How to limit nginx flow

When marketing e-commerce platforms, we often encounter large traffic problems. In addition to traffic diversion processing, we may also need to perform user black and white lists and reputation analysis, and then perform corresponding traffic interception and traffic restriction based on the user's IP reputation weight.

Nginx's own request limiting module ngx_http_limit_req_module and traffic limiting module ngx_stream_limit_conn_module are based on the token bucket algorithm, which can easily control the token rate and customize the current limit. , to achieve basic current limiting control.

The algorithm idea is:

Tokens are generated at a fixed rate and cached in the token bucket;

When the token bucket is full, the excess tokens are discarded;

The request must consume an equal proportion of tokens to be processed;

When there are not enough tokens, the request is processed cache.

Leaky Bucket Algorithm:

The algorithm idea is:

Water (Request ) is poured into the bucket from above and flows out from the bottom of the bucket (processed);

The water that is too late to flow out is stored in the bucket (buffer) and flows out at a fixed rate; when the bucket is full, the water overflows (discarded).

The core of this algorithm is: caching requests, processing them at a uniform speed, and discarding redundant requests directly.

Compared with the leaky bucket algorithm, the difference between the token bucket algorithm is that it not only has a "bucket", but also a queue. This bucket is used to store tokens, and the queue is used to store requests.

In terms of function, the most obvious difference between the leaky bucket and token bucket algorithms is whether to allow burst traffic (burst) processing. The leaky bucket algorithm can forcibly limit the real-time transmission (processing) rate of data. Burst traffic does not undergo additional processing; the token bucket algorithm can limit the average transmission rate of data while allowing a certain degree of burst transmission.

The Nginx speed limit module based on the request rate uses a leaky bucket algorithm, which can forcibly guarantee that the real-time processing speed of requests will not exceed the set threshold.

The official version of Nginx has two modules for limiting IP connections and concurrency:

limit_req_zone is used to limit the number of requests per unit time, that is, rate limit, adopted Leaky bucket algorithm "leaky bucket".

limit_req_conn is used to limit the number of connections at the same time, that is, concurrency limit.

For more Nginx related technical articles, please visit the Nginx usage tutorial column to learn!

The above is the detailed content of How to limit nginx flow. For more information, please follow other related articles on the PHP Chinese website!