"Correct" speed limit in Nginx. Myth or reality?



For many years, Nginx users have been tormented by the same question: “How can I limit the speed as a whole for an IP address regardless of the number of sessions (connections)? Why does Nginx not know how? Why are Nginx developers so stubbornly unwilling to implement this simple functionality? ” And I don’t have anything to answer about what the Nginx developers think about - it’s not clear and is known, probably only to God.

It is possible to deal with this in different ways, someone uses scripts like htb.init , someone writes shaping scripts on their own and shares successful experience on Habr , and some even use PHP to limit the speed of file uploads. Just imagine what the overhead and memory consumption will be like when using PHP for such purposes.

At the moment, Nginx does not know how to limit the speed for IP and does this only within separate sessions. What does this mean? If the administrator set a speed limit of 100 Kb / s in the config, then creating 10 connections to the server, you can get a speed of 1 MB / s, which does not fit into the administrator’s plans. To achieve the desired means of Nginx itself, you can only set a limit, for example

http {
    limit_conn_zone  $binary_remote_addr  zone=perip:10m;
    server {
        location /download/ {
            limit_conn  perip  1;
        }
    }
}

which will not allow you to create more than 1 connection from a single IP address. However, in practice, the use of such a restriction on the server makes little sense, because thousands of users can hide behind one IP address, and with an unstable network connection, the user generally risks not accessing the file.

But, as it turned out, not everything is so gloomy and there is a way out of the situation. This is a simple little module from yaoweibin called nginx_limit_speed_module . Let's look at how this module works:

http {
    limit_speed_zone  one  $binary_remote_addr  10m;
    server {
        location /download/ {
            limit_speed  one  100k;
        }
    }
}

The limit_speed directive sets the total speed for all connections from the same IP address. For example, if you set a speed limit of 100 Kbytes / sec, and the user downloads a file of 10 streams, then the download speed for each individual stream will be 10 Kbytes / sec (100k / 10). Note that this is without dancing with Linux shaping and perversions using PHP. Convenient, simple and clear. In my opinion, this is exactly how it should be, but for some reason this port is still not in Nginx out of the box, for which I would like to throw such a big pebble into the Nginx garden.

To build Nginx with this wonderful module, just add the following entry to the ./configure parameters:

--add-module=/путь до папки с модулем/nginx_limit_speed_module

For example:

./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-file-aio --with-ipv6 --with-http_spdy_module --add-module=/root/nginx_limit_speed_module --with-cc-opt='-O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic'

I will not dwell on the Nginx assembly in detail; quite a few articles have already been written on this topic. You can use these instructions as a quick assembly guide .

GitHub module page: https://github.com/yaoweibin/nginx_limit_speed_module

Also popular now: