Example of using Nginx to implement port forwarding TCP proxy

Demand Background

Recently, a colleague deployed an application in the test and production environments respectively. Since the application can only integrate LDAP, and our company uses AD, I built an OpenLDAP service. The account is first synchronized from AD to OpenLDAP through lsc, and then saslauthd is used to pass the authentication to AD. In the test environment, our application can connect to LDAP to log in, but in the production environment, it cannot access the OpenLDAP server. I don't want to repeatedly reinstall and maintain a set of OpenLDAP services in the production environment. This process is cumbersome and requires a scheduled task to synchronize the AD account with OpenLDAP every day. So I think this can be achieved through port forwarding. The topology between the nodes is roughly like the following.

Why use Nginx?

Search for port forwarding on Baidu. There are many ways to implement it. Most of them are implemented through Iptables. However, I tested it on Ubuntu and CentOS servers and it didn't work. I had no choice but to choose Nginx to implement it.

Port forwarding with Nginx

If our operating system is relatively new, we can directly install nginx through the software source. As long as the nginx version is greater than 1.9, it supports TCP proxy by default.

Check whether nginx supports TCP proxy

nginx -V

When we include --with-stream in the output configuration parameters, it means that nginx supports TCP proxy.

Install Dependencies

RHEL/CentOS/Fedora

yum install -y pcre* openssl*

Debian/Ubuntu

apt-get install zlib1g-dev libpcre++-dev openssl

Download dependencies

wget http://labs.frickle.com/files/ngx_cache_purge-2.3.tar.gz
tar -zxvf ngx_cache_purge-2.3.tar.gz -C /usr/local/src

Download and install

Download source package

wget http://nginx.org/download/nginx-1.9.9.tar.gz

Unzip

tar -zxf nginx-1.9.9.tar.gz

Compile and install

cd nginx-1.9.9
./configure --prefix=/usr/local/nginx \
  --add-module=/usr/local/src/ngx_cache_purge-2.3 \
  --with-http_stub_status_module --with-stream
make && make install;

Modify the configuration file

/usr/local/nginx/conf/nginx.conf

events {
  ...
}

stream {
    upstream ldap {
        hash $remote_addr consistent;
        server 192.168.1.8:389;
    }
    server {
        listen 1389;
        proxy_connect_timeout 5s;
        proxy_timeout 5s;
        proxy_pass ldap;
    }
}

http {
  ...
}

In this example, we forward the local port 1389 to port 389 on 192.168.1.8

Start and check whether the service is normal

Start nginx service

/usr/local/nginx/sbin/nginx

Check the nginx process

netstat -anput | grep nginx

This concludes this article about using Nginx to implement port forwarding TCP proxy implementation examples. For more related Nginx port forwarding TCP proxy content, please search 123WORDPRESS.COM's previous articles or continue to browse the following related articles. I hope everyone will support 123WORDPRESS.COM in the future!