Cascading Proxy Servers

October 9, 2000 0 comments

Krishna Kumar

Setting up a single proxy server in a campus wide network is difficult and un-economical. The way out is to setup multiple cascading proxy servers.

Consider a campus-wide network–one that spans multiple buildings and has a few thousand users. In such a situation, setting up a single proxy server to serve all users can be both difficult and uneconomical. The wayout is to set up a number of cascading proxy servers. Also called proxy routing, it requires you to set up a number of proxy servers at different points of the network so as to cascade backwards. That is, the ones farther away from the Internet are set up to point to the ones immediately nearer to the net. This forms a hierarchical structure, something like an organization chart. Like in any organization where the lowest rungs do not always have to come to the big boss for everything, in proxy routing only if the proxies lower down do not have the requested items, does the request travel backwards (only if the immediate boss has no authority does the request go to the higher-ups). This way, all clients need not come to one proxy server and this overtax it.

Having a cascading setup has other advantages too. The network administrator need notset up content filtering rules on all the proxies separately. Setting them up on the one nearest to the Net, the one through which all the others will ultimately have to go, is enough. This one will anyway filter the content that goes to the other proxies.

Cascaded proxies are used extensively by ISPs to improve access speeds for clients. Not all points of presence of the ISP connect directly to their gateway. Smaller towns and cities will be connected to nearby metros, by small bandwidth pipes. This means that requests for Web pages from people accessing the net from these smaller towns will have to travel longer distances, and that too over smaller pipes. To speed up access, the ISP will implement a number of cascading proxy servers at their different points of presence, as shown in the figure. This way, a Web page request from someone in,say Bhuj, need not travel all the way back to the Internet. If the page is on the Bhuj proxy, it will be served from there. If not, the next check will be at the Ahmedabad proxy. If someone from Anand had earlier requested for the same page, then the Ahmedabad proxy will have a copy, and will serve it. If the page is not at Ahmedabad, then the next check will be at the Mumbai proxy, after which the request will go out on the Internet.

This type of cascading is called hierarchical cascading.Another type of cascading that is possible is peer-to-peer cascading. Here, youdefine two adjacent proxies at the same level on the cascade as peers. For example, in the ISP example we are discussing, you can define the proxies at Madras, Mumbai, and Cochin as peers. Now, if a request from Bhuj cannot be answered by the Ahmedabad and Mumbai proxies, then checks will be made at the Cochin and Chennai proxies (the peers), before going out of the system to fetch the page. Why should such a setup be considered? One of the reasons is economics. The ISP does not pay anything for traffic (bandwidth usage) inside his own network, but has to pay for bandwidth used outside his system. So, he would ideally like to reduce traffic outside the system. Setting up a peer-to-peer proxy helps in achieving this to quite an extent.

Here, it has to be noted that not all proxy servers support cascading. So, if you plan to implement cascading, then you obviously need aproxy server that supports it. Novell BorderManager does. So does Squid and MS Proxy (or MS ISA Server). Wingate supports only hierarchical cascading.

Another term you will come across when discussing cascading proxies is proxy arrays. Proxy arrays distribute the cache among themselves, as against a proxy cascade where the cache is replicated. That is, in a proxy array, any one page (or element) cached will be present in only one of the members of the array, while in a cascade the cached item will be present in all of the proxies that received a client request for the item.

Clients of an array are automatically directed to the array member, which contains the item requested. But how will the client know it is talking to an array, and not a single proxy with specified ports handling specified protocols and services? The answer is to do an automatic proxy configuration on the browser. You point your browser to a script on any of the members of the array. This script is replicated automatically onto all the members of the array. This script generates a table of available proxy servers. So, on your browser or other software that has to connect to the Internet,instead of manually entering the proxy server’s address and port setting, you set it for automatic configuration.

The advantages of having proxy arrays are that the load onthe proxy can be shared across all members of the array, and even if theInternet connection of one or more of the array members goes down, clientrequests can be routed through the remaining ones, ensuring that parts of thenetwork are not robbed of net connectivity.

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.