Skip to content

Raise rate limit for client requests at broker

When two bridge lines that use an HTTP rendezvous method are configured and the rendezvous for both bridges happens at the same time, one of the rendezvous requests always returns a 504 gateway timeout.

I think this is due to the rate limiting we have configured at the broker. Looking at the documentation for limit_req and our configuration:

        location ~ ((proxy)|(client)|(answer)|(metrics)|(prometheus)|(amp/client/.*)|(robots.txt)) {
            limit_req zone=snowflake burst=3;
            proxy_pass http://127.0.0.1:8080;
            proxy_http_version 1.1;
            proxy_read_timeout 300;
            proxy_connect_timeout 300;
            proxy_send_timeout 300;

            proxy_set_header  X-Forwarded-For $proxy_protocol_addr;
        }
limit_req_zone $proxy_protocol_addr zone=snowflake:10m rate=1r/s;

it looks likely that one of the requests is processed immediately while the other request is delayed so that each client request only comes in at 1 request / second. It's possible this delay is enough to trigger the broker's client timeout error. In any case, it's very reasonable to raise this rate limit to something like 4r/s and I would also suggest setting the nodelay parameter. I don't think this will significantly increase the risk of DoS attacks on the broker.

Edited by Cecylia Bocovich