Dynamic

Question

newbie question...&nbsp;
&nbsp;I want to be able to control the rate of requests by source IP address in version 4.x.  &nbsp;
&nbsp;The basic functionality that I am looking for is:&nbsp;
&nbsp;1.  Determine which clients are requesting a specific resource at too great of a rate (at runtime).
&nbsp;2.  Build a list of these clients (also at runtime).
&nbsp;3.  Use this list to either:
&nbsp;  -  Redirect to a static URL that displays a resource overuse warning message.
&nbsp;  -  Move the request to a common pool that limits the rate of the requests, like a low_priority_pool&nbsp;
&nbsp;This leads me to a couple of questions:
&nbsp;-  My basic understanding of 4.x and iRules is that items 1 and 2 are probably not achievable using iRules or 4.x out-of-the-box functionality.  Is that correct?
&nbsp;-  For item 3, let's assume that I have an external application that can build a list of "black-listed" IP addresses, and provide this list to Big IP in a text file.  Can an iRule dynamically look up the black list IPs from the text file and perform logic?
&nbsp;-  Is there an easier way to accomplish 1, 2, and 3 using 4.x functionality?&nbsp;
&nbsp;Thanks in advance.

colin_walker_12 · Answer

Here's a great post by mmac that answers some of these questions: Click here&nbsp;
&nbsp;Take a look, and post again if you've still got questions you're looking to get answered.&nbsp;
&nbsp;-Colin

Forum Discussion

Dynamic

Recent Discussions

XC Bot defense question

LTM Rule, iRule, or Brute Force Configuration to Limit URL Access

NetScaler to F5 Migration

Application only need to access from 2 uris

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

Related Content

JA4 Part 2: Detecting and Mitigating Based on Dynamic JA4 Reputation

Regex for dynamic URI

BIG-IP to Azure Dynamic IPsec Tunneling

Improve BIG-IP APM VPN speed with TLS dynamic record size

OAuth 2.0 Dynamic Client Registration

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS