Dynamic bypass rules

The proxy can be configured to watch for the following protocol interoperability errors and configure the ARM to bypass the proxy for the clients and servers causing the errors.

Error code Description
N/A Non-HTTP traffic on port 80
400 Bad Request
401 Unauthorized
403 Forbidden (authentication failed)
405 Method Not Allowed
406 Not Acceptable (access)
408 Request Timeout
500 Internal Server Error

In this way, the small number of clients or servers that do not operate correctly through proxies are auto-detected and routed around the proxy so that they can continue to function.

For example:

  • When Content Gateway is configured to bypass on authentication failure (403 Forbidden), if any request to an origin server returns a 403 error, Content Gateway generates a destination bypass rule for the origin server’s IP address. All requests to that origin server are bypassed until you restart the proxy.
  • If the ARM detects that a client is sending a non-HTTP request on port 80 to a particular origin server, Content Gateway generates a source/destination rule. All requests from that particular client to the origin server are bypassed; requests from other clients are not bypassed.