Opened 8 years ago
Closed 7 years ago
#1039 closed defect (invalid)
fastopen with SSL in multiple server declaration causes duplicate listen options for 0.0.0.0:443
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | nginx-module | Version: | 1.11.x |
| Keywords: | tcp fastopen ssl | Cc: | |
| uname -a: | Linux ip-172-31-11-0 3.13.0-48-generic #80-Ubuntu SMP Thu Mar 12 11:16:15 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux | ||
| nginx -V: | --user=www-data --group=www-data --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --with-debug --with-threads --with-file-aio --with-ipv6 --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module --with-http_image_filter_module --with-http_geoip_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_auth_request_module --with-http_random_index_module --with-http_secure_link_module --with-http_slice_module --with-http_degradation_module --with-http_stub_status_module --with-http_perl_module --with-mail --with-mail_ssl_module --with-stream --with-stream_ssl_module --add-module=/home/ubuntu/nginx_accept_language_module-master --add-module=/home/ubuntu/ngx_cache_purge-master | ||
Description
Hi,
I have a multiple server setup with SSL and tried to add fastopen. But on nginx -t it throws duplicate listen options for 0.0.0.0:443
1st server: listen 443 ssl http2 fastopen=256 default_server;
2nd server: listen 443 ssl fastopen=256;
And there is undoubtedly no duplicated listen directive.
Kind regards
Mike
Change History (4)
comment:1 by , 8 years ago
| Resolution: | → invalid |
|---|---|
| Status: | new → closed |
comment:2 by , 7 years ago
Hi,
totally lost track of my request … the issue is that the listen directive is only valid in the server context which won't allow to use TFO for multiple vhosts. What would you recommend to enable usage of TFO for all vhosts then?
Kind regards
Mike
comment:3 by , 7 years ago
| Resolution: | invalid |
|---|---|
| Status: | closed → reopened |
comment:4 by , 7 years ago
| Resolution: | → invalid |
|---|---|
| Status: | reopened → closed |
Quoting docs:
The
listendirective can have several additional parameters specific to socket-related system calls. These parameters can be specified in anylistendirective, but only once for a givenaddress:portpair.
If you have further questions, please consider using support options available.
You are using
fastopen=256in both listen directives, this is not allowed. You have to specify listening options only in onelistendirective in the configuration.