Nginx as reverse proxy scalability

[Maxim Dounin]

Hello!

On Tue, May 10, 2016 at 12:26:59PM +0200, Artur wrote:

> I'm currently working on nginx limits as a reverse proxy on a Debian box.
> My current setup is a nginx configured as a http/https web server (for
> static content) and a reverse proxy for node.js processes on the same
> server and in future on other Debian boxes.
> I was unable to see (while reading the documentation) real hard
> limitations for nginx in this setup excepting ephemeral ports exhaustion.
> It may be a concern as Node.js applications usually open a websocket
> that is connected as long as a user stays connected to the application.
> If I understood everything correctly it means that nginx in this setup
> will not be able to manage more than about 64k clients connections.
> Am I right ? What can be done if I would like to go over this 64k limit
> ? Could you please suggest a solution ?

As long as you are using TCP/IP and have only one backend (ip + 
port), and only one local address on nginx side, then you are 
limited by the number of local ports nginx can use.  Theoretical 
limit is 64k, practical one is usually smaller - on Linux systems 
it depends on net.ipv4.ip_local_port_range.

Most natural solution is to add more backends.  Under normal 
conditions you will add more backend servers as your system will 
grow, so you'll never hit the problem in the first place.  If you 
need to handle more than 64k connections to a single backend 
server, consider listening on multiple addresses in your backend 
application (e.g., listening on multiple ports).

Other available solutions are:

- use UNIX domain sockets (this works when you have everything on 
  a single host);

- add more local addresses on nginx side and use proxy_bind to 
  balance users between these addresses.

-- 
Maxim Dounin
http://nginx.org/