Limit_conn_zone and limit_conn behavior in 1.2.8

In my config, within http section, I have:

limit_conn_zone $binary_remote_addr zone=addr:10m;
limit_conn addr 3;

which I interpret as, setting a memory zone of size 10 megabytes for
keeping
states of connected IPs and restricting 3 concurrent connections per IP
at a
time. If the size of the zone is exhausted or the limit per IP is
breached,
Nginx will return 503 as response.

I have them before upgrading to 1.2.8. During testing today, I found
several
503 responses due to these settings, for example:

'2013/04/12 15:38:48 [error] 5888#0: *352 limiting connections by zone
“addr”, client: 127.0.0.1, server: static.mysite.com, request: “GET
/js/jquery.reject.min.js HTTP/1.1”, host: “static.mysite.com”, referrer:
https://www.mysite.com/blah/blah?var=blah

The client IP is 127.0.0.1 here because Nginx is behind a HAproxy.

The test I did was launching several requests which requests for
delivery of
some JavaScripts from Nginx. Some of these requests return 200 OK, but a
number of them failed with 503s. The same test I did before with Nginx
1.2.7
did not result any 503 responses. Any idea what might have caused this?
Is
it because the HAProxy in front of Nginx? Thanks!

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,238331,238331#msg-238331

So, I’ve found out more about my situation. Apparently, limit_conn_zone
stuff I’m doing on Nginx applies to HAProxy only which is in front of my
Nginx.

I guess I have two options:

  1. Use HAProxy (instead of Nginx) for request/connection limiting.

  2. Limit requests/connections on Nginx based on X-Forwarded-For instead
    of
    the IP of HAProxy (which is going to always 127.0.0.1).

Which do you guys think would work better? Thanks!

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,238331,238366#msg-238366