nginx proxy 代理解析成ipv6导致请求失败
- 2023-04-20 15:20:00
- CJL 原创
- 3732
nginx配置反向代理后偶尔会有error日志
2023/04/20 07:18:21 [error] 16202#16202: *158346 connect() to [2001:4860:4802:38]:443 failed (101: Network is unreachable) while connecting to upstream, client: 120.199.83.1, server: a.test.net, request: "GET /new/favicon.ico HTTP/1.1", upstream: "https://[2001:4860:4802:38]:443/new/favicon.ico", host: "a.test.net", referrer: "-"
查询资料发现需要禁用ipv6解析
添加resolver 8.8.8.8 ipv6=off valid=600s; 禁用ipv6解析有效期10分钟
location / { resolver 8.8.8.8 ipv6=off valid=600s; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass https://a.test.net; }
nginx -s reload 发现没有作用
继续查询资料发现nginx在没有变量的配置中只在启动的时候解析一次域名
(https://trac.nginx.org/nginx/ticket/723)
(https://github.com/DmitryFillo/nginx-proxy-pitfalls)
继续修改成带变量的配置如下
location / { set $endpoint a.test.net; resolver 8.8.8.8 ipv6=off valid=600s; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass https://${endpoint}; }
重启生效
发表评论