Celebrating 20 years of nginx! Read about our journey and milestones in the latest blog.

How nginx processes a TCP/UDP session

A TCP/UDP session from a client is processed in successive steps called phases:

Post-accept

The first phase after accepting a client connection. The ngx_stream_realip_module module is invoked at this phase.

Pre-access

Preliminary check for access. The ngx_stream_limit_conn_module and ngx_stream_set_module modules are invoked at this phase.

Access

Client access limitation before actual data processing. At this phase, the ngx_stream_access_module module is invoked, for njs, the js_access directive is invoked.

SSL

TLS/SSL termination. The ngx_stream_ssl_module module is invoked at this phase.

Preread

Reading initial bytes of data into the preread buffer to allow modules such as ngx_stream_ssl_preread_module analyze the data before its processing. For njs, the js_preread directive is invoked at this phase.

Content

Mandatory phase where data is actually processed, usually proxied to upstream servers, or a specified value is returned to a client. For njs, the js_filter directive is invoked at this phase.

Log

The final phase where the result of a client session processing is recorded. The ngx_stream_log_module module is invoked at this phase.