How the reverse proxy server works

Recently intends to study the Nginx source code, see the online introduction Nginx can be used as a reverse proxy server to complete load balancing. So the content of the reverse proxy server is collected and consolidated.

an overview

The reverse proxy method is a proxy server that accepts connection requests on the Internet, then forwards requests to servers on the internal network, and returns the results from the server to the clients that request connections on the Internet, Reverse. At this point the proxy server is represented as a server externally.

The usual proxy server, which is used only to proxy connection requests to the Internet by the internal network, must specify a proxy server and send HTTP requests that would otherwise be sent directly to the Web server to the proxy server. When a proxy server is able to proxy hosts on an external network, this proxy service is called a reverse proxy service when it accesses the internal network.

Figure 1 Rationale for reverse proxy server

Two how the reverse proxy server works

A reverse proxy server typically has two models, which can be used as an alias for a content server or as a load balancer for a content server cluster.

1, as an alias for the content server

If your content server has sensitive information that must be kept secure, such as a credit card number database, you can set up a proxy server outside the firewall as an alias for the content server. When an external client tries to access the content server, it is sent to the proxy server. The actual content is located on the content server and is secured inside the firewall. The proxy server is outside the firewall and appears to the client as a content server.

When the client requests the site, the request goes to the proxy server. The proxy server then sends the client's request to the content server through a specific path in the firewall. The content server then passes the results back to the proxy server through the channel. The proxy server sends the retrieved information to the client, as if the proxy server is the actual content server (see Figure 2). If the content server returns an error message, the proxy server intercepts the message and changes any URLs that are listed in the header, and then sends the message to the client. This prevents external clients from getting the redirect URL of the internal content server.

In this way, the proxy server provides another barrier between the secure database and possible malicious attacks. As opposed to having access to the entire database, the perpetrator is at best limited to accessing the information involved in a single transaction, even if it is a fluke attack. An unauthorized user cannot access a real content server because the firewall path only allows the proxy server to have access.

Figure 2 Reverse proxy Server as an alias for a content server

A firewall router can be configured to allow only specific servers on a specific port (in this case, the proxy server on its assigned port) to have access through the firewall without allowing any other machines to enter or leave.

2, as a load balancer for content servers

You can use multiple proxy servers within an organization to balance Network load across WEB servers. In this model, you can leverage the caching characteristics of the proxy server to create a server pool for load balancing. At this point, the proxy server can be on either side of the firewall. If the Web server receives a large number of requests per day, you can use a proxy server to share the load on the Web server and improve network access efficiency.

The proxy server acts as an intermediary mediator for requests made by the client to the real server. The proxy server stores the requested document in the cache. If there is more than one proxy server, DNS can select its IP address with "cyclic multiplexing" and randomly select the route for the request. The client uses the same URL each time, but the route taken by the request may go through a different proxy server at a time.

Multiple proxy servers can be used to handle requests for a high-volume content server, and the benefit is that content servers can handle higher loads and are more efficient than when they are working alone. During the initial boot, the proxy server retrieves the document from the content server for the first time, and thereafter the number of requests to the content server drops significantly.

Figure 3 Reverse proxy Server as a load balancer

Source: http://blog.csdn.net/keyeagle/article/details/6723408/

How the reverse proxy server works