Let’s say that we have two virtual hosts serving two domains: blog.com
and
store.com. Let’s suppose that we need to apply the following limits:
-
blog.com: no more than 5 connections per ip, and no more than 50
total
connections to the virtual host -
store.com: no more than 10 connections per ip, and no more than 100
connections to the virtual host.
Considering that. Which would be the correct aproach?
---------------- Approach 1 ----------------
http {
limit_conn_zone $binary_remote_addr zone=conn_per_ip:5m;
limit_conn_zone $server_name zone=conn_per_server:5m;
server {
server_name blog.com;
limit_conn conn_per_ip 5;
limit_conn conn_per_server 50;
…
}
server {
server_name store.com;
limit_conn conn_per_ip 10;
limit_conn conn_per_server 100;
…
}
…
}
---------------- Approach 2 ----------------
http {
limit_conn_zone $binary_remote_addr zone=blog_conn_per_ip:5m;
limit_conn_zone $server_name zone=blog_conn_per_server:5m;
server {
server_name blog.com;
limit_conn blog_conn_per_ip 5;
limit_conn blog_conn_per_server 50;
…
}
limit_conn_zone $binary_remote_addr zone=store_conn_per_ip:5m;
limit_conn_zone $server_name zone=store_conn_per_server:5m;
server {
server_name store.com;
limit_conn store_conn_per_ip 10;
limit_conn store_conn_per_server 100;
...
}
...
}
Notice that in the first approach only two memory shared zones are
declared,
while in the second approach, four of them are declared.
I appreciate any clarification on this! Thanks in advance.
Posted at Nginx Forum: