Rate limiting and pool redirection

Question

We've got a client-facing application server pool sitting behind a Brocade SLB. Everything works fine, but we are vulnerable to clients who cache our product availability and overload the farm, which causes disruption to all clients. Currently we manage this manually, by creating redirection rules based on source IP.

Is it possible with F5 products (and presumably iRules) to configure a transaction rate limit, above which specific clients (identified by IP address) can be transparently redirected to a second server pool, thereby protecting "well behaved" clients?

hamish · Answer

Yep. 
&nbsp;  
&nbsp; In fact there's several request rate limiting iRules in the codeshare... All you'll have to do is marry some of that up with a quick lookup table (Supplied via a DataGroup - always my first choice instead of hard-coding) and you'll be away laughing. 
&nbsp;  
&nbsp; IIRC the iRUles you'll want to look at are Version_9_Throttle_on_Requests_Per_Second, HTTPRequestTthrottle and HTTP_throttle_alternative 
&nbsp;  
&nbsp; (There are others as well). 
&nbsp;  
&nbsp; H

Forum Discussion

Rate limiting and pool redirection

1 Reply

Welcome! a la Communidad DevCentral LATAM de F5!

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

Recent Discussions

Replacing i2800 pair with new F5-BIG-AFM-r2800

SSH forward proxy

F5 CIS -> NGINX Plus Ingress Controller Integration

Can I use F5 Big-IP WAF as HoneyPot

Entra ID F5 APM MDM Intune integration compliance check

Related Content

Introduction to F5 Distributed Cloud Console Rate Limiting Feature

Rate Limiting SSL VPN User Traffic

Rate Limit HTTP Requests

Where you Rate-Limit APIs Matters

Rate limiting GraphQL API query using iRule and Advanced WAF Violation

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS