Nginx: limit_conn不生效

莫典
2023-12-01

Nginx: limit_conn不生效

1. 环境

真实主机: macos 11.2.3
虚拟机软件: VirtualBox 6.1.18 r142142 (Qt5.6.3)
虚拟操作系统: CentOS8.0
Nginx版本: 1.20.0

default.conf

    # 添加规则
    limit_conn_zone $binary_remote_addr zone=perip:10m;
server {
    listen       80;
    server_name  localhost;

    #access_log  /var/log/nginx/host.access.log  main;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
        # 应用规则
        limit_conn perip 1;
    }
    ...
}

2. 问题

使用ab命令进行压力测试,发现限制最大连接数无效

# 命令
ab -n 50 -c 10 http://192.168.1.183/index.html

# 执行结果
This is ApacheBench, Version 2.3 <$Revision: 1843412 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/

Benchmarking 192.168.1.183 (be patient).....done


Server Software:        nginx/1.20.0
Server Hostname:        192.168.1.183
Server Port:            80

Document Path:          /index.html
Document Length:        612 bytes

Concurrency Level:      10
Time taken for tests:   0.007 seconds
Complete requests:      50
Failed requests:        0
Total transferred:      42250 bytes
HTML transferred:       30600 bytes
Requests per second:    7039.28 [#/sec] (mean)
Time per request:       1.421 [ms] (mean)
Time per request:       0.142 [ms] (mean, across all concurrent requests)
Transfer rate:          5808.78 [Kbytes/sec] received

Connection Times (ms)
              min  mean[+/-sd] median   max
Connect:        0    0   0.2      0       1
Processing:     0    1   0.2      1       1
Waiting:        0    1   0.1      1       1
Total:          1    1   0.2      1       2

Percentage of the requests served within a certain time (ms)
  50%      1
  66%      1
  75%      1
  80%      1
  90%      2
  95%      2
  98%      2
  99%      2
 100%      2 (longest request)

3. 原因

默认的Nginx的index.html太小并且处于内网情况下,在测试过程中不能做到真正的并发,请求完成速度太快了,将测试网页替换成一个大文件。

4. 解决办法

不算是解决办法,因为配置没有任何问题。此处只是模拟现实请求,测试Nignx限制最大连接数。

4.1. 生成大文件

# 切换到网页路径
cd /usr/share/nginx/html

# 生成一个200m大文件,名字为test
dd if=/dev/zero of=test bs=1M count=20

4.2. 压力测试工具测试

# 测试命令
ab -n 50 -c 10 http://192.168.1.183/test

# 结果
This is ApacheBench, Version 2.3 <$Revision: 1843412 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/

Benchmarking 192.168.1.183 (be patient).....done


Server Software:        nginx/1.20.0
Server Hostname:        192.168.1.183
Server Port:            80

Document Path:          /test
Document Length:        494 bytes

Concurrency Level:      10
Time taken for tests:   0.388 seconds
Complete requests:      50
Failed requests:        1
   (Connect: 0, Receive: 0, Length: 1, Exceptions: 0)
Non-2xx responses:      49
Total transferred:      209749170 bytes
HTML transferred:       209739406 bytes
Requests per second:    128.92 [#/sec] (mean)
Time per request:       77.566 [ms] (mean)
Time per request:       7.757 [ms] (mean, across all concurrent requests)
Transfer rate:          528153.32 [Kbytes/sec] received

Connection Times (ms)
              min  mean[+/-sd] median   max
Connect:        0    0   0.2      0       1
Processing:    10   24  53.5     13     388
Waiting:        1   16  10.8     12      41
Total:         11   25  53.5     13     388

Percentage of the requests served within a certain time (ms)
  50%     13
  66%     13
  75%     13
  80%     32
  90%     42
  95%     42
  98%    388
  99%    388
 100%    388 (longest request)

4.3. 完成

当前Non-2xx responses: 49,表示有49个请求不是2xx状态码,被Nginx服务器拒绝。

5. 参考

 类似资料: