Agent Proxy configuration


To communicate with the backend effectively, Instana uses the SPDY protocol to transfer data. In many cases direct communication from the agent to the backend can be granted and simplifies the deployment of the agents. In some cases one dedicated entry into and exit out of the network is required. For this reason Instana can be used in combination with a variety of proxies. In general http(s), socks4 and socks5 proxies are supported.

This document describes the configuration of squid proxy ( in combination with Instana.

Simple Proxy Setup

There are several ways to install squid on your system. Most linux distributions include squid in their repositories and the software can be installed using the prefered package manager. In case no package is available or you want to run squid on Microsoft Windows you can get squid binaries from this location:


Once squid is installed an example configuration called squid.conf is created. If you want to use the proxy for the Instana communication exclusively you can backup the default configuration and just use this minimal squid.conf:


# The tcp port squid is listening on

http_port 3128

# Please specify subnet with instana agents

acl instana_agent_net src

# This is the ip of the instana backend

acl instana_backend dstdomain

#acl instana_backend dstdomain

#acl instana_backend dstdomain

#acl instana_backend dstdomain

# This is the port used by Instana

acl instana_backend_port port 4444

# This is the repo to download updates and additional sensors

acl instana_repo dstdomain

acl instana_repo_port port 80

acl instana_repo_port_secure port 443

# Protocol used for instana backend

acl instana_backend_proto proto HTTP

# Protocol used for instana backend

acl instana_repo_proto proto HTTP

acl instana_repo_proto_secure proto HTTPS

http_access allow instana_agent_net instana_backend instana_backend_port

http_access allow instana_agent_net instana_repo instana_repo_port

http_access allow instana_agent_net instana_repo instana_repo_port_secure


http_access deny all


For the Instana agent configuration you need to modify two files. In the file <install-dir>/etc/mvn-settings.xml the following information must be present (and not commented out) within the <settings></settings> section:














This enables the Instana agent to download agent updates and additional features automatically. Furthermore the file <install-dir>/etc/instana/com.instana.agent.main.sender.Backend.cfg needs to be reconfigured to use the proxy for the communication between the agent and the Instana backend. Please make sure the following lines are present and not commented out:



Have more questions? Submit a request


  • Avatar
    Luis Sanchez

    Another way to configure proxy in recent releases (215 or so) is using ENV variables:


    The feature works for metrics and sensors download/update. I tested on the host agent, docker and Kubernetes/OCP deployments.

    Documentation available at

    Edited by Luis Sanchez