CirrocumulusiRule to Throttle HTTP Requests for IP mask
We're trying to create an iRule that limits the number of http requests to a virtual server within a specified window. After doing some searching we found this example:
That iRule works on limiting the number of requests per specific IP address that matches within the list of networks included in the iRule datagroup. We would like to do the same but not based on specific IP addresses, but for subnets as a whole.
That is, if we include the network 3.2.1.0/24 in the iRule datagroup, we would like to be able to set the limits for the whole mask.
For example, if we set the limit to 1000 requests in 60 seconds and within one minute:
3.2.1.5 sends 300 requests
3.2.1.20 sends 300 requests
3.2.1.87 sends 400 requests
we would like the table to account for every IP covered in the mask as a whole and throttle based on it.
A client subscribed to a service that pulls some application data from their website. The problem is that that the service works as batch jobs. When it starts connecting to the website it sends huge bursts of requests in a short period of time. When it happens during peak hours it degrades the applications performance significantly. Since we already identified the source net mask for the service, the goal is to set the iRule to allow the service to continue working but throttling it so that it doesn't degrade the application's performance.
Any suggestions?