Sunday, September 22, 2019

Proxy Server Essay Example for Free

Proxy Server Essay Annotations: This research paper is an extract from an about 100 pages enfolding diploma thesis of Martin Eisermann, student at the Fachhochschule Rosenheim (University of Applied Sciences), Germany. It contains the results of performance tests, accomplished with MS Proxy Server 2.0, MS ISA Server and Linux Squid Proxy. This work reflects the personal impressions and test results of the author, made with web performance testing software, described later in this document. The paper is a translation from German into the English language, so it might not be written with the best phraseology. Microsoft, Windows, Windows NT, Windows XP, Internet Information Server (IIS), Web Application Stress Tool, Internet Security and Acceleration (ISA) Server, Proxy 2.0 are either registered trademarks or trademarks of Microsoft Corporation in the United States and other countries/regions. Other products and Company names mentioned herein may be trademarks of the respective owners. 1. Executive Summary This technical research paper contains the results of a performance test scenario with the Microsoft Internet Security and Acceleration (ISA) server, which should make clear, how good proxy servers can improve the speed of a web server. At the beginning, it describes the structure of the test scenario, with aspects of hardware and software. Then, a product will be chosen from a variety of different test tools, which compete with each other. The benefits and drawbacks of every product will be elucidated. The next chapter explains, which products will be compared with the MS ISA server and why they were selected. The following test results are representing the biggest section in this research paper. Finally, there is a short summary of the newly gained cognitions. 2. Test scenario To get an impression, how proxy servers can improve the performance of a network or of a single web server, the following scenario was build: 100 Mbit 100 Mbit Webserver (IIS 5.0) Proxy Server Workstations ill. 1 The workstations shown in illustration 1 are simulating the internal LAN (local area network) clients, which are among themselves connected with a fast Ethernet switch (100 Mbit). The web server, which is also connected with 100 Mbit, simulates the Internet. However, this network capacity is mostly not found in small and/ or middle enterprises, but for compensation, the web server is an outdated machine. The technical data of all components used for the tests is described in table 1. Technical data: System web server proxy server Workstations CPU Pentium AMD Duron Pentium II MHz RAM 200 800 400 96 MB 512 MB 256 MB OS Win XP Prof., IIS 5.0 variable Win NT 4.0 Prof. Tab. 1 3. Test tool selection In the Internet, it is not difficult to find programs, which can execute diverse performance tests for web servers. Many of them, especially if they are build for Linux, are free of charge, but if one likes to have graphical analysis it gets more difficult. Often one has to decide using a Microsoft Windows 32-bit application, which, in general, costs a lot of money. Another problem is the possibility to integrate a proxy server to the web testing tools. Most tools dont support that. Of course, this is comprehensible: which operator, who wants to test his web server performance, likes the results be influenced by a proxy? But in this scenario, it is absolutely necessary. Regarding this two product selection preconditions, there arent left a lot tools. Three remaining products are the WebPolygrah Benchmark Tool from Measurement Factory, Microsofts Web Application Stress Tool and the Web Performance TrainerTM from Web Performance Inc. On a first look, they all three seem to offer the wished functionality. a) WebPolygraph Benchmark Tool: The WebPolygraph Benchmark Tool is freely availably at http://www.webpolygraph.org. The tool was originally developed for Linux based systems, but in between there are also MS Windows 32-bit binaries downloadable. The actually available documentation in the Internet is not sufficient to set up a test environment quickly and without intensive knowledge of the product. More examples and more detailed descriptions would help a lot. A graphical user interface is not implemented, too. b) Microsoft Web Application Stress Tool Also freely available is Microsofts web testing utility, the Web Application Stress Tool. It is downloadable at http://www.microsoft.com. The documentation, which can be found in the Internet, is clearly structured and useful. The handling of the product is intuitive for experienced Windows users. The missing integration of a proxy server in its configuration setup, makes the tool nearly useless, but Microsoft offers a solution: one have to install the Microsoft Proxy Client (or the Microsoft ISA Firewall Client) on the machine, which is used to perform the web tests, then the tests are working suitable. There is only one more problem left, which will get clearer in the next few minutes: There is no proxy client or firewall client available for Linux! And because there is a Linux product in the test environment, the Stress Tool is not useful at last. c) Web Performance TrainerTM 2.4 Finally, the software product from Web Performance Inc. (http://www.webperformanceinc.com) fulfilled all preconditions: graphical user interface, proxy configuration, easy understandable, Internet based documentation. All installation problems and handling questions where answered fast and competent. The product handling is similar to the Web Application Stress Tool, but there are versions for both, Linux and Windows operating systems. The demo version only supports an amount of 25 users, but Web Performance Inc. offered a time limited 3000 user version, for the tests. At this point many thanks for that again. 4. Test specification The web content for the tests is completely static, that means pictures and html-files, No dynamic pages like asp or php were inherited. Reason: these pages are normally not cached in a proxy server. The amount of data used is about 4.8 MB. The test run time is determined to 30 minutes. Significant performance differences should be visible within this time. The Web Performance trainer v2.4 can increase the number of concurrent users by 25 every minute. So, at the end of the test, a maximum number of 750 users can poll the web server. 5. Choosing the proxy products If someone tests the speed of a web or proxy server, he would not now, if his results are good or bad, if he doesnt make a comparison with other products. For this reason, beside the ISA server, the Microsoft Proxy 2.0 and a Linux Squid proxy were other test candidates. The decision for MS Proxy 2.0 is easy to explain. It is the original product, Microsoft build the ISA server on. It also runs on Windows 32bit operating systems and Microsoft propagates, that the ISA server runs about 10 times faster. The Linux squid proxy is in the test field, because it has the same functionality like the MS proxy versions, but runs on a completely different platform. Another reason is, that Linux and squid are both freeware products and thats a big advantage. 6. The test results The most important results, if one tests the performance of web or proxy servers, are described with the data: Total Hits, Errors, Hits/sec and Bytes/sec. In all following diagrams, the colors are defined as follows: Total Hits Errors red Hits/sec Bytes/sec black yellow (with factor: 0,001 kB/sec) green 6.1 Web server (standalone) For a first view, the next two illustrations are showing the test results of the web server, without a proxy: Ill. 2 Ill. 3 While the 30 minutes test duration there were only 111.451 hits and 298.778 errors recognized by the Web Performance TrainerTM and only 470 users could by simulated at all. In the first minutes of the test, the amount of kilobytes per second is relatively high (~ 550) but from minute 11:00, they decrease to an average number of 165 kb/s. A stable result of only 50 hits per second can be metered. Already explained before in this paper, the used web server is an old computer, so these bad results are nothing to wonder. How good the results could get with proxy servers in front of it, will be shown in the next chapter. 6.2 MS Proxy 2.0 vs. MS ISA-Server In a first step, the two Microsoft products will be compared with each other. Already their total hits within this 30 minutes, differ a lot. The ISA-Server has about four times better results than it’s predecessor, while the total number of errors is just about three times higher. MS Proxy 2.0 – Total Hits: 206.953 – Errors: 74.572 Ill. 4 Ill. 5 MS ISA-Server – Total Hits: 781.851 – Errors: 232.879 So, the superiority of the new product is verified. Surprisingly, the count of errors of the MS Proxy 2.0 loose their nearly parallel growth with the total hits line in the 8th minute, and increase much slower in the next 22 test minutes. For this effect couldn’t be found a reason. MS Proxy 2.0 – Hits/Sec – kB/s Ill. 6 MS ISA-Server – Hits/Sec – kB/s Ill. 7 The comparison of the hits/s, shows that the MS Proxy 2.0 cannot exceed the previous peak values of the web server a lot, but holds them constantly (~ 550 kB/s at ~120 hits/s). Whereas the ISA server lies with it’s ~500 hits/s explicit over the MS Proxy 2.0. A ten times higher rate, shown in the small illustration 8 (submitted by Microsoft), cannot be proven. Ill. 7 6.3 Linux Squid vs. MS ISA server The second test candidate is the squid proxy server, based on the operating system RedHat Linux version 7.2. The software products can be downloaded freely from the Internet (http://www.redhat.com; http://www.squid-cache.org). The squid version, used for the test, is release 2.4 stable 1-5. Linux Squid – Total Hits: 1.335.949 – Errors: 303.204 Ill. 9 MS ISA-Server – Total Hits: 781.851 – Errors: 232.879 Ill. 10 This comparing test shows significantly, the higher performance of the squid proxy in opposite to the MS ISA server: it is nearly doubled. The amount of not completed requests is irrelevant higher. Further results like hits per second and kilobytes per second are making this even clearer. Linux Squid – Hits/Sec – kB/s Ill. 11 MS ISA-Server – Hits/Sec – kB/s Ill. 12 In the first six minutes, ISA and squid are competing with each other and are reaching values of 2.600 kb/sec. But then, the performance of the ISA server slackens and even decreases to an average value of 2.200 kb/s. Whereas the performance of the squid proxy reaches its limit not before the maximum possible network throughput rate (at 100 Mbit) of about 4450 kb/sec in the 9th test minute. Then the average value also decreases a little until circa 4300 kbytes per second. 7. Summary The squid proxy, running on a freeware product, is apparently the fastest proxy server within the three test candidates. Its normal implementation is not hard, if the corresponding administrator has little knowledge about Linux. On the other hand, which corporation is in the need of this high caching rates? Who has 750 users that make 1.35 million web requests in 30 minutes? So, if there is already a Windows based network, which perhaps already implemented a MS Proxy 2.0 server, there is no real need to change to a Linux proxy variant instead of updating to an ISA server. On further reason, to prefer the MS ISA server instead of the squid proxy in an existing Windows based network, might be, that all already implemented user groups can be left and later used in the ISA server configuration after an update. Implementing the authorization structure of a Windows 2000 or NT domain on a Linux computer is certainly possible, but probably not easy for a typical Windows Administrator. And implementing the users on two security

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.