Limit connections' erratic behaviour

Asif Ali azifali at gmail.com
Mon Mar 16 20:58:38 MSK 2009


Maxim

On Mon, Mar 16, 2009 at 6:56 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:

> Hello!
>
> On Mon, Mar 16, 2009 at 04:52:14PM +0530, Asif Ali wrote:
>
> > Cliff - Apologies - This is a second email thread actually [the earlier
> one
> > was posted days back]
> >
> >
> > Here is the config:
> >
> > limit_zone   one  $binary_remote_addr  10m;
> >  limit_conn one 150;
> >
> > The app receives several hundred hits per second from various different
> ip
> > addresses.
> > I want to block specific IP only from sending in more than 100 or 150
> > requests per second..
>
> Your understanding of what limit_conn does is wrong.  It's to
> limit number of simultaneous connections served, not requests per
> second.  It may be somewhat related to request per second only if
> requests take predictable time to answer.


      - Thanks for clarifying - actually our app does deliver response in
under 0.5-1.0 seconds.  But limit_conn is definitely not the same as what I
expected - I guess I will have to use to the new version as soon as it is
stable.


>
>
> If you want to limit requests per second - take a look at
> limit_req module in nginx 0.7.*.
>
> > What I am getting is a reduction in total traffic and half that amount
> for
> > ALL requests.
>
> Also, take a look at what $binary_remote_addr (and $remote_addr)
> actually contains for you.  It may e.g. contain address of your
> load-balancer if you use one, and you should use realip module to
> fix this.
>

         Yes - I understand this...


>
> Maxim Dounin
>
>
Thanks again !
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090316/a1c9e3ea/attachment.html>


More information about the nginx mailing list