Newsroom Update

Beginning in May, a special Today at Apple series titled “Made for Business” will offer small business owners and entrepreneurs free opportunities to learn how Apple products and services can support their growth and success. Learn more >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: Gavin.Hunt
Gavin.Hunt Author
User level: Level 1
0 points

Is it possible to prevent Caching server from using peers?

Hi All,


I was wondering if there is an easy way to prevent Caching Server from utilizing peer connections and force it to always retrieve updates from the Apple swcdn?


We are running OS X 10.10.3 with Server 4.1.


Background:

We have over 1,000 sites in our environment, many utilizing iPads as BYO devices. These sites make use of caching server heavily to prevent bandwidth saturation. Link speed varies from Satellite (128k) through to dark fibre(100mb). Edge sites cannot cross talk (Router ACLs prevent it) however we have a central Mac Server to provide caching to our central office.


The issue is that this central server has the ability to communicate to all edge sites so even though it is on a dark fibre connection, it often tries to download from a slower peer (i.e. a Satellite site). Short of modifying the network rules to prevent all outgoing connectivity from the server to the edge (it also acts as a central SU server for 10.9 and lower OS X edge servers (hierarchical architecture) so inbound is needed) is there a way to accomplish this?

Mac Pro, OS X Yosemite (10.10.3)

Posted on Jun 2, 2015 3:23 PM

Reply
4 replies
User profile for user: Strontium90
Strontium90
User level: Level 5
4,833 points

Jun 3, 2015 4:14 AM in response to Gavin.Hunt

You might want to use the ListenRanges option to have the Caching Server only respond to specific network ranges. See this kbase article for more details Mavericks Server Admin: Configure advanced cache settings


Technically, this would be for directing clients to multiple caching servers. However, this should work. In Server.app look under the Permissions edit button to define network ranges and check the box that says only cache content for clients on these networks.


Reid

Apple Consultants Network

Author "Yosemite Server – Foundation Services" :: Exclusively available in Apple's iBooks Store

Author "Mavericks Server – Foundation Services" :: Exclusively available in Apple's iBooks Store

Author "Mavericks Server – Control and Collaboration" :: Exclusively available in Apple's iBooks Store

Reply
User profile for user: Gavin.Hunt
Gavin.Hunt Author
User level: Level 1
0 points

Jun 3, 2015 4:33 AM in response to Strontium90

Hi Reid,


Thanks for the reply.


We already have each server configured to only serve clients within its own location through this method (either subnet or multiple subnets) which is working fine. My question is specifically about preventing the servers from peering with each other to share cached content amongst themselves.


To clarify:

1) AppleServer1 (IP: 10.0.0.1) services 10.0.0.0/24 (Local Subnet Only) and AppleServer2 (IP: 10.0.1.1) services 10.0.1.0/24 and 10.0.2.0/24 (Specific Ranges)

2) A client (10.0.0.2) requests an iOS update which AppleServer1 retrieves from the apple swcdn and serves to the client.

3) A 2nd client (10.0.2.1) requests an iOS update which AppleServer2 receives, retrieves from AppleServer1, and returns to the client.


The issue arises if AppleServer1 is located at a site with a slow link (say 512k down, 128k up), resulting in network saturation while the update is copied from the site. I'm looking for a way to block the behaviour in step 3 and force AppleServer2 (which could be on 100mb fibre) to always look at the appleswcdn and ignore peers.

Reply
User profile for user: Strontium90
Strontium90
User level: Level 5
4,833 points

Jun 3, 2015 4:58 AM in response to Gavin.Hunt

See what happens early in the morning. Clearly my reading comprehension was not operating properly.


I think you want to look at the PeerFilterRanges in the advanced options. I believe this is what you can use to control with server peers to which other server.


When PeerFilterRanges is an array (of entries like those for ListenRanges) the caching server filters and sorts its list of peers according to the ranges in the array. The caching server will query peers that aren’t in any of the PeerFilterRanges for assets, and will not query peers not in any of the PeerFilterRanges. The filtering and sorting are applied before truncating the list of peers at MaxPeersToQuery entries (if that setting is present).

Reply
User profile for user: Gavin.Hunt
Gavin.Hunt Author
User level: Level 1
0 points

Jun 8, 2015 3:54 PM in response to Strontium90

Hi Reid,


I've configured the Peer filter ranges in our Config.plist per the below. This should filter out absolutely everything we could potentially use on our network.


<key>PeerFilterRanges</key>

<array>

<dict>

<key>first</key>

<string>10.0.0.1</string>

<key>last</key>

<string>10.254.254.254</string>

</dict>

</array>


I made sure to set the _assetcache permissions and its loading the rest of the configuration. It seems to be completely ignoring the filter ranges (made sure to restart the OS X server completely to be sure) as I've just watched it peering content from a 10.116.0.0 address. Any ideas?

Reply

Is it possible to prevent Caching server from using peers?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up