How can I setup a UDP NGINX reverse proxy, and how does it work?

networking nginx proxy

Solution 1:

Does NGINX need to be on both the proxy server, and the server that the proxy will forward to?

This is typically not necessary.

I am confused regarding the [listen directive.]

The listen directive defines "the IP address and/or port on which the server listens", as stated. "Listening" refers to monitoring incoming connections. The "server" is the computer hosting Nginx, so it refers to the IP and/or port of the computer receiving the proxy connection(s) (which that computer will then pass along).

ex. listen to IP 127.0.0.1 on port 8080

listen 127.0.0.1:8080;

ex. listen to all udp traffic on port 53 (DNS)

listen 53 udp;

I am unsure what this means: Include the proxy_pass directive to define the proxied server or an upstream group to which the server forwards traffic.

The proxy_pass directive defines the computers(s) to which the Nginx proxy "passes" data (the servers that actually respond to a given request). This can be a URL, an IP address or a group name.

ex. URL (proxy data is passed to example.com to complete the request)

proxy_pass http://example.com;

ex. IP (proxy data is passed to IP 127.0.0.1 to complete the request)

proxy_pass http://127.0.0.1;

ex. Group (proxy data is passed to a member of the defined group to complete the request)

upstream dns_servers {
    server 192.168.136.130:53;
    server 192.168.136.131:53;
}

#... 

proxy_pass dns_servers;

Note the group above can contain URLs instead e.g. backend1.example.com:53; .

Specify the proxy_bind directive and the IP address of the necessary network interface - is this the internal IP or the external IP that it will bind to?

The proxy_bind directive "makes outgoing connections to a proxied server originate from the specified local IP address with an optional port". So in most instances, it will be local (though binding to a remote IP is possible as detailed in the link). This option is likely only really useful if you have several network interfaces or need to choose a particular source IP address because a connection requires a specific IP to function correctly.

Possibly a simple configuration will help explain [things] to me.

This may or may not be appropriate for your situation but a very simple tcp/http example might look like:

server {

         listen 2555;
         #... 

         location /app1/ {
               proxy_bind 5.0.0.0;
               proxy_pass http://153.0.0.0:2555;
          }

          location /app2/ {
                proxy_bind 6.0.0.0;
                proxy_pass http://153.0.0.0:2555;
          }

         #... 
}

As a simple example of a UDP proxy:

stream {
    server {
        listen 2555 udp;
        proxy_pass receiving_servers;
        proxy_responses: 0;
        proxy_bind 5.0.0.0;
        #... 
    }

    upstream receiving_servers {
        server 153.0.0.0:2555;
    }

    #... 
}

My configuration will be my nginx udp proxy server with two ips (5.0.0.0, 6.0.0.0) that I would like to rotate which proxies to 153.0.0.0.

If I am not mistaken, if you want to truly rotate IPs, you may need a load balancer (perhaps another server with Nginx) in front of your proxy (I am not sure if this can be done purely internally).

Related

What do the GPU Performance sections in Windows 10 Task Manager mean?
gpg2 - Unusable public key -No assurance key belongs to named user
Less seems to no longer accept mouse-scrolls in the Terminal in macOS
ADB server didn't Acknowledge [duplicate]
Always use laptop mic when headset is plugged in
Excel is open automatically upon windows start
Spring Boot + JPA2 + Hibernate - enable second level cache
How to disable Chrome download blocking feature?
How to scroll up and down in EFI shell
Enter non-breaking space without a numeric keyboard pad?
Divide elements on groups in RecyclerView
Installing javaws on Ubuntu 18.04