Opened 5 years ago

Closed 5 years ago

#817 closed defect (invalid)

Wrong or undocumented srever resolving

Reported by: marunin@… Owned by:
Priority: minor Milestone:
Component: nginx-core Version: 1.9.x
Keywords: Cc:
uname -a: Linux marunin1-2 3.2.0-0.bpo.4-amd64 #1 SMP Debian 3.2.68-1+deb7u2~bpo60+1 x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.7.11
TLS SNI support enabled
configure arguments: --prefix=/usr --user=www-data --group=www-data --conf-path=/etc/nginx/nginx.conf --pid-path=/var/run/nginx.pid --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/cache/nginx/client-body --http-proxy-temp-path=/var/cache/nginx/proxy --http-fastcgi-temp-path=/var/cache/nginx/fastcgi --with-http_perl_module --with-http_ssl_module --with-http_sub_module --with-http_stub_status_module --with-http_realip_module --with-http_gunzip_module --with-zlib-asm=pentiumpro --add-module=./ngx_http_auth_pam_module --add-module=./nginx-sla --add-module=./ngx_devel_kit --add-module=./ngx_set_misc_module --with-debug

Description

I you mix listen <ip_name>:80 and listen 80
Than servers with listen 80 ignored and default (first) server {...} section always win

Example:
conf file
server {

listen 10.253.55.21:80;
server_name name1;
location / {

return 401;

}

}
server {

listen 80;
server_name name2;
location / {

return 402;

}

}

$ wget -O- -S --header 'Host: name2' 'http://10.253.55.22/name2'
--2015-10-20 00:40:02-- http://10.253.55.22/name2
Connecting to 10.253.55.22:80... connected.
HTTP request sent, awaiting response...

HTTP/1.1 401 Unauthorized
Server: nginx/1.7.11
Date: Tue, 20 Oct 2015 00:40:02 GMT
Content-Type: text/html
Content-Length: 195
Connection: keep-alive

Authorization failed.

401 returned, server name1
But server name2 (and code 402) expected

Attachments (2)

nginx_bug.conf (700 bytes ) - added by marunin@… 5 years ago.
Bug config
nginx_bug.log (7.8 KB ) - added by marunin@… 5 years ago.
debug log for request

Download all attachments as: .zip

Change History (4)

by marunin@…, 5 years ago

Attachment: nginx_bug.conf added

Bug config

by marunin@…, 5 years ago

Attachment: nginx_bug.log added

debug log for request

comment:1 by marunin@…, 5 years ago

The same problem exists for very old

nginx version: nginx/0.7.67
TLS SNI support enabled
configure arguments: --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-log-path=/var/log/nginx/access.log --http-proxy-temp-path=/var/lib/nginx/proxy --lock-path=/var/lock/nginx.lock --pid-path=/var/run/nginx.pid --with-debug --with-http_dav_module --with-http_flv_module --with-http_geoip_module --with-http_gzip_static_module --with-http_realip_module --with-http_stub_status_module --with-http_ssl_module --with-http_sub_module --with-ipv6 --with-mail --with-mail_ssl_module --add-module=/home/mpalmer/src/debian/lts/nginx/nginx-0.7.67/modules/nginx-upstream-fair

comment:2 by Maxim Dounin, 5 years ago

Resolution: invalid
Status: newclosed

When you have a listening socket configured for a particular IP address, all connections to this IP address will be handled only by virtual servers configured with this listening socket. No servers listening on wildcard address will be considered. This is how sockets work. If you want requests to 10.253.55.21:80 to be handled both in name1 and name2 servers, you have to configure both sockets in the name2 server:

server {
    listen 10.253.55.21:80;
    server_name name1;
    ...
}
server {
    listen 80;
    listen 10.253.55.21:80;
    server_name name2;
    ....
}

Some additional information about configuring virtual servers can be found in the documentation, see here:

http://nginx.org/en/docs/http/request_processing.html#mixed_name_ip_based_servers

Note: See TracTickets for help on using tickets.