Hi.
i've changed the configuration:
stream {
upstream master {
server 10.0.0.7:1515;
}
upstream mycluster {
hash $remote_addr consistent;
server 10.0.0.7:1514;
server 10.0.0.6:1514;
}
server {
listen 1515;
proxy_pass master;
}
server {
listen 1514 udp;
proxy_pass mycluster;
proxy_bind 10.0.0.8;
}
}
Execute this command on agent:
nc -vnzu -w 1 192.168.1.5 1514
to check if is abel to connect to my Nxinx LB port, the result is positive:
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 192.168.1.5:1514.
Ncat: UDP packet sent successfully
Ncat: 1 bytes sent, 0 bytes received in 2.01 seconds.
Same from LB to my HIDS node:
nc -vnzu -w 5 10.0.0.6 1514
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 10.0.0.6:1514.
Ncat: UDP packet sent successfully
but my agents are still unable to send logs over port 1514 UDP
________________________________
Da: nginx <[email protected]> per conto di Reinis Rozitis <[email protected]>
Inviato: lunedì 2 marzo 2020 00:09:53
A: [email protected]
Oggetto: RE: problem with proxy pass
> The agents in my local network(192.x.x.x)) instead, are able to authenticate
> over port 1515 TCP, but not to send logs over 1514 UDP. The agents log said
> that they are unable to connect over that port.
>
> If I temporally change the port 1514 UDP to 1514 TCP in my HIDS nodes, and
> make the same change on Nginx configuration, they are able to send logs
> like nothing happen
This gives more things to test:
(I would also change the error_log level to notice and see if there is anything
logged)
1. Can you test from any client in the lan (192.x.x.x) that you are able to
connect to the nginx udp port Iand send some message /csee if it lands in the
backends), for example with netcat: nc -u your.centos.ip 1514
2. See if you are able to actually connect from the centos box to the backends:
nc -u 10.0.0.7 1514
With two network interfaces there might be also routing issues and depending on
the configuration you could need to specify the outgoing 10.x interface with
proxy_bind
(https://nginx.org/en/docs/stream/ngx_stream_proxy_module.html?#proxy_bind)
Something like:
server {
listen 1514 udp;
proxy_pass mycluster;
proxy_bind 10.x.x.x; // the ip of the centos machine
}
rr
_______________________________________________
nginx mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx
Ai sensi dell'art. 13 del Regolamento UE 2016/679 (GDPR), si informa che gli
eventuali dati personali indicati in questo documento sono trattati dallo
Scrivente secondo i principi di correttezza liceità e trasparenza.
L'informativa completa è disponibile a richiesta presso i ns uffici o
all'indirizzo email: [email protected]. Si informa inoltre che le informazioni
contenute nella presente comunicazione e i relativi allegati possono essere
riservate e sono, comunque, destinate esclusivamente alle persone o alla
Società destinatari. La diffusione, distribuzione e/o copiatura del documento
trasmesso da parte di qualsiasi soggetto diverso dal destinatario è proibita,
ai sensi dell'art. 616 c.p. Se avete ricevuto questo messaggio per errore, vi
preghiamo di distruggerlo.
_______________________________________________
nginx mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx
