RE: Reverse proxy ??

["Eric Toll" <etoll () syracusesupply com>]

What I gave was an example. I was just trying to point out that
in general a reverse proxy has to be told what to do, and here is a paste
from novell, I can do it both ways, inside or outside the firewall.

HTTP Accelerator or Reverse Proxy

The proxy server can be configured as an HTTP accelerator to protect an intranet server
from the Internet and reduce the load on the public Web servers maintained on the
intranet. HTTP acceleration, also known as reverse proxy cache acceleration or Web
server acceleration, creates a front-end processor to a Web server. An HTTP
accelerator server lies between one or more Web servers and the Internet and
represents the Web servers to any clients accessing them. An HTTP accelerator can
also be used to create a local mirror site of a remote server.

When the Internet user queries DNS for the Web server address, it returns the address
of the requested Web server. The HTTP accelerator listens for HTTP requests on port
80 (or another configured port) and processes all incoming Web requests. Requests for
objects that can be cached---static information that does not change often, such as
HTML pages and GIF images---are processed by the proxy. Requests for objects that
cannot be cached---dynamic information that changes frequently---are processed by the
origin Web server on port 80. In general, approximately 90 percent of a typical Web
server content is static and 10 percent is dynamic.

You can set up an HTTP accelerator server to retrieve information or references to
cachable objects from a Web server and cache the information on a BorderManager
server. This reduces loading on the Web server. The HTTP accelerator server forwards
only requests and references that are not in the cache to the Web server.

If your site receives requests for a high percentage of objects that can be cached, the
HTTP accelerator reduces the Web load. For even greater performance, you can cache
objects of a more volatile nature, such as stock quotes, and specify an accuracy delay
time to users.

BorderManager reverse proxy can handle more TCP connections than an origin Web
server (typically UNIX or Windows NT).

HTTP acceleration has the following benefits:

     Provides caching for Web servers 
     Reduces the load on the Web servers and speeds them up 
     Protects Web servers 
     Protects IP networks in conjunction with the other BorderManager services


> > > <Richard.Smyth () nokia com> 11/03/99 07:55PM >>>


> -----Original Message-----
> From: EXT Eric Toll [mailto:etoll () syracusesupply com] 
> Sent: Wednesday, November 03, 1999 4:11 AM
> To: joe () joesnet com 
> Cc: <
> Subject: RE: Reverse proxy ??
>
>
> I feel no one has clearly said what a Reverse Proxy is.
>
> Proxy: is a entity which takes client requests, 
> goes and gets it on the net and saves it to its disk, (in 
> case anyone else wants the same item - caching) 
> then serves it up to the client.  (FTP, WWW, etc)
>
> Reverse Proxy:   Gee wilickers I've got 200+ users going out 
> to a large web site all the time.  I know
> what to do, I'll cache the whole site  and I'll tell the 
> proxy server (on my users behalf) to 
> go out and start copying the whole entire site at midnight, 
> tell it not to expire for 4 days, and save all this 
> info to the proxy servers disk array.  Now when everyone 
> starts hitting this particular site,  the content
> is served up via high speed local net, instead of going out 
> across the internet connection.

What you just described is NOT reverse (or "inbound") proxy.  That's a
normal proxy with something resembling predictive caching.

A normal proxy accepts requests from inside your network for web sites
outside.  A reverse proxy accepts requests from outside for a web server
inside.  As walter said, it's sometimes called web acceleration as the proxy
server is often capable of delivering the static pages out faster than the
web server.

Reverse proxying is often authenticated.  IE if I run a number of web
servers on my "intranet" I may only want my users to see them.  However,
sometimes the users are outside the firewall - so I set up a proxy server on
the border of my network, and configure it to ask for a password before it
delivers the site.  Then people get their internet connection anywhere and
point their browser at that proxy server, get authenticated and read web
sites inside my network.

Regards,
Richard.

> Walter is right, I just thought I'd provide a real world example.
>
>
>
> > > > "Joe Ippolito" <joe () joesnet com> 10/31/99 09:33PM >>>
> which may actually be more than one web server behind your 
> firewall acting
> in a round-robin mode?
>
> -----Original Message-----
> From: owner-firewall-wizards () lists nfr net 
> [mailto:owner-firewall-wizards () lists nfr net]On Behalf Of Walter Boyd
> Sent: Saturday, October 30, 1999 3:02 AM
> To: firewall-wizards () nfr net 
> Subject: Re: Reverse proxy ??
>
>
> Reverse Proxy, sometimes referred to as Web Acceleration, is 
> the capability
> of taking an address outside your firewall, mapping it to a web server
> inside the firewall, and performing transparent caching of 
> the web servers'
> static content in the process. The DNS address for the web 
> server is the
> proxy address outside the firewall.
>
> Walter Boyd
> http://www.certifiednets.com/ 
>
> > > > Sandy Green <sand232 () yahoo com> 10/28/99 05:27PM >>>
> There was a quetion here in this list about MS Proxy
> server with one or two NIC cards. In that context it
> was highlighted that with one NIC card "reverse
> proxy" will not be possible.
>
> But can someone explain as to what is reverse proxy ?
>
>
>
>
>
>
> =====
>
> __________________________________________________
> Do You Yahoo!?
> Bid and sell for free at http://auctions.yahoo.com