Forum Discussion

kimjim_51067's avatar
kimjim_51067
Icon for Nimbostratus rankNimbostratus
Mar 20, 2012

I need to create an irule that will reject a specified percnetage of traffic.

Can some one help me in creating an irule that will reject percentage (ex- 50%) of the traffic .

 

I need this because when there is a heavy traffic my systems are unable to handle ,so i want to apply this irule so that it will drop 50% or 25% of my traffic , so that systems will not be crashed.

 

 

 

He is the sample i am thinking of which is not working

 

 

 

when HTTP_REQUEST {

 

 

 

if { ([string match {/build/apps/medrec/jaml} [HTTP::path]]) }{

 

 

 

HTTP::respond 502 or reject }

 

 

 

}

 

}

 

 

 

 

please help.

 

If there is any better option than reject like sending a fake response for 50% of the traffic that would be more helpful.

 

 

 

HTTP::respond 502 content {

 

some html tags

 

}

 

  • Hi,

    How about something like this?

    
    when HTTP_REQUEST {
    
     Check the path
    if { [HTTP::path] eq "/build/apps/medrec/jaml" }{
    
     For 50% of traffic send a 502 response
    if { rand() > .50 }{
    HTTP::respond 502 content {html...}
    }
    }
    }
    

    Aaron
  • Hi kimjim,

     

     

    Have you thought of using Ratio Load Balancing with Connection Limits set on the Servers?

     

     

    Or you could even use SNMP Monitor to monitor the server and Dynamic Ratio load balancing (you would use the SNMP DCA or SNMP DCA Base Templates). That is described in detail here if you are interested.

     

     

    Hope this helps.
  • Nice idea Michael.

     

     

    You could also set connection limits on the pool members and/or virtual server to protect them.

     

     

    Aaron
  • Hoolio Thank You very much for all your help.

     

    Your irule worked like a charm

     

    but i have one question will rand add any latency if so can you suggest me any other alternative.

     

     

    Micheal Thanks for your answer , i am not sure how to do it ,really appreciate your help.

     

  • Why not tinker to figure out the high water mark for your application and use something like this... https://devcentral.f5.com/wiki/iRules.HTTPSessionLimit.ashx

     

     

    This rule "Limits total concurrent HTTP sessions to a pre-defined threshold, allowing those clients with a session cookie to continue once the limit is reached, while redirecting new clients until concurrent sessions are again below the theshold."

     

     

    That was you can have some clients have a decent experience instead of randomly getting bumped
  • tdk_51797's avatar
    tdk_51797
    Historic F5 Account
    For the 50% case, you could optimise the rule as follows:

     

     

    when HTTP_REQUEST {

     

    set flag 0

     

    Check the path

     

    if { [HTTP::path] eq "/build/apps/medrec/jaml" }{

     

     

    For 50% of traffic send a 502 response

     

    if { $flag == 0 }{

     

    HTTP::respond 502 content {html...}

     

    set flag 1

     

    }

     

    else {

     

    set flag 0

     

    }

     

    }

     

    }
  • I like your thinking TDK. But using a local variable for this would be specific to that TCP connection. So if you use that logic, every other HTTP request to the specific URI on each TCP connection would be dropped. I'd guess this wouldn't lead to dropping 50% of requests as some (or most?) clients would not reuse their TCP connections to make multiple requests to that specific URI.

     

     

    You could use a session table entry to create a flag that you increment and then reset to 0 (https://devcentral.f5.com/wiki/iRules.CMP_v10_compatible_counters_using_the_session_table.ashx).

     

     

    However, using expr will give a much more even distribution compared with a local variable, regardless of the connection reuse behavior of clients. And it doesn't require any session tracking complexity.

     

     

    Aaron