Nginx proxy_bind failing
# /opt/sbin/nginx -v
nginx version: nginx/1.19.2 (x86_64-pc-linux-gnu)
All:
I'm attempting to configure nginx to reverse proxy requests from the same Internal Host Address (192.168.0.2) that it's listening from.
user admin root;
#user nobody;
worker_processes 1;
events {
worker_connections 64;
}
http {
# HTTPS server
server {
listen 192.168.0.2:443 ssl;
server_name z1.fm;
ssl_certificate /etc/cert.pem;
ssl_certificate_key /etc/key.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
# root html;
# index index.html index.htm;
proxy_bind 192.168.0.2;
proxy_pass http://z1.fm;
# proxy_bind $server_addr;
# proxy_bind $host;
# proxy_bind 192.168.0.2 transparent;
}
}
}
I've tried changing the user admin root;
which is the root user for this router. I've tried using different combinations of proxy_bind 192.168.0.2;
, proxy_bind 192.168.0.2 transparent;
, proxy_bind $server_addr;
, and proxy_bind $server_addr transparent;
. None of them appear to work, when validating with tcpdump. nginx always uses the External WAN Address (100.64.8.236).
08:46:57.433138 In c8:1f:66:13:a1:11 (oui Unknown) ethertype IPv4 (0x0800), length 928: 192.168.0.154.50878 > 192.168.0.2.https: Flags [P.], seq 603:1475, ack 1582, win 8212, length 872
08:46:57.433138 In c8:1f:66:13:a1:11 (oui Unknown) ethertype IPv4 (0x0800), length 928: 192.168.0.154.50878 > 192.168.0.2.https: Flags [P.], seq 603:1475, ack 1582, win 8212, length 872
08:46:57.433324 Out c0:56:27:d1:b8:a4 (oui Unknown) ethertype IPv4 (0x0800), length 56: 192.168.0.2.https > 192.168.0.154.50878: Flags [.], ack 1475, win 541, length 0
08:46:57.433350 Out c0:56:27:d1:b8:a4 (oui Unknown) ethertype IPv4 (0x0800), length 56: 192.168.0.2.https > 192.168.0.154.50878: Flags [.], ack 1475, win 541, length 0
08:46:57.437523 Out c0:56:27:d1:b8:a4 (oui Unknown) ethertype IPv4 (0x0800), length 76: 100.64.8.236.52190 > 104.27.161.206.www: Flags [S], seq 2078181771, win 5840, options [mss 1460,sackOK,TS val 1582735 ecr 0,nop,wscale 4], length 0
08:46:57.439702 In 02:1f:a0:00:00:09 (oui Unknown) ethertype IPv4 (0x0800), length 68: 104.27.161.206.www > 100.64.8.236.52190: Flags [S.], seq 1779441095, ack 2078181772, win 65535, options [mss 1400,nop,nop,sackOK,nop,wscale 10], length 0
08:46:57.439885 Out c0:56:27:d1:b8:a4 (oui Unknown) ethertype IPv4 (0x0800), length 56: 100.64.8.236.52190 > 104.27.161.206.www: Flags [.], ack 1, win 365, length 0
08:46:57.440199 Out c0:56:27:d1:b8:a4 (oui Unknown) ethertype IPv4 (0x0800), length 902: 100.64.8.236.52190 > 104.27.161.206.www: Flags [P.], seq 1:847, ack 1, win 365, length 846: HTTP: GET / HTTP/1.0
08:46:57.442032 In 02:1f:a0:00:00:09 (oui Unknown) ethertype IPv4 (0x0800), length 62: 104.27.161.206.www > 100.64.8.236.52190: Flags [.], ack 847, win 66, length 0
08:46:57.451999 In 02:1f:a0:00:00:09 (oui Unknown) ethertype IPv4 (0x0800), length 1516: 104.27.161.206.www > 100.64.8.236.52190: Flags [.], seq 1:1461, ack 847, win 66, length 1460: HTTP: HTTP/1.1 403 Forbidden
08:46:57.452122 Out c0:56:27:d1:b8:a4 (oui Unknown) ethertype IPv4 (0x0800), length 56: 100.64.8.236.52190 > 104.27.161.206.www: Flags [.], ack 1461, win 548, length 0
08:46:57.452009 In 02:1f:a0:00:00:09 (oui Unknown) ethertype IPv4 (0x0800), length 564: 104.27.161.206.www > 100.64.8.236.52190: Flags [P.], seq 1461:1969, ack 847, win 66, length 508: HTTP
The reverse proxied requests make it to the destination and back, but using the External WAN Address (100.64.8.236) and not the Internal Host Address (192.168.0.2).
Any ideas?
Thanks!
Gary
from Recent Questions - Stack Overflow https://ift.tt/34BlUlT
https://ift.tt/eA8V8J
Comments
Post a Comment