Limit_conn_zone and limit_conn behavior in 1.2.8

In my config, within http section, I have:

limit_conn_zone $binary_remote_addr zone=addr:10m;
limit_conn addr 3;

which I interpret as, setting a memory zone of size 10 megabytes for
states of connected IPs and restricting 3 concurrent connections per IP
at a
time. If the size of the zone is exhausted or the limit per IP is
Nginx will return 503 as response.

I have them before upgrading to 1.2.8. During testing today, I found
503 responses due to these settings, for example:

'2013/04/12 15:38:48 [error] 5888#0: *352 limiting connections by zone
“addr”, client:, server:, request: “GET
/js/jquery.reject.min.js HTTP/1.1”, host: “”, referrer:

The client IP is here because Nginx is behind a HAproxy.

The test I did was launching several requests which requests for
delivery of
some JavaScripts from Nginx. Some of these requests return 200 OK, but a
number of them failed with 503s. The same test I did before with Nginx
did not result any 503 responses. Any idea what might have caused this?
it because the HAProxy in front of Nginx? Thanks!

Posted at Nginx Forum:,238331,238331#msg-238331

So, I’ve found out more about my situation. Apparently, limit_conn_zone
stuff I’m doing on Nginx applies to HAProxy only which is in front of my

I guess I have two options:

  1. Use HAProxy (instead of Nginx) for request/connection limiting.

  2. Limit requests/connections on Nginx based on X-Forwarded-For instead
    the IP of HAProxy (which is going to always

Which do you guys think would work better? Thanks!

Posted at Nginx Forum: