A topology when nginx is in reverse-proxy mode? support ?

Francis Daly francis at daoine.org
Sun Feb 5 11:17:13 UTC 2012


On Sun, Feb 05, 2012 at 01:02:12PM +0800, Geoge.Q wrote:

Hi there,

I'm afraid I'm not able to understand the topology. So I'll make some
guesses, and perhaps you can say where I have gone wrong.

>  2. How to access
> 
>     (1)  Access http://2.2.2.2:8000 from outside to access web1;
>           Access http://2.2.2.2:8001 from outside to access web2;
>     (2) NAT device translated 2.2.2.2 to different internal IP address
> according to port;
>              http://2.2.2.2:8000  =====NAT===> http://1.1.1.1(web1);
>              http://2.2.2.2:8001  =====NAT===> http://1.1.1.2(web2);
>     (3)  NGINX act as reverse proxy;

So 2.2.2.2 is the address of the NAT device, and it sends any inbound
traffic to port 8000, to internal web1:80; and it sends any inbound
traffic to port 8001, to internal web2:80?

That should just work, with no need for nginx anywhere.

So that's presumably not what you want.

Perhaps you have nginx on some other internal server, that the NAT device
sends the traffic to? Or perhaps nginx is running on the NAT device,
so NAT isn't needed at all?

> 3. issue
>    We configure nginx as reverse proxy, but it always proxy
> (http://1.1.1.1and http:/
> 1.1.1.2) to http://1.1.1.1;
> 
>    nginx configure is as following
> 
>      server {
>            listen 80;

That is the port on the nginx server that nginx listens to, and is
the port that the traffic to nginx must be sent to. I suspect that it
should be 8000 or 8001; but when the network topology is clear, it will
be clear what that will be.

>            server_name 2.2.2.2; // (try 2.2.2.2:8000, it failed)

That is the name in the Host: header that the client sends. If more than
one nginx server{} listens on the same ip:port, it is used to choose
which server{} is used.

>        server {
>            listen 80;
>            server_name 2.2.2.2; # (try 2.2.2.2:8000, it failed)

This is the same listen/server_name as the first one, so will never match.

> 4. I try to change the configuration, it is failed.
> 
>     My configuration is good ? Is the topology supported?

Because of listen/server_name, your second server{} block will never be
used, so no traffic will go to web2.

So: have nginx listening on two different ports, or on two different
addresses, or use different Host: names in the requests.

(But since I don't see where nginx fits in to the topology in the first
place, I guess I must have missed something.)

	f
-- 
Francis Daly        francis at daoine.org



More information about the nginx mailing list