cancel
Showing results for 
Search instead for 
Did you mean: 

Custom connection rate limit per ip list or per http header Irule

Echoman
Nimbostratus
Nimbostratus

Hello . 

I am new to F5 and still learning so i need you help with this task my manager gave me . 

As i understand there is a way to customise connection rate limit on VIP . So my task is to protect web application from http request flood . I have whitelist ip range and I am sure that from it there will be no flood. Also i have http requests from AWS which has custom http header and this reqeust also are clean . So i need to create Irule to set connection rate limit for this conditions for example 1000, and if none of this conditions are true , then connection rate limit must be 100. 

I have seen similar example in this lab . But i dont know how to edit this rule for my purpose. 

https://clouddocs.f5.com/training/community/irules/html/class2/module1/lab2.html

Can you help me to create this Irule ?  

P.S  My web application now has approximately 800 conn/s . I know that in Irule i need to use Table command. How much memory will it take to handle such traffic? 

 

 

 

1 REPLY 1

You may see my irule as a base reference:

 

https://community.f5.com/t5/technical-forum/f5-irule-table-command-rate-limit-or-block-http-requests...

 

 

For calculating how much memory it will take there is no way for that that I know of but even when I used the table command I didn't have any issues withe F5 memory and usually the F5 irules impact the CPU the most so there is a calculator for that:

 

 

https://community.f5.com/t5/crowdsrc/irules-runtime-calculator-spreadsheet-generator/ta-p/285478