<html><body><div style="font-family: Arial, Helvetica, sans-serif; font-size: 12pt; color: #000000"><div>That is what I was thinking, I am having an issue with the listen directive, what should I use since the local port is "random" also for </div><div><br data-mce-bogus="1"></div><div>split_clients "$remote_addr$remote_port" $split_ip<br data-mce-bogus="1"></div><div><br data-mce-bogus="1"></div><div>I cant use remote address since its a local address ?? same with port ? </div><div><br data-mce-bogus="1"></div><div>This is what I have been trying and have not had any luck </div><div><br data-mce-bogus="1"></div><div><div>upstream backend {</div><div>server 192.168.99.19:3306;</div><div>}</div><div>server {</div><div>listen 3306</div><div>proxy_pass backend;</div><div>proxy_bind $split_ip;</div><div>}</div><div><br data-mce-bogus="1"></div><div>split_clients <!--StartFragment--><span style="color: #000000; font-family: Arial, Helvetica, sans-serif; font-size: 16px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: #ffffff; text-decoration-style: initial; text-decoration-color: initial; display: inline !important; float: none;" data-mce-style="color: #000000; font-family: Arial, Helvetica, sans-serif; font-size: 16px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: #ffffff; text-decoration-style: initial; text-decoration-color: initial; display: inline !important; float: none;">"$remote_addr$remote_port" $split_ip </span>{</div><div>50% 192.168.99.17;</div><div>50% 192.169.99.21;</div><div>}</div></div><div><br></div><div><br data-mce-bogus="1"></div><div> <!--StartFragment--></div><div data-marker="__SIG_PRE__"><div><br data-mce-bogus="1"></div><div><span></span><div><span style="font-size: medium;"><strong>Best Regards,</strong> <br>
</span> <span style="color: #666666;"><b><span style="font-family: arial, helvetica, sans-serif;">
Brandon Mallory</span><br>
Network & Systems Engineer<br>
<span style="color: #339999;"><b>MEDENT EMR/EHR</b><br>
</span> <span style="color: #666666;"><b>
15 Hulbert Street<br>
Auburn, NY 13021<br>
Phone: <span class="Object" id="OBJ_PREFIX _DWT174_com_zimbra_phone"><a href="callto:(315)-255-0900" target="_blank">(315)-255-0900</a></span><br>
Fax: <span class="Object" id="OBJ_PREFIX_DWT175_com_zimbra_phone"><a href="callto:(315)-255-3539" target="_blank">(315)-255-3539</a></span><a><br>
Web: <span class="Object" id="OBJ_PREFIX_DWT177_com_zimbra_url"></span></a><a target="_blank" href="http://www.medent.com">www.medent.com</a></b></span></b></span><b><b><br><br>
<img src="https://webmail.medent.com/zimbra/sigs/defmailsig_nocchit.jpg" style="border: 0pt none;"><br><br>
This message and any attachments may contain information that is protected by law as privileged and confidential, and is transmitted for the sole use of the intended recipient(s). If you are not the intended recipient, you are hereby notified that any use, dissemination, copying or retention of this e-mail or the information contained herein is strictly prohibited. If you received this e-mail in error, please immediately notify the sender by e-mail, and permanently delete this e-mail.<br></b></b></div><div><b><b><br><span></span><br></b></b></div></div></div><div><br></div><hr id="zwchr" data-marker="__DIVIDER__"><div data-marker="__HEADERS__"><b>From: </b>"Maxim Konovalov" <maxim@nginx.com><br><b>To: </b>"nginx" <nginx@nginx.org><br><b>Cc: </b>"brandonm" <brandonm@medent.com><br><b>Sent: </b>Thursday, May 16, 2019 9:51:06 AM<br><b>Subject: </b>Re: Port Exhaustion - SQL<br></div><div><br></div><div data-marker="__QUOTED_TEXT__">Hi,<br><br>On 16/05/2019 16:46, Brandon Mallory wrote:<br>> This is a very busy server and tried to push our programming<br>> department to move to persistent connections, they feel that it<br>> could be a security issue if dealing with sensitive information<br>> since that connection could be hijacked. We do not have an issue on<br>> the mysql server side with Port Exhaustion, just on the "Frontend<br>> webserver". We have made a lot of changes, and are currently<br>> managing but I fear that we will reach the 65k limit again. If I<br>> could get something to load balance LAN interfaces I could double<br>> the port limitation. I see that haproxy has an article on this, I<br>> love nginx and use it for other applications but maybe its the wrong<br>> product for this senerio. I was thinking there might be a way using<br>> proxy_bind. <br>> <br>> https://www.haproxy.com/blog/haproxy-high-mysql-request-rate-and-tcp-source-port-exhaustion/<br>> *<br><br>Nothing wrong with nginx in this scenario:<br><br>https://www.nginx.com/blog/overcoming-ephemeral-port-exhaustion-nginx-plus/<br><br>-- <br>Maxim Konovalov<br></div></div></body></html>