Nginx proxy_bind failing

# /opt/sbin/nginx -v
nginx version: nginx/1.19.2 (x86_64-pc-linux-gnu)

All:

I'm attempting to configure nginx to reverse proxy requests from the same Internal Host Address (192.168.0.2) that it's listening from.

user admin root;
#user nobody;
worker_processes  1;

events {
    worker_connections  64;
}

http {
    # HTTPS server

    server {
        listen       192.168.0.2:443 ssl;
        server_name  z1.fm;

        ssl_certificate      /etc/cert.pem;
        ssl_certificate_key  /etc/key.pem;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

        location / {
    #        root   html;
    #        index  index.html index.htm;
            proxy_bind 192.168.0.2;
            proxy_pass http://z1.fm;
    #        proxy_bind $server_addr;
    #        proxy_bind $host;
    #        proxy_bind 192.168.0.2 transparent;
        }
    }
}

I've tried changing the user admin root; which is the root user for this router. I've tried using different combinations of proxy_bind 192.168.0.2;, proxy_bind 192.168.0.2 transparent;, proxy_bind $server_addr;, and proxy_bind $server_addr transparent;. None of them appear to work, when validating with tcpdump. nginx always uses the External WAN Address (100.64.8.236).

08:46:57.433138  In c8:1f:66:13:a1:11 (oui Unknown) ethertype IPv4 (0x0800), length 928: 192.168.0.154.50878 > 192.168.0.2.https: Flags [P.], seq 603:1475, ack 1582, win 8212, length 872
08:46:57.433138  In c8:1f:66:13:a1:11 (oui Unknown) ethertype IPv4 (0x0800), length 928: 192.168.0.154.50878 > 192.168.0.2.https: Flags [P.], seq 603:1475, ack 1582, win 8212, length 872
08:46:57.433324 Out c0:56:27:d1:b8:a4 (oui Unknown) ethertype IPv4 (0x0800), length 56: 192.168.0.2.https > 192.168.0.154.50878: Flags [.], ack 1475, win 541, length 0
08:46:57.433350 Out c0:56:27:d1:b8:a4 (oui Unknown) ethertype IPv4 (0x0800), length 56: 192.168.0.2.https > 192.168.0.154.50878: Flags [.], ack 1475, win 541, length 0
08:46:57.437523 Out c0:56:27:d1:b8:a4 (oui Unknown) ethertype IPv4 (0x0800), length 76: 100.64.8.236.52190 > 104.27.161.206.www: Flags [S], seq 2078181771, win 5840, options [mss 1460,sackOK,TS val 1582735 ecr 0,nop,wscale 4], length 0
08:46:57.439702  In 02:1f:a0:00:00:09 (oui Unknown) ethertype IPv4 (0x0800), length 68: 104.27.161.206.www > 100.64.8.236.52190: Flags [S.], seq 1779441095, ack 2078181772, win 65535, options [mss 1400,nop,nop,sackOK,nop,wscale 10], length 0
08:46:57.439885 Out c0:56:27:d1:b8:a4 (oui Unknown) ethertype IPv4 (0x0800), length 56: 100.64.8.236.52190 > 104.27.161.206.www: Flags [.], ack 1, win 365, length 0
08:46:57.440199 Out c0:56:27:d1:b8:a4 (oui Unknown) ethertype IPv4 (0x0800), length 902: 100.64.8.236.52190 > 104.27.161.206.www: Flags [P.], seq 1:847, ack 1, win 365, length 846: HTTP: GET / HTTP/1.0
08:46:57.442032  In 02:1f:a0:00:00:09 (oui Unknown) ethertype IPv4 (0x0800), length 62: 104.27.161.206.www > 100.64.8.236.52190: Flags [.], ack 847, win 66, length 0
08:46:57.451999  In 02:1f:a0:00:00:09 (oui Unknown) ethertype IPv4 (0x0800), length 1516: 104.27.161.206.www > 100.64.8.236.52190: Flags [.], seq 1:1461, ack 847, win 66, length 1460: HTTP: HTTP/1.1 403 Forbidden
08:46:57.452122 Out c0:56:27:d1:b8:a4 (oui Unknown) ethertype IPv4 (0x0800), length 56: 100.64.8.236.52190 > 104.27.161.206.www: Flags [.], ack 1461, win 548, length 0
08:46:57.452009  In 02:1f:a0:00:00:09 (oui Unknown) ethertype IPv4 (0x0800), length 564: 104.27.161.206.www > 100.64.8.236.52190: Flags [P.], seq 1461:1969, ack 847, win 66, length 508: HTTP

The reverse proxied requests make it to the destination and back, but using the External WAN Address (100.64.8.236) and not the Internal Host Address (192.168.0.2).

Any ideas?

Thanks!

Gary



from Recent Questions - Stack Overflow https://ift.tt/34BlUlT
https://ift.tt/eA8V8J

Comments

Popular posts from this blog

Today Walkin 14th-Sept

Spring Elasticsearch Operations

Hibernate Search - Elasticsearch with JSON manipulation