IP和Nginx作为反向代理错误 [英] Error with IP and Nginx as reverse proxy
问题描述
我将Nginx配置为简单的反向代理。
I configured my Nginx as simple reverse proxy.
我只是使用基本设置
location / {
proxy_pass foo.dnsalias.net;
proxy_pass_header Set-Cookie;
proxy_pass_header P3P;
}
问题是经过一段时间(几天),nginx背后的网站变成不可访问。 Indead nginx尝试调用一个坏的ip(nginx后面的网站在我的家后面我的盒子,我是一个使用dyn-dns,因为我的ip没有修复)。这个dyn-dns总是有效的(我可以直接调用我的网站),但是由于隐含的原因,Nginx被卡住了。
The problem is that after some time (few days) the site behind nginx become unaccessible. Indead nginx try to call a bad ip (the site behind nginx is at my home behind my box and I'm a using a dyn-dns because my ip is not fixe). This dyn-dns is always valid (I can call my site directly) but for obscure reason Nginx get stuck with that..
所以说,nginx只是给我504网关超时一段时间后。当我的ip在家里改变时,看起来像错误来了。
以下是错误日志的示例:
So as said, nginx just give me 504 Gateway Time-out after some time. It looks like the error come when my ip change at home. Here is a sample of error log:
[error] ... upstream timed out (110: Connection timed out) while connecting to upstream, client: my.current.ip, server: myreverse.server.com, request: "GET /favicon.ico HTTP/1.1", upstream: "http://my.old
.home.ip", host: "myreverse.server.com"
你知道为什么nginx使用ip而不是DN?
So do you know why nginx is using ip instead of the DN ?
推荐答案
如果 proxy_pass 不包含变量,nginx将在加载配置时将域名解析为IP,并将其缓存直到重新启动/重新加载。从性能的角度来看,这是可以理解的。
If the proxy_pass value doesn't contain variables, nginx will resolve domain names to IPs while loading the configuration and cache them until you restart/reload it. This is quite understandable from a performance point of view.
但是,如果动态DNS记录更改,则可能不需要。根据您拥有的许可证,有两个选项可用。
But, in case of dynamic DNS record change, this may not be desired. So two options are available depending on the license you possess or not.
这种情况下,使用上游块,并指定需要使用特定解析器定期解析哪个域名。记录TTL可以使用 valid = time 参数覆盖。 c
In this case, use an upstream block and specify which domain name need to be resolved periodically using a specific resolver. Records TTL can be overriden using valid=time parameter. The resolve parameter of the server directive will force the DN to be resolved periodically.
http {
resolver X.X.X.X valid=5s;
upstream dynamic {
server foo.dnsalias.net resolve;
}
server {
server_name www.example.com;
location / {
proxy_pass http://dynamic;
...
}
}
}
此功能已添加到Nginx + 1.5.12。
This feature was added in Nginx+ 1.5.12.
在这种情况下,您还需要像以前的解决方案一样的自定义解析器。但是要解决不可用的上游解决方案,您需要在 proxy_pass 指令中使用变量。这样,nginx也将使用解析器,以履行使用有效参数指定的缓存时间。例如,您可以使用域名作为变量:
In that case, you will also need a custom resolver as in the previous solution. But to workaround the unavailable upstream solution, you need to use a variable in your proxy_pass directive. That way nginx will use the resolver too, honoring the caching time specified with the valid parameter. For instance, you can use the domain name as a variable :
http {
resolver X.X.X.X valid=5s;
server {
server_name www.example.com;
set $dn "foo.dnsalias.net";
location / {
proxy_pass http://$dn;
...
}
}
}
然后,您可能需要添加一个 proxy_redirect 指令来处理重定向。
Then, you will likely need to add a proxy_redirect directive to handle redirects.
这篇关于IP和Nginx作为反向代理错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
