Quote:
Originally posted by plainsong
Oh right, we were making it a bit more complicated.
Hmmm.. well, I don't know enough about real firewalls and security issues...
I'm just a home-user. In a Firewall program you could just say "don't look at those ports", but somehow I think you mean a real firewall. They should be configurable. I know we had a Nokia adsl modem that had it's own firewall. You opened up it's little webpage for configuration and could tweak this sorta stuff, but again, that's not a business-grade firewall, and your security person might have a heart attack.
Well I know enough when to say it's above my head, and it's definately above my head. Sorry |
I don't think this is what he means, but if I'm wrong, feel free to correct me.
While I've never really run a proxy of any sort, let alone a dedicated box for proxy, here's my explanation of what he's looking for, and maybe someone out there can help. [Although I think that anyone with the ability to help would be able to decipher exactly what he was asking anywa..
]
Anyhow, in a nutshell, a proxy server basically takes data that's been requested and caches it for future requests. This is usually done on the ISP/equivalent of service provider end to limit the bandwidth that comes in, if the webpage was already requested. For instance, user A accesses
www.cnn.com through ISP A's proxy server. The proxy server would then cache the page and the images associated with it. user B comes along and requests the same page through ISP A's proxy server. Instead of requesting the page again from
www.cnn.com's server, it just displays what was cached minutes prior.
What Neil means by "reverse proxy server" is basically, how does one set up a proxy server that isn't on the ISP/client end, but rather on the server end. Instead of multiple requests constantly hitting his webserver, they would instead hit the Cacheflow box, taking a huge load off the web server. The Cacheflow would occasionally check the main webserver to see if a specific page had been updated, and if so, to cache that page and serve it.
As I've never worked with Cacheflow or any proxy servers [like I said above], I can't really say much for how to set it up. However, I'm not seeing the logic in this... If you're going to have all of the load directed toward the proxy server, instead of the webserver getting bogged down, the proxy server is going to get bogged down... but in the end, it hits a bottleneck at the same place -- the server serving data...
Unless the Cacheflow is a whole lot better than the server, I'd just stay with what works.. but that's me.
[What are the specs of the Cacheflow and what are the specs of the server(s) in the farm?]
One exception I can see is if you have multiple servers in the farm that serve a variety of data that you want the proxy server to check and aggregate in one place, rather than have clients access all the servers directly... but this would only contribute to proxy load...
Here's how I would think it would work [and again, I've never worked with proxy servers in a real environment, so I can't say whether or not this actually works..]: Set up the server so that it will take any incoming requests to
www.blahblahblah.com and act like those are clients
behind a proxy. Then, somehow have the proxy server turn around and either serve data, or check for an updated copy from the website in question... So basically, your servers will be the "outside" world, and the "outside world" [ie: internet] will be "behind" the proxy.
I don't know if this makes any sense... but who knows, might give you some ideas...
-Andy