About range compression

Range compression is the compression of a specific portion of Web content. Range compression is required to support legacy PDF file readers that do not have built-in compression support.

Because Internet Information Services (IIS) does not support range compression, do not allow range compression on the network that includes an IIS server. However, because Microsoft Forefront Threat Management Gateway does support range compression, you may want to enable it between two Forefront TMG computers.

For example, if you have a Web server in the main office, you would disable range compression on the Internal network for the main office, but enable it on the External network for the main office and for the branch offices, so that range compression takes place between the offices.

The HTTP Request for Comment (RFC) does not explain how to handle the combination of compressed content with range headers (the HTTP headers used to request content ranges). By default, IIS does not compress range requests because of the ambiguity of the RFC. There is a specific flag that, if it is set, causes IIS to return the range from the compressed file. However, IIS first compresses the whole file and then returns the requested range. To simulate this behavior, Forefront TMG should fetch the whole file, compress it, and then return the specific range. If the file is large and the range is at the end, this scenario may result in denial of service. To protect Forefront TMG from denial of service, Forefront TMG takes a different approach than IIS.

By default, Forefront TMG does not compress a range request. To support compression of range requests, Forefront TMG includes a property per network element that indicates if range compression is allowed. If range compression is enabled, Forefront TMG requests range compression. When receiving a compressed range response, Forefront TMG always decompresses it. When returning a range response to the client that asked for compression, Forefront TMG compresses the data before transferring it to the client.

The following describes the compression and range behavior in Forefront TMG:

  1. The client requests range compression.
  2. The configuration in the branch office does not allow the client to request compression. However, Forefront TMG in the branch office is configured to request compression and range compression and therefore sends a range compression request to the main office.
  3. Forefront TMG in the main office gets the request. Because its client (Forefront TMG in the branch office) is allowed to request compression, Forefront TMG sends the request to the Web server. However, because Forefront TMG in the main office is configured to not allow requests for range compression, the response from the Web server contains the uncompressed range.
  4. When Forefront TMG in the main office gets the response, it returns it to Forefront TMG in the branch office. Because the request from Forefront TMG in the branch office asked for compression, Forefront TMG in the main office compresses the data before transferring it to the branch office.
  5. Forefront TMG in the branch office receives the response. The response is a compressed range response. Forefront TMG decompresses it and transfers it uncompressed to the client in the branch office.
  6. Range compression is not enabled through the user interface (UI). The administrator has to edit the configuration .xml file manually and set the CompressRange flag.
Range responses are not stored in the Forefront TMG cache.