Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Server
User Name
Linux - Server This forum is for the discussion of Linux Software used in a server related context.


  Search this Thread
Old 04-27-2007, 10:37 PM   #1
Registered: May 2006
Location: Bangalore, INDIA
Distribution: Fedora Core
Posts: 69
Blog Entries: 2

Rep: Reputation: 17
understanding reverse proxy using squid

Hi All,

I am just visualizing how a reverse proxy works.
Squid, a open source tool can be configured to work
as a reverse proxy.

Actually a reverse proxy lies inbetween the Internet and the Web server. When a request from a client comes in , the request first goes to the proxy server. The proxy server will look in its cache for the requested page,if it is there in the cache, it will send the requested page to the client or it will forward the request to the original web server.
In such a scenario, the proxy server listens at port 80 and the web server listens at some other port other than normal port 80.The squid is also configured in such a way that request for dynamic contents are forwarded to the original web server.

My confusing is regarding the how the web browsers will know that it has to first contact the proxy server instead of the web server.
One way that can be done which I am thinking is, when I get a registered ip address for my web server , instead of assigning the ip address to the web server , I will assign it to the proxy server. The proxy server is configured in such that any request that comes to it , it will forward it to the web server if the request is not available in its own cache . In that case , the web server will
have a private ip address.
The advantage with reverse proxy is that security of my web server is increased because it is not visible in the internet and also the load on the web server is reduced because the static web pages are served by the proxy server.

Is my understanding is correct. If any guys have implemented reverse proxy , please let me know whether the fact that the DNS will resolve for proxy server instead of web server is correct or not as I mentioned above .
Old 04-28-2007, 03:04 PM   #2
HCL Maintainer
Registered: Jan 2006
Distribution: (H)LFS, Gentoo
Posts: 2,450

Rep: Reputation: 76
Pretty much correct…

Is there a question here?
Old 04-28-2007, 03:06 PM   #3
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975
well yes that's exactly it. what you're much more likely to do is say that your firewall is facing the internet. any hits on the firewalls ip address for port 80 will be forwarded to the squid server. that then just uses it's own largely default caching logic to know whether to send the request on to the destination or not, just like any other caching operation. well, nearly just the same, only difference is that the squid box will recieve standard http requests not http-proxy requests, but other than that exactly the same rules apply. also you can look at using squid as a fornt end to a number of seperate boxes, either identical clones or not, to allow a more resilient architecture.

you're wrong to really be asking about a DNS entry or anything, not really relevant. if resolves to a box that runs squid on port 80, what else do you think is going to happen? but as above you would have these boxes on a private LAN with a decent firewall having the actual internet ip addresses.
Old 05-16-2007, 12:35 AM   #4
LQ Newbie
Registered: May 2007
Posts: 1

Rep: Reputation: 0
Okay, I understand that. What I can't figure out is how to allow other traffic from the internet go through squid to a server.
In other words I want to use squid as a reverse proxy for tcp traffic other than http.
How are those acls and rules set up?


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid reverse proxy with 2 nics jonfa Linux - Networking 1 05-04-2007 02:26 AM
Squid as Reverse Proxy and LAN proxy? zivota Linux - Security 2 02-26-2007 05:00 PM
Squid reverse proxy with SSL jonfa Linux - Networking 1 02-05-2007 07:07 PM
Reverse Proxy in squid winxandlinx Linux - Networking 3 12-04-2006 05:30 AM
Squid Reverse Proxy Cache Question Gentoo20 Linux - Networking 0 02-04-2005 01:19 PM > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 02:00 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration