1

I have a back-end server (Apache) that is too far from most of our users, so our idea is to implement a closer reverse proxy that will act as a cache.

At first glance it worked as a charm. The cached static files are served extremely fast, but for anything else, the reverse proxy (NGINX) needs to connect to the back-end server, which takes some time for the SSL handshaking, making these first requests slow.

I was searching for information on this but I couldn't find a way to keep this connection up. Is there a way for doing it?

I've even tried to learn more about websockets, but all implementations I could find were to answer an specific request, not to keep the connection intermediating the both web servers (NGINX at reverse proxy and Apache at back-end).

Does any of you have have any idea or tip about what to study/use/search in order to accomplish that?

Thank you so much in advance!

Improve this question

1 Answer 1

Reset to default
0

In nginx you can only specify keepalive for an upstream connection if the connection is defined in an upstream block. For example:

upstream backend { server private-api.example.com:443; keepalive 32; }

Here, keepalive specifies the maximum number of simultaneous open connections to the upstream server(s) per worker process.

To use the upstream, you specify its name in your proxy_pass instead of the backend address.

For example, if you previously used:

 proxy_pass https://private-api.example.com:443;

You would change it to:

 proxy_pass https://backend;

Literally substitute the upstream's name for the defined server.

You must also set the HTTP version to 1.1 (because it rather absurdly defaults to 1.0) and clear the Connection header:

 proxy_http_version 1.1; proxy_set_header Connection "";

Keep in mind that there is also a keepalive_timeout you can define in the upstream which you may need to tune. By default it is 60 seconds, so if a connection is idle for that long it will be closed, even if there are fewer than keepalive connections open. The backend server will have its own keepalive timeout which you would also need to tune separately.

Improve this answer
1
  • Thank you so much, Michael! It is working great now! :) Commented Aug 19, 2020 at 15:51

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.