Hi Francis

Thanks for the detail. And you're quite right the issue had nothing to
do with NGINX, it was the loadbalancer out in front of NGINX.

Cheers

Phillip

On 3/20/20 10:43 AM, Francis Daly wrote:
> On Fri, Mar 20, 2020 at 09:57:40AM -0400, Phillip Odam wrote:
>
> Hi there,
>
>> I'm looking for when a client establishes a TCP connection to an IP and
>> port, that NGINX is listening on, that NGINX, without waiting on data being
>> transmitted from the client to NGINX, would establish a TCP connection to
>> the upstream.
> What happened when you tried it?
>
> A quick test here of "nc -l 9005", plus nginx.conf with
>
> ==
> stream {
> server {
> listen 9001;
> proxy_pass 127.0.0.3:9005;
> }
> }
> ==
>
> and "tcpdump -nn -i any -X -s 0 port 9005 or port 9001", seems to show
> that "nc localhost 9001" leads to a tcp handshake involving port 9001
> (from the client to nginx) and a tcp handshake involving port 9005
> (from nginx to the upstream).
>
>> Trouble with this though, NGINX then can't fully support reverse proxying
>> protocols where the server provides a response upon TCP connection eg. SSH2,
>> MySQL. You're instead dependent on the client handling the lack of initial
>> server response and that after the client sends its first lot of data it'll
>> then receive the server's initial response.
> Do you have a specific test case that shows this problem?
>
> ==
> stream {
> server {
> listen 9001;
> proxy_pass 127.0.0.3:22;
> }
> }
> ==
>
> and "ssh -v -p 9001 localhost" would seem to indicate that it Just Works.
>
> Perhaps my testing is wrong?
>
> f
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx