Can you throttle traffic/requests by IP or HTTP Header info with ACE?

Unanswered Question
Jun 25th, 2007

I am looking for a way to throttle certain traffic either by source IP or by info I can extract in the http header or uri. I dont want to block this traffic, I just want to throttle it down from say 50 requests /sec to 2 requests/sec or add a delay to the response.


The goal is to not allow certain high volume out of control automated traffic to dominate resources in a web farm. Any ideas?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Gilles Dufour Tue, 06/26/2007 - 04:51

with version 2.0 you will be able to rate-limit traffic based on the criteria you mentioned.

However, the action taken when the traffic exceeds the limit is to drop.

Not dropping would mean to buffer data and send them later with a delay.

This is a risky business. Buffering means more memory needed - more cpu. And what happens during a site attack for hackers ?

Definitely, you want to drop.

Applications can recover anyway.


Gilles.

jdean1 Tue, 06/26/2007 - 13:10

Thanks. Just to be clear on the rate limit criteria:


Will we be able to rate limit based on requests per second? or just bandwidth utilization?


We are concerned with requests/sec. Thanks,


JD

Actions

This Discussion