NGINX 1.23.4 warning message

F
Fabiano
  • 28 Jun '23
Hi...

Recently, I've upgrade my NGINX version 1.22.x to 1.24.0 and I notice
in nginx.org/en/CHANGES-1.24 about a new change in version 1.23.4:

"Changes with nginx 1.23.4                            28 Mar 2023
...
    *) Change: now nginx issues a warning if protocol parameters
               of a listening socket are redefined.
..."

I have the following configuration, using distinct "server" blocks

server { listen <IP>:<PORT> ssl http2; ...}
server { listen <IP>:<PORT> ssl; ...} # listen definition without "http2"

... and the following warning messages (it appears in "error.log" file too):

# nginx -t:
nginx: [warn] protocol options redefined for <IP>:<PORT> in
/etc/nginx/conf.d/servers.conf:"x"
nginx: [warn] protocol options redefined for <IP>:<PORT> in
/etc/nginx/conf.d/servers.conf:"y"

What do these warning messages mean? Should I be worried?

Thanks in advance.
Fabiano Furtado
S
Sergey
  • 29 Jun '23
Hi Fabiano,

On Wed, Jun 28, 2023 at 05:19:55PM -0300, Fabiano Furtado Pessoa Coelho wrote:
> 
> Changes with nginx 1.23.4                            28 Mar 2023
>
>  *) Change: now nginx issues a warning if protocol parameters
>     of a listening socket are redefined.

[...]

> What do these warning messages mean? Should I be worried?

>From the provided configuration snippet it's unclear is the same
ip:port pairs for two server blocks.  In case those are - all
servers are listening on the same ip:port should have the same
parameters.  To avoid such a warning update parameters for the
listen directive in the second server block.

-- 
Sergey A. Osokin
F
Fabiano
  • 29 Jun '23
On Wed, Jun 28, 2023 at 10:03 PM Sergey A. Osokin <osa at freebsd.org.ru> wrote:
>
> Hi Fabiano,

Hi...

> On Wed, Jun 28, 2023 at 05:19:55PM -0300, Fabiano Furtado Pessoa Coelho wrote:
> >
> > Changes with nginx 1.23.4                            28 Mar 2023
> >
> >  *) Change: now nginx issues a warning if protocol parameters
> >     of a listening socket are redefined.
>
> [...]
>
> > What do these warning messages mean? Should I be worried?
>
> From the provided configuration snippet it's unclear is the same
> ip:port pairs for two server blocks.  In case those are - all
> servers are listening on the same ip:port should have the same
> parameters.  To avoid such a warning update parameters for the
> listen directive in the second server block.

OK. The IPs and ports are the same. However, if I continue to use
exactly this configuration, are there any possible technical issues (I
don't think so, because it is a "warning".) with this environment?
Sorry, but I think I wasn't clear enough with my question.

Thanks.

> Sergey A. Osokin
> _______________________________________________
F
Francis
  • 29 Jun '23
On Thu, Jun 29, 2023 at 11:00:21AM -0300, Fabiano Furtado Pessoa Coelho wrote:
> On Wed, Jun 28, 2023 at 10:03 PM Sergey A. Osokin <osa at freebsd.org.ru> wrote:
> > On Wed, Jun 28, 2023 at 05:19:55PM -0300, Fabiano Furtado Pessoa Coelho wrote:

Hi there,

> > > Changes with nginx 1.23.4                            28 Mar 2023
> > >
> > >  *) Change: now nginx issues a warning if protocol parameters
> > >     of a listening socket are redefined.
> >
> > [...]
> >
> > > What do these warning messages mean? Should I be worried?
> >
> > From the provided configuration snippet it's unclear is the same
> > ip:port pairs for two server blocks.  In case those are - all
> > servers are listening on the same ip:port should have the same
> > parameters.  To avoid such a warning update parameters for the
> > listen directive in the second server block.
> 
> OK. The IPs and ports are the same. However, if I continue to use
> exactly this configuration, are there any possible technical issues (I
> don't think so, because it is a "warning".) with this environment?
> Sorry, but I think I wasn't clear enough with my question.

I think the point is: your config makes it look like you want one
server to use ssl-and-http2, and you want the other server to use
ssl-without-http2.

That is not how it works; and that is never how it worked.

So a naïve reading of your config might lead the reader to be unclear
about what exactly each server is actually using.

This new warning is telling you "your config might be misleading".

It is still doing exactly what it always was doing (and: I guess it will
continue to do that in future updates; but nothing is guaranteed). It is
additionally letting you know of this possibly-unintentional config, so
you can choose to leave it as-is (and get the warnings on startup) or
you can choose to make it explicit that you know what settings apply to
(this ip:port in) each server.

Cheers,

    f
-- 
Francis Daly        francis at daoine.org
  • Page 1 of 1
Reply