barabasbe-commsignia commented on issue #12174: URL: https://github.com/apache/apisix/issues/12174#issuecomment-2834656329
> Refer to https://nginx.org/en/docs/stream/ngx_stream_proxy_module.html#:~:text=In%20order%20for%20this%20parameter,It%20is%20also, it is usually necessary to run nginx worker processes with the [superuser](https://nginx.org/en/docs/ngx_core_module.html#user) privileges. But APISIX's Debian image creates an unprivileged system user named apisix at build time https://github.com/apache/apisix-docker/blob/master/debian/Dockerfile and switches to run as that user, so there is an error. Yes, this is my understanding as well. > Does APISIX's stream route meet your original requirements? https://apisix.apache.org/docs/apisix/admin-api/#stream-route Our original requirements were: Forward UDP traffic in a way that preserves the traffic's original IP address. Sender (IP: `1.2.3.4`) -> Gateway (IP: `5.6.7.8`) -> Receiver service (source IP address of the UDP traffic should be: `1.2.3.4`) With APISIX stream proxy configuration only, this seems not possible. Source IP address of the UDP traffic at the receiver service will be `5.6.7.8`. With the NGINX `stream_configuration_snippet`, by setting `proxy_bind $remote_addr:$remote_port transparent;` it's possible, but as mentioned it is restricted in the `debian` image. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
