limited str sni figure rmi tran pro error_log board

參考： https://docs.nginx.com/nginx/admin-guide/load-balancer/tcp-udp-load-balancer/ https://www.taohui.pub/2018/04/08/udp%e7%9a%84%e5%8f%8d%e5%90%91%e4%bb%a3%e7%90%86%ef%bc%9anginx/ [root@promote sbin]# ./nginx -V nginx version: nginx/1.14.0 built by gcc 4.8.5 20150623 (Red Hat 4.8.5-28) (GCC) built with OpenSSL 1.0.2k-fips 26 Jan 2017 TLS SNI support enabled configure arguments: --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_realip_module --with-http_flv_module --with-http_mp4_module --with-http_gzip_static_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module [root@promote conf]# cat nginx.conf user root; worker_processes auto; error_log logs/error.log error; #error_log logs/error.log info; pid logs/nginx.pid; worker_rlimit_nofile 655350; events { use epoll; worker_connections 65535; multi_accept on; accept_mutex on; } stream { upstream agent { hash $remote_addr consistent; server 192.168.30.103:8004 max_fails=5 fail_timeout=30s; server 192.168.30.104:8004 max_fails=5 fail_timeout=30s; server 192.168.30.105:8004 max_fails=5 fail_timeout=30s; } server { listen 8004 udp; proxy_timeout 30s; proxy_responses 0; proxy_buffer_size 4096k; proxy_bind $remote_addr:$remote_port transparent; #proxy_bind $remote_addr transparent; #獲取真實源IP？ proxy_pass agent; } log_format proxy ‘$remote_addr [$time_local] ‘ ‘$protocol $status $bytes_sent $bytes_received ‘ ‘$session_time "$upstream_addr" ‘ ‘"$upstream_bytes_sent" "$upstream_bytes_received" "$upstream_connect_time"‘; access_log /usr/local/nginx/logs/tcp-access.log proxy ; open_log_file_cache off; #include /usr/local/nginx/conf/servers/*.stream; #include /usr/local/nginx/conf/*.conf; } 抓包：# tcpdump udp -i eno3 port 8004 Sets the number of datagrams expected from the proxied server in response to a client datagram if the UDP protocol is used. The number serves as a hint for session termination. By default, the number of datagrams is not limited. 如果使用UDP協議，則根據客戶端數據報的響應，設置來自proxied服務器的datagram的數量。這個數字作為會話終止的提示。默認情況下，datagram的數量並不受限制。 測試結果： 用於udp轉發無法同時兼顧tcp的轉發請求。proxy_responses 設置為1的時候，測試存在轉發的報文數量存在丟失的情況。將其設置為0，同時增加了 proxy_buffer_size ，測試基本正常。

nginx udp proxy and load balancing