Need help regarding DSR with NGINX - not working as expected
Rajen Patel
rvambani1991 at gmail.com
Fri Aug 27 20:12:41 UTC 2021
here are my setup details for the k8s cluster:
Nginx running as UDP proxy
nginx.conf: |
user root;
worker_processes 1;
events {
worker_connections 10240;
}
http {
server {
listen 80;
server_name localhost;
location / {
root /usr/share/nginx/html; #Change this line
index index.html index.htm;
}
}
}
stream {
server {
listen *4729 udp;*
proxy_pass j_close_stream_backend;
proxy_responses 0;
error_log stderr;
proxy_bind $remote_addr:$remote_port transparent;
}
upstream juniper_close_stream_backend {
server* 10.244.72.169:4729 <http://10.244.72.169:4729>*;
}
}
---------------------------------------------------
nginx-> client service(*10.244.72.169:4729 <http://10.244.72.169:4729>*)
*Nginx running as Kubernetes Daemonset as follows:*
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: nginx-daemonset
template:
metadata:
creationTimestamp: null
labels:
app: nginx
spec:
containers:
- image: nginx:1.14.2
imagePullPolicy: IfNotPresent
name: nginx
ports:
- containerPort: 80
protocol: TCP
resources: {}
here nginx works fine and is able to preserve source IP and also forward
spoofed IP. however client service is not able to receive any traffic.
I believe there is some issue with iptables but don't know how to trace
this issue.
Your help is much appreciated.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20210827/5ea3221f/attachment.htm>
More information about the nginx
mailing list