Welcome! Log In Create A New Profile

Advanced

Load Balancing NTLM over HTTP with NGINX

Michael B Allen
November 18, 2022 10:32PM
Hi,

NTLM over HTTP is a 3 request "handshake" that must occur over the same TCP
connection.
My HTTP service implements the NTLMSSP acceptor and uses the clients remote
address and port like "10.11.12.13:54433" to track the authentication state
of each TCP connection.

My implementation also uses a header called 'Jespa-Connection-Id' that
allows the remote address and port to be supplied externally.
NGINX can use this to act as a proxy for NTLM over HTTP with a config like
the following:

server {
location / {
proxy_pass http://localhost:8080;
proxy_set_header Jespa-Connection-Id $remote_addr:$remote_port;
}
}

This works fine.

Now I want to load balance NTLM through NGINX. For this I used the
following:

upstream backend {
ip_hash;
server localhost:8080;
server localhost:8081;
}

server {
location / {
proxy_pass http://backend;
proxy_set_header Jespa-Connection-Id $remote_addr:$remote_port;
}
}

This also seems to work fine but I have doubts.
Can NGINX use the same TCP connection to a backend server to send requests
of different client connections?

From what I can tell, NGINX seems to create a separate TCP connection for
each request.
If this is always true, then it seems this scheme should work.
Can you please confirm that this is how NGINX works?

More generally, do you see any problems with this scheme?

I'm not fluent in NGINX but I want to document this as a possible solution
for my users.

Thanks,
Mike

--
Michael B Allen
Java AD DS Integration
http://www.ioplex.com/
_______________________________________________
nginx mailing list -- nginx@nginx.org
To unsubscribe send an email to nginx-leave@nginx.org
Subject Author Posted

Load Balancing NTLM over HTTP with NGINX

Michael B Allen November 18, 2022 10:32PM

Re: Load Balancing NTLM over HTTP with NGINX

Michael B Allen November 19, 2022 12:14PM

Re: Load Balancing NTLM over HTTP with NGINX

Maxim Dounin November 19, 2022 04:04PM

Re: Load Balancing NTLM over HTTP with NGINX

Michael B Allen November 19, 2022 07:38PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 91
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready