server_name ignored #25

Open
IronSight87 opened this Issue Feb 12, 2012 · 12 comments

Projects

None yet

5 participants

@IronSight87

Hey guys,

Is it possible that the server_name directive in the server directive is be ignored?

If I write something like:

tcp {
upstream cluster {
server 127.0.0.1:8000;

    check interval=3000 rise=2 fall=5 timeout=1000;
}   

server {
    listen 9000;
    server_name test.example.com;

    tcp_nodelay on;
    proxy_pass cluster;
}

}

The server is reachable by test.example.com:9000, test2.example.com:9000 and all other subdomains and the main domain.

@yaoweibin
Owner

Yes, It should be ignored with latest code in the master branch. Is it?

On 2012-2-12 18:13, TheRock1987 wrote:

Hey guys,

Is it possible that the server_name directive in the server directive is be ignored?

If I write something like:

tcp {
upstream cluster {
server 127.0.0.1:8000;

     check interval=3000 rise=2 fall=5 timeout=1000;
 }

 server {
     listen 9000;
     server_name test.example.com;

     tcp_nodelay on;
     proxy_pass cluster;
 }

}

The server is reachable by test.example.com:9000, test2.example.com:9000 and all other subdomains and the main domain.


Reply to this email directly or view it on GitHub:
#25

@IronSight87

I checked out the latest code. But how can I now respond to a specific host (server_name)?

@yaoweibin
Owner

You can change your host file, add the custom host name mapping to your
server ip.

Or use tool like wget:

wget --header="Host: your_server_name"
http://your_server_ip:your_server_port/

On 2012-2-12 19:56, TheRock1987 wrote:

I checked out the latest code. But how can I now respond to a specific host (server_name)?


Reply to this email directly or view it on GitHub:
#25 (comment)

@pmarques
pmarques commented Mar 1, 2012

Hi,
I'm getting the same problem here, you refer that it is ignored in the master version, right? Is there any version with it working?
Thanks in advance

@yaoweibin
Owner

Yes, you can use the develop branch:https://github.com/yaoweibin/nginx_tcp_proxy_module/tree/develop. The 'server_name' is meaningful.

@jreedy
jreedy commented May 31, 2012

On the develop branch, is server_name in the server section supposed to be honored? I want to proxy multiple tcp services on the same port and have nginx choose the upstream server based on the server_name the same way that http proxying works.

something like this:
tcp {
access_log /var/log/nginx/tcp-proxy-access.log
upstream test-postgres {
server testdb.remotehost.net:5432;

check interval=3000 rise=2 fall=5 timeout=1000;

}
server {
server_name db-test;
listen 5431;
proxy_pass test-postgres;
}
upstream local-postgres {
server localhost:5432;

check interval=3000 rise=2 fall=5 timeout=1000;

}
server {
server_name db-local;
listen 5431;
proxy_pass local-postgres;
}
}

Am I trying to use server_name incorrectly, or is this a bug?

currently, with this configuration, the first upstream server is always chosen.

@yaoweibin
Owner

Hi, Jreedy,

Is the request HTTP protocol? If it is, you can use the websocket
module: https://github.com/yaoweibin/nginx_tcp_proxy_module/wiki/websocket.

This module is also in the develop branch.

On 2012/6/1 0:58, jreedy wrote:

On the develop branch, is server_name in the server section supposed to be honored? I want to proxy multiple tcp services on the same port and have nginx choose the upstream server based on the server_name the same way that http proxying works.

something like this:
tcp {
access_log /var/log/nginx/tcp-proxy-access.log
upstream test-postgres {
server testdb.remotehost.net:5432;

 check interval=3000 rise=2 fall=5 timeout=1000;

}
server {
server_name db-test;
listen 5431;
proxy_pass test-postgres;
}
upstream local-postgres {
server localhost:5432;

 check interval=3000 rise=2 fall=5 timeout=1000;

}
server {
server_name db-local;
listen 5431;
proxy_pass local-postgres;
}
}

Am I trying to use server_name incorrectly, or is this a bug?

currently, with this configuration, the first upstream server is always chosen.


Reply to this email directly or view it on GitHub:
#25 (comment)

@jreedy
jreedy commented Jun 1, 2012

No, I'm trying to proxy tcp traffic. Specifically, I'd like to be able to proxy multiple database connections, and I don't want to have to use different ports. Is this not currently possible with non-http traffic?

@yaoweibin
Owner

On 2012-6-2 2:29, jreedy wrote:

No, I'm trying to proxy tcp traffic. Specifically, I'd like to be able to proxy multiple database connections, and I don't want to have to use different ports. Is this not currently possible with non-http traffic?


Reply to this email directly or view it on GitHub:
#25 (comment)
No, This module can't parse the data except HTTP protocol. If you use a
special DB procotol, how do I know which DB would yo want to connect?

@jgn
jgn commented Jun 3, 2012

This may be related.

I am using server_name in both my http {} blocks, and tcp {} for two different server_names, both using 443, and am getting bind errors on startup.

I'm using the develop branch.

Note that I do have the two different host names defined in DNS.

$ sudo service nginx start
Starting nginx: nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] still could not bind()
                                                           [FAILED]
$ nginx -V
nginx: nginx version: nginx/1.0.5
nginx: built by gcc 4.4.6 20110731 (Red Hat 4.4.6-3) (GCC) 
nginx: TLS SNI support enabled
nginx: configure arguments: --with-http_ssl_module --with-http_realip_module --with-http_gzip_static_module --with-cc-opt=-Wno-error --add-module=/tmp/nginx_tcp_proxy_module --add-module=/opt/ruby/lib/ruby/gems/1.9.1/gems/passenger-3.0.8/ext/nginx --prefix=/opt/nginx --user=nobody

Conf (this is a puppet template - that's what the <%= %> stuff is):

http {
  passenger_root /opt/ruby/lib/ruby/gems/1.9.1/gems/passenger-3.0.8;
  passenger_ruby /opt/ruby/bin/ruby;
  passenger_max_pool_size  6;
  passenger_min_instances  6;
  passenger_pool_idle_time 0;

  include mime.types;
  default_type application/octet-stream;
  sendfile on;

  client_max_body_size 4M;

  keepalive_timeout  65;

  server {
    server_name <%= rails_environment %>.someapp.com;
    listen 80;
    root /home/deployer/apps/icis/<%= rails_environment %>/current/public;
    access_log /var/www/<%= rails_environment %>.someapp.com/logs/access.log;
    passenger_enabled on;
    rails_env <%= rails_environment %>;
  }

  server {
    server_name <%= rails_environment %>.someapp.com;
    listen 443;
    root /home/deployer/apps/icis/<%= rails_environment %>/current/public;
    access_log /var/www/<%= rails_environment %>.someapp.com/logs/access.log;
    passenger_enabled on;
    rails_env <%= rails_environment %>;

    if (-f $document_root/system/maintenance.html) {
      rewrite ^(.*)$ /system/maintenance.html break;
    }

    ssl on;
    ssl_certificate     /etc/ssl/certs/STAR_someapp_com.crt;
    ssl_certificate_key /etc/ssl/certs/STAR_someapp_com.key;

    ssl_session_timeout 5m;

    ssl_protocols SSLv2 SSLv3 TLSv1;
    ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    ssl_prefer_server_ciphers on;
  }
}

tcp {
  upstream websockets {
    server 127.0.0.1:<%= faye_port %>;
    check interval=3000 rise=2 fall=5 timeout=1000;
  }   

  server {
    server_name faye<%= rails_environment %>.someapp.com;
    listen 443;

    so_keepalive on;
    tcp_nodelay on;

    proxy_pass websockets;

    ssl on;
    ssl_certificate     /etc/ssl/certs/STAR_someapp_com.crt;
    ssl_certificate_key /etc/ssl/certs/STAR_someapp_com.key;

    ssl_session_timeout 5m;

    ssl_protocols SSLv2 SSLv3 TLSv1;
    ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    ssl_prefer_server_ciphers on;
  }
}

http {
  server {
    listen 9000;

    location /websocket_status {
      check_status;
    }
  }
}
@yaoweibin
Owner

On 2012/6/3 17:22, John Norman wrote:

tcp {
upstream websockets {
server 127.0.0.1:<%= faye_port %>;
check interval=3000 rise=2 fall=5 timeout=1000;
}

server {
server_name faye<%= rails_environment %>.someapp.com;
listen 443;
You can't use the same IP and the same port with HTTP and TCP block.
Maybe you should use a different IP with the TCP block? Nginx can't
distinguish two different server name before entering the HTTP block.

 so_keepalive on;
 tcp_nodelay on;

 proxy_pass websockets;

 ssl on;
 ssl_certificate     /etc/ssl/certs/STAR_someapp_com.crt;
 ssl_certificate_key /etc/ssl/certs/STAR_someapp_com.key;

 ssl_session_timeout 5m;

 ssl_protocols SSLv2 SSLv3 TLSv1;
 ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
 ssl_prefer_server_ciphers on;

}
}

http {
server {
listen 9000;

 location /websocket_status {
   check_status;
 }

}
}


---
Reply to this email directly or view it on GitHub:
https://github.com/yaoweibin/nginx_tcp_proxy_module/issues/25#issuecomment-6084121
@jgn
jgn commented Jun 6, 2012

Thanks! I discovered that on my own about an hour after posting my question -- by reading the documentation!

(I missed: "You can't use the same listening port with HTTP modules.")

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment