Nginx Loadbalancer with private Network (Firewall Rules)
Dear Digital Ocean Community
I am currently setting up our new hosting environment which includes 2 nginx load balancers and 2 nginx webserver. My setup looks like this so far:
Amazon Route 53 -> Load Balancer 1 (Public IP : 128.199.160.xxx) -> Web1 (Private IP: 10.130.224.xxx) & Web2 (Private IP: 10.130.221.xxx)
Amazon Route 53 -> Load Balancer 2 (Public IP : 128.199.150.xxx) -> Web1 (Private IP: 10.130.224.xxx) & Web2 (Private IP: 10.130.221.xxx)
On both Webserver I configured the following Firewall Rules:
[ 2] 80 ALLOW IN 10.130.224.xxx (Private IP Load Balancer1 )
[ 3] 80 ALLOW IN 10.130.221.xxx (Private IP Load Balancer2)
On both Load Balancers I opened only port 80 from anywhere.
I would like to limit permissions to the 2 web server so only the Load Balancers have access to them. Is this setup correct? I am not exactly sure how the nginx load balancing works as so far I only used ELB from aws.
Will clients every talk directly to the web servers or will all traffic go trough the loadbalancers at all time?
Would really appreciate your help on this to be sure that this configuration will work.
Thank you in advance.