IP 和 Nginx 作为反向代理时出错 [英] Error with IP and Nginx as reverse proxy
问题描述
我将 Nginx 配置为简单的反向代理.
I configured my Nginx as simple reverse proxy.
我只是使用基本设置
location / {
proxy_pass foo.dnsalias.net;
proxy_pass_header Set-Cookie;
proxy_pass_header P3P;
}
问题是一段时间(几天)后,nginx 后面的站点无法访问.Indead nginx 尝试调用一个坏 ip(nginx 后面的站点在我家后面我的盒子里,我正在使用 dyn-dns,因为我的 ip 不是固定的).这个 dyn-dns 总是有效的(我可以直接调用我的网站)但由于不明原因,Nginx 陷入了困境..
The problem is that after some time (few days) the site behind nginx become unaccessible. Indead nginx try to call a bad ip (the site behind nginx is at my home behind my box and I'm a using a dyn-dns because my ip is not fixe). This dyn-dns is always valid (I can call my site directly) but for obscure reason Nginx get stuck with that..
如上所述,nginx 只是在一段时间后给我 504 Gateway Time-out.看起来错误是在我在家更改 ip 时出现的.以下是错误日志示例:
So as said, nginx just give me 504 Gateway Time-out after some time. It looks like the error come when my ip change at home. Here is a sample of error log:
[error] ... upstream timed out (110: Connection timed out) while connecting to upstream, client: my.current.ip, server: myreverse.server.com, request: "GET /favicon.ico HTTP/1.1", upstream: "http://my.old
.home.ip", host: "myreverse.server.com"
那么你知道为什么 nginx 使用 ip 而不是 DN 吗?
So do you know why nginx is using ip instead of the DN ?
推荐答案
如果 proxy_pass 值不包含变量,nginx 会在加载配置时将域名解析为 IP 并缓存它们,直到您重新启动/重新加载它.从性能的角度来看,这是完全可以理解的.
If the proxy_pass value doesn't contain variables, nginx will resolve domain names to IPs while loading the configuration and cache them until you restart/reload it. This is quite understandable from a performance point of view.
但是,在动态 DNS 记录更改的情况下,这可能不是我们想要的.因此,根据您拥有或不拥有的许可证,有两个选项可用.
But, in case of dynamic DNS record change, this may not be desired. So two options are available depending on the license you possess or not.
在这种情况下,使用上游块并指定需要使用特定解析器定期解析的域名.可以使用 valid=time 参数覆盖记录 TTL.server 指令的 resolve 参数将强制定期解析 DN.
In this case, use an upstream block and specify which domain name need to be resolved periodically using a specific resolver. Records TTL can be overriden using valid=time parameter. The resolve parameter of the server directive will force the DN to be resolved periodically.
http {
resolver X.X.X.X valid=5s;
upstream dynamic {
server foo.dnsalias.net resolve;
}
server {
server_name www.example.com;
location / {
proxy_pass http://dynamic;
...
}
}
}
此功能是在 Nginx+ 1.5.12 中添加的.
This feature was added in Nginx+ 1.5.12.
在这种情况下,您还需要一个自定义解析器,就像之前的解决方案一样.但是要解决上游不可用的解决方案,您需要在 proxy_pass 指令中使用一个变量.这样 nginx 也将使用解析器,遵守用 valid 参数指定的缓存时间.例如,您可以将域名用作变量:
In that case, you will also need a custom resolver as in the previous solution. But to workaround the unavailable upstream solution, you need to use a variable in your proxy_pass directive. That way nginx will use the resolver too, honoring the caching time specified with the valid parameter. For instance, you can use the domain name as a variable :
http {
resolver X.X.X.X valid=5s;
server {
server_name www.example.com;
set $dn "foo.dnsalias.net";
location / {
proxy_pass http://$dn;
...
}
}
}
然后,您可能需要添加一个 proxy_redirect 指令来处理重定向.
Then, you will likely need to add a proxy_redirect directive to handle redirects.
这篇关于IP 和 Nginx 作为反向代理时出错的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
