set port range for nginx
Maxim Dounin
mdounin at mdounin.ru
Fri Feb 8 10:05:05 UTC 2013
Hello!
On Fri, Feb 08, 2013 at 11:20:35AM +0800, Fufeng Yao wrote:
> Hi, all
> I've got an nginx server in an internal network, and the server will
> forward request to outer net using proxy_pass,
> it seems like:
> proxy_pass http://[public ip]:[port]
> Unfortunately, the firewall block most of the port, so the proxy_pass
> failed.
> I have two questions:
> How the proxy_pass use port to forward the request? pick a random port?
Outoing port (as well as IP address, unless proxy_bind is used) is
selected by your OS. Use your system configuration options to
tune port range used.
E.g. on FreeBSD it can be done with net.inet.ip.portrange.first
and net.inet.ip.portrange.last sysctl's. On Linux it's tuned with
net.ipv4.ip_local_port_range sysctl or
/proc/sys/net/ipv4/ip_local_port_range.
> Would that be possible to set a port range (10000~20000 e.g) for proxy_pass
> to use?
In theory, nginx can use bind() syscall to select some particular
port, but only one of them, and this doesn't make sense with
proxy_pass - as this will not allow more than one connection to
the same destination address. That is, tuning the OS as suggested
above is the only way to go.
--
Maxim Dounin
http://nginx.com/support.html
More information about the nginx
mailing list