Re: Nginx Rate limiting for HTTPS requests

2018-05-25 Thread rickGsp
>>Quick and dirty patch below. It is expected to work fine on >>systems with monotonic clocks available, but may need more work to >>handle time changes on systems without monotonic clocks. [..] Thanks Maxim, I will build from source by incorporating the patch and give a try. I hope real fix wil

Re: Nginx Rate limiting for HTTPS requests

2018-05-23 Thread Maxim Dounin
Hello! On Wed, May 23, 2018 at 12:58:53AM -0400, rickGsp wrote: > >>Please show "uname -a", "nginx -V", and "ps -alxww | grep nginx" > >>output. > > #uname -a > Linux localhost.localdomain 3.10.0-693.11.6.el7.x86_64 #1 SMP Thu Jan 4 > 01:06:37 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux > > #nginx

Re: Nginx Rate limiting for HTTPS requests

2018-05-22 Thread rickGsp
>>Please show "uname -a", "nginx -V", and "ps -alxww | grep nginx" >>output. #uname -a Linux localhost.localdomain 3.10.0-693.11.6.el7.x86_64 #1 SMP Thu Jan 4 01:06:37 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux #nginx -V nginx version: nginx/1.14.0 built by gcc 4.8.5 20150623 (Red Hat 4.8.5-16) (GC

Re: Nginx Rate limiting for HTTPS requests

2018-05-22 Thread Maxim Dounin
Hello! On Tue, May 22, 2018 at 12:37:18PM -0400, rickGsp wrote: > >>- Make sure the $host variable you use for the limiting is not > >>empty and not changed between requests created by your testing > >>tool. Try logging the variable to see if it changes or not. > >>Alternatively, replace it wi

Re: Nginx Rate limiting for HTTPS requests

2018-05-22 Thread rickGsp
>>- Make sure the $host variable you use for the limiting is not >>empty and not changed between requests created by your testing >>tool. Try logging the variable to see if it changes or not. >>Alternatively, replace it with a static string to see if it helps. Checked. $host variable is set for

Re: Nginx Rate limiting for HTTPS requests

2018-05-21 Thread Maxim Dounin
Hello! On Mon, May 21, 2018 at 09:55:20AM -0400, rickGsp wrote: > >>I'm pretty sure the problem is with your tests, not with nginx > >>request rate limiting. Unfortunately, it is not possible to > >>reproduce your tests and check what's going wrong as you are using > >>proprietary software for

Re: Nginx Rate limiting for HTTPS requests

2018-05-21 Thread rickGsp
>>I'm pretty sure the problem is with your tests, not with nginx >>request rate limiting. Unfortunately, it is not possible to >>reproduce your tests and check what's going wrong as you are using >>proprietary software for tests. >>As suggested previously, it might be a good idea to verify numb

Re: Nginx Rate limiting for HTTPS requests

2018-05-21 Thread Maxim Dounin
Hello! On Sun, May 20, 2018 at 04:24:21AM -0400, rickGsp wrote: > >>As I tried to explain in my previous message, "test runs for 60 > >>seconds" can have two different meanings: 1) the load is generated > >>for 60 seconds and 2) from first request started to the last > >>request finished it ta

Re: Nginx Rate limiting for HTTPS requests

2018-05-20 Thread rickGsp
> Rate limiting is a useful but crude tool that should only be one if four or five different things you do to protect your backend: > > 1 browser caching > 2 cDN > 3 rate limiting > 4 nginx caching reverse proxy > > What are your requests? Are they static content or proxied to a back end? > Do

Re: Nginx Rate limiting for HTTPS requests

2018-05-20 Thread Peter Booth
5. Do you use keepslive? Sent from my iPhone > On May 20, 2018, at 2:45 PM, Peter Booth wrote: > > Rate limiting is a useful but crude tool that should only be one if four or > five different things you do to protect your backend: > > 1 browser caching > 2 cDN > 3 rate limiting > 4 nginx cac

Re: Nginx Rate limiting for HTTPS requests

2018-05-20 Thread Peter Booth
Rate limiting is a useful but crude tool that should only be one if four or five different things you do to protect your backend: 1 browser caching 2 cDN 3 rate limiting 4 nginx caching reverse proxy What are your requests? Are they static content or proxied to a back end? Do users login? Is i

Re: Nginx Rate limiting for HTTPS requests

2018-05-20 Thread rickGsp
>>As I tried to explain in my previous message, "test runs for 60 >>seconds" can have two different meanings: 1) the load is generated >>for 60 seconds and 2) from first request started to the last >>request finished it takes 60 seconds. >>Make sure you are using the correct meaning. Also, it m

Re: Nginx Rate limiting for HTTPS requests

2018-05-16 Thread Maxim Dounin
Hello! On Wed, May 16, 2018 at 05:00:20AM -0400, rickGsp wrote: > Thanks for responding Maxim. I understood what you are pointing at. Yes I > have taken care of time measurement. Actually my test runs for 60 seconds > and in total I expect 6000 requests returning 200 status with rate limit > conf

Re: Nginx Rate limiting for HTTPS requests

2018-05-16 Thread rickGsp
Thanks for responding Maxim. I understood what you are pointing at. Yes I have taken care of time measurement. Actually my test runs for 60 seconds and in total I expect 6000 requests returning 200 status with rate limit configured at 100r/s. However I see 9000 requests returning 200 status which m

Re: Nginx Rate limiting for HTTPS requests

2018-05-15 Thread Maxim Dounin
Hello! On Tue, May 15, 2018 at 12:20:31PM -0400, rickGsp wrote: > I have been experimenting with Nginx rate limiting and I need some inputs on > it’s working and what can be expected from this feature. I see some > difference in what I expected from this feature going by the documentation > and w

Nginx Rate limiting for HTTPS requests

2018-05-15 Thread rickGsp
Hi, I have been experimenting with Nginx rate limiting and I need some inputs on it’s working and what can be expected from this feature. I see some difference in what I expected from this feature going by the documentation and what I observed in my experiments. Here is the detail on my testing: