Nginx实现tcp/udp消息转发

1、编译安装

$ yum -y install proc* openssl* pcre*

$ tar zxvf nginx-1.12.2.tar.gz

$ cd nginx-1.12.2

$ ./configure --prefix=/usr/local/nginx/ --with-http_stub_status_module --with-http_ssl_module --with-stream  --with-stream_ssl_module

$ make

$ make install

 

2 、配置stream模块

stream模块必需在nginx.conf中配置

worker_processes  1;

events {

    worker_connections  1024;

}

# 此为TCP转发请求 stream

stream {

    # 后端指向 server 的 8085 端口 stream_backend 组

    upstream stream_backend {

         server 10.50.2.11:8085;

         server 10.50.2.19:8085;

    }

upstream dns {

server 192.168.0.1:53;

server dns.example.com:53;

}

     server {

        listen                443 ssl;

        proxy_pass            stream_backend;

        # 指定key 和 crt 地址

        ssl_certificate       /etc/ssl/certs/my.crt;

        ssl_certificate_key   /etc/ssl/certs/my.key;

        ssl_protocols         SSLv3 TLSv1 TLSv1.1 TLSv1.2;

        ssl_ciphers           HIGH:!aNULL:!MD5;

        ssl_session_cache     shared:SSL:20m;

        ssl_session_timeout   4h;

        ssl_handshake_timeout 30s;

    }

server {

listen 127.0.0.1:53 udp;

proxy_responses 1;

proxy_timeout 20s;

proxy_pass dns;

}    

    }

 

3、启动Nginx

sbin/nginx -c conf/nginx.conf

4、查看端口是不是出于监听中

netstat -anp|grep 53

5、转发消息测试