nginx redirect from aws public subnet to private subnet not working

Question

I have an Amazon Web Services VPC set up with a public and private subnet. I have an nginx server on the public subnet receiving DNS requests. However, I want to redirect those requests to the private subnet webserver. I tested the AWS/VPC routing from the nginx machine by using curl to the private subnet machine's private IP (not publically routable). Curl returns the expected results. However, when I have nginx do a return 301 to the same private IP, the results are search engine results as if the redirect is occurring outside of the routing table rules and is not recognized as a valid address. Is there an nginx configuration that I'm missing?

Answer 1

Yes - remember that a 'redirect' will respond to the client browser with a 301 or 302 code and the new address to access. If the address is not publicly routable, it will fail because it is the browser requesting the redirect address, not the proxy server (nginx). To prove this out, if you set your nginx to redirect to http://www.yahoo.com, it would work beautifully.

Instead, you should use the proxy capabilities of nginx - this means nginx receives requests, passes them to the proxied servers, retrieves responses from them, and sends them to the clients.

The most basic implementation is to create a location directive within your server directive in the nginx configuration file:

location / {
    proxy_pass http://10.0.0.5/;
}

This will pass all requests to the public IP on to private IP. Of course, there are numerous things you can do with request/response headers, resources, etc. A good starting point may be Setting Up a Simple Proxy Server. This link also has some more configuration options and is a good example.