Forum Discussion

Nimbostratus

Nov 21, 2011

Limit Client Connections with Table

We have been using (verbatim) the iRule given on the Wiki at Click Here to successfully limit the number of concurrent connections from a single source IP address. However, we recently learned the us...

Historic F5 Account

Nov 29, 2011

That is a much better approach. Nice work! Couple improvements could be made, mostly because we haven't updated the example iRule in that article (sorry). First, the key and tbl local variables should carry over from CLIENT_ACCEPTED to CLIENT_CLOSED, so there's no need to compute them again there. Second, to help protect against the issue you originally encountered, I'd delete the table entry in CLIENT_CLOSED before canceling the timer. Finally, if you have a critical need to never exceed the limit even by a little, then you should do the table set before getting the key count and then delete the entry you just added if you are over limit and the reject the connection.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Limit Client Connections with Table

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

APM TCP connection limit K38157145

iRule: Limit Connections from single client

DevCentral Connects hosts Capture the Flag!

Troubeshooting website connection

Rate limiting GraphQL API query using iRule and Advanced WAF Violation

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS