Dynamic bypass rules
The proxy can be configured to watch for the following protocol interoperability errors and configure the ARM to bypass the proxy for the clients and servers causing the errors.
Error code | Description |
---|---|
N/A | Non-HTTP traffic on port 80 |
400 | Bad Request |
401 | Unauthorized |
403 | Forbidden (authentication failed) |
405 | Method Not Allowed |
406 | Not Acceptable (access) |
408 | Request Timeout |
500 | Internal Server Error |
In this way, the small number of clients or servers that do not operate correctly through proxies are auto-detected and routed around the proxy so that they can continue to function.
For example:
- When Content Gateway is configured to bypass on authentication failure (403 Forbidden), if any request to an origin server returns a 403 error, Content Gateway generates a destination bypass rule for the origin server’s IP address. All requests to that origin server are bypassed until you restart the proxy.
- If the ARM detects that a client is sending a non-HTTP request on port 80 to a particular origin server, Content Gateway generates a source/destination rule. All requests from that particular client to the origin server are bypassed; requests from other clients are not bypassed.