[Prev][Next][Index][Thread]

Summary - Will browsers support multiple proxy servers



This is a summary of responses I had to the following query I posted to
this list. We already had in place a system on our campus DNS server to
switch our alias for the proxy server from our main server to a backup
server during any planned downtime on the main server. Our network group
are now putting in place a regular job to test the availability of the
proxy server and to automatically switch the alias when it doesn't respond.
This solution is less than optimal because of the time it takes for changes
on the DNS server to percolate the network but it's better than nothing. I
quite liked the DNS trickery described by Andy Kumeda, however the Network
Manager wasn't keen.

Meanwhile we hope that it's not too long before this feature is added to a
major browser.
------

On Tue, 20 Jun 1995, Monica Berko wrote:

> We do not have a firewall but run a proxy/caching server to improve
> performance and save network traffic costs.
>
> However it is a single point of failure because we don't have an automatic
> failover strategy and no out-of-hours coverage. What I would like is to be
> able to configure the browsers with at least two proxy servers (one as the
> default) just as one does with DNS nameservers, and run a proxy server
> (without cache) on another system just in case the main server fails.

From: "N.G.Smith" <ngs@sesame.hensa.ac.uk>

We have a very strong interest in exactly this problem. We run the
Netscape proxy server as a public service for the UK and when our
machine goes down, or the network is unavailable, a lot of people lose
their access.

A large vendor is looking at a solution to the problem.


Neil Smith,
HENSA Unix.
-------------------------------------

From: frystyk@w3.org (Henrik Frystyk Nielsen)

This is definitely a good idea but I haven't heard of any implementations
that actually do this. However, I have already put it on my working list
so at least the Line Mode Browser will do it before long ;-)

BTW: If you think that the Line Mode Browser is too simple then it actually
tries all DNS entries before it reports an error back to the user. Have I
mentioned that it also times the connection and takes the fastest IP
address?

The Line Mode browser - THE killer app!

Well, I guess that I got a bit carried away ;-)

Henrik Frystyk                                          frystyk@W3.org
---------------------------------------------------

From: dch21054@ussun1i.glaxo.com (D C Holt)

Ian Dunkin has worked on modifying the SOCKS proxy to use multiple
proxy servers. In this case, we wanted to use our internal network
to cross the Atlantic and pop out on the Internet at a site closer
to the destination. (Traffic to/from the UK has been slow.) He's still
looking to test this setup, but you should contact him, imd1707@ggr.co.uk.
---------------------------------------------------

From: "Daniel O'Callaghan" <danny@miriworld.its.unimelb.EDU.AU>

It will be a while before browsers can do this.  I suggest you organise a
specific machine ready to take over proxying, and implement commented out
lines in your DNS files so the pointer to wwwproxy.anu.edu.au can be
switched easily.  Alternatively, have a separate machine which you can easily
re-ifconfig to the appropriate IP address. Or, really getting fancy,
put the two machines on different nets (same IP address) and control who
gets the traffic by changing a static route in the rotuer.

Danny
---------------------------------------------------

From: Andy Kumeda <kumeda@intelenet.net>

I agree that it will be a while before clients will be able to implement
this.  That is why we have come up with an alternative solution by means
of DNS 'trickery' to have a 'secondary' Web server in case the 'primary'
one fails.  Therefore, you don't have to rely on the clients, which you
have no control over, but the servers, which you do.

Here is what we have done for www.wdc.com (Western Digital):
        www is actually a sub-domain with two NS records -- one is
        the main server, the other the backup ( I will not use the terms
        primary and secondary to avoid confusion with DNS terminology)

        BOTH servers are then declared to be primary for that domain

        NEITHER of them contain info about the other server, but ONLY
        contain records for themselves

        BOTH are configured with very low cache timeout values so that
        in case of a server failure, clients will not resolve the 'wrong'
        hostname

        Therefore, when clients try to resolve www.wdc.com, USUALLY the
        main server responds.  But in case it doesn't (in the event of a
        possible server crash, or more often, in case of DNS timeout
        between clients and the main server), then the backup responds.

Sorry if that was confusing -- I think it will be more clear if you just
go ahead and check out the DNS records yourself.

-----------------------------------------------------------

From: dceccald@elaine.crcg.edu (Danyel Ceccaldi)

I think for the moment no browser supports
what you want to have. But perhaps there is
another chance to solve the 'proxy server failed'
problem.

I've heard, but doesn't recognize where, that there
is UNIX Software, whichs changes the address of an
TCP/IP-package.

The other possibility is to run an alternative
proxy, which itself uses the main proxy, unless
the main proxy fails. The browsers are set to use
the alternative server. In reality, the alternative
server doesn't provide an own cache, and so uses
completely the main proxy. If the main proxy fails,
a shell script on the alternative server detects it,
shutdown the alternative proxy, reconfigure it to use
a cache or to go through the firewall, and restart it.

Don't know if this helps.

By
  Danny
----------------------------------

-----------------------------
Monica Berko                                     Email:Monica.Berko@anu.edu.au
Centre for Networked Information and Publishing  Phone: +61 6 279 8114
Australian National University                   Fax:   +61 6 279 8120



Follow-Ups: