Discover Centmin Mod today
Register Now

HELP!!!NGNIX<==>VPN

Discussion in 'Nginx and PHP-FPM news & discussions' started by cristian-iascu, Jun 1, 2023.

  1. cristian-iascu

    cristian-iascu New Member

    3
    0
    1
    Jun 1, 2023
    Ratings:
    +0
    Local Time:
    5:08 PM
    Hi, greetings to all, and I apologize for my translated English being Italian, I need some help from you for my proxy project:

    I BELIEVE I'M A BEGINNER IN THE NGNIX WORLD!!!

    I have installed and manage a Pritunl Enterprise VPN Panel with a dedicated server in which I have created, based on the type of user to be assigned, n. 13 different VPN servers with as many different udp ports which in the overall total manage a total number of about 6,000 users.

    For the proxy project I bought a second dedicated server (DUAL E5-2670v3 24core/48 threads 128GB RAM 1x240GB SSD (up to 46TB SSB) with which, through Ngnix, I would like to protect the ip address of the VPN server anonymously by proxing its ip, contained in the .ovpn certificate distributed to the various customers, replacing it with the address & udp port of the proxy.


    To do this, in addition to opening all the udp ports in question (for each server I used the same port for in-out), and finally I created this ngnix.conf configuration
    ================
    user www-data;
    worker_processes auto;
    pid /run/nginx.pid;
    worker_rlimit_nofile 30000; #vg
    include /etc/nginx/modules-enabled/*.conf;

    events {
    worker_connections 65535; #vg
    #multi_accept on; #vg
    }


    http {

    .......


    stream{

    upstream srv_A {
    hash $remote_addr consistent;
    zone srv_A 64k; #=> shared memory
    server DNS_SERVER_VPN:11269 max_fails=0;
    }

    upstream srv_B {
    hash $remote_addr consistent;
    zone srv_B 64k; #=> shared memory
    server DNS_SERVER_VPN:17067 max_fails=0;
    }

    upstream srv_C {
    hash $remote_addr consistent;
    zone srv_C_e2 64k; #=> shared memory
    server DNS_SERVER_VPN:12263 max_fails=0;
    }

    upstream srv_D {
    hash $remote_addr consistent;
    zone srv_D 64k; #=> shared memory
    server DNS_SERVER_VPN:13878 max_fails=0;
    }

    upstream srv_E {
    hash $remote_addr consistent;
    zone srv_E 64k; #=> shared memory
    server DNS_SERVER_VPN:17299 max_fails=0;
    }

    upstream srv_F {
    hash $remote_addr consistent;
    zone srv_F 64k; #=> shared memory
    server DNS_SERVER_VPN:12381 max_fails=0;
    }

    upstream srv_G {
    hash $remote_addr consistent;
    zone srv_G 64k; #=> shared memory
    server DNS_SERVER_VPN:12419 max_fails=0;
    }

    upstream srv_H {
    hash $remote_addr consistent;
    zone srv_H 64k; #=> shared memory
    server DNS_SERVER_VPN:14687 max_fails=0;
    }

    upstream srv_I {
    hash $remote_addr consistent;
    zone srv_I 64k; #=> shared memory
    server DNS_SERVER_VPN:15429 max_fails=0;
    }

    upstream srv_L {
    hash $remote_addr consistent;
    zone srv_L 64k; #=> shared memory
    server DNS_SERVER_VPN:16738 max_fails=0;
    }

    upstream srv_M {
    hash $remote_addr consistent;
    zone srv_M_singoli 64k; #=> shared memory
    server DNS_SERVER_VPN:17584 max_fails=0;
    }

    upstream srv_N {
    hash $remote_addr consistent;
    zone srv_N_app 64k; #=> shared memory
    server DNS_SERVER_VPN:10474 max_fails=0;
    }

    upstream srv_O {
    hash $remote_addr consistent;
    zone srv_O 64k; #=> shared memory
    server DNS_SERVER_VPN:18823 max_fails=0;
    }

    #-----------------------
    #===SERVER DESTINATION
    #-----------------------

    server {
    listen 11269 udp;
    proxy_pass srv_A;
    }

    server {
    listen 17067 udp;
    proxy_pass srv_B;
    }

    server {
    listen 12263 udp;
    proxy_pass srv_C;
    }

    server {
    listen 13878 udp;
    proxy_pass srv_D;
    }

    server {
    listen 17299 udp;
    proxy_pass srv_E;
    }

    server {
    listen 12381 udp;
    proxy_pass srv_F;
    }

    server {
    listen 12419 udp;
    proxy_pass srv_G;
    }

    server {
    listen 14687 udp;
    proxy_pass srv_H;
    }

    server {
    listen 15429 udp;
    proxy_pass srv_I;
    }

    server {
    listen 16738 udp;
    proxy_pass srv_L;
    }

    server {
    listen 17584 udp;
    proxy_pass srv_M;
    }

    server {
    listen 10474 udp;
    proxy_pass srv_N;
    }

    server {
    listen 18823 udp;
    proxy_pass srv_O;
    }

    ===============

    When the service starts everything seems to be fine and the clients connect via vpn using the proxy ip very quickly but after a while it slows down dramatically and it becomes almost impossible to connect while trying at the same time without a proxy the connection always happens quickly .


    All suggestions are welcome, thanks
     
    Last edited: Jun 1, 2023
  2. eva2000

    eva2000 Administrator Staff Member

    52,645
    12,067
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,593
    Local Time:
    1:08 AM
    Nginx 1.25.x
    MariaDB 10.x
    The Nginx config doesn't seem to be Centmin Mod LEMP stack Nginx configuration files/locations? This forum is only for Centmin Mod specific Nginx support. For non-Centmin Mod Nginx best to ask at https://forum.nginx.org/
     
  3. cristian-iascu

    cristian-iascu New Member

    3
    0
    1
    Jun 1, 2023
    Ratings:
    +0
    Local Time:
    5:08 PM
    Ok thank you