Limit_zone and limit_conn problem.
Maxim Dounin
mdounin at mdounin.ru
Sat Jan 23 21:28:13 MSK 2010
Hello!
On Sat, Jan 23, 2010 at 08:51:29AM +0100, Piotr Karbowski wrote:
> Thanks you for your reply but I still dont understand it. Sometimes it
> seen to work, but sometimes no, no 503 error, multiple files at once
> etc.
>
> I wanna prevent mass downloading files from /specified/ dir but this
> limit_conn dont work as it should. have you any other idea how can I
> limit mass downloading?
Well, I've tried to explain that "multiple files at once" may not
be the same from nginx point of view, and that's why you don't see
503. In the post you linked it's certainly the case.
Try the following test:
http {
limit_zone unique_zone_name $binary_remote_addr 10m;
sendfile on;
sendfile_max_chunk 1m;
...
server {
...
location /download/ {
limit_conn unique_zone_name 1;
}
}
}
Start downloading of something large (e.g. 4G) from /download/.
Make sure it's downloaded via single request and data are flowing
around (netstat & tcpdump are your friends).
Once you are checked the above - try starting another download
from the same ip. It should return 503.
Note well: nginx will process request without switching to another
one until it will be able to fill up socket send buffer. This may
not happen at all if you are testing via fast local connection,
your output_buffers are smaller than socket send buffer, and you
are and not using limit_rate and/or sendfile with
sendfile_max_chunk. So requests will be processed in order by
nginx, and you won't see 503.
Maxim Dounin
More information about the nginx
mailing list