Reverse Proxy Pattern

The reverse proxy pattern is a very common pattern used when we use a microservices-based design. Before understanding reverse proxy, it makes sense to spend a minute to understand what the term proxy means in terms of the Internet. Proxies are usually used by big organizations to control traffic. The image below helps us illustrate the use of the proxy layer.

Proxy Layer

In a normal scenario when a machine accesses a site like google.com, it will know that the traffic is coming from the A.B.C.D IP address. But if we introduce a proxy layer in between, the client machine for google changes from A.B.C.D IP to the Proxy machine. So google will not know about the actual client requesting data.

Use of Proxy layer gives organizations control on traffic in terms of

  • Anonymity
  • Caching
  • Logging usage
  • Block Sites

Coming to Reverse Proxy, as the name suggests, it reverses the effect of proxying. That is, instead of introducing the proxy layer at the client-side, we have the proxy layer at the server or provider side. Let us how the flow looks with help of the image below.

Reverse Proxy

As we can in the image above that in the case of reverse proxy, the proxy layer shields actual servers where services are implemented. For the external world, the reverse proxy server is the actual destination implementation, for the example shown above, anyone looking for google.com will hit the reverse proxy server say A.B.C.D IP address. But A.B.C.D is not the machine actually processing the requests. It receives the request and passes it on to a backend server which actually fulfills the request and returns the results back to the caller.

A reverse proxy server help achieve features like

  • Caching
  • Load Balancing (send same requests to any of the servers among a set)
  • Ingress (take multiple types of requests and choose the correct server)
  • Canary / Blue-Green deployments

The reverse proxy pattern can be extended to provide many more features like rate limiting, authentication/ authorization, TLS offloading, etc. Most advanced tools fall under the category of API Gateway. There is a thin line between Reverse proxy and API gateway and you can at times feel the terms being used interchangeably. The video below tries to demystify the line between API Proxy and API Gateway.