Welcome! Log In Create A New Profile

Advanced

Multiple Wan IP Addresses, Single LAN IP Address

Previous Message Next Message
Forum List Message List New Topic Print View
reference123
June 11, 2010 12:53AM
We are using NGINX .7.6 as a reverse proxy to an IIS webserver. We are trying to serve our images from a separate domain and IP that proxies to the same IIS root as the primary website. Both IP addresses are on the same subnet. The primary domain is on 67.111.111.1 and the image domain is on 67.111.111.12.

The NGINX config related to these two sites is as follows -

upstream primary_com {
server 10.1.1.2 weight=10 max_fails=3 fail_timeout=30s;
server 10.1.1.1 weight=1 backup;


}

upstream primary_com_ssl {
server 10.1.1.2:443 weight=10 max_fails=3 fail_timeout=30s;
server 10.1.1.1:443 weight=1 backup;

}


server {
listen 80;
server_name 67.111.111.1
primary.com
www.primary.com;




access_log /var/log/nginx/primary.access.log;



location / {
proxy_pass http://primary_com;


}



}



server {
listen 443;
server_name 67.111.111.1
primary.com
www.primary.com;

access_log /var/log/nginx/primary.ssl.access.log;
error_log /var/log/nginx/primary.ssl.error.log;

ssl on;
ssl_certificate /etc/ssl/primary/disccert.pem;
ssl_certificate_key /etc/ssl/primary/disckey.pem;


ssl_ciphers ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP;
ssl_protocols SSLv3 TLSv1;


location / {
proxy_pass https://primary_com_ssl;
}


}

upstream images_com {
server 10.1.1.2 weight=10 max_fails=3 fail_timeout=30s;
server 10.1.1.1 weight=1 backup;
}

server {
listen 80;
server_name 67.111.111.12
www.images.com
1.images.com
2.images.com
3.images.com;

access_log /var/log/nginx/images.access.log;


## Only requests to our Host are allowed
if ($host !~ ^(images.com|www.images.com|1.images.com|2.images.com|3.images.com|4.images.com)$ ) {
return 444;
}


location ~* (\.jpg|\.png|\.gif|\.css)$ {

valid_referers
none
blocked
images.com
www.images.com
images.com
www.images.com
1.images.com
2.images.com
3.images.com
4.images.com;

if ($invalid_referer) {
return 444;
}



proxy_cache_valid 200 301 302 1480m;
expires 10d;
proxy_cache dci;
proxy_cache_use_stale error timeout invalid_header updating;
proxy_pass http://images_com;
}

When images are pulled through the images domain the rendering of the images slows considerably. I am sure it is not related to the line speed, latency, or dns servers. It appears there is something happening on the proxy side either in pulling the images from the backend server or in its attempt to respond to the outside request. Is there anything that needs to be done in the upstream or listen section to make this process efficient?
Reply Quote
RSS
Subject Author Posted

Multiple Wan IP Addresses, Single LAN IP Address

reference123 June 11, 2010 12:53AM

Re: Multiple Wan IP Addresses, Single LAN IP Address

Peter Portante June 11, 2010 03:00AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 202
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready