I wanted to know the exact real time understanding for Connection Limit and Connection Rate Limit.
we have a request comes in to mitigate DDOS attacks and not sure on the values to configure and what happenes with what.
appreciate the help.
The settings related to the connection limit can prevent DoS attacks as you mentioned, but I believe that it must be adjusted very carefully and with coordination with the application team to know the exact threshold you should apply on each pool member or node.
Also, you must think of doing a stress test on the backend server to see how many requests the server can actually receive per second.
Regarding the differences between the two options "Connection Limit" and "Connection Rate Limit", you can check the below clarification:
Thank you for the reply,
So, Connection limit will hold the number of conncurrent open connections, is it from the same Source IP or mixture of all connections?
Like 192.x.x.x is trying 50+ more connections and its a ddos attack Connection limit so it will drop only 192.x.x.x the source. or is this something need to define under Connection rate limit?
also, need to know more how stress test works 😄 appreciate the help 🙂
It is not mentioned in the article that these limitations are for specific IPs, so think it is a generic one for all connections regardless of the source.
Regarding stress tests, it allows you to measure your web application’s reliability beyond normal load. Stress can be different based on the service running. For example, if we are talking about an HTTP web application, it can be sending many requests more than the server can handle to know the exact threshold that the server can receive and process under extreme conditions.
There are many tools that can be used, you will need to search on that topic to find the best fit.