Welcome! Log In Create A New Profile

Advanced

Re: Adding a fd that is not obtained through accept to the list the active connections

Phillip Odam
August 27, 2021 07:12AM
Hi Ottavio

I get you now, you’re trying to find a way for the remote server to get
through your NAT router. Who controls the remote server? Because even if
you initiate the TCP connection to it unless it ‘knows’ to make an HTTP
request back nothings going to happen.

The simplest approach for getting through your NAT would be to just setup a
port forward, any particular qualms with that? It can be shied away from
for security but managed properly it’s a perfectly acceptable approach.

As an aside, these guys wrote up a brilliant piece on punching holes
through two NATs (the public sides each facing each other over the
internet) https://tailscale.com/blog/, at a quick glance I couldn’t spot
the particular post.

Cheers
Phillip

On Friday, August 27, 2021, Ottavio Campana <ottavio@campana.vi.it> wrote:

> Dear Phillip,
>
> I think it is not what I am trying to do (or I did not completely
> understand your solution).
>
> As far as I understand, when nginx dispatches a request it checks if it is
> a file or, among others, something that can be retrieved from an upstream..
> But upstreams act as clients, they do accept requests coming from the
> remote server.
>
> My goal is to have a connection to a remote server that is somehow started
> by the nginx, but then the connection is reversed, the "upstream" makes
> requests and nginx responds.
>
> Is there a way to achieve this with upstreams?
>
> Thank you,
>
> Ottavio
>
> Il giorno gio 26 ago 2021 alle ore 21:58 Phillip Odam <
> phillip.odam@nitorgroup.com> ha scritto:
>
>> Hi Ottavio
>>
>> I’m probably overlooking something in the description of what you want
>> but I think NGINX out of the box provides you with what you want.
>>
>> Here’s an example of one I’ve implemented.
>>
>> A software project I don’t develop retrieves dependencies from w3.org
>> (it’s a SOAP web service that retrieves a remote XSD)
>>
>> The trouble with depending on a file sourced from w3.org is that if the
>> file is requested too frequently w3.org will rate limit your requests.
>>
>> One solution would be to store the XSD in the web service but that’d
>> require changing the application.
>>
>> I chose to run an NGINX where it’s upstream was configured to point at
>> w3.org and to avoid needlessly retrieving the same content repeatedly a
>> cache was used.
>>
>> So the NGINX was listening on local host in this case and for the backend
>> it was connecting to whatever w3.org resolves to. And so no changes were
>> needed in the app I changed the servers hosts file to point w3.org to
>> localhost. This isn’t a problem for NGINX to connect to w3.org as the
>> w3.org IP was hard coded in the upstream.
>>
>> And NGINX’s built in connection counting works with this.
>>
>> Barring the cache is this what you’re describing you want?
>>
>> Phillip
>>
>> On Thursday, August 26, 2021, Ottavio Campana <ottavio@campana.vi.it>
>> wrote:
>>
>>> Hello,
>>>
>>> I want to write a module for an nginx that runs on a device with a
>>> private IP address and behind NAT, connects to a remote server and adds the
>>> newly created connection to the list of connections handled by nginx. At
>>> this point the remote server will invert the connection and start making
>>> requests.
>>>
>>> I tried studying the documentation on nginx.org, but I am not able to
>>> get an idea about how to achieve this.
>>>
>>> Can you please give me a suggestion about how to do it?
>>>
>>> Thank you,
>>>
>>> Ottavio
>>>
>>> --
>>> Non c'è più forza nella normalità, c'è solo monotonia
>>>
>> _______________________________________________
>> nginx-devel mailing list
>> nginx-devel@nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx-devel
>
>
>
> --
> Non c'è più forza nella normalità, c'è solo monotonia
>
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Subject Author Views Posted

Adding a fd that is not obtained through accept to the list the active connections

Ottavio Campana 192 August 26, 2021 09:14AM

Re: Adding a fd that is not obtained through accept to the list the active connections

Phillip Odam 27 August 26, 2021 04:00PM

Re: Adding a fd that is not obtained through accept to the list the active connections

Ottavio Campana 34 August 27, 2021 05:48AM

Re: Adding a fd that is not obtained through accept to the list the active connections

Phillip Odam 34 August 27, 2021 07:12AM

Re: Adding a fd that is not obtained through accept to the list the active connections

Ottavio Campana 29 August 27, 2021 08:00AM

Re: Adding a fd that is not obtained through accept to the list the active connections

Maxim Dounin 38 August 27, 2021 11:42AM

Adding a fd that is not obtained through accept to the list the active connections

Phillip Odam 34 August 30, 2021 07:26AM

Re: Adding a fd that is not obtained through accept to the list the active connections

Ottavio Campana 47 August 31, 2021 03:20PM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 71
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready