In the case of Cologne martial arts, agency service technology is a very old technology, is the use of technology in the early days of the Internet. The general way to implement agent technology is to install agent service software on the server, so that it becomes a proxy server, so as to implement agent technology. Commonly used agent technology is divided into forward agent, reverse proxy and transparent proxy. This article is aimed at these three kinds of agents to explain some basic principles and specific scope of application, so that we can better understand the agency service technology. First, the forward proxy (Forward proxy) Under normal circumstances, if not specifically stated, the proxy technology by default is the forward proxy technology. The concept of a forward proxy is as follows: The forward proxy (forward) is a server "proxy z" between the client "User A" and the original server (origin server) "Server B", in order to obtain the content from the original server. User A sends a request to Proxy server z and specifies the target (server B), and then proxy server Z forwards the request to Server B and returns the obtained content to the client. The client must make some special settings to use the forward proxy. As 1.1 from the above concept, we see that the so-called forward proxy is the proxy server instead of the access "User A" to access the target server "Server B" This is the meaning of the forward proxy. And why use proxy server instead of "User a" to access Server B? This should start with the meaning of the proxy server usage. The following are the main functions of using a forward proxy server: 1. Access to Server B, such as 1.2
Let's take a look at the complex network routing scenario figure 1.2, assuming that the router in the diagram is named R1,r2 from left to right, assume that the first user A to access Server B needs to go through a routing node such as R1 and R2 routers, if the router R1 or router R2 fails, then Server B cannot be accessed. However, if User a lets proxy server z go instead of accessing Server B, because proxy z is not in the router R1 or R2 node, but instead accesses server B through other routing nodes, user A can get the data for Server B. The real example is "FQ". However, since VPN technology is widely used, "FQ" not only uses the traditional forward proxy technology, but also uses the VPN technology.  2, accelerated Access Server B assumes user A to Server B, through the R1 router and the R2 router, while the R1 to the R2 router's link is a low bandwidth link. User A to proxy z, from proxy server Z to Server B, is a high-bandwidth link. Then it is clear that you can speed up access to Server B. 3, Cache role 4, Client access authorization This aspect of the content today is still relatively many, for example, some companies use ISA Server as a forward proxy server to authorize users to access the Internet, Creases 1.3 (Figure 1.3) Figure 1.3 The firewall acts as a gateway to filter access to the extranet. Assuming that both user A and User B have a proxy server, user A allows access to the Internet, and User B does not allow access to the Internet (this is limited on proxy server z) so that user A is authorized to access server B through a proxy server, and User B is not authorized by proxy Server Z, So when you access server B, the packets are discarded directly. 5, hide the whereabouts of visitors such as 1.4 we can see that Server B does not know that access to their own is actually user A, because proxy server z instead of user A to directly interact with Server B. If the proxy server z is fully controlled (or not fully controlled) by user A, it will be used in the term "broiler". (Figure 1.4) Use of reverse proxy server is as follows: 1, Protect and hide the original resource server such as 2.1 (Figure 2.1 ) User A always think it is accessing the original server b instead of proxy server z , but the utility of the reverse proxy server accepts the user A response, from the original resource server B to obtain the user A demand resources, Then send to user A . Only proxy servers are allowed, due to the role of the firewall Z Access raw resource server B . Although in this virtual environment, the common role of firewalls and reverse proxies protects the original resource server b , but the user A does not know. 2, load Balancing When the reverse proxy server more than one time, we can even make them into a cluster, when more users access to resource Server B, the different proxy server Z (x) to answer different users, Then send the resources required by different users. Of course, the reverse proxy server, like a forward proxy server, has the role of cache, which caches the resources of the original resource Server B, instead of requesting data from raw resource Server B, especially some static data, slices and files, If these reverse proxy servers are able to be from the same network as user X, then user x accesses the reverse proxy server x and gets a high-quality speed. This is the core of CDN technology. such as 2.3 (Figure 2.3) We do not explain the CDN, so remove the CDN most critical core technology intelligent DNS. Just demonstrating that CDN technology is actually using the reverse proxy principle is the block. The reverse proxy conclusion is the opposite of the forward proxy, which is like the original server for the client, and the client does not need to make any special settings. The client sends a normal request to the content in the reverse proxy's namespace (name-space), and then the reverse proxy determines where (the originating server) forwards the request and returns the obtained content to the client, as if the content had been its own. Basically, the Internet to do a lot of positive and negative agents, can do a positive proxy software most can also do reverse proxy. The most popular of the open source software is squid, can do both forward proxy, there are many people used to do reverse proxy front-end server. In addition, Ms Isa can be used to make a forward proxy under the Windows platform. The most important practice in reverse proxy is Web service, the most fire in recent years is nginx. Some people on the internet say Nginx can not do a positive proxy, in fact, it is wrong. Nginx can also be a forward agent, but with fewer people. Transparent Agent if the forward agent, reverse proxy and transparent agent according to the human blood relations to divide. Then the forward proxy and transparent proxy is very obvious, and the forward proxy and reverse proxy is a cousin relationship . The transparent proxy means that the client does not need to know the existence of a proxy server, it adapts your request fields and transmits the real IP. Note that encrypted transparent proxies are anonymous proxies, meaning that you do not have to use proxies. The example of transparent proxy practice is that nowadays it isBehavior management software used by multiple companies. such as 3.1 (Figure 3.1)
Decomposition forward proxy, reverse proxy, transparent proxy
