Shulou(Shulou.com)06/02 Report--

1. The concept of forward agent

A forward proxy is a server located between the client and the original server (origin server). In order to get content from the original server, the client sends a request to the agent and specifies the target (the original server), and then the agent transfers the request to the original server and returns the obtained content to the client. The client must make some special settings to use the forward proxy.

two。 The concept of reverse proxy

The reverse proxy is just the opposite, it is like the original server to the client, and the client does not need to make any special settings. The client sends a normal request to the content in the reverse proxy's namespace (name-space), which then determines where to forward the request (the original server) and returns the obtained content to the client as if it were already its own.

A simple way to distinguish: a forward proxy is a proxy server that we can set in the browser, and the initiative is in the hands of the viewer. For example, we sometimes have to consult some information, which is dropped by the domestic wall. At this time, I can build a nginx forward proxy server on a foreign server, and then we can set up a proxy server through the browser. Reverse proxy, which is unknown to the viewer and assumed by the server.

1.nginx forward proxy configuration

Server {

Resolver 8.8.8.8

Resolver_timeout 30s

Listen 82

Location / {

Proxy_pass http://$http_host$request_uri;

Proxy_set_header Host $http_host

Proxy_buffers 256 4k

Proxy_max_temp_file_size 0

Proxy_connect_timeout 30

Proxy_cache_valid 200 302 10m

Proxy_cache_valid 301 1h

Proxy_cache_valid any 1m

}

}

1. There can be no hostname.

2. There must be resolver, that is, dns, that is, 8.8.8.8 above, and the timeout time (30 seconds) is optional.

3. Configure forward proxy parameters, all of which are composed of Nginx variables.

[plain] view plain copy

Proxy_pass $scheme://$host$request_uri

Proxy_set_header Host $http_host

4. Configure the cache size, turn off disk cache read and write to reduce Imax O, and the proxy connection timeout.

[plain] view plain copy

Proxy_buffers 256 4k

Proxy_max_temp_file_size 0

Proxy_connect_timeout 30

5. Configure the proxy server Http state cache time.

[plain] view plain copy

Proxy_cache_valid 200 302 10m

Proxy_cache_valid 301 1h

Proxy_cache_valid any 1m

Once configured, restart nginx. Take the browser as an example. To use this proxy server, simply set the browser proxy to the http://+ server ip address +: + 82 (82 is the port number just set) and use it.

Configuration of 2.nginx reverse proxy server

The following is a reverse proxy that takes load balancing as an example.

[plain] view plain copy

Http {

# omit the previous general configuration and start directly from the load balancer

# set address pool and 3 servers at the back end

Upstream http_server_pool {

Server 192.168.1.2:8080 weight=2 max_fails=2 fail_timeout=30s

Server 192.168.1.3:8080 weight=3 max_fails=2 fail_timeout=30s

Server 192.168.1.4:8080 weight=4 max_fails=2 fail_timeout=30s

}

# A virtual host, which is used to reverse proxy http_server_pool this group of servers

Server {

Listen 80

# Domain name accessed from public network

Server_name www.test.com

Location / {

# back-end server returns 500503404 error and automatically forwards the request to another server in the upstream pool

Proxy_next_upstream error timeout invalid_header http_500 http_503 http_404

Proxy_pass http://http_server_pool;

Proxy_set_header Host www.test.com

Proxy_set_header X-Real-IP $remote_addr

Proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for

}

Access_log logs/www.test.com.access.log combined

}

}

The simplest reverse proxy demonstration (acting as a proxy server on one server, forwarding http requests to another IIS server and accessing it through a second-level domain name. ) Edit vim nginx.conf

[plain] view plain copy

Server {

Listen 80

Server_name test.zhoumengkang.com

Location / {

Proxy_pass http://121.199.**.*:80;

}

}

Examples of several upstream assignments (scheduling, dispatching)

1. Polling (default)

Each request is assigned to a different backend server one by one in chronological order. If the backend server down is dropped, it can be automatically eliminated.

Upstream bakend {server 192.168.0.14 weight=10; server 192.168.0.15 weight=10; server 192.168.0.16 down; server 192.168.0.17 backup;} 123456

2 、 ip_hash

Each request is allocated according to the hash result of accessing the ip, so that each visitor accesses a back-end server on a regular basis, which can solve the session problem.

Upstream bakend {ip_hash; server 192.168.0.14 upstream bakend 88; server 192.168.0.15 purl 80;} 12345

3. Fair (third party)

Requests are allocated according to the response time of the back-end server, and priority is given to those with short response time.

Upstream backend {server server1; server server2; fair;} 12345

4. Url_hash (third party)

Allocate requests according to the hash result of accessing url, so that each url is directed to the same backend server, which is more effective when the backend server is cached.

Example: add hash statement to upstream. Other parameters such as weight cannot be written in server statement. Hash_method is the hash algorithm used.

Upstream backend {server squid1:3128; server squid2:3128; hash $request_uri; hash_method crc32;} 123456

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.