问题
I have a following nginx setup on my server A (internet facing, only relevant parts):
upstream new_api {
server unix:///home/ubuntu/new_api/shared/tmp/sockets/puma.sock;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
large_client_header_buffers 4 16k;
ssl_certificate /etc/nginx/cert.crt;
ssl_certificate_key /etc/nginx/cert.key;
location ~ (^(/some/location|/some/other)) {
proxy_pass http://new_api;
}
location / {
proxy_pass https://serverB.com;
}
}
Now, if I go to /some/location it is served fine with new api upstream. But with anything else I keep getting "400 Bad Request Request Header Or Cookie Too Large" from nginx. Even with curl with no cookies and only two short headers. Increasing large_client_header_buffers does not help.
The interesting part is that I don't see this request coming to Server B at all, so it gets cut off on Server A. Why? Can it be because of https protocol I'm proxy_passing to?
Also, before setting up Server A everything was going to Server B without any problems.
回答1:
It turns out there was some mix-up with domain resolving (which I don't really understand), and as a result request to server B were passed to Server A instead. It kept adding its own IP to X-Forwarded-For header, until it exceeded max size - so the error message was actually correct.
To debug further, I used
tcpdump -n -S -s 0 -A 'tcp dst port 80' | grep -B3 -A10 "GET"
来源:https://stackoverflow.com/questions/46295034/request-header-or-cookie-too-large-in-nginx-with-proxy-pass