Login
- Released At: 26-07-2024
- Page Views:
- Downloads:
- Table of Contents
- Related Documents
-
HTTP Proxy Technology White Paper
Copyright © 2024 New H3C Technologies Co., Ltd. All rights reserved.
No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of New H3C Technologies Co., Ltd.
Except for the trademarks of New H3C Technologies Co., Ltd., any trademarks that may be mentioned in this document are the property of their respective owners.
The content in this article is general technical information. Some information may not be applicable to the product you purchased.
Contents
Overview
Technical background
The scarcity of IPv4 address resources seriously affects the development and application of new technologies such as the Internet of Things (IoT). The global demand for the next-generation Internet Protocol, IPv6, is increasingly strong. During the transition from IPv4 networks to IPv6 networks, IPv6 users cannot access Web servers still using the IPv4 protocol stack. The HTTP proxy function enables IPv6 users to access IPv4 Web servers by proxying their HTTP/HTTPS request messages.
Benefits
The HTTP proxy function has the following advantages:
· Supports seamless integration of IPv6 and IPv4, reducing the difficulty of IPv6 network implementation, avoiding impact on existing IPv4 services, and does not require adjustments to the network schema or existing devices, achieving a smooth transition to a pure IPv6 network.
· Enables clients of one IP stack to access webpages of another IP stack, providing network compatibility and scalability.
· Supports load sharing, which enhances the efficiency and stability of the network and improves user experience.
Implementation
The HTTP proxy supports the following functions:
· Reverse Proxy Function: Used to proxy local resources on IPv4 Web servers for IPv6 clients.
· External link proxy function: Used to proxy IPv6 clients accessing external resources on IPv4 Web servers, such as external media resources (images, videos, etc.) or external hyperlinks on the Web pages of the Web server.
Reverse proxy
Figure 1 Reverse proxy network diagram
As shown in Figure 1, upon receiving HTTP/HTTPS connection request from the IPv6 client, the HTTP proxy server performs load balancing based on the content of the request. It then forwards the request to the IPv4 Web server on the network that actually executes the job. It then returns the IPv4 Web server's processing result to the IPv6 client who initiated the connection request on the network.
Figure 2 Reverse proxy working mechanism
As shown in Figure 2, the working principle of the reverse proxy function is:
1. The IPv6 client obtains the IPv6 address corresponding to the domain name to be accessed through the DNS server, which is the IPv6 address for the HTTP proxy server, and then sends an IPv6 HTTP/HTTPS request message to the HTTP proxy server.
2. After receiving the IPv6 HTTP/HTTPS request message, the HTTP proxy server checks if the domain name information of the HTTP proxy service is carried in the URL of the message. If the URL carries the domain name information of the HTTP proxy service, it removes the added domain name information from the URL of the message and restores the URL to its original form.
3. The HTTP proxy server re-encapsulates the HTTP/HTTPS request message and transmits it to the Web server (IPv4 server). If accessing an external Web server, it is required to resolve the IPv4 address corresponding to the URL by configuring the DNS server.
4. The Web server transmits the HTTP/HTTPS response message to the HTTP proxy server. After receiving the HTTP/HTTPS response message, the HTTP proxy server checks whether the accessed resource content is non-local website media resources (images, videos, etc.) or non-local website hyperlinks. If so, the HTTP proxy server adds the domain name information of the HTTP proxy service to the URL of the HTTP/HTTPS response message. This ensures that when the user accesses the resource again, the user can send the HTTP/HTTPS request message to the HTTP proxy server.
5. The HTTP proxy server re-encapsulates the HTTP/HTTPS response message and then transmits it to the IPv6 client.
External link proxy function
An external link is a hyperlink that exists on the webpages of an IPv4 server accessed by a client and is used to redirect to other websites.
The external link proxy function allows an IPv6 client to access the external links on the webpages of an IPv4 server.
As shown in Figure 3, an IPv6 client initiates a connection request for HTTP/HTTPS. When the Web server responds to the request forwarded by the HTTP proxy server, it carries an external link in the page. The HTTP proxy server modifies the external link to a local address and returns it to the IPv6 client. When the IPv6 client initiates a request for an external link, the request is first sent to the HTTP proxy server. The proxy server performs DNS resolution for the external link's domain name and then initiates access to the third-party server based on the resolved IP address. The result is returned to the IPv6 client, ultimately allowing the IPv6 client to access resources outside the website through the HTTP proxy server.
As shown in Figure 4, the working principle of the external link proxy function is:
1. After receiving the HTTP/HTTPS response message from the IPv4 Web server, the HTTP proxy server adds the domain name information of the HTTP proxy service to these external links.
2. When a user on the IPv6 network visits again, the DNS server resolves the added domain name information to the IPv6 address of the HTTP proxy. The user sends an HTTP/HTTPS request message to access an external link to the HTTP proxy server.
3. The HTTP proxy server receives an HTTP/HTTPS request message from an IPv6 network user accessing an external link and removes the domain name information added to the URL in the message.
4. The HTTP proxy server passes the HTTP/HTTPS request message to the DNS server to resolve the IPv4 address.
5. The HTTP proxy server, after resolving the IPv4 address, re-encapsulates the HTTP/HTTPS request message and transmits it to the external web server that needs to be accessed.
6. The external Web server transmits the HTTP/HTTPS response message to the HTTP proxy server.
7. The HTTP proxy server re-encapsulates and transmits the HTTP/HTTPS response messages to the host.
Technical features
Web access load sharing
In an IPv4 network, multiple Web servers may coexist, providing the same services. The HTTP proxy adds these servers into the same Web server group. Upon receiving HTTP/HTTPS request messages, the device allocates traffic to different Web servers based on a specific algorithm, enabling traffic load sharing. The load-sharing function of the HTTP proxy can increase network bandwidth, as well as improve the network's availability and flexibility.
Advanced design schema
The HTTP proxy function, based on the industry-leading Comware platform, supports flexible deployment based on functional characteristics. As shown in Figure 5, on devices that support the HTTP proxy, it adapts flexibly according to different hardware configurations to maximize performance and functionality.
· Multiprocess schema
To fully utilize the device's hardware capabilities, a multiprocess schema is implemented for parallel processing, with the number of working processes matching the device's CPU core count. Multiple working processes handling Internet requests not only enhance service stability, but also fully leverage the device's multicore schema, achieving genuine multicore parallel processing on a microscopic level.
· Forwarding separation schema
To fully utilize resources, running different processes on different CPUs can maximize the processing power of the CPU, significantly reduce the switchover cost between processes, and not affect the normal operation of other processes on the device. At the same time, by reasonably planning the number of process connections according to the CPU's capabilities, resource utilization can be maximized.
Figure 5 HTTP proxy technology features diagram
Typical applications
As illustrated in Figure 6, when users visit a government website, they first connect to an HTTP proxy server. Through a load sharing policy, it ensures that requests from a particular user are always transmitted to the specified upstream server. This allows optimal management of the servers based on the users' cache info, preventing wastage. Concurrently, it manages a translation proxy access for specified external links on the government website, resolving issues like slow response, inability to display some content, or nonfunctioning features when IPv6 users access the website.
Figure 6 Accessing government website through HTTP/HTTPS proxy
