BorderManager FastCache FAQ

  • 2935917
  • 11-Mar-1998
  • 12-Mar-1998
  • 2

Archived Content: This information is no longer maintained and is provided 'as is' for your convenience.

Issue

Novell BorderManager FastCache
Frequently Asked Questions
December 9, 1997

Q: What makes Novell(R) BorderManager FastCache(tm) different from other proxy servers on the market?

A: Novell BorderManager FastCache offers many advantages over other proxy servers. The key reasons why customers choose FastCache are

* Performance
* Scalability
* Ease of management
* Single point of administration through NDS(tm)
* Superior price performance
* Hierarchical Caching through Internet Cache Protocol (ICP)

Q: Which type of Web acceleration does Novell BorderManager FastCache support?

A: Novell BorderManager FastCache supports:

* Forward proxy
* Reverse HTTP proxy

Q: What security mechanisms does Novell BorderManager FastCache support?

A: Proxy user authentication through NDS.

Q: What is the difference between FastCache and Novell BorderManager?

A: FastCache does not support the following:

* Access control
* CyberPatrol* URL filtering
* VPN
* Network Address Translator
* Remote access and multiprotocol routing

Q: Can Novell BorderManager FastCache take the place of Novell BorderManager?

A: No.

Q: Can FastCache servers coexist with Novell BorderManager servers on the same network?

A: Yes.

Q. Does FastCache work with SSL?

A. Yes, through an HTTP tunnel. The browser would send the SSL requests through an HTTP tunnel instead of directly through HTTPS. If your browser attempts to connect to an SSL host through FastCache and you receive an error indicating that FastCache does not support HTTPS, the browser is trying to send an HTTPS packet directly to FastCache instead of tunneling it through HTTP. To correct this, disable persistent connections to the browser (client) on FastCache. This can be done at the PROXYCFG console screen.

Q: How much memory and disk space is required for the proxy cache?

A: The amount will vary considerably between installations as determined by the way the proxy cache is installed and used. (See KB 2930299)

Q: Can the amount of disk space used by the proxy cache be limited?

A: Not directly. That is, there is no configuration parameter to set the maximum size of the proxy cache. However, the proxy disk cache can be moved to a NetWare(R) volume of its own, in which case it is limited to that volume's maximum size. (See KB 2930299)

Q: How much increased performance can be expected by implementing FastCache?

A: This completely depends on how the cache is used, what type of information is requested through the cache, how often, where the cache is located on the LAN, etc. In other words, "results may vary."

Q: Does FastCache do any read-ahead caching?

A: FastCache currently does not read through the cached information to determine what a browser's next request might be and cache it before the request is made. It caches only what is requested. For example, if a browser requests an HTML document that contains an image, when the HTML document passes through FastCache and is cached, FastCache will not recognize that it contains an <IMG> tag so it will not request the image immediately. But, after the browser receives the document, it will see the <IMG> tag and request the image through FastCache. At that point, FastCache will request and cache that image.

Q: What is the ICP Hierarchical Cache?

A: The Internet Cache Protocol (ICP) Hierarchical Cache is the network acceleration component in the FastCache system. It is based on the Squid object cache (see http://squid.nlanr.net/Squid/). ICP allows you to define a hierarchy of proxy cache servers so that if a request is not found in one, it may be requested from the others. Any FastCache software using the Squid object cache can be used for ICP. Also, any FastCache not using Squid can be identified as a "CERN" type and standard proxy requests will be used to query the other server's cache.

Q: What types of logs does FastCache keep?

A: FastCache can keep a standard HTTP log, and extended HTTP log, or a NetWare audit log. Any combination of these three types of logs may be enabled or disabled. The logs are viewable through the NetWare Administrator program, as are FastCache statistics.

Q: Where are the log files stored?

A: Log files are stored in SYS:ETC\COMMON.LOG, SYS:ETC\EXTENDED.LOG, and the NetWare audit log facility.

Q: How are the log files rolled?

A: Each of the common and extended log files rolls when the file size reaches 5 MB. When a log file rolls, a new one is created, up to a maximum of five files. When the fifth log file rolls, the oldest one is replaced. So, at most, you will have a maximum of 10 log files (5 common and 5 extended), each 5 MB for a total of 25 MB of log files. The indexed (audit) log is not rolled, and cannot be limited through FastCache.

Q: If users are trying to refresh the same document continuously throughout the day, can FastCache be configured to ignore those refresh requests and rely solely on FastCache configuration to determine when a request should be refreshed?

A: Yes. This is enabled (disabled) on the Cache page under FastCache advanced configuration options in the NetWare Administrator program.

Q: Does the HTTP Accelerator translate the addresses within a reply to a client's request?

A: No. If the reply is a redirected packet, the client will then bypass the HTTP Accelerator and go to the site identified on the Location: line of the redirect packet. If the reply is an HTML document that contains links, images, or other pieces addressed using a full URL instead of a relative URL, then access to those URLs will bypass the HTTP Accelerator also.

Q: What is the purpose of the HTTP Accelerator?

A: The HTTP Accelerator (or reverse proxy) is a proxy for a Web server as opposed to a proxy for a client. Browsers can point to the HTTP Accelerator instead of the original Web server. Replies to those requests are cached by FastCache. This provides a mechanism for creating a pseudomirror of the original Web server. Of course, if all browsers go through the forward proxy to get to the original Web server, the same caching is being done. The HTTP Accelerator makes the most sense when clients not going through FastCache's forward cache want to make use of the cache to accelerate a specific Web server.

Q: Can you change which port the HTTP Accelerator is listening on?

A: The HTTP Accelerator will always listen on the same port that the original Web server is listening on. That is, when the Web server to be accelerated is added to the list in the directory, whatever port is entered is the port the HTTP Accelerator will listen on and will use to communicate with the original Web server.

Q: What is the IP/IP gateway?

A: It is part of Novell's IP gateway that includes both the IPX(tm)/IP gateway and the IP/IP gateway with a circuit level gateway-firewall. The IP/IP gateway encapsulates TCP in IP packets, while the IPX/IP Gateway encapsulates TCP in IPX packets.

Q: Why would I use the IP/IP gateway?

A: To hide IP addresses from the public interface (IP/IP gateway)

Q: What are the differences between the "old" intraNetWare(tm) IPX/IP Gateway and the new Novell IP Gateway?

A: The "old" intraNetWare gateway features:
   * Socket interface
   * Administered via NWAdmn3x Snap-in and INETCFG
   * Client connections limited to 250
   * NDS context, Typeful
   * Only one gateway (IPX/IP)

   The new BorderManager gateway features:
   * ECB interface
   * Administered via NWAdmn95 Snap-in only
   * Up to 1000 client connections
   * NDS context, Typeless
   * Includes both an IP/IP gateway and an IPX/IP gateway.
             
Q: What clients does the Novell IP Gateway support?

A: It is currently supported only on Windows* 95* and Windows 3.1. A Windows NT* client for the IP gateway is currently under development.
             
Q: Will the new Novell BorderManager IP gateway install over the old IPX/IP intraNetWare gateway?

A: Yes, Novell BorderManager installation will upgrade up old gateway NetWare Loadable Module(tm) (NLM)(tm) software and NDS objects.
             
Q: How does performance compare between the old gateway and the new gateways?

A: The Novell BorderManager gateways use the new ECB interface, which makes calls directly from the gateway to TCP/IP, and speed is greatly increased.
             
Q: What is the IPX/IP gateway?

A: The IPX/IP gateway
    * Provides a circuit level gateway-firewall
    * Encapsulates TCP in an IPX packet
             
Q: Why would I use the IPX/IP gateway?

A: The reasons to use the IPX/IP gateway are
   * To allow IPX users to access TCP resources
   * To allow only one IP address
             
Q: What are the differences between the old IPX/IP gateway and the new IP gateway?

A: The old IPX/IP intraNetWare gateway features:
   * Socket interface
   * Administered via NWAdmn3x Snap-in and INETCFG
   * Client connections limited to 250
   * Context, Typeful

   The new IP BorderManager gateway features:
   * ECB interface
   * Administered via NWAdmn95 Snap-in only
   * Up to 1000 client connections
   * Context, Typeless
   * Includes IP/IP gateway
             
Q: What clients does the IP gateway support?

A: It is currently supported only on Windows 95. A Windows NT client, for the IP gateway, is currently under development.
             
Q: Will Novell BorderManager gateways install over intraNetWare gateway?

A: Yes, the Novell BorderManager installation will upgrade old gateway NLM
and NDS objects.
             
Q: How does performance compare between the old gateway and new gateways?

A: Because the Novell BorderManager gateways use the new ECB interface, which make calls directly from gateway to TCP/IP, the speed is greatly increased.

Q: What platforms does Novell BorderManager FastCache run on?

A: The server component runs on intraNetWare and NetWare 4.11 The
administration component runs on a Windows 95 or Windows NT 4.0 workstation.

Q: What are the system requirements for Novell BorderManager FastCache?

A: Server requirements:
    * intraNetWare, NetWare 4.11, or NetWare 4.10
    * 150 Kbytes of available memory and disk space
    * Minimum patch list (https://support.novell.com/misc/patlst.htm)

Administration workstation requirements:
    * Windows 95 or Windows NT 4.0
    * intraNetWare Client* installed
    * 2 MB of available disk space

__________________________________________________________________
DISCLAIMER

Novell, Inc., makes no representations or warranties with respect to
any Novell software, and specifically disclaims any express or implied
warranties of merchantability, title, or fitness for a particular
purpose. Distribution of any Novell software is forbidden without the
express written consent of Novell, Inc. Further, Novell reserves the
right to discontinue distribution of any Novell software. Novell is not
responsible for lost profits or revenue, loss of use of the software,
loss of data, costs of recreating lost data, the cost of any substitute
equipment or program, or claims by any party other than you. Novell
strongly recommends a backup be made before any software is installed.
Technical support for this software may be provided at the discretion
of Novell.

__________________________________________________________________
TRADEMARKS

Novell Trademarks

NetWare and Novell are registered trademarks of Novell, Inc. in the United States and other countries. intraNetWare, intraNetWare Client, IPX, NDS, NetWare Loadable Module, NLM, Novell BorderManager, and Novell BorderManager FastCache are trademarks of Novell, Inc.

Third-Party Trademarks

Windows is a registered trademark and Windows 95 and Windows NT are trademarks of Microsoft Corporation. CyberPatrol is a trademark of Microsystems Software, Inc.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.