Limit connections' erratic behaviour
Maxim Dounin
mdounin at mdounin.ru
Mon Mar 16 16:26:52 MSK 2009
Hello!
On Mon, Mar 16, 2009 at 04:52:14PM +0530, Asif Ali wrote:
> Cliff - Apologies - This is a second email thread actually [the earlier one
> was posted days back]
>
>
> Here is the config:
>
> limit_zone one $binary_remote_addr 10m;
> limit_conn one 150;
>
> The app receives several hundred hits per second from various different ip
> addresses.
> I want to block specific IP only from sending in more than 100 or 150
> requests per second..
Your understanding of what limit_conn does is wrong. It's to
limit number of simultaneous connections served, not requests per
second. It may be somewhat related to request per second only if
requests take predictable time to answer.
If you want to limit requests per second - take a look at
limit_req module in nginx 0.7.*.
> What I am getting is a reduction in total traffic and half that amount for
> ALL requests.
Also, take a look at what $binary_remote_addr (and $remote_addr)
actually contains for you. It may e.g. contain address of your
load-balancer if you use one, and you should use realip module to
fix this.
Maxim Dounin
More information about the nginx
mailing list