Hi, I'm the new one ;-)
I use nginx as a reverse proxy in the following configuration: Ubuntu 22.04, nginx 1.18.0, access to two web services on host A and host B, which are accessible via https://a.foo.com:8443 and https://b.foo.com:8443 respectively. Nginx “routes” these to 10.1.1.10:8080 and 10.1.1.20:8080 internally and provides certificate termination. The important parts of the configuration file are attached. Everything works, but:
The problem is that the web services have a much slower behavior than when I use direct port routing with DNAT (iptables firewall without nginx): a.foo.com:8443 to 10.1.1.10:8443 and b.foo.com:8444 to 10.1.1.20:8444 . Up to 5 s response time compared to less than 1 s with DNAT only.
Nevertheless, I have to use the same port in both cases, which is only possible with a reverse proxy - that's why I want to use nginx.
Does anyone have an idea how to improve the performance of nginx in this case?