Forum Discussion

Nimbostratus

May 10, 2012

Connection Limit iRule not rejecting concurrent sessions as expected

Hi -- The below iRule was enabled on a specific V/S to reject more than one session for a given unique source IPADDR. After enabling the iRule, rejection notifications are logged in the "ltm...

Historic F5 Account

May 11, 2012

The only way to access a sort of global data store on 10.0.x is the session command. However, it can't provide a 100% perfect solution, since it doesn't really provide any good concurrency tools for you (which is why we wrote the table command). You'd have to do something like:


if { [session lookup uie $ipaddr] != 1} {
   session add uie $ipaddr 1
} else {
   reject
}

But multiple connections could still come in at the exact same time and get through. That's probably the best you can do without upgrading (which you really should do; 10.0 is over 3 years old).

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Connection Limit iRule not rejecting concurrent sessions as expected

Recent Discussions

Reporting Help Needed

Switch ssl profile based on weak cipher detection via IRULE

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

full-proxy HTTP2

Related Content

ASM Too many concurrent long requests

Concurrent Call

Capacity in the Cloud: Concurrency versus Connections

Trouble redirecting on APM rejection.

1024 Words: SEND Buffers and Concurrent Connections

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS