NGINX: Lots of connection timed out Errors

nginx

I am getting this error a lot:

2014/11/26 21:01:30 [error] 3475#0: *4028 upstream timed out (110: Connection timed out) while reading response header from upstream

Here is my configuration:

user www-data;
pid /run/nginx.pid;
worker_processes 2;
worker_rlimit_nofile 16384;

events {
  worker_connections    4096;
  use                   epoll;
  multi_accept          on;
}

http {

  sendfile              on;
  tcp_nopush            on;
  tcp_nodelay           on;
  keepalive_timeout     65;

  # free up connection after client stops responding...
  reset_timedout_connection on;

  # If the client stops reading data, free up the stale client connection after this much time. Default 60.
  # send_timeout          2;


  types_hash_max_size   2048;

  server_names_hash_bucket_size 256;
  # server_name_in_redirect off;

  include               /etc/nginx/mime.types;
  default_type          application/octet-stream;

  ssl_protocols         TLSv1 TLSv1.1 TLSv1.2;  # don’t use SSLv3 ref: POODLE
  ssl_ciphers           "AES256+EECDH:AES256+EDH";

  access_log            /var/log/nginx/access.log;
  error_log             /var/log/nginx/error.log;

  ##
  # Gzip Settings
  ##

  gzip                  on;
  gzip_vary             on;
  gzip_min_length       10240;
  gzip_proxied          expired no-cache no-store private auth;
  gzip_types            text/plain text/css text/xml text/javascript application/x-javascript application/xml;
  gzip_disable          "MSIE [1-6]\.";
  ##
  # general proxy settings
  ##
  proxy_cache_path      /var/cache/nginx levels=1:2 keys_zone=one:8m max_size=3000m inactive=600m;
  proxy_temp_path       /var/tmp;
  proxy_intercept_errors on;

  include               /etc/nginx/conf.d/*.conf;
  include               /etc/nginx/sites-enabled/*;
}

Best Answer

Solution for the former issue : increase proxy_read_timeout or check why your backend doens't answer in time.

Your second question : There are two things, the Upgrade header and the Connection header.

Both of these need to be passed to the backend when using websockets and you can use a map to change the value depending on original request headers (i.e. if it's a websocket connection handhaske or standard HTTP traffic). The backend must reply to the Upgrade header with HTTP 101. Then nginx will enter in a specific case where a tunnel is set up between the origin of the request and the backend.

Such a case is explained in the official documentation :

http {

    map $http_upgrade $connection_upgrade {
        default     upgrade;
        ''          close;
    }

}

server {

   ...

   location /foo/ {
        proxy_pass http://backend;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
    }

}
Related Topic