Force nginx reverse proxy to resolve AAAA record only (and ignore A record) of a domain?

Question

I am trying to use nginx on my VPS (mydoamin.com with A and AAAA record) with public static IP address (both IPv4 and IPv6) to create an IPv4-to-IPv6 proxy to make a IPv6-only home server reachable from normal IPv4 networks. The A record of the domain points to the nginx server and AAAA record to the IPv6-only home server directly.

My current nginx server block looks like this:

server {
  listen 443 ssl http2;
  server_name mydomain.com;
  ssl_certificate /etc/letsencrypt/live/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/key.pem;
  ssl_trusted_certificate /etc/letsencrypt/live/ca.pem;


  location / {
    proxy_pass https://[IPv6 address of the home server];
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
  }
}

So far the proxy works quite good and all traffic via mydomain.com from IPv4 will be proxied by nginx but I am wondering is there a way to use the domain instead of the IPv6 address in the proxy_pass while nginx will only resolve its AAAA record? Many thanks in advance!

create an aaa record only for the proxy – djdomi Apr 09 '22 at 19:59 — djdomi, Apr 09 '22 at 19:59

score 0 · Answer 1 · answered Apr 10 '22 at 06:12

0

Nginx doesn't resolve, named/bind does that. Nginx listens and serves.

listen 443 ssl http2; doesn't listen on AF_INET6 address family, listen [::]:443 ssl http2; does.

answered Apr 10 '22 at 06:12

drookie

8,625
1
19
29

Force nginx reverse proxy to resolve AAAA record only (and ignore A record) of a domain?

1 Answers1