Port Exhaustion - SQL
Maxim Konovalov
maxim at nginx.com
Thu May 16 14:16:49 UTC 2019
On 16/05/2019 16:51, Maxim Konovalov wrote:
> Hi,
>
> On 16/05/2019 16:46, Brandon Mallory wrote:
>> This is a very busy server and tried to push our programming
>> department to move to persistent connections, they feel that it
>> could be a security issue if dealing with sensitive information
>> since that connection could be hijacked. We do not have an issue on
>> the mysql server side with Port Exhaustion, just on the "Frontend
>> webserver". We have made a lot of changes, and are currently
>> managing but I fear that we will reach the 65k limit again. If I
>> could get something to load balance LAN interfaces I could double
>> the port limitation. I see that haproxy has an article on this, I
>> love nginx and use it for other applications but maybe its the wrong
>> product for this senerio. I was thinking there might be a way using
>> proxy_bind.
>>
>> https://www.haproxy.com/blog/haproxy-high-mysql-request-rate-and-tcp-source-port-exhaustion/
>> *
>
> Nothing wrong with nginx in this scenario:
>
> https://www.nginx.com/blog/overcoming-ephemeral-port-exhaustion-nginx-plus/
>
+ make sure you are not using ancient nginx version. I refer to
this change in 1.11.2 and follow up change in 1.11.4
*) Feature: now nginx uses the IP_BIND_ADDRESS_NO_PORT socket option
when available.
--
Maxim Konovalov
More information about the nginx
mailing list