Forum Discussion

Monty_152734's avatar
Monty_152734
Icon for Nimbostratus rankNimbostratus
Oct 24, 2017

Increase TPS per host IP

Hi,

 

Our team is asking me to increase TPS per host IP from 30 to 90. They provided me an irule which is currently serving. According to team, this irule is limited for 30 TPS per host IP and I need to find right value for "maxRate, timeout and related" Can someone please help me in the modification of this rule and also explain what this irule do (step by step)? it will be really very helpful. Thanks in advance

 

when RULE_INIT {

 

set static::maxRate 900 * 3

 

set static::windowSecs 1

 

set static::timeout 30 }

 

when HTTP_REQUEST {

 

if { [HTTP::method] eq "GET" } {

 

set getCount [table key -count -subtable [IP::client_addr]]

 

log local0. "getCount=$getCount"

 

if { $getCount < $static::maxRate } {

 

incr getCount 1

 

table set -subtable [IP::client_addr] $getCount "ignore" $static::timeout $static::windowSecs

 

} else {

 

log local0. "Exceeded the number of requests allowed. $getCount"

 

HTTP::respond 501 content "Request blockedExceeded requests/sec limit."

 

return

 

} } }

 

application delivery
BIG-IP
developing irules for big-ip
devops
iRules
LTM

5 Replies

Sort By
  • crodriguez's avatar
    crodriguez
    Ret. Employee
    Oct 26, 2017

    Before I try to analyze further, the iRule does not save properly on my 12.1 system. A syntax error is generated on the first command - set static::maxRate 900 * 3. Is the intent of that command to set the maxRate to 2700? Also, what sort of log messages are you seeing with respect to current counts?

     

  • Monty_152734's avatar
    Monty_152734
    Icon for Nimbostratus rankNimbostratus
    Oct 27, 2017

    Yes, you are right. The intent is to set maxRate to 2700 as the team wants 90 TPS so I believe the calculation would be maxRate/timeout = TPS (2700/30 = 90TPS). Am I right?

     

  • crodriguez's avatar
    crodriguez
    Ret. Employee
    Oct 27, 2017

    My understanding is that a subtable entry is removed when either the timeout or lifetime value is reached, whichever comes first. Since lifetime (static::windowSecs = 1) is less than timeout (static::timeout = 30), no matter how many times a particular subtable entry is touched via the TABLE SET command (which resets the timeout value on the subtable entry), the entry will be removed after 1 second due to the lifetime. And since your sliding window for counting max TPS is 1 second, that makes sense. The question is how does the 2700 maxRate fit into this. That is why I was interested in seeing the log messages this iRule currently produces. Are you ever getting the custom 501 log page and, if so, what is the count in the associated log message? Is it 30 (or 90) or something else?