limit_req_zone limit by location/proxy
mdounin at mdounin.ru
Wed Nov 13 16:01:49 UTC 2013
On Wed, Nov 13, 2013 at 09:09:55AM -0600, Justin Deltener wrote:
> Aha, that is the lightbulb moment.
> So if we're talking actual rate..which makes sense how would you setup a
> scenario with the following requirements.
> You can have whatever rate you want as long as you don't exceed 5 proxy
> requests in the same second. I don't care if 5 come within 5ms of each
> other.. Hitting 6 total proxy requests in 1 second would kill the request.
> It seems we can't really specify that without increasing the rate which in
> turn could allow a sustained session with high rates to still have a ton of
> requests come in to kill the server.
What you are asking about is close to something like this:
limit_req_zone ... rate=5r/s;
limit_req ... burst=5 nodelay;
That is, up to 5 requests (note "burst=5") are allowed at any rate
without any delays. If there are more requests and the rate
remains above 5r/s, they are rejected.
> We're attempting to account for 301 redirects which spawn requests much
> faster than normal human requests. I realize we could add a get param to
> the url to excuse it from the limit, but that seems a bit out there..
> I also don't quite understand how long a burst rate can be sustained. It
> seems one could set the default rate to 1/m and set the burst to whatever
> you like..
> Does that make sense?
The burst parameter configures maximum burst size, in requests (in
terms of "leaky bucket" - it's the bucket size). In most cases,
it's a reasonable aproach to set a relatively low rate, switch off
delay, and configure a reasonable burst size to account for
various things like redirects, opening multiple pages to read them
later, and so on.
More information about the nginx