SatLink VSAT User Guide
Publication no. 101557
Copyright © 2009 – STM Group, Inc.
Page 88 (160)
# ip pep show
PEP Status : enabled
PEP TCP Mode : Redirect Mode + HTTPA
PEP TCP Server Address: 10.10.22.254
Func Max Total Current Transp Failed
TCP 512 0 0 0 0
HPS 60 0 0 0 0
HPC 60 0 0 0 0
WCM 100 0 0 N/A N/A
TCP Packet statistics:
Rx=0, Out of seq=0, Duplicates=0
Tx=0, Retransmitted=0
Web Cache Statistics:
Req=0 Prefetch=0 Hits=0 Exp=0 Reval=0 Miss=0 Fail=0
DPTHit=0 DPTMiss=0
The ‘PEP TCP Mode’ here indicates that HTTPA is enabled in addition to the specific PEP TCP mode in
use. The ‘TCP’ function statistics indicate connection data for the TCP PEP. An intercepted TCP
connection appears as two connections in the ‘TCP’ connection statistics.
The ‘HPS’ function statistics indicate connection statistics for the side of the HTTPA that interfaces the
web client called the HTTP Proxy Server. The ‘HPC’ function statistics indicate connection statistics for
the side of the HTTPA that interfaces the web client called the HTTP Proxy Client. The ‘WCM’ function
statistics indicate object cache statistics from the Web Cache Manager. ‘DPT’ information is not
essential.
When HTTPA is activated, the VSAT IPC holds a local cache in the same manner as a standard web
browser. The VSAT cache can be inspected and managed in much the same way as a standard browser
cache, through the CLI:
Display a list of the VSAT IPC cached content:
# ip pep show -cache
Flush the VSAT IPC cached content:
# ip pep flush -cache
The VSAT IPC has integrated bypass mechanisms that prevents and limits failure of non-conforming use
of the HTTP port and the HTTP protocol. The IPC can be completely bypassed so that all TCP
communication goes directly between the HTTP client and the HTTP server, allowing non-conforming
schemes to work properly. Domains that are known in advance to be non-conforming can be entered in a
domain bypass list, and some domains that are known to be notoriously non-conforming are
preconfigured and inserted in the domain bypass list at boot time. The list is used to populate a dynamic
list of server addresses subject to IPC bypass through address resolution via the VSAT DNS. Server
addresses that runtime are associated with unsupported mechanisms are automatically added to the
dynamic server bypass list, allowing succeeding access to work properly.
Display a list of the permanently bypassed domains:
# ip pep bypass -show
Add a domain to the list of permanently bypassed domains (e.g. www.nowhere.com
):
# ip pep bypass –add <domain name>
To Next Page
Loading...
