What do nginx layer 4 proxy and layer 7 proxy mean? (Recommended learning: nginx tutorial)
The layers here are the OSI 7-layer network model. The OSI model is from top to bottom. The lower layers are closer to the hardware. The higher you go, the closer you get to the software. The seven-layer model is the physical layer, data link layer, network layer, transport layer, session layer, presentation layer, and application layer.
nginx4 layer refers to the tcp/udp of the transport layer.
nginx7 layer refers to the application layer, usually http.
Proxy principle:
The 4th layer uses NAT technology. The full name of NAT in English is "Network Address Translation", which means "Network Address Translation" in Chinese. When the request comes in, nginx modifies the target and source IP and port in the data packet, and then sends the data packet to the target server. After the server completes processing , nginx makes another modification and returns it to the requesting client.
Layer 7 proxy: You need to read and parse the http request content, and then forward it to the corresponding server based on the specific content (url, parameters, cookies, request headers). The forwarding process is: establishing a connection with the target machine Connect, then forward the request, receive the response data and forward it to the requesting client.
Comparison of advantages and disadvantages:
Performance:
Theoretically, layer 4 is faster than layer 7, because layer 7 proxy The specific content of the data packet needs to be parsed, which requires additional CPU. However, nginx has strong network concurrency processing capabilities. For some slow connections, nginx can first buffer the network request data and forward it to the upstream server at once, so that for servers with weak upstream network concurrency processing capabilities (such as tomcat), this will not affect tomcat. That is to say, a slow connection becomes a fast connection (nginx to tomcat are basically reliable intranets), thereby saving network data buffering time and providing concurrency performance.
Flexibility:
Since the layer 4 proxy uses NAT, nginx does not know the specific content of the request, so nginx cannot do anything. With a 7-layer proxy, you can do many things based on the request content (url, parameters, cookies, request headers), such as:
a: Dynamic proxy: different URLs are forwarded to different servers.
b. Risk control: Block external IP addresses from requesting certain sensitive URLs; block certain fraudulent users based on parameters.
c. Audit: record request logs at the nginx layer.
The above is the detailed content of What are the four layers of nginx4?. For more information, please follow other related articles on the PHP Chinese website!