答复: nginx plus with ssl on TCP load balance not work
smith
smith.hua at zoom.us
Thu Jun 11 07:49:13 UTC 2015
Nginx.conf:
user nginx;
worker_processes auto;
worker_rlimit_nofile 65535;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
use epoll;
worker_connections 65535;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request"
'
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
stream {
include /etc/nginx/xxxx.d/*.conf;
}
And the content in previous email is in
xxxx.d/xxxx.conf
There is no file under /etc/nginx/conf.d
Thanks.
-----邮件原件-----
发件人: nginx-bounces at nginx.org [mailto:nginx-bounces at nginx.org] 代表 Roman
Arutyunyan
发送时间: 2015年6月11日 7:45
收件人: nginx at nginx.org
主题: Re: nginx plus with ssl on TCP load balance not work
Hi,
Could you provide the full config of the nginx/stream balancer?
On 11 Jun 2015, at 09:29, huakaibird <nginx-forum at nginx.us> wrote:
> Hi,
>
> I’m using nginx plus with ssl on TCP load balance, Configured like the
> documentation, but it not work. (All the IP below is not real-ip) I
> have web servers behind, I want to use ssl offloading, and I choose
> TCP load balance. listen on 443 and proxy to web server's 80.
>
> Page access always report ERR_TOO_MANY_REDIRECTS.
>
> Error log
> 2015/06/11 03:00:32 [error] 8362#0: *361 upstream timed out (110:
> Connection timed out) while connecting to upstream, client: 10.0.0.1,
server:
> 0.0.0.0:443, upstream: "10.0.0.2:443", bytes from/to client:656/0,
> bytes from/to upstream:0/0
>
> 10.0.0.2 this ip is the nginx ip, while it is used as upstream?
>
> The configuration is like this, remove the real ip
>
> server {
> listen 80 so_keepalive=30m::10;
> proxy_pass backend;
> proxy_upstream_buffer 2048k;
> proxy_downstream_buffer 2048k;
>
> }
>
> server {
> listen 443 ssl;
> proxy_pass backend;
> #proxy_upstream_buffer 2048k;
> #proxy_downstream_buffer 2048k;
> ssl_certificate ssl/chained.crt;
> #ssl_certificate ssl/4582cfef411bb.crt;
> ssl_certificate_key ssl/zoomus20140410.key;
> #ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
> #ssl_ciphers HIGH:!aNULL:!MD5;
> ssl_handshake_timeout 3s;
> #ssl_session_cache shared:SSL:20m;
> #ssl_session_timeout 4h;
>
> }
>
>
> upstream backend {
> server *.*.*.*:80;
> server *.*.*.*:80;
> }
>
>
>
> nginx -v
> nginx version: nginx/1.7.11 (nginx-plus-r6-p1)
>
> And I’m using amazon linux
> uname -a
> Linux ip-*.*.*.* 3.14.35-28.38.amzn1.x86_64 #1 SMP Wed Mar 11 22:50:37
> UTC
> 2015 x86_64 x86_64 x86_64 GNU/Linux
>
>
> BTW, tcp how to set access log?
>
> Posted at Nginx Forum:
> http://forum.nginx.org/read.php?2,259522,259522#msg-259522
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
--
Roman Arutyunyan
_______________________________________________
nginx mailing list
nginx at nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
More information about the nginx
mailing list