Nginx tcp 代理功能由nginx_tcp_proxy_module模块提供,同时检测后端主机状态。该模块包括的模块有:ngx_tcp_module, ngx_tcp_core_module, ngx_tcp_upstream_module, ngx_tcp_proxy_module, ngx_tcp_upstream_ip_hash_module。
下载nginx_tcp_proxy_module: https://github.com/yaoweibin/nginx_tcp_proxy_module
安装和配置细节看README文件
tcp { upstream cluster { # simple round-robin server 192.168.111.46:8888; server 192.168.111.46:8889; check interval=3000 rise=2 fall=5 timeout=1000; #check interval=3000 rise=2 fall=5 timeout=1000 type=ssl_hello; #check interval=3000 rise=2 fall=5 timeout=1000 type=http; #check_http_send "GET / HTTP/1.0\r\n\r\n"; #check_http_expect_alive http_2xx http_3xx; } server { listen 8080; proxy_pass cluster; } }
这样配置会出现一个问题,就是tcp连接会掉线。原因在于当服务器关闭链接的时候,客户端不可能立刻发觉连接已经关闭,需要等到当Nginx在执行check规则时认为服务端连接关闭,此时nginx会关闭与客户端的连接。
保持连接配置:
tcp { timeout 1d; proxy_read_timeout 10d; proxy_send_timeout 10d; proxy_connect_timeout 30; #timeout milliseconds upstream cluster { # simple round-robin server 192.168.111.46:8888; server 192.168.111.46:8889; check interval=3000 rise=2 fall=5 timeout=1000; #check interval=3000 rise=2 fall=5 timeout=1000 type=ssl_hello; #check interval=3000 rise=2 fall=5 timeout=1000 type=http; #check_http_send "GET / HTTP/1.0\r\n\r\n"; #check_http_expect_alive http_2xx http_3xx; } server { listen 8080; proxy_pass cluster; so_keepalive on; tcp_nodelay on; } }
'''
so_keepalive: The same as so_keepalive <With this directive you can set the socket SO_KEEPALIVE option for the client connection to Nginx.>
tcp_nodelay: The same as tcp_nodelay <这些数据之间不存在延迟,解决网络阻塞,极大地有益于WWW、FTP以及文件服务器的性能>
nginx_tcp_proxy_module模块指令具体参见: http://yaoweibin.github.io/nginx_tcp_proxy_module/README.html
'''
使用nginx代理ftp:
只需修改proxy_pass就可以了:
tcp {
timeout 1d;
proxy_read_timeout 10d;
proxy_send_timeout 10d;
proxy_connect_timeout 30;
upstream ftp {
server 192.168.111.46:21;
check interval=3000 rise=2 fall=5 timeout=1000;
}
server {
listen 8080;
proxy_pass ftp;
so_keepalive on;
tcp_nodelay on;
}
$ nginx -s reload
测试:
转载于:https://blog.51cto.com/anonxiaozi/1679514