Manualshelf

Installation guide

ManualsBrandsRed Hat ManualsComputer equipmentNETWORK PROXY SERVER 4.0 -
12345678910
Web user interface.
1.4. How it Works
The Red Hat Update Agent or Package Updater on the client systems does not directly contact a Red
Hat Network Server. Instead, the client (or clients) connects in turn to an RHN Proxy Server that
connects to the Red Hat Network Servers or to a RHN Satellite Server. T hus, the client systems do not
need direct access to the Internet. T hey need access only to the RHN Proxy Server.
Important
Red Hat strongly recommends that clients connected to an RHN Proxy Server be running the
latest update of Red Hat Enterprise Linux to ensure proper connectivity.
Clients that access RHN directly are authenticated by the RHN servers. Clients that access an RHN
Proxy Server are still authenticated by RHN; however, in this case the Proxy provides both authentication
and route information to RHN. After a successful authentication, the Red Hat Network Server informs the
RHN Proxy Server that it is permitted to execute a specific action for the client. T he RHN Proxy Server
downloads all of the updated packages (if they are not already present in its cache) and delivers them to
the client system.
Requests from the Red Hat Update Agent or Package Updater on the client systems are still
authenticated on the server side, but package delivery is significantly faster since the packages are
cached in the HT T P Proxy Caching Server or the RHN Proxy Server (for local packages); the RHN Proxy
Server and client system are connected via the LAN and are limited only by the speed of the local
network.
Authentication is done in the following order:
1. T he client performs a login action at the beginning of a client session. T his login is passed
through one or more RHN Proxy Servers until it reaches a Red Hat Network Server.
2. T he Red Hat Network Server attempts to authenticate the client. If authentication is successful, the
server then passes back a session token via the chain of RHN Proxy Servers. This token, which
has a signature and expiration, contains user information, including channel subscriptions,
username, etc.
3. Each RHN Proxy Server caches this token on its local file system in /var/cache/rhn/. Caching
reduces some of the overhead of authenticating with Red Hat Network Servers and greatly
improves the performance of Red Hat Network.
4. T his session token is passed back to the client machine and is used in subsequent actions on
Red Hat Network.
From the client's point of view, there is no difference between an RHN Proxy Server and a Red Hat
Network Server. From the Red Hat Network Server's point of view, an RHN Proxy Server is a special type
of RHN client. Clients are thus not affected by the route a request takes to reach a Red Hat Network
Server. All the logic is implemented in the RHN Proxy Servers and Red Hat Network Servers.
Optionally, the RHN Package Manager can be installed and configured to serve custom packages. Any
package that is not an official Red Hat package, including custom packages written specifically for an
organization, can only be served from a private software channel (also referred to as a custom software
channel). After creating a private RHN channel, the custom RPM packages are associated with that
channel by uploading the package headers to the RHN Servers. Only the headers are uploaded, not the
actual package files. T he headers are required because they contain crucial RPM information, such as
Red Hat Network Satellite 5.3 Proxy Installation Guide
6