proxy_pass to backend (varnish): delivered ip?
francis at daoine.org
Thu Jan 31 11:46:06 UTC 2013
On Thu, Jan 31, 2013 at 02:13:39AM -0500, revirii wrote:
> > If it connects *to* 127.0.0.1, it will connect *from* 127.0.0.1 (which
> > is one of the nginx server's addresses).
> > If it connects *to* 192.168.0.1, it will connect *from* 192.168.0.1
> > (which is one of the nginx server's addresses).
> Hm, the said nginx vhost doesn't use 127.0.0.1 or a lan address in
> combination with port 80 - varnish listens on *.80. the nginx ssl vhost
> listens on an "real" ip and passes the requets to varnish on 127.0.0.1:80.
> Or is there a misunderstanding on my side?
nginx as a *server* listens on whatever ip:port pairs are in the
nginx as a *client* uses the operating system's facilities to set the
client connection information.
When nginx talks to varnish, nginx is the client and varnish is the
> Ok, so what your're trying to tell me is:
> if i proxy_pass to varnish with "proxy_pass http://127.0.0.1:80;" nginx uses
> some localhost address (although it can't be 127.0.0.1:80, which is used by
> varnish) to connect to varnish, and varnish sees this localhost address
The proxy_pass connection comes from the address and port that nginx
chooses -- which is usually "whatever the OS chooses", because nginx
doesn't care to choose. In this case, the address will be 127.0.0.1,
and the port will be something unpredictable you usually don't care about.
> if i proxy_pass to varnish with "proxy_pass http://real_ip:80;" nginx uses
> the real ip (although it can't be real_ip:80, which is used by varnish) to
> connect to varnish, and varnish sees this real_ip address
If real_ip is configured on the machine, then yes. If not, then the
OS will choose the appropriate locally-configured address (plus an
unpredictable port) to make the connection.
> If so, there's nothing i can do within nginx config, as it's simply not
> possible. And varnish config or log is the (only) place where i can achieve
That part is correct.
Francis Daly francis at daoine.org
More information about the nginx