Nginx实现TCP转发

Nginx版本: 1.10.2

一.基于Nginx实现TCP/UDP协议端口转发,配置命令stream命令默认在nginx.conf主配置文件中的main模块:

官方说明:

The ngx_stream_core_module module is available since version 1.9.0. This module is not built by default, it should be enabled with the --with-stream configuration parameter.

ngx_stream_core_module 这个模块在1.90版本后将被启用。但是并不会默认安装,需要在编译安装时通过指定 --with-stream 参数来激活这个模块。

 

stream {
    upstream backend1 {
        server 221.239.33.162:2181 max_fails=3 fail_timeout=30s;
    }

    upstream backend2 {
        server 221.239.33.162:8822 max_fails=3 fail_timeout=30s;
    }
     
    upstream backend3 {
        server 221.239.33.162:8823 max_fails=3 fail_timeout=30s;
    }
    
    upstream backend4 {
        server 221.239.33.162:8824 max_fails=3 fail_timeout=30s;
    }
    
    upstream backend5 {
        server 221.239.33.162:8825 max_fails=3 fail_timeout=30s;
    }
    
    upstream backend6 {
        server 221.239.33.162:8826 max_fails=3 fail_timeout=30s;
    }
    
    upstream backend7 {
        server 221.239.33.162:8827 max_fails=3 fail_timeout=30s;
    }
    
    upstream backend8 {
        server 221.239.33.162:10443 max_fails=3 fail_timeout=30s;
    }
    
    upstream backend9 {
        server 221.239.33.162:22333 max_fails=3 fail_timeout=30s;
    }
    
    upstream backend10 {
        server 221.239.33.162:22343 max_fails=3 fail_timeout=30s;
    }
    
    upstream backend11 {
        server 221.239.33.162:22331 max_fails=3 fail_timeout=30s;
    }
    
    upstream backend12 {
        server 221.239.33.162:22332 max_fails=3 fail_timeout=30s;
    }
    
    upstream backend13 {
        server 221.239.33.162:22341 max_fails=3 fail_timeout=30s;
    }
    
    upstream backend14 {
        server 221.239.33.162:22342 max_fails=3 fail_timeout=30s;
    }
    
    upstream backend15 {
        server 221.239.33.162:3443 max_fails=3 fail_timeout=30s;
    }
    
    upstream backend16 {
        server 221.239.33.162:4443 max_fails=3 fail_timeout=30s;
    }
    
    upstream backend17 {
        server 221.239.33.162:5443 max_fails=3 fail_timeout=30s;
    }
    
    upstream backend18 {
        server 221.239.33.162:6033 max_fails=3 fail_timeout=30s;
    }
    
    upstream backend19 {
        server 221.239.33.162:6443 max_fails=3 fail_timeout=30s;
    }
    
    upstream backend20 {
        server 221.239.33.162:7443 max_fails=3 fail_timeout=30s;
    }
    
    upstream backend21 {
        server 221.239.33.162:8443 max_fails=3 fail_timeout=30s;
    }
    
    upstream backend22 {
        server 221.239.33.162:9443 max_fails=3 fail_timeout=30s;
    }
        
    server {
        listen 2181;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend1;
    }
    server {
        listen 8822;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend2;
    }
    server {
        listen 8823;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend3;
    }
    server {
        listen 8824;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend4;
    }
    server {
        listen 8825;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend5;
    }
    server {
        listen 8826;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend6;
    }
    server {
        listen 8827;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend7;
    }
    server {
        listen 10443;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend8;
    }
    server {
        listen 22333;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend9;
    }
    
    server {
        listen 22343;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend10;
    }
    
    server {
        listen 22331;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend11;
    }
    
    server {
        listen 22332;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend12;
    }
    
     server {
        listen 22341;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend13;
    }
    
     server {
        listen 22342;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend14;
    }
    
    server {
        listen 3443;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend15;
    }
    
    server {
        listen 4443;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend16;
    }
    
    server {
        listen 5443;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend17;
    }
    
     server {
        listen 6033;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend18;
    }
    
     server {
        listen 6443;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend19;
    }
    
    server {
        listen 7443;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend20;
    }
    
    server {
        listen 8443;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend21;
    }
    
    server {
        listen 9443;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend22;
    }
}

 

二.基于Iptables的NAT转发机制实现端口转发,配置如下,设置iptables同时修改

/etc/sysctl.conf 的IP转发参数为1

参考链接: https://help.aliyun.com/knowledge_detail/38776.html

iptables -t nat -I POSTROUTING -s 192.168.1.0/24 -j SNAT --to-source 192.168.1.6

posted @ 2018-04-27 13:49  2240930501  阅读(1317)  评论(0编辑  收藏  举报