Welcome! Log In Create A New Profile

Advanced

Re: nginx + ip_nonlocal_bind

May 01, 2009 03:38AM
On Fri, May 01, 2009 at 05:27:10PM +1000, Tristan Griffiths wrote:

> > -----Original Message-----
> > From: owner-nginx@sysoev.ru [mailto:owner-nginx@sysoev.ru] On Behalf
> Of
> > Igor Sysoev
> > Sent: Friday, 1 May 2009 4:50 PM
> > To: nginx@sysoev.ru
> > Subject: Re: nginx + ip_nonlocal_bind
> >
> > On Fri, May 01, 2009 at 04:26:55PM +1000, Tristan Griffiths wrote:
> >
> > > Greetings.
> > >
> > > We would like to setup our Nginx instances in a HA pair. Using
> > > Heartbeat, we have Nginx listening on virtual addresses on the
> active
> > > server.
> > >
> > > On the passive server, we cannot get Nginx to start up because those
> > > virtual (or floating) address are not configured on the server until
> > > Heartbeat detects a failover condition.
> > >
> > > Is Nginx able to bind to a non-local IP address? We've tried setting
> > the
> > > ip_nonlocal_bind kernel option with no luck.
> > >
> > > Some important information:
> > >
> > > # nginx -v
> > > nginx version: nginx/0.7.53
> > >
> > > Starting nginx: [emerg]: bind() to 213.167.72.152:80 failed (98:
> > Address
> > > already in use)
> >
> > This is because another process is laready listen on this
> address:port.
> >
> > > CentOS 5.3
> > >
> > > <config>
> > > server {
> > > listen 213.167.72.152:80 default;
> > > </config>
> > >
> > > Any other settings we should provide?
> >
> > To listen on temporarily non configured addresses you may use
> something
> > like this:
> >
> > server {
> > listen 80;
> > }
> >
> > server {
> > listen 213.167.72.152:80 default;
> > ...
> > }
> >
> > server {
> > listen 213.167.72.1:80 default;
> > ...
> > }
> >
> > nginx binds to *:80 only, but tests an address where a request comes
> > to.
>
> Hadn't tried that. Works a treat.
>
> Hope this helps someone else in future.

OK, however, with ip_nonlocal_bind nginx should bind() successfully
even to non existent addresses. You should look why bind() returned
(98: Address already in use).

> For SSL hosts, would we just "listen 443; ssl on;" (with a dummy
> certificate)?

Yes. Or you may combine SSL/non-SSL servers in one server:

server {
listen 80;
listen 443 default ssl;


--
Igor Sysoev
http://sysoev.ru/en/
Subject Author Posted

nginx + ip_nonlocal_bind

Tristan Griffiths May 01, 2009 02:26AM

Re: nginx + ip_nonlocal_bind

mike May 01, 2009 02:33AM

RE: nginx + ip_nonlocal_bind

Tristan Griffiths May 01, 2009 03:00AM

Re: nginx + ip_nonlocal_bind

mike May 01, 2009 03:18AM

Re: nginx + ip_nonlocal_bind

Igor Sysoev May 01, 2009 02:50AM

RE: nginx + ip_nonlocal_bind

Tristan Griffiths May 01, 2009 03:27AM

Re: nginx + ip_nonlocal_bind

Igor Sysoev May 01, 2009 03:38AM

RE: nginx + ip_nonlocal_bind

Tristan Griffiths May 01, 2009 06:00AM

RE: nginx + ip_nonlocal_bind

Tristan Griffiths May 01, 2009 07:01AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 102
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready