Nginx caching proxy dns name even when using variables

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Nginx caching proxy dns name even when using variables

Rob Fulton
Hi,

I'm using nginx to proxy to a host with a rapidly changing dns entry but
I can't seem to get the proxy command the re-query dns using the
vairable method suggested, the following is a excerpt from my config :

server {

     listen 443 ssl;

     resolver 127.0.0.1 valid=20s;
     set $proxy_server somehostname.com;

     location / {

         proxy_pass https://$proxy_server/blue/content$request_uri;


I'm using nginx 1.14, watching my dns logs I see no requests following
nginx starting up. The upstream_addr value in my nginx logs also doesn't
change.

Any suggestions of why this isn't working as expected?

Regards

Rob


_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx
Reply | Threaded
Open this post in threaded view
|

Re: Nginx caching proxy dns name even when using variables

Rob Fulton
Hi,

I’ve done some further testing on this today and discovered that the configuration works correctly when the proxy_pass url is accessed via http, I can see dns queries for the proxy_server url every minute as per the ttl. The moment I change the url to https, this stops. Is this a known limitation?

Regards

Rob


> On 26 Sep 2018, at 16:53, Rob Fulton <[hidden email]> wrote:
>
> Hi,
>
> I'm using nginx to proxy to a host with a rapidly changing dns entry but I can't seem to get the proxy command the re-query dns using the vairable method suggested, the following is a excerpt from my config :
>
> server {
>
>     listen 443 ssl;
>
>     resolver 127.0.0.1 valid=20s;
>     set $proxy_server somehostname.com;
>
>     location / {
>
>         proxy_pass https://$proxy_server/blue/content$request_uri;
>
>
> I'm using nginx 1.14, watching my dns logs I see no requests following nginx starting up. The upstream_addr value in my nginx logs also doesn't change.
>
> Any suggestions of why this isn't working as expected?
>
> Regards
>
> Rob
>
>
> _______________________________________________
> nginx mailing list
> [hidden email]
> http://mailman.nginx.org/mailman/listinfo/nginx

_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx
Reply | Threaded
Open this post in threaded view
|

Re: Nginx caching proxy dns name even when using variables

Maxim Dounin
Hello!

On Thu, Sep 27, 2018 at 03:27:03PM +0100, Rob Fulton wrote:

> I’ve done some further testing on this today and discovered that
> the configuration works correctly when the proxy_pass url is
> accessed via http, I can see dns queries for the proxy_server
> url every minute as per the ttl. The moment I change the url to
> https, this stops. Is this a known limitation?

Most likely, the problem is that you have

    proxy_pass https://somehostname.com;

somewhere in the configuration, without variables - so nginx
resolves the name during configuration parsing.  As a result, your
construct

    set $proxy_server somehostname.com;
    proxy_pass https://$proxy_server;

does not try to resolve the name, but rather ends up using the
existing upstream for somehostname.com.

If you want the name to be always resolved, comment out the
proxy_pass without variables and/or use the variables there as
well.

--
Maxim Dounin
http://mdounin.ru/
_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx
Reply | Threaded
Open this post in threaded view
|

Re: Nginx caching proxy dns name even when using variables

Rob Fulton
Hi,
On 27/09/2018 15:53, Maxim Dounin wrote:

> Hello!
>
> On Thu, Sep 27, 2018 at 03:27:03PM +0100, Rob Fulton wrote:
>
>> I’ve done some further testing on this today and discovered that
>> the configuration works correctly when the proxy_pass url is
>> accessed via http, I can see dns queries for the proxy_server
>> url every minute as per the ttl. The moment I change the url to
>> https, this stops. Is this a known limitation?
> Most likely, the problem is that you have
>
>      proxy_pass https://somehostname.com;
>
> somewhere in the configuration, without variables - so nginx
> resolves the name during configuration parsing.  As a result, your
> construct
>
>      set $proxy_server somehostname.com;
>      proxy_pass https://$proxy_server;
>
> does not try to resolve the name, but rather ends up using the
> existing upstream for somehostname.com.

Thank you very much for your help, you were correct I had a proxy_pass
directive for a 404 error page to the same hostname configured without a
variable, setting this correctly resulted in the correct behavior.

Regards

Rob
_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx