Limit connections' erratic behaviour


#1

Dear All,
The limit connections module is behaving erratically.

I have allocated 20M of Space for storing sessions and our app basically
gets 100s of requests from several different hosts.

We have very few hosts that send in simultaneous connections from a
single
IP

But

With limit connections, it restricts to 1/10 of the configured value…

Can someone tell me if they have experience with this module and help
with
this issue?

Thanks

Asif


#2

Dear Community,

Will anyone respond to this request?

regards


#3

Cliff - Apologies - This is a second email thread actually [the earlier
one
was posted days back]

Here is the config:

limit_zone one $binary_remote_addr 10m;
limit_conn one 150;

The app receives several hundred hits per second from various different
ip
addresses.
I want to block specific IP only from sending in more than 100 or 150
requests per second…

What I am getting is a reduction in total traffic and half that amount
for
ALL requests.

Thanks in advance.

regards

Asif A.


#4

Post the relevant part of your config. Also try to realize it’s the
middle of the night in half the world.

Cliff


#5

Let me correct something,

What I want to block is any single IP from sending more than 100
requests
per second.

regards

Asif A.


#6

Hello!

On Mon, Mar 16, 2009 at 04:52:14PM +0530, Asif A. wrote:

addresses.
I want to block specific IP only from sending in more than 100 or 150
requests per second…

Your understanding of what limit_conn does is wrong. It’s to
limit number of simultaneous connections served, not requests per
second. It may be somewhat related to request per second only if
requests take predictable time to answer.

If you want to limit requests per second - take a look at
limit_req module in nginx 0.7.*.

What I am getting is a reduction in total traffic and half that amount for
ALL requests.

Also, take a look at what $binary_remote_addr (and $remote_addr)
actually contains for you. It may e.g. contain address of your
load-balancer if you use one, and you should use realip module to
fix this.

Maxim D.


#7

Maxim

On Mon, Mar 16, 2009 at 6:56 PM, Maxim D. removed_email_address@domain.invalid
wrote:

limit number of simultaneous connections served, not requests per
second. It may be somewhat related to request per second only if
requests take predictable time to answer.

  - Thanks for clarifying - actually our app does deliver response 

in
under 0.5-1.0 seconds. But limit_conn is definitely not the same as
what I
expected - I guess I will have to use to the new version as soon as it
is
stable.

actually contains for you. It may e.g. contain address of your
load-balancer if you use one, and you should use realip module to
fix this.

     Yes - I understand this...

Maxim D.

Thanks again !


#8

On Mon, 2009-03-16 at 23:28 +0530, Asif A. wrote:

  - Thanks for clarifying - actually our app does deliver response

in under 0.5-1.0 seconds. But limit_conn is definitely not the same
as what I expected - I guess I will have to use to the new version as
soon as it is stable.

Just FYI, I run the development version on all my servers within a
couple days of its release (the Nginx wiki is running 0.7.42 since last
night).

I’ve yet to experience any stability issues.

Cliff