How to use limit_conn and limit_req modules of Nginx when it is behind HAProxy

Question

I'm using limit_conn_zone (with limit_conn) and limit_req_zone (with limit_req) in Nginx which sits behind a HAProxy. They both run on the same host.

I see whenever a limit is breached in Nginx (resulting in 503 responses), the client IP is 127.0.0.1. This is probably because the only connected client is in fact HAProxy.

This makes me wonder whether the usage of limit_conn and limit_req module behind HAProxy is effective, as it seems to me that Nginx is effectively limiting requests from HAProxy but not those from actual users. If this is true, how should I adapt these settings for my set-up?

i belive you looking for like `https://ypereirareis.github.io/blog/2019/06/04/real-client-ip-address-nginx-behind-haproxy-reverse-proxy/&ved=2ahUKEwjBlvu57dXoAhVvMOwKHWDGAIYQFjACegQIChAM&usg=AOvVaw2ozL5Jw2MvV9jpTHVdNNOi` — djdomi, Apr 07 '20 at 08:05

score 0 · Answer 1 · answered Apr 13 '13 at 15:43

0

I'd give a try to RealIP module, but that's just a theory.

UPD.: See this "nginx behind load balancer" thread

answered Apr 13 '13 at 15:43

poige

9,448
2
25
52

How to use limit_conn and limit_req modules of Nginx when it is behind HAProxy

1 Answers1