How Forefront TMG Caching Works

The Forefront TMG Web proxy can be configured to maintain a cache of Web objects and to attempt to fulfill Web requests from the cache. If a request cannot be fulfilled from the cache, the Forefront TMG server processing the request initiates a new request on behalf of the client. Once the remote Web server responds to the Forefront TMG server, the Forefront TMG server caches the response to the original client request and sends a response to the client.

By default, when you install Forefront TMG, caching is disabled. This is because no space on any disk drive on a Forefront TMG server is allocated for caching. When you allocate cache space on at least one cache drive on a Forefront TMG server (FPCServer object) by setting the CacheLimitInMegs property of the applicable FPCCacheDrive object to a value greater than zero, you effectively enable caching.

With caching enabled, you can further configure the cache by defining cache rules (FPCCacheRule objects), which determine whether content from specified sites should be stored or retrieved from the Forefront TMG cache. A cache rule applies to destination sites and does not consider the source network. The destination sites are specified by network entities, domain name sets (FPCDomainNameSet collections), and URL sets (FPCURLSet collections).

Forefront TMG supports forward caching, used for outgoing requests, and reverse caching, used for incoming requests. Clients in both forward caching and reverse caching benefit from the full gamut of Forefront TMG caching features.

For any specific network, if support for Forefront TMG Client and Firewall Client computers is enabled, or if Forefront TMG is configured as the default gateway for SecureNAT clients, the Forefront TMG Web proxy caches objects requested by Forefront TMG Client and Firewall Client computers and by SecureNAT clients.

Forefront TMG analyzes the cache configuration (FPCCacheConfiguration object) and existing cache content to determine if an object should be retrieved from the cache.

First, if the user request is allowed, Forefront TMG checks whether the object exists in its cache. If the request is made to a Forefront TMG array with multiple servers (supported only in the Forefront TMG Enterprise Edition), the Cache Array Routing Protocol (CARP) algorithm is used to determine which server's cache should be checked. If the object is not in the cache, Forefront TMG checks the Web chaining rules (FPCRoutingRule objects) to determine whether the request will be forwarded directly to the requested Web server, to another upstream proxy server, or to a specific alternate destination. If the object is in the cache, Forefront TMG performs the following steps:

1. Forefront TMG checks whether the object is valid. The object is considered valid only if all of the following conditions are true:

   • The Time to Live (TTL) that is specified in the source has not expired.
   • The TTL that you configured in a content download job has not expired.
   • The TTL that you configured for the object has not expired.

   If the object is valid, Forefront TMG retrieves the object from the cache and returns it to the user.

2. If the object is invalid, Forefront TMG checks the Web chaining rules.

3. If an applicable Web chaining rule is configured to route the request, Forefront TMG determines whether to route the request to the upstream server, to the requested Web server, or to another specified destination.

4. If the Web chaining rule is configured to route the request to the Web server, Forefront TMG checks whether the Web server is accessible.

5. If the Web server is not accessible, Forefront TMG checks whether you configured the cache to return expired objects. If the cache configuration allows the server to return an expired object as long as a specific maximum expiration time did not pass, the object is returned from the cache to the user. Otherwise, an error is returned.

6. If the Web server is available, Forefront TMG determines whether the object may be cached and whether you configured the applicable cache rule's properties to cache the response. If so, Forefront TMG caches the object and returns the object to the user.

 

 

Build date: 7/12/2010