BestHub
Sign in
Operations 10 min read

Master High-Concurrency Nginx: Proven Configs to Crush 502/504 Errors

Learn how to transform Nginx into a high‑concurrency powerhouse by addressing common 502/504 errors, optimizing worker processes, event and HTTP settings, fine‑tuning OS kernel parameters, implementing caching, rate‑limiting, load‑balancing, and monitoring scripts, with practical code examples and checklists.

Su San Talks Tech
Su San Talks Tech
Su San Talks Tech
Master High-Concurrency Nginx: Proven Configs to Crush 502/504 Errors

Common high‑concurrency pain points

502/504 errors when traffic spikes

CPU usage spikes but throughput stalls

Connection limits cause request rejections

Response time degrades, poor UX

These issues often stem from misconfiguration rather than hardware limitations. We'll start with basic Nginx settings and progressively build a robust high‑concurrency setup.

Part 1: Core Nginx configuration optimization

1. Worker processes and connections

# worker_processes = number of CPU cores
worker_processes auto;
# maximum connections per worker
worker_connections 65535;
# worker priority (-20 highest)
worker_priority -10;
# CPU affinity
worker_cpu_affinity auto;
# limit open files per worker
worker_rlimit_nofile 100000;

Practical tip: worker_connections is not unlimited; each connection consumes ~232‑248 bytes of memory.

2. Event‑driven model

events {
    # use epoll (best on Linux)
    use epoll;
    # accept multiple connections simultaneously
    multi_accept on;
    # set connection limit
    worker_connections 65535;
    # disable accept mutex for faster accept
    accept_mutex off;
}

3. HTTP core settings

http {
    # efficient file transfer
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;

    # connection timeout
    keepalive_timeout 60;
    keepalive_requests 10000;
    client_header_timeout 10;
    client_body_timeout 10;
    send_timeout 10;

    # buffer sizes
    client_header_buffer_size 4k;
    large_client_header_buffers 8 8k;
    client_body_buffer_size 128k;
    client_max_body_size 50m;

    # gzip compression
    gzip on;
    gzip_vary on;
    gzip_min_length 1000;
    gzip_comp_level 6;
    gzip_types text/plain text/css text/javascript application/javascript application/json application/xml;

    # hide version
    server_tokens off;
}

Part 2: Advanced performance tuning

1. Connection pool and cache

http {
    upstream backend {
        keepalive 300;
        keepalive_requests 10000;
        keepalive_timeout 60s;
        server 192.168.1.100:8080 weight=3 max_fails=3 fail_timeout=30s;
        server 192.168.1.101:8080 weight=2 max_fails=3 fail_timeout=30s;
    }

    # open file cache
    open_file_cache max=100000 inactive=20s;
    open_file_cache_valid 30s;
    open_file_cache_min_uses 2;
    open_file_cache_errors on;

    # FastCGI cache (for PHP)
    fastcgi_cache_path /var/cache/nginx levels=1:2 keys_zone=fcgi:100m inactive=60m;
    fastcgi_cache_key "$scheme$request_method$host$request_uri";
    fastcgi_cache_use_stale error timeout invalid_header http_500;
}

2. Rate limiting and protection

http {
    # request rate limits
    limit_req_zone $binary_remote_addr zone=api:10m rate=100r/s;
    limit_req_zone $binary_remote_addr zone=login:10m rate=5r/s;

    # connection limits
    limit_conn_zone $binary_remote_addr zone=perip:10m;
    limit_conn_zone $server_name zone=perserver:10m;

    server {
        # apply limits
        limit_req zone=api burst=200 nodelay;
        limit_conn perip 20;
        limit_conn perserver 2000;

        # long‑term static asset cache
        location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
            expires 1y;
            add_header Cache-Control "public, immutable";
        }

        # API optimization
        location /api/ {
            limit_req zone=api burst=50 nodelay;
            proxy_pass http://backend;
            proxy_http_version 1.1;
            proxy_set_header Connection "";
            proxy_connect_timeout 5s;
            proxy_send_timeout 10s;
            proxy_read_timeout 10s;
        }
    }
}

Part 3: OS kernel parameter tuning

1. Network parameters

# /etc/sysctl.conf
net.core.somaxconn = 65535
net.core.netdev_max_backlog = 30000
net.core.rmem_default = 262144
net.core.rmem_max = 16777216
net.core.wmem_default = 262144
net.core.wmem_max = 16777216

# TCP tuning
net.ipv4.tcp_max_syn_backlog = 65535
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_fin_timeout = 15
net.ipv4.tcp_keepalive_time = 600
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.tcp_keepalive_intvl = 15

# connection tracking
net.netfilter.nf_conntrack_max = 1048576
net.nf_conntrack_max = 1048576

# file descriptor limit
fs.file-max = 1048576
# apply changes
sysctl -p

2. Process and memory limits

# /etc/security/limits.conf
* soft nofile 1048576
* hard nofile 1048576
* soft nproc 1048576
* hard nproc 1048576
nginx soft nofile 1048576
nginx hard nofile 1048576

Part 4: Monitoring and tuning scripts

1. Performance monitoring script

#!/bin/bash
# nginx_monitor.sh

echo "=== Nginx connection status ==="
ss -s

echo "=== Active connections ==="
netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'

echo "=== Nginx process status ==="
ps aux | grep nginx | grep -v grep

echo "=== System load ==="
uptime

echo "=== Memory usage ==="
free -h

echo "=== Nginx status page ==="
curl -s http://localhost/nginx_status

2. Load testing commands

# wrk example
wrk -t20 -c1000 -d60s --latency http://your-domain.com/

# ab example
ab -n 100000 -c 1000 http://your-domain.com/

# monitor Nginx processes
top -p $(pgrep nginx | tr '
' ',' | sed 's/,$//')

Part 5: High‑concurrency architecture best practices

1. Multi‑level caching

# L1: Nginx local cache
location / {
    try_files $uri @proxy;
}
# L2: Proxy cache
location @proxy {
    proxy_cache my_cache;
    proxy_cache_valid 200 302 1h;
    proxy_cache_valid 404 1m;
    proxy_pass http://backend;
    proxy_cache_lock on;
    proxy_cache_lock_timeout 5s;
}

2. Load‑balancing strategy

upstream backend {
    # consistent hash for session stickiness
    hash $remote_addr consistent;
    # health checks (requires nginx‑plus or third‑party module)
    server 192.168.1.100:8080 weight=3 max_fails=3 fail_timeout=30s;
    server 192.168.1.101:8080 weight=3 max_fails=3 fail_timeout=30s;
    server 192.168.1.102:8080 weight=2 max_fails=3 fail_timeout=30s backup;
}

Part 6: Troubleshooting checklist

Match CPU cores with worker_processes

Increase file descriptor limits

Optimize kernel network parameters

Enable appropriate caching strategies

Set reasonable timeouts

Apply request rate limiting

Deploy monitoring system

Conclusion

By applying the configurations above, your Nginx server should handle over 100 k concurrent connections, keep response times under 100 ms, maintain reasonable CPU usage, and use memory efficiently. Remember to reload Nginx after changes (nginx -s reload) and verify performance in a staging environment before production.

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

System optimizationLinuxhigh concurrencyNginx
Su San Talks Tech
Written by

Su San Talks Tech

Su San, former staff at several leading tech companies, is a top creator on Juejin and a premium creator on CSDN, and runs the free coding practice site www.susan.net.cn.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment