Nginx limit concurrent connections/traffic usage

Limit_conn

Syntax: limit_conn zone_name the_size
Scope: http, server, location

The code is as follows:	Copy code
Limit_zone one $ binary_remote_addr 10 m; Server { Location/download /{ Limit_conn one 1; }

Define a record area called "one" with a total capacity of 10 MB. Use the variable $ binary_remote_addr as the benchmark for session judgment (that is, one address and one session ). Limit that only one session can be connected under the/download/directory. Simply put, a single IP address can only initiate one connection under the/download/Directory. If there is more than one IP address, it will be 503.

Nginx limit traffic/limit bandwidth?

Nginx can use HTTPLimitZoneModule and HTTPCoreModule to speed up directories.

The code is as follows:	Copy code
Http { Limit_zone one $ binary_remote_addr 10 m; Server { Location/download /{ Limit_conn ctohome_zone 2; Limit_rate 300 k; } } }

Limit_zone is a container that defines the session state for each IP address. In this example, a 10 m container is defined. According To 32 bytes/session, 320000 sessions can be processed.

Limit_conn ctohome_zone 2;

Each IP address can only initiate two concurrent connections.

Limit_rate 300 k;

The speed limit for each connection is 300 k. Note that the speed limit for the connection is here, not for the IP address. If an IP allows two concurrent connections, the IP address is limited to limit_rate × 2.

Ngx_http_limit_conn_module

The ngx_http_limit_conn_module defines the number of connections for each key value based on the defined key. In particular, you can set the number of connections from a single IP address source.

Not all connections are counted by the module. Only the connections in which the processed requests (the header information of these requests has been fully read) are counted.

Configuration Example

The code is as follows:	Copy code
Http { Limit_conn_zone $ binary_remote_addr zone = addr: 10 m; ... Server { ... Location/download /{ Limit_conn addr 1; }

Command

Syntax: limit_conn zone number;
Default value :-
Context: http, server, location
Specify a set shared memory space and the maximum number of connections for each given key value. When the number of connections exceeds the maximum number of connections, the server returns the 503 (Service Temporarily Unavailable) error. For example, the following configuration

The code is as follows:	Copy code
Limit_conn_zone $ binary_remote_addr zone = addr: 10 m; Server { Location/download /{ Limit_conn addr 1; }

Indicates that only one connection is allowed at a time for the same IP address.

When multiple limit_conn commands are configured, the limit on the number of connections takes effect. For example, the following configuration limits not only the number of connections from a single IP address source, but also the total number of connections from a single virtual server:

The code is as follows:	Copy code
Limit_conn_zone $ binary_remote_addr zone = perip: 10 m; Limit_conn_zone $ server_name zone = perserver: 10 m; Server { ... Limit_conn perip 10; Limit_conn perserver 100; }

If the current configuration level does not contain the limit_conn command, the connection restriction configuration will be inherited from a higher level.

Syntax: limit_conn_log_level info | notice | warn | error;
Default value:
Limit_conn_log_level error;
Context: http, server, location
This command appears in version 0.8.18.
Specify the log level when the number of connections exceeds the set maximum number of connections and the server limits the connection.

Syntax: limit_conn_zone $ variable zone = name: size;
Default value :-
Context: http
Set the parameters for the shared memory space to save the status of each key. The current number of connections is saved. The key value can be any non-null value of a specific variable (null values will not be considered ). Example:

Limit_conn_zone $ binary_remote_addr zone = addr: 10 m;
Set the IP address of the client as the key. Note that the $ binary_remote_addr variable is used, instead of the $ remote_addr variable. The length of the $ remote_addr variable ranges from 7 bytes to 15 bytes, while the storage status occupies 32 bytes or 64 bytes in the 32-bit platform and 64 bytes in the 64-bit platform. The length of the $ binary_remote_addr variable is fixed to 4 bytes. The storage status occupies 32 bytes or 64 bytes on the 32-bit platform and 64 bytes on the 64-bit platform. A 1 MB shared memory space can save 32 thousand 32-bit states and 16 thousand 64-bit states. If the shared memory space is exhausted, the server will return a 503 (Service Temporarily Unavailable) error for all subsequent requests.

Syntax: limit_zone name $ variable size;

Default value :-
Context: http
This command has been deprecated in version 1.1.8. The equivalent limit_conn_zone command should be used. The syntax of this command also changes:

Limit_conn_zone $ variable zone = name: size;