Chapter 17: Access Control List Configuration Guide
248
DIGITAL GIGAswitch/Router User Reference Manual
Using Profile ACLs with the Web Caching Facility
Web caching is the GSR’s ability to direct HTTP requests for frequently accessed Web
objects to local cache servers, rather than to the Internet. Since the HTTP requests are
handled locally, response time is faster than if the Web objects were retrieved from the
Internet.
You can use Profile ACLs with Web caching in two ways:
•
Specifying which HTTP traffic should always (or never) be redirected to the cache
servers
•
Specifying characteristics of Web objects that should not be cached
Redirecting HTTP Traffic to Cache Servers
You can use a Profile ACL to specify which HTTP traffic should always (or never) be
redirected to the cache servers. (By default, when Web caching is enabled, all HTTP traffic
from all hosts is redirected to the cache servers unless you specify otherwise.)
For example, you can specify that packets with a source address of 10.10.10.10 and a
destination address of 1.2.3.4 always are sent to the Internet and never to the cache
servers. The following commands illustrate this example.
This command creates a Profile ACL called
prof4
that uses as its selection criteria all
packets with a source address of 10.10.10.10 and a destination address of 1.2.3.4 :
The following command creates a
Web caching policy
that prevents packets matching
Profile ACL prof4’s selection criteria (that is, packets with a source address of 10.10.10.10
and a destination address of 1.2.3.4) from being redirected to a cache server. Packets that
match the profile’s selection criteria are sent to the Internet instead.
When the Web caching policy is applied to an interface (with the
web-cache apply
interface
command), HTTP traffic with a source address of 10.10.10.10 and a destination
address of 1.2.3.4 goes to the Internet instead of to the cache servers.
Preventing Web Objects From Being Cached
You can also use a Profile ACL to prevent certain Web objects from being cached. For
example, you can specify that information in packets originating from Internet site 1.2.3.4
and destined for local host 10.10.10.10 not be sent to the cache servers. The following
commands illustrate this example.
gs/r(config)#
acl prof4 permit ip 10.10.10.10 1.2.3.4
gs/r(config)#
web-cache policy1 deny hosts profile prof4
Содержание GIGAswitch GSR-16
Страница 8: ......
Страница 82: ......
Страница 126: ......
Страница 200: ......
Страница 210: ......
Страница 224: ......
Страница 234: ......
Страница 248: ......
Страница 258: ......
Страница 286: ......
Страница 298: ......
Страница 302: ......
Страница 344: ......
Страница 345: ......
Страница 346: ...9032684 03 Printed in U S A...