0

When i execute the command

netstat -atun | awk '{print $5}' | cut -d: -f1 | sed -e '/^$/d' |sort | uniq -c | sort -n

I see high number of connection assigned to server ip

I want to see the real ip address behind my server ip

Here is my nginx configuration 

user  nobody;
# no need for more workers in the proxy mode
worker_processes  8;
error_log  /var/log/nginx/error.log info;
worker_rlimit_nofile 20480;
events {
 worker_connections 15120; # increase for busier servers
 use epoll; # you should use epoll here for Linux kernels 2.6.x
}


http {

 server_name_in_redirect off;
 server_names_hash_max_size 512000;
 server_names_hash_bucket_size 640000;
 include    mime.types;
 default_type  application/octet-stream;
 server_tokens off;
# remove/commentout disable_symlinks if_not_owner;if you get Permission denied error
# disable_symlinks if_not_owner;
 sendfile on;
 tcp_nopush on;
 tcp_nodelay on;
 keepalive_timeout  5;
 gzip on;
 gzip_vary on;
 gzip_disable "MSIE [1-6]\.";
 gzip_proxied any;
 gzip_http_version 1.1;
 gzip_min_length  1000;
 gzip_comp_level  6;
 gzip_buffers  16 8k;
# You can remove image/png image/x-icon image/gif image/jpeg if you have slow CPU
 gzip_types    text/plain text/xml text/css application/x-javascript application/xml image/png image/x-icon image/gif image/jpeg application/javascript application/xml+rss text/javascript application/atom+xml;
 ignore_invalid_headers on;
 client_header_timeout  3m;
 client_body_timeout 3m;
 send_timeout     3m;
 reset_timedout_connection on;
 connection_pool_size  256;
 client_header_buffer_size 256k;
 large_client_header_buffers 4 256k;
 client_max_body_size 10M;
 client_body_buffer_size 128k;
 request_pool_size  32k;
 output_buffers   4 32k;
 postpone_output  1460;
 proxy_temp_path  /tmp/nginx_proxy/;
 proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=microcache:5m max_size=1000m;
 client_body_in_file_only on;
 log_format bytes_log "$msec $bytes_sent .";
 log_format custom_microcache '$remote_addr - $remote_user [$time_local] '
        '"$request" $status $body_bytes_sent '
        '"$http_referer" "$http_user_agent" nocache:$no_cache';
include "/etc/nginx/vhosts/*";

rpaf configuration

LoadModule rpaf_module modules/mod_rpaf-2.0.so
#Mod_rpaf settings
RPAFenable On
RPAFproxy_ips 127.0.0.1 <<server ip address>>
RPAFsethostname On
RPAFheader X-Real-IP
user209827
  • 17
  • 3
  • You only have one server? Apache and nginx on the same machine? Just filter out your IP address. All the others are there, yours just drowns them out. By the way, you're ignoring what *state* the connections are in. – Ladadadada Mar 30 '14 at 16:42

1 Answers1

0

You can do this with other load balancers but not nginx as far as I can tell.

In LVS this is called DR mode:

http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.LVS-DR.html

In F5, this is called npath:

http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm_implementations_guide_10_1/sol_npath.html

Here's a discussion on the nginx mailing list where it is claimed this behavior is not possible with nginx.

http://forum.nginx.org/read.php?2,212866,212866#msg-212866

You mention realip which is the closest I could find:

http://nginx.org/en/docs/http/ngx_http_realip_module.html

dmourati
  • 25,540
  • 2
  • 42
  • 72