I'm learning how to use reverse proxy based on server names with nginx. I got everything to work 100% perfectly in home office network. But when I open up my home's firewall and port-forward external traffic to my reverse proxy server in my house, it's like nginx doesn't recognize the server name rules, and keeps using the default rule. So my question is, how do I get reverse proxy with server names to work with external traffic?
To describe what I mean, I will show a Success Scenario and the Failed Scenario.
SUCCESS SCENARIO - Reverse Proxy Of Home Network Traffic
This scenario works perfectly. I have a computer in my house. The computer has IP address of 192.168.0.30. THe computer has nginx installed. Then I added these two records to my /etc/hosts
192.168.0.31 home1.john.com
192.168.0.32 home2.john.com
Then I added this to my /etc/nginx/nginx.conf
stream {
include stream_conf.d/*.conf;
}
Then I made this file /etc/nginx/stream_conf.d/*.conf:
log_format mqtt '$remote_addr [$time_local] $protocol $status $bytes_received '
'$bytes_sent $upstream_addr';
map $ssl_preread_server_name $name {
home1.john.com hive_mq;
home2.john.com hive_mq2;
default hive_mq;
}
upstream hive_mq {
server 192.168.0.31:1883;
zone tcp_mem 64k;
}
upstream hive_mq2 {
server 192.168.0.32:1883;
zone tcp_mem 64k;
}
server {
listen 1883;
proxy_pass $name;
proxy_connect_timeout 1s;
ssl_preread on;
access_log /var/log/nginx/mqtt_access.log mqtt;
error_log /var/log/nginx/mqtt_error.log;
}
Then I run these commands:
nginx # starts up nginx
nginx -s reload # make sure I am using the latest conf files
mosquitto_pub -h home1.john.com -t hello/world -m 'test to home1.john.com server' # The 192.168.0.31 successfully receives the message, and 192.168.0.32 successfully ignores this message
mosquitto_pub -h home2.john.com -t hello/world -m 'test to home2.john.com server' # The 192.168.0.32 successfully receives the message, and 192.168.0.31 successfully ignores
Everything is absolutely perfect.
FAIL SCENARIO - Reverse Proxy Of External Traffic
I went to my WiFi router and enabled port forwarding. I will take any external traffic from port 1883 and forward it to the IP address 192.168.0.30 (my reverse proxy computer with nginx on it) on port 1883.
Then I drove my car to my friend's house and took his laptop. I added these two records to his laptop's /etc/hosts file:
# assume 72.142.34.203 is my home public ipv4 address
72.142.34.203 home1.john.com
72.142.34.203 home2.john.com
Then I ran these commands on his laptop:
mosquitto_pub -h home1.john.com -t hello/world -m 'test to home1.john.com server' # The 192.168.0.31 successfully receives the message, and 192.168.0.32 successfully ignores this message
mosquitto_pub -h home2.john.com -t hello/world -m 'test to home2.john.com server' # INCORRECT OUTCOME - The 192.168.0.31 received this message, and 192.168.0.32 did not get this message
Why did 192.168.0.32 fail to get the test to home2.john.com server from the second command? It's as if the nginx reverse proxy doesn't recognize the server_name...is that information lost when I did port forwarding on my router? Or have I mis-understood something? How do I get reverse proxy with server name to work with external traffic into my home netowrk
