Forum Discussion
bchick2_8645
Nov 21, 2011Nimbostratus
Limit Client Connections with Table
We have been using (verbatim) the iRule given on the Wiki at Click Here to successfully limit the number of concurrent connections from a single source IP address. However, we recently learned the us...
spark_86682
Nov 29, 2011Historic F5 Account
That is a much better approach. Nice work! Couple improvements could be made, mostly because we haven't updated the example iRule in that article (sorry). First, the key and tbl local variables should carry over from CLIENT_ACCEPTED to CLIENT_CLOSED, so there's no need to compute them again there. Second, to help protect against the issue you originally encountered, I'd delete the table entry in CLIENT_CLOSED before canceling the timer. Finally, if you have a critical need to never exceed the limit even by a little, then you should do the table set before getting the key count and then delete the entry you just added if you are over limit and the reject the connection.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects