You are on page 1of 4


Practical : 10 Prepare Proxy Server.

Introduction Proxies are store-and-forward caches. When you configure your web browser to use a proxy, it never connects to the URL. Instead, it always connects to the proxy server, and as s it to get the URL for you. Proxies can be used as a sort of firewall, because it isolates you fro! connecting to the Internet. In an enterprise that uses the Internet, a proxy server is a co!bination of hardware and software that acts as an inter!ediary between a wor station user and the Internet so that the enterprise can ensure security, ad!inistrative control, and"or caching service. # proxy server is protocol specific, so one !ust be set up for each type of protocol $%&&P, '&P, (opher, etc.).&he proxy server functions as part of a gateway server $a networ point that acts an entrance to another networ ) and !ay be set up in tande! with one or !ore of the *functions+ found in the following section. Working Principle # proxy server receives for an Internet service $such as a Web page re,uest) fro! a user. If it passes filtering re,uire!ents, the proxy server, assu!ing it is also a cache server, loo s in its local cache of previously downloaded Web pages. If it finds the page, it returns it to the user without needing to forward the re,uest to the Internet. If the page is not in the cache, the proxy server, acting as a client on behalf of the user, uses one of its own IP addresses to re,uest the page fro! the server out on the Internet. When the page is returned, the proxy server relates it to the original re,uest and forwards it on to the user. &o the user, the proxy server is invisible- all Internet re,uests and returned responses appear to be directly with the addressed Internet server. $&he proxy is not ,uite invisible- its IP address has to be specified as a configuration option to the browser or other protocol progra!). Firewall Access 'or a co!pany that has a firewall, the proxy server !a es re,uests on behalf of its users and allows the! to pass out of or into the co!pany.s private networ $intranet). Caching # proxy server perfor!ing a caching function stores a resource $web pages, files, etc.). /nce a resource has been accessed it is stored on the server and successive re,uests for that particular resource are ta en fro! the cache. &his speeds up access to that resource for all users going through the proxy and reduces Internet traffic. Filtering &he proxy can perfor! filtering functions. &he progra! or code exa!ines that data going through it, either in or out, exa!ines it for certain ,ualifying criteria and then processes it or forwards it accordingly. Authorization 0 1any networ resources are restricted, so!e by user logon, others by the IP address range for the co!pany. Re!ote users typically use a third-party Internet service provider $I2P) and the provider.s user logon or its IP is not recogni3ed as a valid one. 'or users that are not physically wired into a co!pany.s intranet, the proxy provides a point of authori3ation $authentication) so that re!ote users logon to the institutional networ and"or are te!porarily assigned an IP fro!

the co!pany.s do!ain and can therefore gain access to the co!pany.s restricted resources. Anonymization &o protect an institution.s private networ $intranet) fro! users on the Internet, the proxy server can change the identity of the re,uesting !achine. If the resource $i.e. web page or file) being re,uested by a user within the co!pany is not in the cache, the proxy server, acting as a client on behalf if the user, uses one of its own IP addresses to re,uest the resource fro! the server on the Internet. &his *te!porary+ IP address is not one that is actually used by the co!pany.s intranet. &hereby throwing potential intruders off the trac . When the re,uested page is returned, the proxy server relates it to the original re,uest and forwards it on to the user. &his is so!ewhat of a *laundering+ process for IPs so the original re,uestor cannot be traced and also hides the institutions networ architecture.

Advantages o! "sing a Proxy Server #n advantage of using a proxy server is that its cache can serve all users. If one or !ore Internet sites are fre,uently re,uested, these are li ely to be in the proxy.s cache, which will i!prove user response ti!e. In fact, there are special servers called cache servers. &he function of proxy, firewall, and caching can be in separate server progra!s or co!bined in a single pac age. 4ifferent server progra!s can be in different co!puters. 'or exa!ple, a proxy sever !ay in the sa!e !achine with a firewall server or it !ay be on a separate server and forward re,uests through the firewall. &hese are different types of proxy servers with different features, so!e are anony!ous proxies, which are used to hide your real IP address and so!e are used to filter sites, which contain !aterial that !ay be unsuitable for people to view. When you connect to a web site, your true IP address will not be shown, but the proxy servers IP will, this does not !ean that you are co!pletely anony!ous. &he proxy server will have logs of IP.s that used the proxy server and the ti!es. #eed !or a Proxy Server &he pri!ary use of proxies is to allow access to the Web fro! within a firewall. # proxy is a special %&&P server that typically runs on a firewall !achine. &he proxy waits for a re,uest fro! inside the firewall, forwards the re,uest to the re!ote server outside the firewall, reads the response and then sends it bac to the client.

In the usual case, the sa!e proxy is used by all the clients within a given subnet. &his !a es it possible for the proxy to do efficient caching of docu!ents that are re,uested by a nu!ber of clients. &he ability to cache docu!ents also !a es proxies attractive to those not inside a firewall. 2etting up a proxy server is easy, and the !ost popular Web client progra!s already have proxy support built in. 2o, it is si!ple to configure an entire wor group to use a caching proxy server. &his cuts down on networ traffic costs since !any of the docu!ents are retrieved fro! a local cache once the initial re,uest has been !ade. A Proxied $%%P %ransaction

Figure shows Client makes a request to the proxy server using HTTP, but specifying the full U !" the proxy servers connects to the remote server an# request the resource relative to that server $no protocol or hostname specifier% in the U !&% A Proxied F%P %ransaction

Figure shows Client makes a request to the proxy server, using HTTP, even though the actual resource is serve# by an FTP server% The proxy server sees from the full U ! that an FTP connection shoul# be ma#e, an# retrieve# the file from the remote FTP server% esult is sent back to the client using HTTP% 'ro! this point on the proxy server acts li e a client to retrieve the docu!ent- it calls the sa!e protocol !odule of libwww that the client would call to perfor! the retrieval. %owever, the *presentation+ on the proxy actually !eans the creation of an %&&P reply containing the re,uested docu!ent to the client. 'or exa!ple, a (opher or '&P directory listing is returned as an %&1L docu!ent. &ac'ing &he basic idea in caching is si!ple 5 store the retrieved docu!ent into a local file for further use so it won.t be necessary to connect to the re!ote server the next ti!e that docu!ent is re,uested as shown in figs.

A &ac'ing Proxy

Fig. The requeste# #ocument is retrieve# from the remote server an# store# locally on the proxy server for later use% &ac'e $it on %'e Proxy

Fig. 'f an up( to(#ate version of the requeste# #ocument is foun# in the cache of the proxy server no connection to the remote server is necessary% %owever, there are !any proble!s that need to be copied with once caching is introduced. %ow long is it possible to eep a docu!ent in the cache and still be sure that it is up-to-date 6 %ow to decide which docu!ents are worth caching and for how long 6 4ocu!ent expiry has been foreseen in the %&&P protocol which contains an ob7ect header specifying the expiry date of an ob7ect. %owever, currently there are very few servers that actually give the expiry infor!ation, and until servers start sending it !ore co!!only we will have to rely on other, !ore heuristic approaches, li e only !a ing a rough esti!ate of the ti!e to live for an ob7ect. 1ore i!portantly, since !any of the docu!ents in the Web ae *living+ docu!ents, specifying an expiry date for the! is generally a difficult tas . # given docu!ent !ay re!ain unchanged for a relatively long ti!e, then suddenly change. &his change !ay have been unforeseen by the docu!ent author and so wouldn.t be accurately reflected in the expiry infor!ation. &he caching !echanis! is dis based and persistent, which !eans it survives restarts of the proxy process as well as the server !achine itself. 8ecause of this feature, caching opens up new possibilities when the caching proxy server and a Web client are on the sa!e !achine. &he proxy can be configured to use only the local cache, !a ing it possible to give de!os without an internet connection. 9ou can even unplug a portable !achine and ta e it to the cafeteria.