Forum Discussion
mahnsc
Nimbostratus
NimbostratusWeb Service Throttling
My customer is looking to me to write an irule that will perform two things against web service based traffic. After a threshold is reached, they want to delay responses for some period of time. After a second threshold is reached, they want to drop the packets. This all has something to do with contractual obligations between my customer and their customers where they agree to a certain amount of activity over a specific period of time and they want to prevent others who stumble across the service from pulling data for free.
My question is really more along the lines of trying to find out if there is a best-practice for dealing with this. After the second threshold is reached, should I simply be dropping the traffic or is there some kind of http status code that I really should be sending back to the consumer?
3 Replies
- http://devcentral.f5.com/wiki/default.aspx/iRules/HTTPRequestThrottle.html
is a good example of what you want.
Discard or send an HTTP response
Depends upon the purpose. You could send an HTTP 403 (permission denied), but abusers will know they have been rejected and could retry immediately. If you discard, the client would have to wait for the read/write timeout limit to make sure he wasn't getting a reply. 
mahnscOK. Sounds good. Thanks a lot!
HamishCirrocumulus
Be warned that you'll likely have trouble with the delay responses piece of work...
With HTTP you could fake that with meta refresh tags in a small page (Albeit at the expense of losing queueing). I'm not sure if SOAP understands meta-refresh though... Probably not...
If you had the rate shaping you could (Again fake it) by specifying a really low bitrate slot for the delayed response traffic... But just holding connections is going to cause your number of connections (And memory) stats (possibly) through the roof...
H
