Previous Table of Contents Next


Proxy Type

Here are the two different types of proxy servers:

  Application proxy An application proxy is a very, very specific proxy—it will proxy only one type of application, such as FTP, HTTP, and so on. It will not proxy anything else—that is, an FTP proxy will not accept an HTTP connection. If you want to have more applications available through your proxy server, you must make sure that the proxy server is running the proxy services for those applications as well.
  Circuit-level proxy A circuit-level proxy is a proxy that operates on the network level only. The most popular circuit-level proxy is called Socks (originally developed as a freeware package but now available commercially from several vendors). This type of proxy understands protocol and socket number, but that’s about it. Typically, circuit-level proxies are generic—they can act to handle any sort of socket, as shown in Figure 15.2.


Figure 15.2  Application proxy versus circuit-level proxy.

What’s the difference? Well, for one, a circuit-level proxy is more flexible—it will proxy any TCP/IP service. However, an application proxy has its merits, too. For example, a Web proxy (otherwise known as an HTTP proxy) will cache Web pages and graphics it has already transferred and, as a result, will serve them up much faster to your users. This is because an application proxy has inside knowledge about what’s going on with the application, whereas a circuit-level proxy doesn’t know anything about the application—just something about the connection. In other words, a Web (HTTP) proxy “knows” that Web pages are being received from a server and will store them locally, as illustrated in Figure 15.3. The next time any user asks for those Web pages, the proxy will serve them from the cache area, thus saving time. (Don’t worry—if new pages are posted, the cache handles this, too.)


Figure 15.3  The proxy server stores cache information until it is no longer up-to-date; users can refresh from the proxy server without causing outside network traffic or having to wait.

Just Add Software

Every proxy server has client software that needs to be installed on the workstation that will be using the proxy. This can be simple—every copy of Internet Explorer and Netscape Navigator or Communicator has support for the Socks circuit-level proxy, as well as built-in support for the most popular proxy servers. (Figure 15.4 shows the proxy settings for Internet Explorer.)


Figure 15.4  The Proxy Settings screen from Internet Explorer.

Configuring Your Proxy

The really important thing you should do when configuring the client software is to make sure your proxy server is not used for local traffic. Most proxy servers will do fine proxying the amount of traffic that can fit in the pipeline that goes from most sites to the Internet—T1 or 1.5Mbps traffic is a breeze for most servers to handle. However, when a proxy server finds itself forced to also deal with multiple people asking it to handle the local 10Mbps or 100Mbps traffic, things start…to…get…slow. You’ll find yourself surrounded by angry villagers waving torches and axes, all of whom want to know why their Internet access is sluggish!

To configure Internet Explorer to avoid the proxy server for local traffic, just make sure the Do Not Use Proxy Server for Local (Intranet) Addresses check box is checked (refer to Figure 15.4). Microsoft assumes that any address in your domain (http://server.mycompany.com) or a server name without a domain (http://server) is a local address. Clever. Netscape is a little more complicated to configure; if you want to do this, you’ll need to run a Netscape configuration server.

Of course, even if you configure the software correctly, someone might “unconfigure” it later; it’s best to prohibit this type of antisocial behavior at the server. Sure, someone who misconfigures his own workstation will experience malfunctions, but it’s better to get one or two trouble calls than lots of pesky “The internet is slow” calls. Trust me on this. People who get slow stock quotes get really, really ugly.


As far as slowness goes, if you see a lot of traffic through your generic proxy server, you might want to investigate specific application proxies. The fact that an application proxy caches frequently used pages can really cut down on your amount of traffic, provide users of those pages a boost in speed, and speed up everybody in general, because those pages are not being loaded over and over again.


Previous Table of Contents Next