Route Analysis of proxy servers

Source: Internet
Author: User

For small user groups or home users to access the Internet, using dial-up Internet access is a cheap and practical method. On the LAN, you can use the proxy server software to solve the Internet shared access problem for multiple users. The proxy server is essentially a bridge between the user group and the Internet to achieve Internet access for network users.

Use LAN

At present, there are many lan networking products, and Ethernet switches or hubs are cheap, making it easy for LAN customers to interconnect. This article takes the existing campus network as an example to describe how to use the PROXY server to connect to the Internet and analyze the internal routing of the PROXY server. As shown in the topological structure 1 of the local area network, the LAN consists of several clients, one server, one dial-up network server, and one MODEM connected to the Internet.

The specific configuration is as follows:

1. Client: Install WINDOWS 95/98 and Internet Explorer (Internet Explorer 5.0 or ). In Internet Explorer, select "use proxy server to access the Internet" in the "options, connection" column, and set the IP address and port number of the proxy server (80) enter "Address" and "Port" to complete the simple configuration of the client.

2. SERVER: Install windows nt and PROXY software. Configure the server's RAS, dial-up network, TCP/IP, etc., create a WINDOWS User Account, start the PROXY software, start PROXY tasks such as WEB and FTP, and set permissions, allow the customer to access the Internet.

  
3. MODEM: configure a MODEM and a telephone line on the server side. Dial the local Internet phone number, such as 169 and 163.

4. Dial-Up Network Server: provides services for remote users in the LAN so that remote users can connect to the LAN through dedicated communication lines.

Routing of proxy servers

After configuring the server's RAS Service and dial-up network, perform a dial-up connection. At this time, the proxy server has two interface cards, namely one Nic and one modem. It can be viewed as a router to provide routing forwarding for customers and the outside world, therefore, you must check and adjust the route settings of the server to ensure normal communication between the server and the customer.

Dial on the server. in DOS mode, run the ROUTE command to view the ROUTE table of the server. The following uses the default route as an example to analyze the route table of the NT server during the dialing process. Assume 10.119.40.254 is the gateway of the network segment of the server, and 10.119.40.49 is the IP address of the NT Server Nic.

Server route table before dialing (table 1 ):

NETWORK ADDRESS NETMASK GATEWAY ADDRESS INTERFACE METRIC

0.0.0.0 0.0.0.0 10.119.40.254 10.119.40.49 1

Server route table after dialing (table 2 ):

NETWORK ADDRESS NETMASK GATEWAY ADDRESS INTERFACE METRIC

0.0.0.0 0.0.0.0 10.119.40.254 10.119.40.49 2

0.0.0.0 0.0.0.0 10.18.168.168 10.18.168.168 1

10.18.168.168 is the IP address allocated to the dial-up Network (modem) by the INTERNET server. Compared with table 1 and table 2, the default route changes before and after dialing. This analysis is mainly due to the "Dial-Up Network" and "TCP/IP Settings" option on the server, and the "use the default gateway of the dial-up network" option, in this way, the server sends information to the customer in the 10.119.40.0 network segment at the address 10.18.168.168. When a customer on the network requests to access the INTERNET site, each time the user needs to go through the LAN to the NT server, and then to the MODEM. Therefore, you must ensure the normal connection between the client and the server so that the routing process is performed through the 10.119.40.49 LAN Nic. The PING command is used to check whether the server can PING the client, but the timeout (time out) occurs when the client can PING the server ). This phenomenon indicates that the default route of the proxy server has changed, so that the connection between the customer and the server must first be forwarded through 10.18.168.168. To solve this problem, make the following settings. Assume that the network segment of a customer is 122.103.1.0 and SUBMASK: 255.255.255.0. You must ADD a specified project to the ROUTE table, that is, run the command route add 122.103.1.0 255.255.255.0 10.119.40.49. 10.119.40.49 is the IP address of the network adapter of the NT server. view the server route table as follows:

NETWORK ADDRESS NETMASK GATEWAY ADDRESS INTERFACE METRIC

0.0.0.0 0.0.0.0 10.119.40.254 10.119.40.49 2

0.0.0.0 0.0.0.0 10.18.168.168 10.18.168.168 1

122.103.1.0 255.255.255.0 10.199.40.254 10.119.40.49 1

Further analysis, we can also modify the default ROUTE method to achieve our goal, that is, to use route add 0.0.0.0 0.0.0.0 10.119.40.49 1 if metric = 2

Set the route table:

NETWORK ADDRESS NETMASK GATEWAY ADDRESS INTERFACE METRIC

0.0.0.0 0.0.0.0 10.119.40.254 10.119.40.49 1

In special cases, we analyze the Routing Problem of remote users in the LAN. Remote users exist in the LAN. They are usually connected to the LAN through dedicated communication lines. If they attempt to access the INTERNET through a proxy server, they must configure the route table on the NT server. Because this type of remote users need to go through the dial-up service twice to access the INTERNET, direct routing settings on the PROXY server are particularly necessary. As mentioned above, customers in the LAN can also modify the default route to connect the server to the customer. For remote customers, you must directly set the route for the proxy server. Assume that the network segment of the remote user (Dial-Up Network Server) is 122.100.1.0 and SUBMASK: 255.255.255.0. add route: route add 122.100.1.0 255.255.255.0 10.119.40.49 to ensure the connection of the remote user. Otherwise, when the customer dials the local area network, the remote client can PING all the other devices on the Internet, but the timeout error occurs only when the PING to the NT server. This indicates that the default route of the proxy server does not work at this time.

User Management

You can manage each proxy user through windows nt. When a customer accesses the INTERNET, he/she must first perform user authentication on the proxy server. When the user enters a normal user name and password, he/she can provide INTERNET services and then access the INTERNET through the proxy server. The agent server software can use ms proxy 2.0, which provides a lot of control over PROXY permissions. It can be used to conveniently manage, monitor, and record authorized users and websites.

[1]

Article entry: csh responsible editor: csh

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.