Recently, the cloud server needs to be migrated, and the previously used cloud server has a firewall. Use this firewall to limit the maximum number of connections between each IP and my business. The current annual cost of this firewall is 2k+, but the same product provided by the new cloud service provider costs 20k+ per year.
I definitely can't bear this matter. Originally, the purpose of migrating the cloud service provider was to save some money.
During a business trip a few years ago, I heard from a partner that the limit on the number of connections for layer-4 communication can be realized through nginx. To keep the cost down, I'm going to give it a try. After some twists and turns, it really worked out. The configuration file is as follows:
stream {
limit_conn_zone $binary_remote_addr zone=addr:10m;
upstream Port_7890 {
server 192.168.3.3:7890;
server 192.168.3.15:7890;
}
server {
listen 7890;
proxy_timeout 20s;
proxy_pass Port_7890;
limit_conn addr 20;
limit_conn_log_level error;
}
}
Description:
$binary_remote_addr is to limit the ip address of the same client;
$server_name is to limit the maximum number of concurrent connections of the same server;
limit_conn is to limit the number of concurrent connections;
limit_rate is to limit the download speed;
limit_conn addr 20; maximum concurrency;
limit_conn_log_level error; error log;