linux poison RSS
linux poison Email

Reducing load on web server by using reverse proxy - squid

Many large organizations use caching proxy servers to save on network bandwidth utilization (and costs) and improve browsing response times. In fact, an entire industry has grown up around caching proxy appliances. But in the open source world, we’ve had one of the most advanced proxy servers for many, many years. Squid (http://www.squid-cache.org) is to caching proxy servers as Apache is to web servers.

A quick-win method of reducing load on a Web site is to use a reverse proxy, which intercepts requests from clients and then proxies those requests on to the Web server, caching the response itself as it sends it back to the client.

This is useful because it means that for static content the proxy doesn't have to always contact the Web server, but can often serve the request from its own local cache. This in turn reduces the load on the Web server. This is especially the case when the Web server also serves dynamic content, since the Web server hardware can be less tuned to static content (when it is cached by a front-end proxy) and more tuned to serving dynamic content. It is also sometimes the case that although the Web server is serving dynamically created pages, these pages are cachable for a few seconds or maybe a few minutes. By using a reverse proxy, the serving of these pages speeds up dramatically.

Reverse proxying in this manner can also be used alongside the simple load balancing system, where static and dynamic content are split across separate servers. Obviously the proxy would be used on only the static content Web server.

Squid Configuration for Reverse Proxy:
The reverse proxy has to intercept every request, in order to compare it with its cache content. Let's assume we have two machines:

    * Web server serving http://www.example.net/ (192.168.0.1)
    * squid.example.net (192.168.0.2)

In squid.conf file we begin with the IP addresses, and tell it to listen for incoming requests on port 80.
http_port       192.168.0.2:80 vhost vport
http_port       127.0.0.1:80
icp_port        0
cache_peer      192.168.0.1 parent 80 0 originserver default
A reverse proxy for a public Web server has to answer requests for everybody so we need to add some ACL.
acl         all src 0.0.0.0/0.0.0.0
acl         manager proto cache_object
acl         localhost src 127.0.0.1/255.255.255.255
acl         reverseproxy dst 192.168.0.1 192.168.0.2
http_access allow reverseproxy
http_access allow manager localhost
http_access deny manager
http_access deny all
deny_info   http://www.example.net/ all
You can change your configuration as per your needs.


1 comments:

Post a Comment

Related Posts with Thumbnails