Nginx load balancer & freeradius docker

[oldBastard]

Good day chaps and the if there is a lady about too.

So doing a POC, with Nginx load balancer and freeradius docker. When the request packet is sent to the freeradius container from the proxy, the reply is received by the proxy and all is well.

So the containers are working as expected 100%.

However when the proxy sends the request to the freeradius container through the Nginx load balancer, the freeradius gets the access request packet, but then the access accept packet replies back with the containers IP.

So the proxy sends another request and the freeradius container replies back with the containers IP.
Proxy sends the request to radius:

Sent Accounting-Request Id 90 from xxx.xxx.xxx.xxx:55039 to xxx.xxx.xxx.xxx:1813 length 467

Radius replies

Sent Accounting-Response Id 1 from 172.18.0.5:1813 to xxx.xxx.xxx.xxx:37741 length 25

Proxy never gets the response:

29) No proxy response, giving up on request and marking it done
(29) ERROR: Failing proxied request for user "vlan1106/lab-1-1070-1106", due to lack of any response from home server 154.119.32.156 port 1813

The Nginx load balancers are configured with transparent, as I need to know the source IP from where the request is made. When not in transparent then it works as the reply packet has the correct IP in the header.

Is there anything that I'm missing here? Been head butting this problem since Saturday.

 

[Anthro]

1. In your nginx.conf file, include the following line to enable the "realip" module:
   

   load_module modules/ngx_http_realip_module.so;

2. In the http block of the nginx.conf file, add the following configuration to set the real IP of the client replace <IP_OF_PROXY> with the IP of your proxy.
   

   real_ip_header X-Real-IP;set_real_ip_from <IP_OF_PROXY>;

3. In the location block of the nginx.conf file, configure the proxy_pass directive to use "proxy" mode:
   
   

   proxy_pass http://upstream;
   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

This should configure Nginx to use "proxy" mode and the "realip" module, which should allow it to correctly handle the IP addresses in the request and response headers.

It's also worth noting that you should also check your Freeradius config to make sure that it's configured to properly handle requests sent through a load balancer and that the IP addresses are being handled correctly. And also make sure that the IP of the proxy server is set correctly in the Freeradius config. Also, be sure to test your configuration thoroughly before deploying it to a production environment.

 

[oldBastard]

Thanks will look, yes this is in early development still, no where near ready for production.