答复: nginx plus with ssl on TCP load balance not work
smith
smith.hua at zoom.us
Thu Jun 11 08:26:41 UTC 2015
The 80 is normal
-----邮件原件-----
发件人: nginx-bounces at nginx.org [mailto:nginx-bounces at nginx.org] 代表 Roman Arutyunyan
发送时间: 2015年6月11日 8:25
收件人: nginx at nginx.org
主题: Re: nginx plus with ssl on TCP load balance not work
What about the 80 port of the stream balancer?
Does it proxy the connection normally?
PS: no access log is supported in the stream module.
Connection information (addresses etc) is logged to error log with the info loglevel.
On 11 Jun 2015, at 10:49, smith <smith.hua at zoom.us> wrote:
> Nginx.conf:
>
> user nginx;
> worker_processes auto;
> worker_rlimit_nofile 65535;
>
> error_log /var/log/nginx/error.log warn;
> pid /var/run/nginx.pid;
>
>
> events {
> use epoll;
> worker_connections 65535;
> }
>
>
> http {
> include /etc/nginx/mime.types;
> default_type application/octet-stream;
>
> log_format main '$remote_addr - $remote_user [$time_local] "$request"
> '
> '$status $body_bytes_sent "$http_referer" '
> '"$http_user_agent" "$http_x_forwarded_for"';
>
> access_log /var/log/nginx/access.log main;
>
> sendfile on;
> #tcp_nopush on;
>
> keepalive_timeout 65;
>
> #gzip on;
>
> include /etc/nginx/conf.d/*.conf;
> }
>
>
> stream {
>
> include /etc/nginx/xxxx.d/*.conf;
> }
>
> And the content in previous email is in xxxx.d/xxxx.conf
>
> There is no file under /etc/nginx/conf.d
>
>
> Thanks.
>
>
> -----邮件原件-----
> 发件人: nginx-bounces at nginx.org [mailto:nginx-bounces at nginx.org] 代表 Roman
> Arutyunyan
> 发送时间: 2015年6月11日 7:45
> 收件人: nginx at nginx.org
> 主题: Re: nginx plus with ssl on TCP load balance not work
>
> Hi,
>
> Could you provide the full config of the nginx/stream balancer?
>
> On 11 Jun 2015, at 09:29, huakaibird <nginx-forum at nginx.us> wrote:
>
>> Hi,
>>
>> I’m using nginx plus with ssl on TCP load balance, Configured like
>> the documentation, but it not work. (All the IP below is not
>> real-ip) I have web servers behind, I want to use ssl offloading, and
>> I choose TCP load balance. listen on 443 and proxy to web server's 80.
>>
>> Page access always report ERR_TOO_MANY_REDIRECTS.
>>
>> Error log
>> 2015/06/11 03:00:32 [error] 8362#0: *361 upstream timed out (110:
>> Connection timed out) while connecting to upstream, client: 10.0.0.1,
> server:
>> 0.0.0.0:443, upstream: "10.0.0.2:443", bytes from/to client:656/0,
>> bytes from/to upstream:0/0
>>
>> 10.0.0.2 this ip is the nginx ip, while it is used as upstream?
>>
>> The configuration is like this, remove the real ip
>>
>> server {
>> listen 80 so_keepalive=30m::10;
>> proxy_pass backend;
>> proxy_upstream_buffer 2048k;
>> proxy_downstream_buffer 2048k;
>>
>> }
>>
>> server {
>> listen 443 ssl;
>> proxy_pass backend;
>> #proxy_upstream_buffer 2048k;
>> #proxy_downstream_buffer 2048k;
>> ssl_certificate ssl/chained.crt;
>> #ssl_certificate ssl/4582cfef411bb.crt;
>> ssl_certificate_key ssl/zoomus20140410.key;
>> #ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
>> #ssl_ciphers HIGH:!aNULL:!MD5;
>> ssl_handshake_timeout 3s;
>> #ssl_session_cache shared:SSL:20m;
>> #ssl_session_timeout 4h;
>>
>> }
>>
>>
>> upstream backend {
>> server *.*.*.*:80;
>> server *.*.*.*:80;
>> }
>>
>>
>>
>> nginx -v
>> nginx version: nginx/1.7.11 (nginx-plus-r6-p1)
>>
>> And I’m using amazon linux
>> uname -a
>> Linux ip-*.*.*.* 3.14.35-28.38.amzn1.x86_64 #1 SMP Wed Mar 11
>> 22:50:37 UTC
>> 2015 x86_64 x86_64 x86_64 GNU/Linux
>>
>>
>> BTW, tcp how to set access log?
>>
>> Posted at Nginx Forum:
>> http://forum.nginx.org/read.php?2,259522,259522#msg-259522
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>
> --
> Roman Arutyunyan
>
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
--
Roman Arutyunyan
_______________________________________________
nginx mailing list
nginx at nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
More information about the nginx
mailing list