Proxy (Proxy) is a special network service that allows a network terminal to make an indirect connection with another network terminal through this service. Some network devices such as gateways and routers have network proxy functions. It is generally believed that proxy services are beneficial to protect the privacy or security of network terminals and prevent attacks.
forward proxy
The concept of a forward proxy is easy to understand. A forward proxy is a springboard in the middle of the target server. In order to obtain content from the target server, the client sends a request to the proxy server and specifies the address of the target server, and then the proxy server sends a request to the target server to obtain data and returns the data to the client. Using forward proxy often requires some configuration on our client.
The most common usage scenario of forward proxy is scientific Internet access, such as blue light, shadowsocks, etc.
reverse proxy
A reverse proxy is the exact opposite of a forward proxy. To the client, the reverse proxy is like the target server. And unlike forward proxies, reverse proxies do not require any configuration on the client side. The client sends a request to the proxy server, and the proxy server controls the direction of the request by itself, and forwards the request to the client, so that from the client's point of view, the content is directly obtained from the proxy server.
If you don't understand the above paragraph very thoroughly, then you can clearly know what makes the reverse proxy by looking at the answer of Zhihu Che Xiaopang :
A long time ago, when Lao Wang went to a restaurant to eat, he had to go to the restaurant first, order good dishes, sit down and wait for the food to be served, and then feast on it.
With a third-party food ordering and delivery platform ( agent ), Lao Wang is too lazy to go to the restaurant. Lao Wang makes a phone call or uses the APP to select a restaurant first, then order a good meal, and the takeaway brother will deliver it to the door.
Because the reputation of a certain brand of restaurants is particularly good, diners pour in in an endless stream, and third-party ordering calls are endless. However, due to the limited reception capacity of the hotel, it is unable to provide timely service. Many diners are impatient and return. The boss watched the boiled duck fly away and felt distressed.
After all the pain, the boss established several chain restaurants to form a cluster to provide uniform standard dishes service to the outside world. The telephone ordering telephone number is 400-xxx-7777. When diners pour into the hotel's main desk, the main station will transport the diners to each chain store by bus. , so that diners don't need to queue, each chain store can operate at high speed, killing two birds with one stone, the boss is happy, and named "Reverse Proxy" for this mode of operation.
scenes to be used
forward proxy
1. Scientific Internet
This function should be familiar to everyone. For example: you cannot access Google in China, but you have a server in Hong Kong, which can access Google, so you set the server in Hong Kong as a proxy server, and then let the server access Google, after the server receives the request, Make a request to Google, and then return the information that Google responds to you. At this time, you can use Google happily.
2. Anonymous access
For example, in order to protect your privacy, you access certain services through a proxy, so that he does not know your real identity. However, this has also led to many malicious users doing damage by hiding their identities.
3. Springboard machine
Nowadays, many enterprise cloud servers use private networks, and the servers cannot be accessed without the addresses in the allowed access list. At this time, a springboard will be provided to access the servers in the private network.
reverse proxy
1. Load balancing
Load balancing is the use of multiple servers to provide a single service (also known as a server farm). Generally speaking, it is mainly used in Web sites, large Internet Relay Chat networks, high-traffic download stations, NNTP services, DNS services, databases, etc.
In a large-scale application, load balancing is an indispensable environment. Load balancing provides the following features to greatly increase the stability and robustness of services:
- Asymmetric load regulation
- Priority guide
- SSL truncation and acceleration
- DDOS attack protection
- HTTP compression
- TCP offload
- TCP buffering
- The backend server responds directly to the user
- (Server) Health Check
- HTTP caching
- Content filtering
- HTTP Security
- priority queue
- content-aware switch
- User authorization
- Programmable flow control
- Firewall function
- Intrusion prevention function
图上的虚线表示代理服务器会根据不同场景来分配不同的目标服务器
But it must be noted that there is a difference between reverse proxy and load balancing, and the two cannot be equated. The difference between reverse proxy and payload can be found here.
2. Protect and hide the original resource server
The server that actually provides resources is hidden from the user, and the user always thinks that the server that currently provides the service is the proxy server. But in fact, the proxy server accepts the user's request, obtains the corresponding resource from the resource server, and then returns it to the user. The user does not have any direct communication with the real resource server, nor does it perceive its existence.
3. Encryption and SSL acceleration
4. Cache static content
5. Compression
6. Slow down uploads
7. Safety
8. Publishing on the Internet