NimbostratusRate limiting per IP and URI
Customer application is been flooded of client HTTP POST requests on every minute. I need to come up with a solution for rate limiting on a VS in our LTM-VE so a source IP will be limited for specified URI's with 1 requests per 10 minutes.
During validation test we see the irule logs under /var/log/ltm:
Feb 28 20:23:48 lb01-mgmt info tmm1[17492]: Rule /LB1_VRF2/NGSC_Err429 <HTTP_REQUEST>: 191.44.3.193%2 exceeded max HTTP requests per second
Feb 28 20:23:48 lb01-mgmt. info tmm7[17492]: Rule /LB1_VRF2/NGSC_Err429 <HTTP_REQUEST>: 201.79.26.68%2 exceeded max HTTP requests per second
Feb 28 20:23:48 lb01-mgmt info tmm7[17492]: Rule /LB1_VRF2/NGSC_Err429 <HTTP_REQUEST>: 200.165.153.27%2 exceeded max HTTP requests per second
but client is not receiving HTTP 429 after two retries within 10 minutes
We create the following irule, could you guys see any error on the irule?
# Function : RateLimit HTTP POST requests per IP, for NGSCserver
when RULE_INIT {
set static::maxRate 1
set static::windowSecs 600
}
when HTTP_REQUEST {
if { ([HTTP::method] eq "POST") and [HTTP::uri] contains "/NGSCserver/"} {
# set variables
set limiter [string tolower [HTTP::host]]
set clientip_limitervar [IP::client_addr]:$limiter
set get_count [table key -count -subtable $clientip_limitervar]
# main condition
if { $get_count < $static::maxRate } {
incr get_count 1
table set -subtable $clientip_limitervar $get_count $clientip_limitervar indefinite $static::windowSecs
} else {
HTTP::respond 429 content "Request blockedExceeded requests/sec limit."
log local0. "[IP::client_addr] exceeded max HTTP requests per second"
drop
return
}
}
}