Yes, very interesting. This was my first thought, unfortunately.

Well, sue, but more generally, have better legal control over supply relationships.

_"A large part of this is due to the fact that nginx only uses HTTP/1.0 when it proxies requests to a back end server, and that means it opens a new connection on every request rather than using a persistent connection"_

Have you tried using upstream keepalive http://nginx.org/en/docs/http/ngx_http_upstream_module.html#... This should help keep the number of connections, and thus ephemeral port and tcp memory loading down.

As for node.js, core only ever holds a connection open for once through the event loop, and even then, only if there are requests queued. If you have any kind of high volume tcp client in node, this will also cause issues w/ ephemeral port exhaustion and thus tcp memory loading. Check out https://github.com/TBEDP/agentkeepalive in that case. Related to tcp memory load issues in general, this is a helpful paper http://www.isi.edu/touch/pubs/infocomm99/infocomm99-web/

More than on any other thread I've read on Hacker News, I'm driven to say on this in particular: what can we do? Iran's government site runs IIS. Pressure Microsoft to revoke their license (if it's even legit). I'm ready for war. I donated to TOR (I'll never travel to Iran) a couple years ago around the Iranian elections. This scumbag government must tumble.