Configuring Origin Settings with the Performance & Delivery Rule Builder

Important

The rule builder only works with the V2 config framework. If you see the text "configuration is not supported" on the Performance & Delivery Rules screen, you will need to have Instart migrate your configuration format. Please contact your account executive to initiate this migration. If you have the V1 configuration format, you will continue to have limited self-service control over your caching policy and over performance features JavaScript Streaming, Image Transcoding, and Brotli Compression until your configuration is updated. Refer to Delivery and Performance Configuration Overview for details.

This document describes how to use the Performance & Delivery Rules builder to create rules to control settings for your origin servers.

For general information about the Performance & Delivery Rules screen, see Configuring Performance & Delivery Rules in the Portal.

In the rule builder screen, select criteria you want to use to decide to set up origin setting rules. Then specify Origin settings.

For example, here we

  • set the Origin to acme.anvils.com
  • leave the various timeouts at their default values
  • set the Host header to be Edge Domain
  • inherit the setting for Set forwarded for
  • set a True-Client-IP header that contains the three values: the value the X-Forwarded-For header, the value in the Instart-True-Client-IP header, and the value the True-Client-IP header originally had
  • set Failover host header to be Edge Domain
  • leave Maximum retry attempts at its default value

These settings are described below.

Origin

These settings control how we route customer traffic to and from your origin servers. The origin is specified with a valid fully-qualified domain name (FQDN) or IP address.

Timeouts

These are various timeouts between events in the origin communication.

  • Connection timeout: the timeout period within which connection with the origin is expected to be successfully established, in seconds. For HTTPS connections, the SSL handshake time is also included within this timeout period. This field accepts any integer between 1-300, in seconds. The default value is 30.
  • First byte response timeout: the timeout period within which the first byte of the response is expected to be received, in seconds. If the proxy does not get the response first byte within this time, this connection is marked as as bad, and the proxy closes it and retries. The retry itself is based on the configuration parameter max_retry_attempts in the Failure handling setup. This field accepts any integer between 1-9000, in seconds. The default value is 30.
  • Keepalive timeout: the timeout period for persistent connections, in seconds. This field accepts any integer between 1-1500, in seconds. The default value is 300.
  • Inter-response timeout: the timeout period within which the proxy is expected to receive the next response chunk from the origin, in seconds. This setting helps to close requests in case an origin server sends a few response chunks fast and is very slow in sending the next ones. This field accepts any integer between 1-600, in seconds. The default value is 30.

Host header

This specifies the Host header value for requests to origin. Valid values are:

  • Inherited: the value is not set explicitly and is derived from the global defaults or the value set by earlier rules.
  • Edge domain: this sets the upstream host header to the edge domain (this is the Host header value specified in the end user request). This is the default value.
  • Origin domain: this sets the upstream host header to the origin domain.
  • Custom: this sets a custom header you can specify in the text field that appears when you select this.

Set forwarded for

This setting, if set to True, sets an X-Forwarded-For header. If set to Inherited, the value is not set explicitly and is derived from the global defaults or the value set by earlier rules. If set to False, the proxy will not add an X-Forwarded-For header, but one was already set by the client, the proxy will pass it on. The default value is True.

Set true client IP

This setting, if set to True, injects a True-Client-IP header with the value of the first address in the X-Forwarded-For value if present, or, if this is the first proxy and X-Forwarded-For is not present, the remote client IP. If set to Inherited, the value is not set explicitly and is derived from the global defaults or the value set by earlier rules. The default value is False.

Overwrite true client IP headers

When set to True, any headers configured to hold the true client IP will be overwritten in the request if they are already present. Normally we want to pass those headers upstream. The default value is False.

Request Failover

This is a list of HTTP status codes for which you want Origin Failover to occur. These are not required, but conventionally they are used. If you omit a code, failover will only occur when we don't receive any valid HTTP status (in the event of connection errors, timeouts, etc.).

You can select any or all of the following:

  • 500 - Internal server error
  • 502 - Bad gateway
  • 503 - Service unavailable
  • 504 - Gateway timeout

Failover host

A origin that can be used as a failover host. This can be a hostname or an IPv4 address. If it is a hostname, it must be a valid hostname (that is, it must follow the usual restrictions on naming).

Failover host header

This specifies the host header value for requests to origin. Valid values are:

  • Inherited: the value is not set explicitly and is derived from the global defaults or the value set by earlier rules.
  • Edge domain: this sets the upstream host header to the edge domain (this is the Host header value specified in the end user request). This is the default value.
  • Origin domain: this sets the upstream host header to the origin domain.
  • Custom: this sets a custom header you can specify in the text field that appears when you select this.

Maximum retry attempts

If there is a connection failure or a read timeout when trying to connect to the origin, the proxy can retry the connection. This field sets the maximum number of retry attempts that will be made. The retry is done only if there was no data from the upstream. This is useful for load balancers, which sometimes just don't respond after a successful connection has been established. This can be an integer in the range from 0 to 6. The default is 0.

It is recommended that when Origin Failover is being used, this field should be left at its default value of 0. Otherwise there will unnecessary delay by the proxy in retrying the primary origin.