Configure a cache redirection policy

A cache redirection policy includes one or more expressions (also calledrules). Each expression represents a condition that is evaluated when the client request is compared to the policy.

You do not explicitly configure actions for cache redirection policies. By default, the Citrix ADC appliance considers any request that matches a policy to be non-cacheable and directs the request to the origin server instead of the cache.

Cache redirection policies based on the classic policy format are calledclassic cache redirection policies. Each such policy has a name and includes a classic expression or a set of classic expressions that are combined by using logical operators.

For classic cache redirection policies, you do not explicitly configure actions for the policies. By default, the Citrix ADC appliance considers any request that matches a policy to be non-cacheable and directs the request to the origin server instead of the cache.

Cache redirection policies based on the newer policy format are calledAdvanced redirection policies. Such policy has a name and includes a default syntax expression, or a set of default syntax expressions that are combined by using logical operators, and the following built-in actions:

• CACHE
• ORIGIN

For more information about classic expressions and default syntax expressions, seePolicies and Expressions.

Add a cache redirection policy by using the CLI

At the command prompt, type the following commands to add a cache redirection policy and verify the configuration:

- add cr policy  **-rule**  - show cr policy [] 

Examples:

Policy with a simple expression:

> add cr policy Policy-CRD-1 -rule "REQ.HTTP.URL != /*.jpeg" Done > show cr policy Policy-CRD-1 Cache-By-Pass RULE: REQ.HTTP.URL != '/*.jpeg' Policy:Policy-CRD-1 Done 

与公司政策mpound expression:

> add cr policy Policy-CRD-2 -rule "REQ.HTTP.METHOD == POST && (REQ.HTTP.URL == /*.cgi || REQ.HTTP.URL != /*.gif)" Done > show cr policy Policy-CRD-2 Cache-By-Pass RULE: REQ.HTTP.METHOD == POST && (REQ.HTTP.URL == '/*.cgi' || REQ.HTTP.URL != '/*.gif') Policy:Policy-CRD-2 Done 

Policy that evaluates a header:

> add cr policy Policy-CRD-3 -rule "REQ.HTTP.HEADER If-Modified-Since EXISTS" Done > show cr policy Policy-CRD-3 Cache-By-Pass RULE: REQ.HTTP.HEADER If-Modified-Since EXISTS Policy:Policy-CRD-3 Done 

Add a default syntax cache redirection policy by using the CLI

At the command prompt, type the following commands to add a cache redirection policy and verify the configuration:

- add cr policy  **-rule**  [-action] [-logAction] - show cr policy [] 

Examples:

Policy with a simple expression:

> add cr policy crpol1 -rule !(HTTP.REQ.URL.ENDSWITH(".jpeg”)) -action origin Done > show cr policy crpoll Policy: crpol1 Rule: !(HTTP.REQ.URL.ENDSWITH(".jpeg")) Action: ORIGIN Done 

与公司政策mpound expression:

> add cr policy crpol11 -rule "http.req.method.eq(post) && (HTTP.REQ.URL.ENDSWITH(".gif") || HTTP.REQ.URL.ENDSWITH(".cgi"))" -action cache Done > show cr policy crpol11 Policy: crpol11 Rule: http.req.method.eq(post) && (HTTP.REQ.URL.ENDSWITH(".gif") || HTTP.REQ.URL.ENDSWITH(".cgi")) Action: CACHE Done 

Policy that evaluates a header:

> add cr policy crpol12 -rule http.req.header("If-Modified-Since").exists -action origin Done > show cr policy crpol12 Policy: crpol12 Rule: http.req.header("If-Modified-Since").exists Action: ORIGIN Done 

Modify or remove a cache redirection policy by using the CLI

• To modify a cache redirection policy, use the set cr policy command, which is just like add cr policy command, except that you enter the name of an existing policy.
• To remove a policy, use therm cr policycommand, which accepts only the argument. If the policy is bound to a virtual server, you have to unbind the policy, before you can remove it.

For the details of unbinding a cache redirection policy, seeUnbind a policy from a cache redirection virtual server.

Configure a cache redirection policy with a simple expression by using the GUI

1. Navigate to Traffic Management > Cache Redirection > Policies.

2. In the details pane, click Add.

3. In the Create Cache Redirection Policy dialog box, in the Name* text box, type the name of the policy, and then in the Expression area, click Add.

4. To configure a simple expression, enter the expression. Following is an example of an expression that checks for a .jpeg extension in a URL:

   • Expression Type-General
   • Flow Type -REQ
   • Protocol -HTTP
   • Qualifier -URL
   • Operator - !=
   • Value - /*.jpeg

   The simple expression in the following example checks for an If-Modified-Since header in a request:

   • Expression Type -General
   • Flow Type -REQ
   • Protocol -HTTP
   • Qualifier -HEADER
   • 运营商存在
   • Header Name -If-Modified-Since

5. When you are finished entering the expression, click OK or Create, and then click Close.

Configure a cache redirection policy with a compound expression by using the GUI

1. Navigate to Traffic Management > Cache Redirection > Policies.

2. In the details pane, click Add.

3. In the Name text box, enter a name for the policy.

   The name can begin with a letter, number, or the underscore symbol, and can consist of from one to 127 letters, numbers, and the hyphen (-), period (.) pound (#), space ( ), at (@), equals (=), and underscore (_) symbols. You should choose a name that will make it easy for others to tell what type of content this policy was created to detect.

4. Choose the type of compound expression that you want to create. Your choices are:

   • Match Any Expression. The policy matches the traffic if one or more individual expressions match the traffic.

   • Match All Expressions. The policy matches the traffic only if every individual expression matches the traffic.

   • Tabular Expressions. Switches the Expressions list to a tabular format with three columns. In the rightmost column, you place one of the following operators:

     • The AND [ && ] operator, to require that, to match the policy, a request must match both the current expression and the following expression.

     • The OR [

       ] operator, to require that, to match the policy, a request must match either the current expression or the following expression, or both. Only if the request does not match either expression does it not match the policy.

     You can also group expressions in nested subgroups by selecting an existing expression and clicking one of the following operators:

     • The BEGIN SUBGROUP [+ ( ] operator, which tells the Citrix ADC appliance to begin a nested subgroup with the selected expression. (To remove this operator from the expression, click -( .)
     • The END SUBGROUP [+ ) ] operator, which tells the Citrix ADC appliance to end the current nested subgroup with the selected expression. (To remove this operator from the expression, click -) .)

   • Advanced Free-Form. Switches off the Expressions Editor entirely and turns the Expressions list into a text area in which you can type a compound expression. This is both the most powerful and the most difficult method of creating a policy expression, and is recommended only for those thoroughly familiar with the Citrix ADC classic expressions language.

     For more information about creating classic expressions in the Advanced Free-Form text area, seeConfiguring Classic Policies and Expressions.

     Caution:If you switch to Advanced Free Form expression editing mode, you cannot switch back to any of the other modes. Do not choose this expression editing mode unless you are sure that you want to use it.

5. If you chose Match Any Expression, Match All Expressions, or Tabular Expressions, clickAddto display the Add Expression dialog box.

   You should leave the expression type set to General for cache redirection policies.

6. In the Flow Type drop-down list, choose a flow type for your expression.

   The flow type determines whether the policy examines incoming or outgoing connections. You have two choices:

   • REQ. Configures the Citrix ADC appliance to examine incoming connections, or requests.
   • RES. Configures the appliance to examine outgoing connections, or responses.

7. In the Protocol drop-down list, choose a protocol for your expression.

   The protocol determines the type of information that the policy examines in the request or response. Depending upon whether you chose REQ or RES in the previous drop-down list, either all four or only three of the following choices are available:

   • HTTP. Configures the appliance to examine the HTTP header.
   • SSL. Configures the appliance to examine the SSL client certificate. Available only if you chose REQ (requests) in the previous drop-down list.
   • TCP. Configures the appliance to examine the TCP header.
   • IP. Configures the appliance to examine the source or destination IP address.

8. Choose a qualifier for your expression from the Qualifier drop-down list.

   The contents of the Qualifier drop-down list depend on which protocol you chose. The following table describes the choices available for each protocol.

   Table 1. Cache Redirection Policy Qualifiers Available for Each Protocol

   Protocol	Qualifier	Definition
   HTTP	METHOD	HTTP method used in the request.
   -	URL	Contents of the URL header.
   -	URLTOKENS	URL tokens in the HTTP header.
   -	VERSION	HTTP version of the connection.
   -	HEADER	Header portion of the HTTP request.
   -	URLLEN	Length of the contents of the URL header.
   -	URLQUERY	Query portion of the contents of the URL header.
   -	URLQUERYLEN	Length of the query portion of the URL header.
   SSL	CLIENT.CERT	SSL client certificate as a whole.
   -	CLIENT.CERT.SUBJECT	Contents of the client certificate subject field.
   -	CLIENT.CERT.ISSUER	Client certificate issuer.
   -	CLIENT.CERT.SIGALGO	Signature algorithm used in the client certificate.
   -	CLIENT.CERT.VERSION	Client certificate version.
   -	CLIENT.CERT.VALIDFROM	Date from which the client certificate is valid. (The start date.)
   -	CLIENT.CERT.VALIDTO	Date after which the client certificate is no longer valid. (The end date.)
   -	CLIENT.CERT.SERIALNUMBER	Client certificate serial number.
   -	CLIENT.CIPHER.TYPE	Encryption method used in the client certificate.
   -	CLIENT.CIPHER.BITS	Number of significant bits in the encryption key.
   -	CLIENT.SSL.VERSION	SSL version of the client certificate.
   TCP	SOURCEPORT	Source port of the TCP connection.
   -	DESTPORT	Destination port of the TCP connection.
   -	MSS	Maximum segment size (MSS) of the TCP connection.
   IP	SOURCEIP	Source IP address of the connection.
   -	DESTIP	Destination IP address of the connection.

9. Choose the operator for your expression from the Operator drop-down list.

   Your choices depend on the qualifier you chose in the previous step. The complete list of operators that can appear in this drop-down list is:

   • == . Matches the following text string exactly.
   • != . Does not match the following text string.
   • > . Is greater than the following integer.
   • CONTAINS . Contains the following text string.
   • CONTENTS . The contents of the designated header, URL, or URL query.
   • EXISTS . The specified header or query exists.
   • NOTCONTAINS。不包含下面的吗g text string.
   • NOTEXISTS . The specified header or query does not exist.

   If you want this policy to operate on requests sent to a specific Host, you can leave the default, the equals (==) sign.

10. If the Value text box is visible, type the appropriate string or number into the text box.

    For example, if you want this policy to select requests sent to the host shopping.example.com, you would type that string in the Value text box.

11. If you chose HEADER as the qualifier, type the header you want in the Header Name text box.

12. Click OK to add your expression to the Expression list.

13. Repeat steps 4 through 11 to create additional expressions.

14. Click Close to close the Add Expression dialog box and return to the Create Cache Redirection Policy dialog box.