<div dir="ltr"><span style="font-size:12.8px;text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">Hello,</span><div style="font-size:12.8px;text-decoration-style:initial;text-decoration-color:initial"><br></div><div style="font-size:12.8px;text-decoration-style:initial;text-decoration-color:initial">I am trying to route requests such that those requiring websockets will route to a long-lived nginx process, and all others will go to the general reverse-proxy which handles all other traffic. These nginx processes exist in our AWS cloud behind an ELB that has been configured to use Proxy Protocol. Note that all of this works correctly with our current setup which uses only one nginx process that is configured to use proxy_protocol.</div><div style="font-size:12.8px;text-decoration-style:initial;text-decoration-color:initial"><br></div><div style="font-size:12.8px;text-decoration-style:initial;text-decoration-color:initial">The change to this setup is as follows:</div><div style="font-size:12.8px;text-decoration-style:initial;text-decoration-color:initial"><br></div><div style="font-size:12.8px;text-decoration-style:initial;text-decoration-color:initial">The first nginx server handling all ingress uses proxy_protocol and forwards requests to either the websocket or non-websocket nginx servers locally:</div><div style="font-size:12.8px;text-decoration-style:initial;text-decoration-color:initial"><br></div><div style="font-size:12.8px;text-decoration-style:initial;text-decoration-color:initial"><pre style="white-space:pre-wrap;background-color:rgb(43,43,43);color:rgb(169,183,198);font-family:Menlo;font-size:9pt">server {<br>    listen 8080 proxy_protocol;<br>    real_ip_header proxy_protocol;<br>    charset utf-8;<br>    client_max_body_size 20M;<br><br>    #send to websocket process<br>    location /client {   <br>      proxy_pass <a href="http://localhost:8084/" target="_blank" style="color:rgb(17,85,204)">http://localhost:8084</a>;<br>      proxy_set_header Host $host;<br>      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;<br>      proxy_set_header X-Real-IP $proxy_protocol_addr;<br>      proxy_set_header X-NginX-Proxy true;<br>      proxy_set_header X-Proxy-Scheme $scheme;<br>      proxy_set_header X-Proxy-Port $proxy_port;<br>      proxy_set_header X-ELB-Proxy-Scheme "https";<br>      proxy_set_header X-ELB-Proxy-Port "443";<br><br>      # Always support web socket connection upgrades<br>      proxy_http_version 1.1;<br>      proxy_set_header Upgrade $http_upgrade;<br>      proxy_set_header Connection "upgrade";<br>    }<br><br>  #send to non-websocket process<br>  location / {<br>          proxy_pass <a href="http://localhost:8082/" target="_blank" style="color:rgb(17,85,204)">http://localhost:8082</a>;<br>          proxy_set_header Host $host;<br>          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;<br>          proxy_set_header X-Real-IP $proxy_protocol_addr;<br>          proxy_set_header X-NginX-Proxy true;<br>          proxy_set_header X-Proxy-Scheme $scheme;<br>          proxy_set_header X-Proxy-Port $proxy_port;<br>          proxy_set_header X-ELB-Proxy-Scheme "https";<br>          proxy_set_header X-ELB-Proxy-Port "443";<br><br>          # Always support web socket connection upgrades<br>          proxy_http_version 1.1;<br>          proxy_set_header Upgrade $http_upgrade;<br>          proxy_set_header Connection "upgrade";<br>  }</pre><br>When any non-websocket request is sent to localhost:8082, I get an empty reply. If I remove proxy_protocol from the first server, I get a response as expected. Obviously, I need proxy_protocl to support the ingress from our ELB, so removing it is not an option. However, I would like to know what pieces I am missing to route traffic correctly -- and I would also like to know why proxying a request locally from a proxy_protocol enabled server to another nginx process (regardless of this second process using proxy_protocol or not) fails.</div><div style="font-size:12.8px;text-decoration-style:initial;text-decoration-color:initial"><br></div><div style="font-size:12.8px;text-decoration-style:initial;text-decoration-color:initial">For reference, the basic configuration of this secondary nginx process is below:</div><div style="font-size:12.8px;text-decoration-style:initial;text-decoration-color:initial"><br></div><div style="font-size:12.8px;text-decoration-style:initial;text-decoration-color:initial"><pre style="background-color:rgb(43,43,43);color:rgb(169,183,198);font-family:Menlo;font-size:9pt">upstream console {
   server localhost:3000 max_fails=3 fail_timeout=60 weight=1;
}

server {<br>    listen 8082;<br>   client_max_body_size 20M;

   location /console {
     proxy_pass <a href="http://console">http://console</a>
   }

   .
   .
   .

   
}</pre><br><br>Thank you all for your time,</div><div style="font-size:12.8px;text-decoration-style:initial;text-decoration-color:initial">Joseph Wonesh</div><br></div>

<br>
<span style="color:rgb(102,102,102);font-family:Arial,sans-serif;font-size:x-small;background-color:rgb(255,255,255)">This message is private and confidential. If you have received message in error, please notify us and remove from your system. </span>