我找不到有关 UDP 的任何帮助,所以来这里询问。
我在运行 Ubuntu 20.04 和 Nginx 的 Raspberry Pi 上设置了一个 DNS 集群。代理用于端口 53 上的 UDP。我需要将其投入生产,但是,我很担心,因为我在错误日志中始终看到以下内容:
upstream timed out (110: Connection timed out) while proxying connection, udp client: 192.168.1.172, server: 0.0.0.0:53, upstream: "192.168.70.80:53", bytes fro
m/to client:72/52, bytes from/to upstream:52/72
以下是 Nginx 访问日志的一部分(注意 502 错误):
192.168.1.136 | [29/Dec/2020:09:35:08 -0600] | UDP | 200 | 147 | 54 | 0.032 | "192.168.70.80:53"
192.168.1.172 | [29/Dec/2020:09:35:12 -0600] | UDP | 200 | 126 | 30 | 0.020 | "192.168.70.82:53"
192.168.1.172 | [29/Dec/2020:09:35:17 -0600] | UDP | 502 | 150 | 88 | 599.998 | "192.168.70.82:53"
192.168.1.172 | [29/Dec/2020:09:35:17 -0600] | UDP | 502 | 73 | 72 | 599.999 | "192.168.70.82:53"
192.168.1.172 | [29/Dec/2020:09:35:17 -0600] | UDP | 502 | 154 | 56 | 600.000 | "192.168.70.84:53" <--- HERE
192.168.2.47 | [29/Dec/2020:09:35:22 -0600] | UDP | 200 | 66 | 50 | 0.040 | "192.168.70.80:53"
192.168.1.172 | [29/Dec/2020:09:35:24 -0600] | UDP | 200 | 142 | 37 | 0.001 | "192.168.70.80:53"
192.168.1.172 | [29/Dec/2020:09:35:41 -0600] | UDP | 200 | 165 | 40 | 0.017 | "192.168.70.82:53"
192.168.1.172 | [29/Dec/2020:09:35:48 -0600] | UDP | 502 | 61 | 90 | 600.005 | "192.168.70.83:53" <--- HERE
192.168.1.172 | [29/Dec/2020:09:35:48 -0600] | UDP | 502 | 47 | 62 | 599.998 | "192.168.70.83:53" <--- HERE
192.168.1.172 | [29/Dec/2020:09:35:57 -0600] | UDP | 200 | 61 | 45 | 0.001 | "192.168.70.82:53"
192.168.1.136 | [29/Dec/2020:09:35:59 -0600] | UDP | 200 | 44 | 28 | 0.028 | "192.168.70.82:53"
192.168.1.172 | [29/Dec/2020:09:36:02 -0600] | UDP | 200 | 47 | 31 | 0.017 | "192.168.70.82:53"
192.168.1.172 | [29/Dec/2020:09:36:02 -0600] | UDP | 200 | 58 | 42 | 0.019 | "192.168.70.82:53"
192.168.1.172 | [29/Dec/2020:09:36:13 -0600] | UDP | 200 | 126 | 30 | 0.017 | "192.168.70.82:53"
192.168.1.136 | [29/Dec/2020:09:36:16 -0600] | UDP | 200 | 77 | 37 | 0.029 | "192.168.70.82:53"
192.168.2.47 | [29/Dec/2020:09:36:16 -0600] | UDP | 200 | 147 | 54 | 0.033 | "192.168.70.82:53"
后端正在运行 dnsmasq。我有几个客户端使用此 dns 代理,尽管整天都在日志中看到此问题,但没有人报告任何问题。
这个 Nginx 教程协助我设置 UDP 代理。
这是我的/etc/nginx/nginx.conf
(http 块是默认的并且未使用):
load_module /usr/lib/nginx/modules/ngx_stream_module.so;
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 1024;
#multi_accept on;
}
stream {
log_format dns '$remote_addr | [$time_local] | $protocol | $status | $bytes_sent | $bytes_received | $session_time | "$upstream_addr"';
access_log /var/log/nginx/access.log dns;
error_log /var/log/nginx/error.log;
upstream dns_servers {
least_conn;
server 192.168.70.80:53 fail_timeout=20s;
server 192.168.70.82:53 fail_timeout=20s;
server 192.168.70.83:53 fail_timeout=20s;
server 192.168.70.84:53 fail_timeout=20s;
}
server {
listen 53 udp;
proxy_pass dns_servers;
proxy_timeout 10m;
proxy_responses 1;
}
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;
server_names_hash_bucket_size 64;
server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
log_format dns '[$time_local] | $remote_addr | $remote_user | $server_name $host to: $upstream_addr | '
'"$request" | $status | upstream_response_time $upstream_response_time msec '
'$msec | request_time $request_time';
access_log /var/log/nginx/access.log dns;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
这是我第一次使用 Nginx,我不明白为什么这种情况一直出现在我的日志中。我是否缺少可以修复此问题的指令,或者我当前的某个指令配置错误?