Using NGINX to reverse proxy hundreds of ports

Phillip Odam phillip.odam at rosettahealth.com
Mon Mar 2 15:32:39 UTC 2020


Hi

So far from my reading and testing of NGINX I can't find a compact way of configuring NGINX as I've done here with HAProxy config. Disregard the bind on a port range,
I get that the NGINX listen statement works on an individual port basis, so the equivalent of what's below in NGINX would at the very least require 300 listen statements.

So far from what I've been able to tell, and what I'm wanting to confirm, there's also no way to avoid having 300 upstreams? One for each port between 2000 and 2299 so that
10.1.0.1:2000 is proxied to 127.0.0.1:2000 and 10.1.0.1:2001 is proxied to 127.0.0.1:2001 for example. Is this correct, is there no way to avoid having 300 upstreams if I'm
needing proxy 10.1.0.1:X to 127.0.0.1:X. Based on a quick back of the napkin calculation, I'd be looking at around 2,000 to 2,500 lines of configuration in NGINX if a new
upstream is required for each and every port I'm needing to handle. If this is correct does anyone know what the impact on memory use would be having so much configuration
for NGINX?

FYI I've tried referencing my own declared variables from within the upstream as well as referencing $server_port but of course these don't appear to be in scope.

I think in this particular case HAProxy is a better fit but I'm interested in seeing what can be done with NGINX as it's typically my go to solution.
  
frontend inbound
   bind 10.1.0.1:2000-2299
   mode tcp
   acl use_local src 127.0.0.0/8 10.1.0.0/24
   use_backend local-app if use_local
   default_backend balanced-app

backend balanced-app
   balance roundrobin
   mode tcp
   option tcp-check
   server self 127.0.0.1 check port 2000
   server srv2 10.1.0.2 check port 2000

backend local-app
   mode tcp
   option tcp-check
   server self 127.0.0.1 check port 2000

Thanks
Phillip

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20200302/5c3d0f70/attachment.htm>


More information about the nginx mailing list