Reverse Proxy with 500k connections

[larsg]

Hi,

we are operating native nginx 1.8.1 on RHEL as a reverse proxy.
The nginx routes requests to a backend server that can be reached from the
proxy via a single internal IP address.
We have to support a large number of concurrent websocket connections - say
100k to 500k.

As we don't want to increase the number of proxy instances (with different
IPs) and we cannot use the "proxy_bind transarent" option (was introduced in
a later nginx release, upgrade is not possible) we wanted to configure the
nginx to use different source IPs then routing to the backend. Thus, we want
nginx to select an available source ip + source port when a connection is
established with the backend.

For that we assigned ten internal IPs to the proxy server and used the
proxy_bind directive bound to 0.0.0.0.
But this approach seems not to work. The nginx instance seems always use the
first IP as source IP.
Using multiple proxy_bind's is not possible.

So my question is: How can I configure nginx to select from a pool of source
IPs? Or generally: to overcome the 64k problem?

Best Regards
Lars

------- extract from config

upstream backend {
  server 192.168.1.21:443;
}

server {
  listen              443 ssl;
  proxy_bind          0.0.0.0;
  
  location /service {
    proxy_pass https://backend;
    ...
  }
}

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,272808,272808#msg-272808