On 17.02.26 09:29, Stephen J. Turnbull wrote:
Gerald Vogt writes: > Why would you double book port 80? That's really a bad idea and > causes issues like the one you see... When I read that I assumed that nginx would resolve in favor of the narrower interface:port declaration.
But IPv6 is still a different interface and ::1 would always go into that "EXTERNAL" server as that's also the default_server. You cannot connect with IPv6 into the other "INTERNAL" server.
And I think beyond that there is no "narrow" measure for interface:ports declarations. If two server blocks use the same interface and port, the server will use the server_name to determine which block to use (named-based virtual-host) and if none matches either the declared "default_server" or if no default server has been declared it's using the first matching block.
If double-booking is happening, nginx should be issuing an error, or (nginx being pretty picky in my experience) even refusing to start.
Maybe I have used the wrong term "double-booking", but most often, you have full overlap on your servers (i.e. server name virtual hosts, listening to all your interfaces on ports 80 and/or 443).
Anyway, OP should look for messages about problems binding to ports in the nginx and uwsgi logs. > Your "INTERNAL" server binds to 127.0.0.1 port 80, only. That's not quite true. Normally the WSGI service will bind to another port for Postorius/HyperKitty, typically 8000.
I am only referring to the nginx config posted. That is listening to 127.0.0.1:80 specifically which means it is not listening to [::1]:80.
The "INTERNAL" server overlaps on 127.0.0.1:80 with the other block. i.e. on 127.0.0.1:80 it will use the server_name to determine which block to use and only "localhost" will go into the "INTERNAL" block.
So only connections to 127.0.0.1:80 or localhost:80 using IPv4 will go into the "INTERNAL" block.
Any other network connection to port 80 will always go into the other block including [::1]:80 or localhost:80 using IPv6.
As I have suggested, it would be better to use a different port number for the "INTERNAL" block.
-Gerald _______________________________________________ Mailman-users mailing list -- [email protected] To unsubscribe send an email to [email protected] https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/ Archived at: https://lists.mailman3.org/archives/list/[email protected]/message/ZHKVMWI4VVG3GOAT5IOEHM7JKNSK4IMG/ This message sent to [email protected]
