Worker Configuration
# Main context
worker_processes auto; # One per CPU core
worker_rlimit_nofile 65535; # File descriptor limit
events {
worker_connections 4096;
multi_accept on;
use epoll; # Linux
# use kqueue; # FreeBSD/macOS
}
Keepalive Connections
Client Keepalive
http {
# Time to keep connection open
keepalive_timeout 65;
# Max requests per connection
keepalive_requests 1000;
# Disable for HTTP/1.0
keepalive_disable msie6;
}
Upstream Keepalive
upstream backend {
server 10.0.0.1:8080;
server 10.0.0.2:8080;
keepalive 32;
keepalive_requests 1000;
keepalive_timeout 60s;
}
server {
location / {
proxy_pass http://backend;
proxy_http_version 1.1;
proxy_set_header Connection "";
}
}
TCP Optimization
http {
# Sendfile for static files
sendfile on;
# Send headers in one packet
tcp_nopush on;
# Don't buffer small packets
tcp_nodelay on;
# Reset lingering connections
reset_timedout_connection on;
# Timeouts
client_body_timeout 12;
client_header_timeout 12;
send_timeout 10;
}
Buffer Configuration
http {
# Client request buffers
client_body_buffer_size 10K;
client_header_buffer_size 1k;
client_max_body_size 10m;
large_client_header_buffers 4 32k;
# Proxy buffers
proxy_buffer_size 4k;
proxy_buffers 8 4k;
proxy_busy_buffers_size 8k;
}
Connection Limits
# Limit connections per IP
limit_conn_zone $binary_remote_addr zone=conn_per_ip:10m;
server {
# Max 10 connections per IP
limit_conn conn_per_ip 10;
# Limit total connections
limit_conn_status 503;
}
File Descriptor Limits
# System limits
cat /proc/sys/fs/file-max
echo 65535 > /proc/sys/fs/file-max
# Per-process limits (in /etc/security/limits.conf)
nginx soft nofile 65535
nginx hard nofile 65535
# Or in systemd service
[Service]
LimitNOFILE=65535
# /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
worker_rlimit_nofile 65535;
error_log /var/log/nginx/error.log warn;
pid /run/nginx.pid;
events {
worker_connections 4096;
multi_accept on;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Logging
access_log /var/log/nginx/access.log combined buffer=16k flush=5m;
# Connections
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
keepalive_requests 1000;
reset_timedout_connection on;
# Timeouts
client_body_timeout 12;
client_header_timeout 12;
send_timeout 10;
# Buffers
client_body_buffer_size 10K;
client_header_buffer_size 1k;
client_max_body_size 10m;
large_client_header_buffers 2 1k;
# Gzip
gzip on;
gzip_comp_level 5;
gzip_min_length 256;
gzip_types text/plain text/css application/json application/javascript;
include /etc/nginx/conf.d/*.conf;
}
# ab (Apache Bench)
ab -n 10000 -c 100 https://example.com/
# wrk
wrk -t12 -c400 -d30s https://example.com/
# Check connections
ss -s
netstat -an | grep ESTABLISHED | wc -l
intermediate | Performance | Updated 2025-01-15
- nginx
- connections
- keepalive
- performance
- tuning