NGINX Stale DNS entries for redeployed services
Hey all, I'm setting up NGINX with railway's private networking to reverse proxy two unexposed "upstream" containers (see photo).
The problem I'm having is that when either the API or the Web App services are redeployed their IP's rotate/change on the private network and the NGINX service re-uses the now stale IPs for requests causing a timeout. This is to be expected because of how TTL in DNS works.
I think I can get around this by setting a valid time of 10s on DNS responses using the resolver settings in NGINX
resolver <private-network-nameserver> valid=10s This disregards the standard TTL from the DNS and re-validates a DNS entry every 10 seconds.
However, to do this I need to know the nameserver IP address for the private DNS in railway's private network. Is this a static address for all private networks? I couldn't find anything about it in the docs.
Solution:Jump to solution
the internal dns resolvers address is
fd12::10
but I would highly recommend using caddy for this, it has much better defaults for its reverse proxy server, aka it will do a DNS lookup for every network request, this template is designed to do exactly what you are trying to with nginx
https://railway.app/template/7uDSyj...7 Replies
Project ID:
ef338a22-2cf0-4b16-8b47-50a8784c8d43ef338a22-2cf0-4b16-8b47-50a8784c8d43
Solution
the internal dns resolvers address is
fd12::10
but I would highly recommend using caddy for this, it has much better defaults for its reverse proxy server, aka it will do a DNS lookup for every network request, this template is designed to do exactly what you are trying to with nginx
https://railway.app/template/7uDSyjWill check out caddy. I've used it in the past but have way more experience with nginx so it's usually my default.
Thanks Brody. Will try this out in a few hours and report back.
sounds good!
Both methods worked but Caddy should result in gauranteed 0 down-time so I'm going to go with that.
Thanks Brody
happy to help!