5. Do you use keepslive? Sent from my iPhone
> On May 20, 2018, at 2:45 PM, Peter Booth <peter_bo...@me.com> wrote: > > Rate limiting is a useful but crude tool that should only be one if four or > five different things you do to protect your backend: > > 1 browser caching > 2 cDN > 3 rate limiting > 4 nginx caching reverse proxy > > What are your requests? Are they static content or proxied to a back end? > Do users login? > Is it valid for dynamic content built for one user to be returned to another? > > Sent from my iPhone > > On May 20, 2018, at 4:24 AM, rickGsp <nginx-fo...@forum.nginx.org> wrote: > >>>> As I tried to explain in my previous message, "test runs for 60 >>>> seconds" can have two different meanings: 1) the load is generated >>>> for 60 seconds and 2) from first request started to the last >>>> request finished it takes 60 seconds. >> >>>> Make sure you are using the correct meaning. Also, it might >>>> be a good idea to look into nginx access logs to verify both time >>>> and numbers reported by your tool. >> >> Yes Maxim, I had understood your point. My test actually ran for 60 to 65 >> seconds which means it took 5 additional seconds to process the requests. >> Even access logs says the same. Also, on more powerful machine, I get >> expected result for the same test i.e 500 req/sec load but start seeing >> difference at relatively higher load.It seems to me that a results also >> depends on the resources available on the machine running Nginx. >> Surprisingly, CPU was not hitting the peak on both the machines.I am using >> CentOS systems for this testings. >> >> Actually in another test with plain HTTP requests, I observed the same issue >> of more requests than expected getting processed. However, for HTTP case, >> this behaviour appeared at 700 req/sec input load instead of 500 req/sec as >> in HTTPS. In this test requests got processed within 60 secs. >> >> With all the test results, I am being forced to think that Nginx rate >> limiting may not be able to stop DDoS attack with very high input load but >> is decent enough to handle sudden spikes and load which is slightly higher >> than configured rate limit, and computing power available also plays some >> role here. Do you think I am right? >> >> Posted at Nginx Forum: >> https://forum.nginx.org/read.php?2,279802,279874#msg-279874 >> >> _______________________________________________ >> nginx mailing list >> nginx@nginx.org >> http://mailman.nginx.org/mailman/listinfo/nginx _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
