-
-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
GITBOOK-60: change request with no subject merged in GitBook
- Loading branch information
1 parent
16bd6d5
commit 3b58f90
Showing
7 changed files
with
45 additions
and
18 deletions.
There are no files selected for viewing
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
--- | ||
description: How is this to be understood? | ||
--- | ||
|
||
# Proxy protocol | ||
|
||
As already mentioned in [Listen](./), a stream forwarded by Nginx cannot include the source IP. We help ourselves by activating the proxy protocol. As a result, the packet is taken and the information from the original IP is stored at the beginning. | ||
|
||
|
||
|
||
<figure><img src="../../../.gitbook/assets/proxy_protocol_without.png" alt=""><figcaption></figcaption></figure> | ||
|
||
As can be seen in the diagram, the stream still receives the original IP from the querying <mark style="background-color:blue;">client</mark>. As soon as the <mark style="background-color:yellow;">stream</mark> connects to the <mark style="background-color:green;">reverse proxy</mark>, this is an internal connection with 127.0.0.1. The information is lost from the reverse proxy for the <mark style="background-color:blue;">web server</mark>. | ||
|
||
|
||
|
||
<figure><img src="../../../.gitbook/assets/proxy_protocol_with.png" alt=""><figcaption></figcaption></figure> | ||
|
||
With the <mark style="background-color:orange;">Proxy protocol</mark>, the <mark style="background-color:green;">reverse proxy</mark> receives the original IP with the package extension of the <mark style="background-color:orange;">Proxy protocol header</mark> and can pass it on to the <mark style="background-color:blue;">web server</mark>. | ||
|
||
You can read more about it at [Exploring the proxy protocol](https://seriousben.com/posts/2020-02-exploring-the-proxy-protocol/). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters