Proxy in System design
We have heard the word “proxy” so many times in our real life, what does it mean? It means a stand-in for someone else, or to represent someone else.
We will understand the term proxy in system design:
Proxy (also known as forward proxy) is a server that makes “requests” on behalf of a client, thus anonymizing the client from the server. With a proxy server, the server doesn’t know the IP address of the client sending the request. Similarly, we have a reverse proxy, that acts on behalf of the server, it appears to clients to be an ordinary server. Reverse proxies forward request to one or more ordinary servers that handle the request. The response from the reverse proxy server is returned as if it came directly from the original server, leaving the client with no knowledge of the original server. A proxy can be on the user’s local computer, or anywhere between the user’s computer and a destination server on the internet.
Proxy server hides the identity of client from the server by sending requests on behalf of it.
Similarly,
Reverse Proxy server hides the identity of server from the client machine by sending responses on behalf of it.
So, what are the advantages of proxy servers?
- Caching
Whenever a proxy is introduced it brings the benefits of caching with it. The proxy server can cache any data which is not expected to change. Now when another client sends a request for the same content, the proxy server can send back the cached response instead of contacting the server again.
2. Anonymity
The final destination which is the server in this case will not know about the IP address of the client from which the request originated.
3. Traffic control
Proxy servers can help in controlling traffic as all the traffic goes through them, they can block certain content which might not be appropriate for certain reasons. For example, proxy servers in an organization can protect its employees’ machines from certain malicious sites.
4. Filter requests: It runs every request through a filter, looking up each address in its database of allowed or disallowed sites, and it allows or blocks each request based on its internal database. A system administrator can configure the proxy server to allow or block certain sites.
5. Compression: the proxy server can optimize and compress the content to speed up the load time.
What are the advantages of reverse proxy servers?
- Caching
The reverse proxy server can cache any data which is not expected to change. Thus, when another client sends the request for the same content it can serve it from its local cache instead of contacting the servers. This would provide the advantages of low network traffic, low latency, and reduced loads on the servers.
2. Anonymity
In this case, the client would never know about the final destination server.
3. Load balancing:
One of the greatest benefits of a reverse proxy is load balancing among the servers. The reverse proxy can use any load balancing algorithm like round-robin, resource-based, etc. Load balancing can help evenly distribute traffic among servers leading to reliability and improvement in performance.
4. Experimentation:
A number of times, when a new feature needs to be rolled out it gets deployed in a canary fashion. For example, YouTube wants to test a new interface but they are not sure if the customers would like it more or not. So instead of releasing the new interface to all the customers, an experiment is launched which shows the new interface to a small percentage of users. The decision to fully launch the feature is determined by the reaction of the customers who were shown the new interface. This experimentation can be easily set up using reverse proxy.
5. Encryption or SSL Acceleration: When secure websites are created, the secure sockets layer (SSL) encryption is often not done by the web server itself, but by a reverse proxy that is equipped with SSL acceleration hardware. A reverse proxy provides SSL encryption for an arbitrary number of hosts removing the need for a separate SSL server certificate for each host.
Both forward and reverse proxy servers add the element of anonymity, proxy hides the identity of the client whereas the reverse proxy conceals the identity of the server. So if you want to protect clients in your internal network, put them behind a forward proxy. On the other hand, if you intend to protect servers, put them behind a reverse proxy.
Understanding proxy server with a common example:
Forward proxy for clients in Internal Network
For example, when one of these client makes a connection attempt to www.example.com server for a web page, the request has to pass through the forward proxy server first. Depending on the forward proxy settings request can be allowed or denied. If allowed, the request is forwarded to www.example.com web server.
The web server sees that the request was sent by forward proxy server and while sending the response it addresses forward proxy server. When the forward proxy receives the response, it recognizes it as the response to the request that went earlier and passes the response to the client who made the request.
Forward proxies can also act as a cache server in an internal network. If a resource is downloaded many times, then the proxy can cache the content on the server so that the next time when another client downloads the same content, the proxy will send the content that is previously stored on the server to the client.
Understanding reverse proxy servers with an example:
To the client in our example, it is a reverse proxy that is providing the services for www.example.com. The client is unaware about the web servers behind the proxy which are actually providing the service.
It appears to clients to be an ordinary server. It accepts requests from external clients on behalf of the servers behind them and forwards the request to one or more servers to handle the request. The response from the proxy server is returned as if it came directly from the origin servers, leaving the client with no information about origin servers.
Sometimes, the proxies can also be the reason for the single point of failure and thus crashing the system down.
Summarizing the purposes of proxies in system design:
- Blocking common internet services for a group of clients
- Caching web pages to improve network performance
- Load balancing the loads among multiple servers
- Hide user’s IP address while browsing the internet
- Filtering out requests.
With this we come to the end of the blog, hope you have gained some knowledge about proxies from this blog.
Linkedin: https://www.linkedin.com/in/kanchan-jeswani-888827173/
Github: https://github.com/kanchan1910
Thank You !!!
