Any way to deal with clients breaking the limit zone

locojohn nginx-forum at nginx.us
Fri Jan 13 06:55:38 UTC 2012


Hello Maxim,

I am surely aware of how server requests are matched in nginx.   Thanks
for the info though.

The thing is, I have multiple virtual hosts configured all with
server_name defined, of course.   Then there's default fallback server
configured as this:

# default fallback server
        server {
                listen 80 default_server;
                server_name  _;
                return       444;
        }

After reading your reply I went to check my error logs and the strange
thing is that error messages go both into one of my virtual host
server's error log with correct data (remote address, server name,
etc.), but also go to nginx default (?) error_log with entries that I
reported?   How come, if the virtual host server being accessed using
the slowhttptest program is clearly "testsite" with its own error_log,
yet the connection limit error message is reported in two error logs?

slowhttptest -c 1000 -r 1000 -X -u http://testsite

results:

/var/log/nginx/testsite/error_log:

2012/01/12 18:10:34 [error] 10508#0: *15985 limiting connections by zone
"addr", client: 217.24.78.177, server: testsite, request: "GET /
HTTP/1.1", host: "devel.ahlerstoday.com", referrer:
"http://code.google.com/p/slowhttptest/"
2012/01/12 18:10:35 [error] 10508#0: *15989 limiting connections by zone
"addr", client: 217.24.78.177, server: testsite, request: "GET /
HTTP/1.1", host: "devel.ahlerstoday.com", referrer:
"http://code.google.com/p/slowhttptest/"

/var/log/nginx/error_log:

2012/01/12 18:10:34 [error] 10509#0: *12134 limiting connections by zone
"addr", client: 127.0.0.1, server: , request: "GET / HTTP/1.0", host:
"testsite", referrer: "http://code.google.com/p/slowhttptest/"
2012/01/12 18:10:35 [error] 10509#0: *12136 limiting connections by zone
"addr", client: 127.0.0.1, server: , request: "GET / HTTP/1.0", host:
"testsite", referrer: "http://code.google.com/p/slowhttptest/"


Could it have anything to do with the fact that limit_zone and
limit_conn are defined on http level?   Yet, I think the behaviour is
not fully correct.

I would appreciate your feedback,

Andrejs

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,203013,221143#msg-221143



More information about the nginx mailing list