Nginx Multiple If Statements Cause Memory Usage to Jump
Posted
by
Justin Kulesza
on Server Fault
See other posts from Server Fault
or by Justin Kulesza
Published on 2012-10-24T19:43:50Z
Indexed on
2012/10/25
17:02 UTC
Read the original article
Hit count: 220
nginx
We need to block a large number of requests by IP address with nginx. The requests are proxied by a CDN, and so we cannot block with the actual client IP address (it would be the IP address of the CDN, not the actual client). So, we have $http_x_forwarded_for which contains the IP which we need to block for a given request.
Similarly, we cannot use IP tables, as blocking the IP address of the proxied client will have no effect. We need to use nginx to block the requested based on the value of $http_x_forwarded_for.
Initially, we tried multiple, simple if statements: http://pastie.org/5110910
However, this caused our nginx memory usage to jump considerably. We went from somewhere around a 40MB resident size to over a 200MB resident size.
If we changed things up, and created one large regex that matched the necessary IP addresses, memory usage was fairly normal: http://pastie.org/5110923
Keep in mind that we're trying to block many more than 3 or 4 IP addresses... more like 50 to 100, which may be included in several (20+) nginx server configuration blocks.
Thoughts? Suggestions?
I'm interested both in why memory usage would spike so greatly using multiple if blocks, and also if there are any better ways to achieve our goal.
© Server Fault or respective owner