HxHippy

Connection Optimization

Optimizing Nginx connection handling for high performance.

Last updated: 2025-01-15

Worker Configuration

# Main context
worker_processes auto;  # One per CPU core
worker_rlimit_nofile 65535;  # File descriptor limit

events {
    worker_connections 4096;
    multi_accept on;
    use epoll;  # Linux
    # use kqueue;  # FreeBSD/macOS
}

Keepalive Connections

Client Keepalive

http {
    # Time to keep connection open
    keepalive_timeout 65;

    # Max requests per connection
    keepalive_requests 1000;

    # Disable for HTTP/1.0
    keepalive_disable msie6;
}

Upstream Keepalive

upstream backend {
    server 10.0.0.1:8080;
    server 10.0.0.2:8080;

    keepalive 32;
    keepalive_requests 1000;
    keepalive_timeout 60s;
}

server {
    location / {
        proxy_pass http://backend;
        proxy_http_version 1.1;
        proxy_set_header Connection "";
    }
}

TCP Optimization

http {
    # Sendfile for static files
    sendfile on;

    # Send headers in one packet
    tcp_nopush on;

    # Don't buffer small packets
    tcp_nodelay on;

    # Reset lingering connections
    reset_timedout_connection on;

    # Timeouts
    client_body_timeout 12;
    client_header_timeout 12;
    send_timeout 10;
}

Buffer Configuration

http {
    # Client request buffers
    client_body_buffer_size 10K;
    client_header_buffer_size 1k;
    client_max_body_size 10m;
    large_client_header_buffers 4 32k;

    # Proxy buffers
    proxy_buffer_size 4k;
    proxy_buffers 8 4k;
    proxy_busy_buffers_size 8k;
}

Connection Limits

# Limit connections per IP
limit_conn_zone $binary_remote_addr zone=conn_per_ip:10m;

server {
    # Max 10 connections per IP
    limit_conn conn_per_ip 10;

    # Limit total connections
    limit_conn_status 503;
}

File Descriptor Limits

# System limits
cat /proc/sys/fs/file-max
echo 65535 > /proc/sys/fs/file-max

# Per-process limits (in /etc/security/limits.conf)
nginx soft nofile 65535
nginx hard nofile 65535

# Or in systemd service
[Service]
LimitNOFILE=65535

Complete High-Performance Config

# /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
worker_rlimit_nofile 65535;
error_log /var/log/nginx/error.log warn;
pid /run/nginx.pid;

events {
    worker_connections 4096;
    multi_accept on;
    use epoll;
}

http {
    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    # Logging
    access_log /var/log/nginx/access.log combined buffer=16k flush=5m;

    # Connections
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    keepalive_requests 1000;
    reset_timedout_connection on;

    # Timeouts
    client_body_timeout 12;
    client_header_timeout 12;
    send_timeout 10;

    # Buffers
    client_body_buffer_size 10K;
    client_header_buffer_size 1k;
    client_max_body_size 10m;
    large_client_header_buffers 2 1k;

    # Gzip
    gzip on;
    gzip_comp_level 5;
    gzip_min_length 256;
    gzip_types text/plain text/css application/json application/javascript;

    include /etc/nginx/conf.d/*.conf;
}

Testing Performance

# ab (Apache Bench)
ab -n 10000 -c 100 https://example.com/

# wrk
wrk -t12 -c400 -d30s https://example.com/

# Check connections
ss -s
netstat -an | grep ESTABLISHED | wc -l
intermediate Performance Updated 2025-01-15
  • nginx
  • connections
  • keepalive
  • performance
  • tuning