Re: [load balancing] Rate limiting SOAP transactions

From: Kit Wetzler <Kit.Wetzler [izzat] citrix.com>
Date: Wed Feb 25 2009 - 17:42:17 EST

Not that this will help you much, but for the NetScaler users on the list needing to do something similar, version 9.0 has rate limiting that could do this pretty easily. F5 definitely has iRules that can do rate limting as well. With both F5 and NetScaler, you can choose the action to take once the rate limit has been reached, NetScaler it is done by including the Rate limiting object in the appropriate Responder policy. With F5, you can configure an appropriate iRule to reply with whatever you need once the limit is reached.

[cid:image001.png@01C99757.41FC9130]

Hope this was helpful and appropriate.

          -kit

From: lb-l-bounces@vegan.net [mailto:lb-l-bounces@vegan.net] On Behalf Of Rosenberry, Eric
Sent: Wednesday, February 25, 2009 1:37 PM
To: Load Balancing Mailing List
Subject: [load balancing] Rate limiting SOAP transactions

I am looking for a way to rate limit how many SOAP transactions per second that a given customer can send us such that any given customer could not overload the system and cause impact to other customers. As an example, say our system can handle 1000 transactions per second and our normal load from all customers is 500 tps. If a given customer has a huge traffic increase they could overload the system and cause issues for other well behaving customers.

Would it be possible in the F5 (probably through the use of an iRule) to identify traffic from a specific customer (preferably based on data within the soap payload, but I suspect in reality it would have to be based on source IP) and then track what the current transaction rate is and in some way block connections exceeding the limit? I assume to block it would require just terminating the session, though optimally we would send back a soap error or even http error.

Not being an expert in iRules myself I am mostly wondering if the F5 can even implement a rate tracking and limiting capability within TCL that would perform even remotely well.

Any suggestions are appreciated.

-Eric
_______________________________________________________________
Eric Rosenberry
Sr. Network Engineer | Chief Bit Plumber
Direct +1. 503.943.6763 | Mobile: +1.503.348.3625 | Fax: +1.503.224.1581

iovation
111 SW Fifth Avenue
Suite 3200
Portland, OR 97204
www.iovation.com<http://www.iovation.com/>

The information contained in this email message may be privileged, confidential and protected from disclosure. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this email message in error, please notify the sender by reply email and delete the message and any attachments.

_______________________________________________
lb-l mailing list
lb-l@vegan.net
http://vegan.net/mailman/listinfo/lb-l
Searchable Archive: http://vegan.net/lb/archive
http://lbdigest.com Load Balancing Digest
http://lbwiki.com Load Balancing Wiki

image001.png
Received on Wed Feb 25 17:42:19 2009

This archive was generated by hypermail 2.1.8 : Wed Feb 25 2009 - 17:42:20 EST