Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Nginx proxy_pass with $remote_addr

I'm trying to include $remote_addr or $http_remote_addr on my proxy_pass without success.

The rewrite rule works

location ^~ /freegeoip/ {     rewrite ^ http://freegeoip.net/json/$remote_addr last; } 

The proxy_pass without the $remote_addr works, but freegeoip does not read the x-Real-IP

location ^~ /freegeoip/ {   proxy_pass http://freegeoip.net/json/;   proxy_set_header X-Real-IP $remote_addr;   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;   proxy_set_header Host $host; } 

Then, I'm adding the ip to the end of the request, like this:

location ^~ /freegeoip/ {   proxy_pass http://freegeoip.net/json/$remote_addr; } 

but nginx report this error: no resolver defined to resolve freegeoip.net

like image 705
david.sansay Avatar asked Jul 16 '13 19:07

david.sansay


2 Answers

If the proxy_pass statement has no variables in it, then it will use the "gethostbyaddr" system call during start-up or reload and will cache that value permanently.

if there are any variables, such as using either of the following:

set $originaddr http://origin.example.com; proxy_pass $originaddr; # or even proxy_pass http://origin.example.com$request_uri; 

Then nginx will use a built-in resolver, and the "resolver" directive must be present. "resolver" is probably a misnomer; think of it as "what DNS server will the built-in resolver use". Since nginx 1.1.9 the built-in resolver will honour DNS TTL values. Before then it used a fixed value of 5 minutes.

like image 157
Chris Cogdon Avatar answered Sep 20 '22 22:09

Chris Cogdon


It seems a bit strange that nginx is failing to resolve the domain name at runtime rather than at configuration time (since the domain name is hard coded). Adding a resolver declaration to the location block usually fixes dns issues experienced at runtime. So your location block might look like:

location ^~ /freegeoip/ {   #use google as dns   resolver 8.8.8.8;   proxy_pass http://freegeoip.net/json/$remote_addr; } 

This solution is based on an article I read a while back - Proxy pass and resolver. Would be worth a read.

like image 28
Rob Squires Avatar answered Sep 20 '22 22:09

Rob Squires