Listen to all, handle some

Hello,

I am trying to change our load balancing here from a quite unflexible
DNS loadbalancing to something more sophisticated.

I tried pound but was absolutely not content with it. Now I am trying
nginx, and even though the configuration seems to be a whole lot more
flexible and the possibilities way beyond those of pound I have one
problem again:

I need the server process to listen on all interfaces, but handle
several IP addresses separately. The reason that I:

Firstly need to listen to all interfaces is that I need to be able to
listen to dynamically assigned IP addresses which may or may not be at
the host by the time nginx starts. The only way to listen to an
interface that is not available is to listen to all interfaces.

Secondly need to handle different interfaces differently is that they
stand for different domain names and need to show different SSL
certificate. That cannot be handled name based, because the SSL
connection needs to be negotiated BEFORE the header with the server name
(or the GET statement) is transferred.

With Apache that’s no problem.
You say:

#The Apache will listen /only/ to *:443 but handle
#still handle 127.0.0.1:443 and 127.0.0.2:443
#completely different.
Listen 443
<VirtualHost 127.0.0.1:443>
#Show Certificate A

<VirtualHost 127.0.0.2:443>
#Show Certificate B

Now I tried something similiar with nginx, but it fails, because because
it tries to bind to the port 127.0.0.1:80 even though *:80 is already
reserved by itsself.
The “listen” statement has some quite sophisticated options. In
particular the “bind” statement can be used to force an actual bind. But
how can I prevent a “listen” statement from binding to that interface?

nginx test config

user www-data;

error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;

http {

Dummy Server - Should never get a request,

unless someone manages to send a request over

an IP Address that is not ment to be handled

by nginx.

server {
listen 80;
rewrite ^.* http://localhost/ permanent;
}
}

http{
upstream backend {
server 127.0.0.1:8080;
}

server {
listen 127.0.0.1:80 default;
server_name localhost;
location / {
proxy_pass http://backend;
}
}
}

nginx test config end

I found the answer myself already:
All I gotta do is to use a single one http { … } instead of two in the
example below.

Am Mittwoch, den 21.05.2008, 15:22 +0200 schrieb Björn Keil:

O/H Björn Keil έγραψε:

I need the server process to listen on all interfaces, but handle
connection needs to be negotiated BEFORE the header with the server name
#Show Certificate A
how can I prevent a “listen” statement from binding to that interface?
I had the same requirements and it worked quite as I expected it to.

—snip—
http {
server {
listen 1.2.3.4:80;
server_name www.server1.com;

}
server {
listen 2.3.4.5:80;
server_name www.server2.com;

}
server {
listen *:80;
server_name www.defaultserver.com;

}
}
—snip—

I don’t know if your order of directives prevents it from working but it
is fairly possible…
And it does bind to 0.0.0.0:80

Best Regards,
Thanos Chatziathanassiou

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs