Opened 9 years ago
Closed 9 years ago
#983 closed defect (invalid)
NGINX PROXY 0000 1204 0000 0000 0000 0300 0000 8000
Reported by: | BUsy | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | |
Component: | other | Version: | 1.10.x |
Keywords: | Cc: | ||
uname -a: | FreeBSD revproxy 10.2-RELEASE-p17 FreeBSD 10.2-RELEASE-p17 #0: Tue May 17 06:44:54 UTC 2016 root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 | ||
nginx -V: |
nginx version: nginx/1.10.0
built with OpenSSL 1.0.2h 3 May 2016 TLS SNI support enabled configure arguments: --prefix=/usr/local/etc/nginx --with-cc-opt='-I /usr/local/include' --with-ld-opt='-L /usr/local/lib' --conf-path=/usr/local/etc/nginx/nginx.conf --sbin-path=/usr/local/sbin/nginx --pid-path=/var/run/nginx.pid --error-log-path=/var/log/nginx-error.log --user=www --group=www --modules-path=/usr/local/libexec/nginx --with-ipv6 --with-google_perftools_module --http-client-body-temp-path=/var/tmp/nginx/client_body_temp --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi_temp --http-proxy-temp-path=/var/tmp/nginx/proxy_temp --http-scgi-temp-path=/var/tmp/nginx/scgi_temp --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi_temp --http-log-path=/var/log/nginx-access.log --add-module=/wrkdirs/usr/ports/www/nginx/work/nginx_accept_language_module-2f69842 --with-http_addition_module --add-module=/wrkdirs/usr/ports/www/nginx/work/nginx-auth-ldap-8517bb0 --add-module=/wrkdirs/usr/ports/www/nginx/work/ngx_http_auth_pam_module-1.2 --add-module=/wrkdirs/usr/ports/www/nginx/work/ngx_cache_purge-2.3 --add-dynamic-module=/wrkdirs/usr/ports/www/nginx/work/headers-more-nginx-module-f5559ec --with-http_dav_module --add-module=/wrkdirs/usr/ports/www/nginx/work/nginx-http-footer-filter-1.2.2 --with-http_geoip_module=dynamic --with-http_gzip_static_module --with-http_gunzip_module --with-http_image_filter_module=dynamic --add-module=/wrkdirs/usr/ports/www/nginx/work/nginx-notice-3c95966 --with-http_perl_module=dynamic --with-http_realip_module --with-http_slice_module --with-http_stub_status_module --with-http_sub_module --with-http_xslt_module=dynamic --add-module=/wrkdirs/usr/ports/www/nginx/work/ngx_devel_kit-0.2.19 --add-module=/wrkdirs/usr/ports/www/nginx/work/memc-nginx-module-0.16 --with-pcre --add-module=/wrkdirs/usr/ports/www/nginx/work/xss-nginx-module-0.04 --with-http_v2_module --with-stream=dynamic --with-stream_ssl_module --with-threads --with-http_ssl_module --add-module=/wrkdirs/usr/ports/www/nginx/work/iconv-nginx-module-0.10 |
Description
After last update of nginx all my pages are getting:
0000 1204 0000 0000 0000 0300 0000 8000
0400 0000 0000 0500 ffff ff00 0004 0800
0000 0000 7fff 0000 0000 0807 0000 0000
0000 0000 0000 0000 01
There is a FreeBSD/10.2-RELEASE-p17 box with jails.
10.10.10.1:80 : Apache/2.4.20 - as a internal network only - generic virtual hosts
XX.XX.XX.XX:80 : nginx/1.10.0 as proxy and load balancer to Apache24 - that is public facing
Test from internal network works (apache) on all files:
curl -I --header 'Host: myserver.com' http://10.10.10.1:80/
HTTP/1.1 200 OK
Date: Fri, 20 May 2016 11:23:08 GMT
Server: Apache
Set-Cookie: _icl_current_language=en; expires=Sat, 21-May-2016 11:23:08 GMT; Max-Age=86400; path=/
Set-Cookie: _icl_current_language=en; expires=Sat, 21-May-2016 11:23:08 GMT; Max-Age=86400; path=/
Content-Type: text/html; charset=UTF-8
Test from internal or external network (nginx) fails on all files:
curl -I --header 'Host: myserver.com' http://XX.XX.XX.XX:80/
▒▒
It is happening with all configs; no SSL involved for this server.
server {
listen 80 ;
server_name myserver.com
expires off;
location / {
proxy_no_cache 1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://10.10.10.1:80/;
}
}
Initially I thought it might be connected with http/2 but I am not using it on this hosts configuration. Nginx has multiple hosts and some have a http/2 connection to other nginx http/2 hosts - this works fine. There is invalid SSL installed for the other hosts proxy on nginx - but it works.
This happen only to Apache servers that are behind. The same configuration was working for last 6 years; this happened after the nginx upgrade.
Any idea what might be happening? Bug?
It looks like you have HTTP/2 enabled on the listening socket on port 80. Without SSL it means that HTTP/2 will be the only protocol used on the port, assuming prior knowledge. Search your configuration for
listen 80 http2
and remove the http2 parameter.