HttpLimitZoneModule + Varnish (frontend)

Maxim Dounin mdounin at
Sun Jan 22 21:43:40 UTC 2012


On Sat, Jan 21, 2012 at 12:45:02PM -0500, moon35 wrote:

> Hello,
> I'm having some troubles with the Module LimitZone. 
> I want to limit simultaneous connections per client (IP) with
> "limit_conn" but it doesn't work with Varnish-cache which is listening
> to port 80 and NginX: 8080 
> To do some tests I put limit_conn to 1 and I tried to download two files
> from my server
> If I write this on my browser adress bar :
>  -> http://mydomain.tld:8080/file_to_dl.ext
> it works of course (I got the error 503) but this :

So nginx works as intended.

>  -> http://mydomain.tld/file_to_dl.ext
> doesn't work: I can download more than 1 file.
> I'm using php-fpm and $_SERVER['remote_addr'] give the right Client IP
> Does anyone have a solution to my problem ? 

Likely reason is that Varnish either doesn't pass your second 
request (or doesn't pass your requests at all, if it has the file 
in question cached) or it downloads the file faster that you are 
able to open second connection.  This behaviour is expected for a 
frontend, but it breaks limiting you are trying to do on a backend 

I doubt you'll be able solve this.  You need frontend to do the 
limiting, i.e. either use nginx as a frontend, or use similar 
functionality in Varnish (no idea if one is available).

Maxim Dounin

More information about the nginx mailing list