What can lead to a zone memory exhaustion and how Nginx reacts to it?

Ruslan Ermilov ru at nginx.com
Sat Dec 8 05:35:22 UTC 2012


On Fri, Dec 07, 2012 at 04:28:21PM -0500, Mehhy wrote:
> What is a possible scenario for exhausting the memory designated to a
> connection zone with limit_conn_zone directive and what are the implication
> in this case?
> 
> Suppose I have this in my configuration:
> 
>     http {
>       limit_conn_zone $binary_remote_addr zone=connzone:1m;
>       ...
>       server {
>         limit_conn connzone 5;
> 
> which, according to the documentation, allocates 16000 states for 'connzone'
> on a 64-bit server. It also says that "If the storage for a zone is
> exhausted, the server will return error 503 (Service Temporarily
> Unavailable) to all further requests".
> 
> Well, Ok. But what does it mean on practice? When does this happen? Who
> receives those 503s? Does it mean that if the number of IPs *somehow*
> associated with 'connzone' hits 16000 everyone gets a 503 and it's all over?
> How does Nginx decide? The documentation is weirdly vague on this.
> 
> So, considering the example config, who would actually get a 503 and under
> which circumstances and how would things go from there? Same with request
> zones?

The server will be able to track the number of connections for
~16k distinct client IP addresses.  If you happen to have that
many active clients, then the next connection attempt from the
client whose IP is not yet known will attempt to create a new
state, that will fail because zone is exhausted and the client
will be returned 503.



More information about the nginx mailing list