Nginx Layer 4 Load Balancing Configuration Guide

1. Introduction to Layer 4 Load Balancing

What is Layer 4 Load Balancing?

The so-called four-layer load balancing mainly determines the final internal server selected based on the target address and port in the message and the server selection method set by the load balancing device.

Taking the common TCP as an example, when the load balancing device receives the first SYN request from the client, it selects an optimal server, modifies the target IP address in the message (to the backend server IP), and forwards it directly to the server. The TCP connection establishment, that is, the three-way handshake is established directly between the client and the server, and the load balancing device only plays a forwarding role similar to that of a router. In some deployment scenarios, to ensure that the server reply packets can be correctly returned to the load balancing device, the original source address of the message may be modified while forwarding the message.

Application Scenario

1. Layer 4 + Layer 7 for load balancing. Layer 4 can ensure high availability of Layer 7 load balancing.

2. Load balancing can do port forwarding

3. Database read-write separation

Features of Layer 4 load balancing

1. Layer 4 load balancing can only forward TCP/IP protocol and UDP protocol, and is usually used to forward ports, such as tcp/22 and udp/53;

2. Layer 4 load balancing can be used to solve the port limitation problem of layer 7 load balancing; (layer 7 load balancing can use up to 65535 port numbers)

3. Layer 4 load balancing can solve the high availability problem of layer 7 load balancing; (multiple backend layer 7 load balancing can be used simultaneously)

4. The forwarding efficiency of layer 4 is much higher than that of layer 7, but it only supports TCP/IP protocol, not HTTP and HTTPS protocols;

5. Usually, in large concurrency scenarios, it is usually chosen to add a four-layer load balancing in front of the seven-layer load.

2.4 Layer Load Balancing Environment Construction

Environment Preparation

Host	IP	identity
lb4	172.16.1.6, 10.0.0.6	Layer 4 load balancing
lb01	172.16.1.4, 10.0.0.4	Layer 7 load balancing
lb02	172.16.1.5, 10.0.0.5	Layer 7 load balancing

Build Nginx with lb4 and lb02

# Configure yum source [nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

# Install Nginx
[root@lb02 ~]# yum install nginx -y
[root@lb4 ~]# yum install nginx -y

# Create user [root@lb02 ~]# groupadd www -g 666 && useradd www -u 666 -g 666 -s /sbin/nologin -M
[root@lb4 ~]# groupadd www -g 666 && useradd www -u 666 -g 666 -s /sbin/nologin -M

# Configure nginx
[root@lb02 ~]# vim /etc/nginx/nginx.conf 
user www;
[root@lb4 ~]# vim /etc/nginx/nginx.conf 
user www;

# Start Nginx
[root@lb4 ~]# systemctl start nginx && systemctl enable nginx && systemctl status nginx
[root@lb02 ~]# systemctl start nginx && systemctl enable nginx && systemctl status nginx

Synchronize lb01 configuration to lb02

[root@lb01 ~]# scp /etc/nginx/conf.d/* 172.16.1.5:/etc/nginx/conf.d/
[root@lb01 ~]# scp /etc/nginx/proxy_params 172.16.1.5:/etc/nginx/

Test lb02 load balancing

[root@lb02 ~]# nginx -t && systemctl restart nginx

#Configure hosts test 10.0.0.5 linux.wp.com

3. Configure Layer 4 load balancing

Layer 4 load balancing syntax

Syntax: stream { ... }
Default: —
Context: main

#Example: The four-layer load balancing stream module is at the same level as the http module and cannot be configured in http. stream {
    upstream backend {
        server backend1.example.com:12345 weight=5;
        server 127.0.0.1:12345 max_fails=3 fail_timeout=30s;
    }

    server {
        listen 12345;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend;
    }
}

Configure the nginx main configuration file

[root@lb4 ~]# vim /etc/nginx/nginx.conf
#Comment all the contents of http layer user www;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
    worker_connections 1024;
}
#Add an include file include /etc/nginx/conf.c/*.conf;
#http {
# include /etc/nginx/mime.types;
# default_type application/octet-stream;
# log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
# access_log /var/log/nginx/access.log main;
# sendfile on;
# #tcp_nopush on;
# keepalive_timeout 65;
# #gzip on;
# include /etc/nginx/conf.d/*.conf;
#}

Configuring Layer 4 Load Balancing

#Create directory [root@lb4 ~]# mkdir /etc/nginx/conf.c

#Configure [root@lb4 ~]# vim /etc/nginx/conf.c/linux.lb4.com.conf
stream {
    upstream lbserver {
        server 10.0.0.4:80;
        server 10.0.0.5:80;
    }

    server {
        listen 80;
        proxy_pass lbserver;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
    }
}

# Start Nginx
[root@lb4 ~]# nginx -t && systemctl start nginx

# Configure hosts to access 10.0.0.6 linux.lb4.com

Layer 4 load balancing configuration log

#There is no access log for the four-layer load balancing, because in the configuration of nginx.conf, the access log format is configured under http, while the four-layer load balancing configuration is outside of http;

#If you need logs, you need to configure it under stream [root@lb4 ~]# vim /etc/nginx/conf.c/linux.lb4.com.conf
stream {
	log_format proxy '$remote_addr $remote_port - [$time_local] $status $protocol '
                  '"$upstream_addr" "$upstream_bytes_sent" "$upstream_connect_time"';
    access_log /var/log/nginx/proxy.log proxy;

    upstream lbserver {
        server 10.0.0.4:80;
        server 10.0.0.5:80;
    }

    server {
        listen 80;
        proxy_pass lbserver;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
    }
}

#View all web server logs [root@web01 ~]# tail -f /var/log/nginx/access.log
[root@web02 ~]# tail -f /var/log/nginx/access.log

Layer 4 load port forwarding

Request the load balancing port 5555 and jump to the port 22 of web01

#Simple stream configuration {
	server {
        listen 5555;
        proxy_pass 172.16.1.7:22;
	}
}

#General configuration stream {
    upstream ssh_7 {
        server 10.0.0.7:22;
    }

    server {
        listen 5555;
        proxy_pass ssh_7;
    }
}

# Test [D:\~]$ ssh [email protected]:5555
Successful jump

Request the load balancing port 6666 and jump to 172.16.1.51:3306

stream {
    upstream db_51 {
        server 172.16.1.51:3306;
    }
    
    server {
        listen 6666;
        proxy_pass db_51;
    }
}

Load balancing of database slaves

stream {
    upstream dbserver {
        server 172.16.1.51:3306;
        server 172.16.1.52:3306;
        server 172.16.1.53:3306;
        server 172.16.1.54:3306;
        server 172.16.1.55:3306;
        server 172.16.1.56:3306;
    }
    
    server {
        listen 5555;
        proxy_pass dbserver;
    }
}

Summarize

This is the end of this article about Nginx four-layer load balancing configuration. For more related Nginx four-layer load balancing content, please search 123WORDPRESS.COM's previous articles or continue to browse the following related articles. I hope everyone will support 123WORDPRESS.COM in the future!

You may also be interested in:

The principle and configuration of Nginx load balancing and dynamic and static separation
How to configure Nginx load balancing
Analysis of the principle of Nginx+Tomcat to achieve load balancing and dynamic and static separation
What is Nginx load balancing and how to configure it
Implementation method of Nginx+tomcat load balancing cluster
Docker Nginx container and Tomcat container to achieve load balancing and dynamic and static separation operations
Detailed explanation of how to use Nginx + consul + upsync to achieve dynamic load balancing
Nginx configuration to achieve multiple server load balancing

<<: js code to realize multi-person chat room

>>: Detailed explanation of primary keys and transactions in MySQL