Hey Guys,
Question, How can you create an nginx proxy server so it uses
x-forward-header to load balance connections to its downstream web
servers?
Im using a nginx load balancer and attaching x-forward-header down to
the load balaning farm which is using ipvs/keepalived which then load
balances the traffic locally to a iis / apache cluster
issue is that from my nginx proxy to the ipvs LB as i use SNAT and the
ipvs is only layer4. When a client re-establishes his connection
though the nginx proxy, the system will change its src ip at random
and if there was previously another connection using that
src_ip:dst_port, then the IPVS will assign it to the new user…
session jacking
I am thinking that the issue could be solved by placing an nginx load
balancer in front of the ipvs and allowing nginx to load balance
traffic based on the x-forward-header… however, this is something
that I am not sure how to do.
any insight would greatly be appreciated