I have a problem I'm struggling understand because everything was working fine a week before (and no change to configuration has been done, so only OS patching or whatsoever may have happened)
So the setup is the following :
- I have 2 sites A & B: A is my main home lab, B is some kind of cloud disaster recovery
- on both sides, I have a reverse proxy with Let's Encrypt certificate but I always used the site B because it is a fixed IP address registered as a "pro" service.
- most of my web apps are on site A and there is a VPN tunnel between the 2, no firewall rules in tunnel.
- I use NGINX on most of my web apps to secure them because I found it simple and standardized to put SSL in front of each.
- if I move the external DNS entry on site A, everything works
- there is no NGINX/Server/OS configuration difference between site A & B
- there is no network connectivity and no DNS resolution problem
So since a week now, I'm getting a 504 when I try to connect from outside and if I check the nginx error log on the main reverse proxy, I get those entries:
upstream timed out (110: Connection timed out) while SSL handshaking to upstream, client: client.external.ip, server: my.external.fqdn, request: "GET /favicon.ico HTTP/2.0", upstream: "https://upstream.local.ip:443/favicon.ico", host: "my.external.fqdn", referrer: "https://my.external.fqdn/"
Where can I start troubleshooting? I find it kind of weird that it time out when there is some extra routing.
Thanks in advance
