NGINX Routing based on IP

Sometimes you want to connect to a different set of upstream nodes from an NGINX load balancer.

When you’re creating load balancing configurations in NGINX, sometimes you are going to want to route traffic from a certain IP address to a different set of upstream nodes. This may be because you have a CI environment which uses the same load balancer (staging) or could be for other reasons.

Regardless, create your alternative upstream:

upstream defaultNodes {
	server 192.168.1.1;	# default nodes...
}

upstream alternativeNodes {
	server 192.168.1.100;	# new nodes...
}

Then in the server directive, add the condition (assuming the public IP you want to route is 100.0.0.1):

location / {

	proxy_pass http://defaultNodes/;

	if ( $remote_addr ~* 100.0.0.1 ) {
		proxy_pass http://alternativeNodes;
	}

}

  • nginx
  • load balancer

Mitigating NTP attacks against ESXi 4.1

The `monlist` command against NTP servers is being used to launch DDOS attacks.

1 May 2014 2 min read

Heartbleed

If you use the internet, it's probably a good idea to reset your passwords. Don't say you haven't been warned.

9 April 2014 4 min read

bodged with ♥ in NCL, AMS, NAP, NYC, BOS and LDN