MATRIXX Gateway Proxy

MATRIXX includes Gateway Proxy that acts as a secure entry point for all network traffic that is not the result of subscriber usage. It sits between external applications and the Traffic Routing Agent (TRA).

Gateway Proxy allows data to be passed to MATRIXX Engine gateways in MATRIXX Data Container (MDC), REST, and Java formats. It is configured to use a Linux firewall allow list to determine which IP addresses can send requests to the engine.

Figure 1 shows how Gateway Proxy communicates with MATRIXX Engine.

Gateway Proxy can communicate with multiple engines or TRAs deployed between the proxy and the engines. When the Gateway Proxy receives a message from a client, it finds the highest priority (lowest engine number) engine that is currently ACTIVE and sends the message to it. If the send fails, the Gateway Proxy sends the message to the next highest priority engine until all attempts have failed.

The Gateway Proxy actively monitors all engines and opens a connection pool to any newly active engine and removes the connection pool from an engine if it fails. For information about engine configuration, see MATRIXX Installation and Upgrade.

The Gateway Proxy uses the TRA-(SI/DR) to direct traffic to the active engine.

Figure 2 shows how subscriber traffic is sent from the internet directly to the MATRIXX Engine through a firewall, and is distributed across a Gateway Proxy pool by a redundant set of load balancers. Diameter traffic is not routed through Gateway Proxy; from the network, Diameter traffic is sent directly to the site-independent router (TRA-SI) for the MATRIXX environment (and then sent to the TRA-LB for the active engine).

For information about installing and configuring Gateway Proxy, see MATRIXX Installation and Upgrade. For information about configuring the network to distribute traffic across more than one Gateway Proxy, see the service configuration documentation for that network.