David_Horton_20
Jan 26, 2007Nimbostratus
Connection limits on IP Address
Hi
I am trying to create an iRule to manage traffic based on IP Address. I want to set a limit and only allow that number of people in. My current rule creates an array of ip addresses, when you make a http request your ip gets placed in the array. If the array gets larger than a limit I am setting in the iRule then only people with addresses already in the array get a connection. I remove an IP address from the array when the CLIENT_CLOSED event fires, this usually happens when the client closes their browser or after a period of inactivity.
In my test environment I have the limit set to one and have one tester user using the site(making multiple http requests), if I try and browse the site normally I am denied access, however if I make multiple connection requests using a load testing tool then CLIENT_CLOSED gets fired for the tester user and they are kicked off. If anyone could provide any more information on CLIENT_CLOSED, when and how it gets fired that would be very helpful.
I have put my current iRule in below.
Thanks
Dave
when RULE_INIT {
array set ::active_IPs { }
array unset ::active_IPs
set ::max_active_IPs 1
set count_active_IPs [array size ::active_IPs]
}
when HTTP_REQUEST {
set client_ip [IP::remote_addr]
set count_active_IPs [array size ::active_IPs]
if { [info exists ::active_IPs($client_ip) ] } {
pool Active
return
} else {
if { $count_active_IPs >= $::max_active_IPs } {
HTTP::redirect "http://www.busy.com"
} else {
set ::active_IPs($client_ip) 1
pool Active
}
}
}
when CLIENT_CLOSED {
set client_ip [IP::remote_addr]
if { [info exists ::active_IPs($client_ip)] } {
unset ::active_IPs($client_ip)
}
}