Re: preserve client source address when proxying to upstream

Thanks for pointing me in the right direction, Maxim!

I’ve found a number of posts where people are discussing nginx acting as
listener at 0.0.0.0:80/0 for outbound traffic, making able the system to
review every outgoing packet. In this way nginx can act as transparent
proxy that do not perform destination address translation.

What I’m asking for is a special handling for inbound packets. I still
want
nginx to perform destination address translation, but I need to keep
original source address in the packet.

As far as I understood, both scenarios relies on using
IP_TRANSPARENT/IP_FREEBIND
on Linux as you mentioned previously.
While there’s no complete solution at the moment, I think that it’s
great
idea to add such functions in the future, at least in commercial version
of
nginx. From the other side, positioning nginx as ADC solution requires
to
give administrators more control over applications delivery and
translating
source/destination addresses/ports are just necessary options.


Vsevolod Petrov

2015-12-16 19:56 GMT+03:00 Maxim D. [email protected]:

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs