Opened 5 months ago

Closed 5 months ago

#2212 closed defect (wontfix)

Returns HTTP status code 502 Bad Gateway when proxy is down (proxy_pass)

Reported by: chealer@… Owned by:
Priority: minor Milestone:
Component: nginx-core Version: 1.14.x
Keywords: Cc:
uname -a: Linux spssoal13a 4.15.0-144-generic #148-Ubuntu SMP Sat May 8 02:33:43 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.14.0 (Ubuntu)
built with OpenSSL 1.1.1 11 Sep 2018
TLS SNI support enabled
configure arguments: --with-cc-opt='-g -O2 -fdebug-prefix-map=/build/nginx-H4cN7P/nginx-1.14.0=. -fstack-protector-strong -Wformat -Werror=format-security -fPIC -Wdate-time -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -fPIC' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --modules-path=/usr/lib/nginx/modules --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_v2_module --with-http_dav_module --with-http_slice_module --with-threads --with-http_addition_module --with-http_geoip_module=dynamic --with-http_gunzip_module --with-http_gzip_static_module --with-http_image_filter_module=dynamic --with-http_sub_module --with-http_xslt_module=dynamic --with-stream=dynamic --with-stream_ssl_module --with-mail=dynamic --with-mail_ssl_module

Description

The following occurs with an old version. Apologies if it's already been fixed.

Ever since I started dealing with nginx and PHP-FPM, I've often seen a rare HTTP error, 502 Bad Gateway: https://datatracker.ietf.org/doc/html/rfc7231#section-6.6.3

I figured out that must be simply because it occurs in a very common case: when the upstream is simply down. If for example I have the following:

    location / {
        proxy_pass http://localhost:8080;
    }

...then if the server supposed to listen on 8080 is down, nginx will fail to connect:

2021/06/25 12:16:00 [error] 979#979: *320225 connect() failed (111: Connection refused) while connecting to upstream, client: 10.102.0.230, server: [..., request: "GET /nuxeo/authentication/token?[...] HTTP/1.1", upstream: "http://127.0.0.1:8080/nuxeo/authentication/token?applicationName=[...]", host: "serveurnuxeo"

...and reply with a 502 error:

10.102.0.230 - tspod211 [25/Jun/2021:11:20:45 -0400] "GET /nuxeo/authentication/token?applicationName=[...] HTTP/1.1" 502 166 "-" "GuzzleHttp/6.2.1 curl/7.58.0 PHP/7.2.24-0ubuntu0.18.04.7"

I do not see any status code specifically designed for offline proxies, but I suppose a 503 code or a custom code should be used instead.

Change History (1)

comment:1 by Maxim Dounin, 5 months ago

Resolution: wontfix
Status: newclosed

The 502 error is described as follows in RFC 7231:

   The 502 (Bad Gateway) status code indicates that the server, while
   acting as a gateway or proxy, received an invalid response from an
   inbound server it accessed while attempting to fulfill the request.

The connect() error is certainly not a valid response from the upstream server, so 502 looks good enough. That's the code nginx always used for all errors from upstream servers, and there are no plans to change it.

Note: See TracTickets for help on using tickets.