Related

NGINX Config Generator

Easily configure a performant, secure, and stable NGINX server.

 Learn More
redirect traffic by geolocation Question Question
Not understading how NGINX Reverse Proxy handle image/video file Question Question

Question

Is it possible to use private ip address instead of domain for nginx load balancer setup?

Posted June 17, 2018 6.5k views
NginxLoad BalancingUbuntu 16.04

Hi, I try to create one nginx load balancer and 1 apache php backend server by refer to
nginx load balancing.

I want to limit all public access to the backend server. Only load balancer can accept public access (like http or https). Then I want my load balancer pass the query to the backend server via private network.

So I setup both servers with private network. I successfully query the nginx welcome page from load balancer. I also successfully get the apache welcome page from backend before I restrict public access with digitalocean firewall.

Then I setup the upstream directive for nginx like what it showed from the article except I use the backend server’s Private IP instead of a domain name in config file like:

upstream backend{
server 10.130.20.01; <== in the article this is backend1.example.com
}
server {

location / {
proxy_pass http://backend;
}
}

At this time I assume I should see the apache page when I visit the load balancer public IP but it did not show up. I wonder if this is because of the backend private IP which I place in the nginx config file? Is it possible to use ip instead of domain to setup nginx load balancer? Thanks

Add a comment
mefav
By:
mefav

Related

NGINX Config Generator

Easily configure a performant, secure, and stable NGINX server.

 Learn More
redirect traffic by geolocation Question Question
Not understading how NGINX Reverse Proxy handle image/video file Question Question

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers
jasonjpeters June 19, 2018

Yes you should be able to use the Private IP address to communicate between droplets as this is the intended purpose and providing they reside in the same datacenter.

You may need to ensure that the firewall does not block the Private IP address as well or if you have something like UFW running to ensure you correctly set the rules.

Reply Report
mefav September 25, 2018

I disabled ufw completely and use only iptables.
well, since the last time I posted this question, I have rebuild another pair of servers, A and B, with private network setup this time and still, I have problem ssh from A to B with private ip. Here is the post with more detail of my iptables setting.

https://www.digitalocean.com/community/questions/iptables-ssh-not-working

Later I realized none of the arp entry is related to private network interface. I added arp entry for private network interface for both server, A and B. It does not work .

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help