NGinx Load Balancing


#1

Hey Guys,

Question, How can you create an nginx proxy server so it uses
x-forward-header to load balance connections to its downstream web
servers?
Im using a nginx load balancer and attaching x-forward-header down to
the load balaning farm which is using ipvs/keepalived which then load
balances the traffic locally to a iis / apache cluster

issue is that from my nginx proxy to the ipvs LB as i use SNAT and the
ipvs is only layer4. When a client re-establishes his connection
though the nginx proxy, the system will change its src ip at random
and if there was previously another connection using that
src_ip:dst_port, then the IPVS will assign it to the new user…
session jacking

I am thinking that the issue could be solved by placing an nginx load
balancer in front of the ipvs and allowing nginx to load balance
traffic based on the x-forward-header… however, this is something
that I am not sure how to do.

any insight would greatly be appreciated


#2

On Thu, Apr 30, 2009 at 11:29 AM, Payam C. removed_email_address@domain.invalid
wrote:

ipvs is only layer4. When a client re-establishes his connection
any insight would greatly be appreciated


Payam Tarverdyan Chychi
Network Security Specialist / Network Engineer

Any ideas? I would greatly appreciate any insight

Thanks,


#3

Maybe this entry will give you some information. And it’s in Chinese,
but I
think the source codes at this entry will enough for you to understand
it .
http://www.libing.name/2008/12/30/nginx-ip-hash.html[?]