd"><td><p><code class="docutils literal notranslate"><span class="pre">TSHttpSsn</span></code></p></td> <td><p>The implicit context is for a transaction (<code class="docutils literal notranslate"><span class="pre">TS_USER_ARGS_SSN</span></code>)</p></td> </tr> <tr class="row-even"><td><p><code class="docutils literal notranslate"><span class="pre">TSVConn</span></code></p></td> <td><p>The implicit context is for a transaction (<code class="docutils literal notranslate"><span class="pre">TS_USER_ARGS_VCONN</span></code>)</p></td> </tr> <tr class="row-odd"><td><p><code class="docutils literal notranslate"><span class="pre">nullptr</span></code></p></td> <td><p>The implicit context is global (<code class="docutils literal notranslate"><span class="pre">TS_USER_ARGS_GLB</span></code>)</p></td> </tr> </tbody> </table> </div></blockquote> </section> </section> </section> <section id="version-9-2-x-updates"> <span id="version-9-2-x"></span><h1>Version 9.2.x Updates<a class="headerlink" href="#version-9-2-x-updates" title="Permalink to this heading"></a></h1> <section id="id1"> <h2>New Features<a class="headerlink" href="#id1" title="Permalink to this heading"></a></h2> <p>In addition to the new features from v9.0.x, this release includes:</p> <ul class="simple"> <li><p>A number of performance improvements have been made, and this should show noticeable gains.</p></li> <li><p>Log throttling can now be controlled via two new settings.</p></li> <li><p>A new feature to create and manage pre-warmed TLS tunnels was added.</p></li> <li><p>The setting for <a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-ssl-client-sni-policy" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.ssl.client.sni_policy</span></code></a> can now be controlled via <a class="reference internal" href="../admin-guide/files/sni.yaml.en.html#std-configfile-sni.yaml"><code class="xref std std-file docutils literal notranslate"><span class="pre">sni.yaml</span></code></a>.</p></li> <li><p>New features, and overall improvements for Parent Selection were added.</p></li> <li><p>There is now an internal inspector to produce stats for remap rule frequency.</p></li> <li><p>BoringSSL is now properly supported, and should be a drop in replacement for OpenSSL.</p></li> <li><p>A new allocator, <cite>mimalloc</cite>, is now available via the <code class="docutils literal notranslate"><span class="pre">--with-mimalloc</span></code> configure option.</p></li> <li><p>A large number of autest have been added, and improvements made to the existing tests.</p></li> </ul> <p>A new infrastructure and tool chain for end-to-end testing and replaying traffic is introduced, the Proxy Verifier.</p> <section id="log-throttling"> <h3>Log throttling<a class="headerlink" href="#log-throttling" title="Permalink to this heading"></a></h3> <p>The throttling of logging is controlled by the new configurations:</p> <ul class="simple"> <li><p><a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-log-proxy-config-log-throttling-interval-msec" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.log.proxy.config.log.throttling_interval_msec</span></code></a></p></li> <li><p><a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-diags-debug-throttling-interval-msec" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.diags.debug.throttling_interval_msec</span></code></a></p></li> </ul> <p>This feature is useful to control logging pressure under traffic spikes, bad configurations or DDoS attacks.</p> </section> <section id="parent-selection-improvements"> <h3>Parent Selection Improvements<a class="headerlink" href="#parent-selection-improvements" title="Permalink to this heading"></a></h3> <ul class="simple"> <li><p>A setting to control the ring mode was added, <code class="docutils literal notranslate"><span class="pre">ring_mode</span></code>, with three possible settings: <cite>exhaust_ring</cite>, <cite>alternate_ring</cite>, or <cite>peering_ring</cite>.</p></li> <li><p>Two new settings are now available to control how parents are marked down. The configurations are <a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-http-parent-proxy-enable-parent-timeout-markdowns" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.http.parent_proxy.enable_parent_timeout_markdowns</span></code></a> and <a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-http-parent-proxy-disable-parent-markdowns" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.http.parent_proxy.disable_parent_markdowns</span></code></a>.</p></li> </ul> </section> <section id="remap-inspector"> <h3>Remap inspector<a class="headerlink" href="#remap-inspector" title="Permalink to this heading"></a></h3> <p>This feature can help identifying which remap rule is most frequently used. This helps when ordering remap rules, and also when removing unused rules. This is not well documented unfortunately, for some details see <a class="reference external" href="https://github.com/apache/trafficserver/pull/7936">https://github.com/apache/trafficserver/pull/7936</a> .</p> </section> </section> <section id="id2"> <h2>HTTP/2<a class="headerlink" href="#id2" title="Permalink to this heading"></a></h2> <ul class="simple"> <li><p>New metrics were added for streams status, <a class="reference internal" href="../admin-guide/monitoring/statistics/core/http-connection.en.html#proxy-process-http2-max-concurrent-streams-exceeded-in" title="records.config"><code class="xref ts ts-stat docutils literal notranslate"><span class="pre">proxy.process.http2.max_concurrent_streams_exceeded_in</span></code></a> and <a class="reference internal" href="../admin-guide/monitoring/statistics/core/http-connection.en.html#proxy-process-http2-max-concurrent-streams-exceeded-out" title="records.config"><code class="xref ts ts-stat docutils literal notranslate"><span class="pre">proxy.process.http2.max_concurrent_streams_exceeded_out</span></code></a>.</p></li> <li><p>The new setting <a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-http2-stream-error-sampling-threshold" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.http2.stream_error_sampling_threshold</span></code></a> allows for control over the sampling rate of stream errors.</p></li> </ul> </section> <section id="new-configuration-options"> <h2>New configuration options<a class="headerlink" href="#new-configuration-options" title="Permalink to this heading"></a></h2> <ul class="simple"> <li><p>The <a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-cache-log-alternate-eviction" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.cache.log.alternate.eviction</span></code></a> configuration allows control over logging of alternate eviction events. This is useful to get a better idea of how many alternates are being evicted, and to tune the setting.</p></li> <li><p>Better control over loop detection was added, via the <a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-http-max-proxy-cycles" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.http.max_proxy_cycles</span></code></a> configuration.</p></li> <li><p>An option to control tunnel activity check frequencey was added, <a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-tunnel-activity-check-period" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.tunnel.activity_check_period</span></code></a>. In addition, a new metric was added as well, <a class="reference internal" href="../admin-guide/monitoring/statistics/core/ssl.en.html#proxy-process-tunnel-current-active-connections" title="records.config"><code class="xref ts ts-stat docutils literal notranslate"><span class="pre">proxy.process.tunnel.current_active_connections</span></code></a>.</p></li> <li><p>For debugging, a new option allowing to log TLS session keys was added, the new <a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-ssl-keylog-file" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.ssl.keylog_file</span></code></a> setting specifies the log file to write to.</p></li> <li><p>The setting <a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-net-sock-notsent-lowat" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.net.sock_notsent_lowat</span></code></a> was added, allowing for better control over the TCP send buffer. This can both reduce memory usage and reduce buffer bloat.</p></li> </ul> </section> <section id="misc-changes"> <h2>Misc changes<a class="headerlink" href="#misc-changes" title="Permalink to this heading"></a></h2> <ul class="simple"> <li><p>The default for <a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-ssl-origin-session-cache" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.ssl.origin_session_cache</span></code></a> is now <cite>1</cite> (enabled).</p></li> <li><p>A new log tag is available for custom log formats, <code class="docutils literal notranslate"><span class="pre">pqssr</span></code>. This is an indicator if TLS session reuse to origin was succesful.</p></li> <li><p>Two new metrics around loop detection was added, <a class="reference internal" href="../admin-guide/monitoring/statistics/core/http-connection.en.html#proxy-process-http-http-proxy-loop-detected" title="records.config"><code class="xref ts ts-stat docutils literal notranslate"><span class="pre">proxy.process.http.http_proxy_loop_detected</span></code></a> and <a class="reference internal" href="../admin-guide/monitoring/statistics/core/http-connection.en.html#proxy-process-http-http-proxy-mh-loop-detected" title="records.config"><code class="xref ts ts-stat docutils literal notranslate"><span class="pre">proxy.process.http.http_proxy_mh_loop_detected</span></code></a>.</p></li> <li><p>A metric <a class="reference internal" href="../admin-guide/monitoring/statistics/core/hostdb.en.html#proxy-process-hostdb-total-serve-stale" title="records.config"><code class="xref ts ts-stat docutils literal notranslate"><span class="pre">proxy.process.hostdb.total_serve_stale</span></code></a> now tracks HostDB lookups that served stale data.</p></li> <li><p>A new setting <a class="reference internal" href="../admin-guide/files/records.config.en.html#proxy-config-track-config-files" title="records.config"><code class="xref ts ts-cv docutils literal notranslate"><span class="pre">proxy.config.track_config_files</span></code></a> allows for control over tracking configuration files for changes. This should be used with care.</p></li> </ul> </section> <section id="id3"> <h2>Plugins<a class="headerlink" href="#id3" title="Permalink to this heading"></a></h2> <p>The following plugins have new features or configurations.</p> <section id="header-rewrite"> <h3>header_rewrite<a class="headerlink" href="#header-rewrite" title="Permalink to this heading"></a></h3> <ul class="simple"> <li><p>A new directive <code class="docutils literal notranslate"><span class="pre">rm-destination</span></code> was added to remove either the query parameters or the PATH from the incoming request.</p></li> <li><p>A new <code class="docutils literal notranslate"><span class="pre">%{CACHE}</span></code> condition was added, exposing the cache lookup status on the request.</p></li> <li><p>The new directive <code class="docutils literal notranslate"><span class="pre">set-http-cntl</span></code> allows control over various HTTP transaction features, such as turning off logging, cacheability etc.</p></li> <li><p>The <code class="docutils literal notranslate"><span class="pre">set-body</span></code> directive lets you override the body factory, and force a body on requests that are considered errors early on (before going to cache or origin).</p></li> <li><p>As a special matcher (‘{}’), the inbound IP addresses can be matched against a list of IP ranges, e.g. <code class="docutils literal notranslate"><span class="pre">cond</span> <span class="pre">%{INBOUND:REMOTE-ADDR}</span> <span class="pre">{192.168.201.0/24,10.0.0.0/8}</span></code>.</p></li> </ul> </section> <section id="generator"> <h3>generator<a class="headerlink" href="#generator" title="Permalink to this heading"></a></h3> <p>POST request are now handled as well as GET requests.</p> </section> <section id="cache-promote"> <h3>cache_promote<a class="headerlink" href="#cache-promote" title="Permalink to this heading"></a></h3> <ul class="simple"> <li><p>We can now count bytes served as the threshold within the LRU.</p></li> <li><p>A new setting, <code class="docutils literal notranslate"><span class="pre">--internal-enabled</span></code>, was added to allow promotion on internal request.</p></li> </ul> </section> <section id="id4"> <h3>xdebug<a class="headerlink" href="#id4" title="Permalink to this heading"></a></h3> <p>A new header <code class="docutils literal notranslate"><span class="pre">X-Effective-URL</span></code>, to expose the effective (remapped) URL.</p> </section> <section id="regex-revalidate"> <h3>regex_revalidate<a class="headerlink" href="#regex-revalidate" title="Permalink to this heading"></a></h3> <p>New metrics for misses and stale counts were added.</p> </section> <section id="url-sig"> <h3>url_sig<a class="headerlink" href="#url-sig" title="Permalink to this heading"></a></h3> <p>Add a new directive, <code class="docutils literal notranslate"><span class="pre">url_type</span> <span class="pre">=</span> <span class="pre">pristine</span></code>, to use the pristine URL for signing.</p> </section> <section id="prefetch"> <h3>prefetch<a class="headerlink" href="#prefetch" title="Permalink to this heading"></a></h3> <p>A new option was added, <code class="docutils literal notranslate"><span class="pre">--fetch-query</span></code>. This allows giving hints for subsequent URLs via a query parameter.</p> </section> <section id="authproxy"> <h3>authproxy<a class="headerlink" href="#authproxy" title="Permalink to this heading"></a></h3> <p>A new option to enable the cache for internal requests was added, <code class="docutils literal notranslate"><span class="pre">--cache-internal</span></code>.</p> </section> <section id="id5"> <h3>slice<a class="headerlink" href="#id5" title="Permalink to this heading"></a></h3> <p>The plugin now supports prefetching future ranges, similar to to the <code class="docutils literal notranslate"><span class="pre">prefetch</span></code> plugin.</p> </section> <section id="cache-range-requests"> <h3>cache_range_requests<a class="headerlink" href="#cache-range-requests" title="Permalink to this heading"></a></h3> <ul class="simple"> <li><p>The setting <code class="docutils literal notranslate"><span class="pre">--verify-cacheability</span></code> now gives better control over what is cacheable. This is useful together with other plugins such as <cite>cache_promote</cite>.</p></li> <li><p>A new setting <code class="docutils literal notranslate"><span class="pre">--cache-complete-responses</span></code> now allows for “200 OK” responses to be cached as well.</p></li> </ul> </section> <section id="rate-limit"> <h3>rate_limit<a class="headerlink" href="#rate-limit" title="Permalink to this heading"></a></h3> <ul class="simple"> <li><p>Two new options were added for metrics, <code class="docutils literal notranslate"><span class="pre">--prefix</span></code> and <code class="docutils literal notranslate"><span class="pre">--tag</span></code>.</p></li> <li><p>An IP reputation system was added to the plugin.</p></li> </ul> </section> <section id="static-hit"> <h3>static_hit<a class="headerlink" href="#static-hit" title="Permalink to this heading"></a></h3> <p>The plugin can now serve content out of a directory.</p> </section> <section id="otel-tracer"> <h3>otel_tracer<a class="headerlink" href="#otel-tracer" title="Permalink to this heading"></a></h3> <p>This is a new plugin for OpenTelemetry tracing.</p> </section> <section id="http-stats"> <h3>http_stats<a class="headerlink" href="#http-stats" title="Permalink to this heading"></a></h3> <p>This new plugin provides stats over HTTP, but is implemented as a remap plugin. This should make the older <code class="docutils literal notranslate"><span class="pre">stats_over_http</span></code> obsolete.</p> </section> </section> <section id="id6"> <h2>Plugin APIs<a class="headerlink" href="#id6" title="Permalink to this heading"></a></h2> <p>The transction control APIs where refactored and promoted to that <code class="docutils literal notranslate"><span class="pre">ts.h</span></code> public APIs. This adds <a class="reference internal" href="../developer-guide/api/functions/TSHttpTxnCntl.en.html#c.TSHttpTxnCntlGet" title="TSHttpTxnCntlGet"><code class="xref c c-func docutils literal notranslate"><span class="pre">TSHttpTxnCntlGet()</span></code></a> and <a class="reference internal" href="../developer-guide/api/functions/TSHttpTxnCntl.en.html#c.TSHttpTxnCntlSet" title="TSHttpTxnCntlSet"><code class="xref c c-func docutils literal notranslate"><span class="pre">TSHttpTxnCntlSet()</span></code></a>, and the c:enum::<cite>TSHttpCntlType</cite> enum.</p> <p>For introspection into the SNI, the new <a class="reference internal" href="../developer-guide/api/functions/TSVConnSslSniGet.en.html#c.TSVConnSslSniGet" title="TSVConnSslSniGet"><code class="xref c c-func docutils literal notranslate"><span class="pre">TSVConnSslSniGet()</span></code></a> was added.</p> </section> </section> </div> </div> <footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer"> <a href="index.en.html" class="btn btn-neutral float-left" title="Release Notes" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a> <a href="upgrading.en.html" class="btn btn-neutral float-right" title="Upgrading to ATS v9.x" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a> </div> <hr/> <div role="contentinfo"> <p>&#169; Copyright 2024, dev@trafficserver.apache.org.</p> </div> Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>. </footer> </div> </div> </section> </div> <script> jQuery(function () { SphinxRtdTheme.Navigation.enable(true); }); </script> <div class="rst-versions" data-toggle="rst-versions" role="note" aria-label="versions"> <span class="rst-current-version" data-toggle="rst-current-version"> <span class="fa fa-book"> Apache Traffic Server</span> v: 9.2 <span class="fa fa-caret-down"></span> </span> <div class="rst-other-versions"> <dl id="lang-list"> <dt>Languages</dt> </dl> <dl id="version-list"> <dt>Versions</dt> </dl> </div> </div> <script> $(function() { function update_langlist (json) { for (var lang in json) { $('#lang-list').append('<dd><a href="/' + lang + '/latest/">' + json[lang]['name'] + '</a></dd>'); } for (var i in json[curlang]['versions']) { var ver = json[curlang]['versions'][i]; $('#version-list').append('<dd><a href="/' + curlang + '/' + ver + '/">' + ver + '</a></dd>'); } } var curlang = "en" == "None" ? "en" : "en"; $.ajax({ 'url': "/en/latest/_static/languages.json", 'dataType': "json", 'success': function (json) { update_langlist(json) }, 'error': function (xhr,errstr,e) { $.ajax({ 'url': "/_static/languages.json", 'dataType': "json", 'success': function (json) { update_langlist(json) } }) } }); }); </script> </body> </html>

Pages： 1 2 3 4 5 6 7 8 9 10