Using single persistent socket to send subrequests

Devashi Tandon devashi.tandon at
Fri Jan 28 06:13:45 UTC 2022


Was wondering if this question is more suited for the development forum, since I didn't receive any response on the user forum. Repeating the question below:

I tried with clearing the connections header but NGINX is still sending the 5th response through a new source port. Let me give a more detailed configuration we have. Just to inform you, we have our own auth module instead of using the NGINX auth module. We call ngx_http_post_request to post subrequests and the code is almost the same as that of auth module. For the subrequest sent by auth module with the following configuration we expect NGINX to send requests through a new port for the first four connections and then reuse one of the ports for the fifth connection, especially when the requests are sequential.

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65s;
    include /etc/nginx/conf.d/*.conf;
    proxy_socket_keepalive on;

    server {
        listen       9000;
        server_name  front-service;
        ext_auth_fail_allow on;
        error_log  /var/log/nginx/error.log debug;
        location / {
                    ext_auth_request /auth;
                    proxy_http_version 1.1;
                    proxy_set_header Connection "";
                    proxy_set_header Upgrade $http_upgrade;
                    proxy_set_header X-Real-Ip $remote_addr;
                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                    proxy_set_header X-Forwarded-Proto $scheme;
                    proxy_pass http://localhost:8090;

        location /auth {
                proxy_set_header X-Req-Uri $request_uri;
                proxy_set_header X-Method $request_method;
                proxy_set_header X-Req-Host $host;
                proxy_set_header X-Client-Addr $remote_addr:$remote_port;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_connect_timeout 5000ms;
                proxy_read_timeout    5000ms;
                proxy_http_version 1.1;
                proxy_set_header Connection "";
                proxy_pass http://ext-authz-upstream-server;
    upstream ext-authz-upstream-server {
                keepalive 4;
Could you please help on what we are missing?


Date: Mon, 24 Jan 2022 17:56:33 +0300
From: "Sergey A. Osokin" <osa at>
Subject: Re: Using single persistent socket to send subrequests
To: nginx at
Message-ID: <Ye6+Ie0SM9YCKGby at>
Content-Type: text/plain; charset=utf-8

Hi Devashi,
On Mon, Jan 24, 2022 at 05:52:56AM +0000, Devashi Tandon wrote:
> We have the following configuration:
> location / {
>     proxy_http_version 1.1;
>     proxy_pass http://ext-authz-upstream-server<http://ext-authz-upstream-server/>;
> }
> upstream ext-authz-upstream-server {
>     server;
>     keepalive 4;
> }
> Do I need to add any other configuration to reuse the first four socket connections besides keepalive 4?

You'd need to review and slightly update the `location /' configuration
block by adding the following directive:

    proxy_set_header Connection "";

Please visit the following link to get more details:

Sergey Osokin

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx-devel mailing list