Hi Jarno , I want to rate limit based on url [/api/v1/monitoring-event/A000001, /api/v1/client1/transfer_data, /api/v1/client2/transfer_data ] no matter what the source ip address is.
thanks badari On Mon, Feb 11, 2019 at 7:34 PM Jarno Huuskonen <[email protected]> wrote: > Hi, > > On Mon, Feb 11, Badari Prasad wrote: > > Thank you for the response. I came up with my own haproxy cfg, where > i > > would want to rate limit based on event name and client id in url. > > URL ex : /api/v1/<event_name>/<clientid> > > > > Have attached a file for my haproxy cfg. But it does not seems to be > rate > > limiting the incoming requests. > > > backend st_src_monte > > stick-table type string size 1m expire 10s store http_req_rate(10s) > > ... > > > > acl monte_as1_exceeds_limit src_http_req_rate(st_src_as1_monte) gt 990 > > acl monte_in_limit src_http_req_rate(st_src_as1_monte) lt 1000 > > http-request track-sc0 src table st_src_as1_monte > > There's no st_src_as1_monte table in your example config, there's > st_src_monte table. > > > http-request deny deny_status 429 if { path_beg > /api/v1/monitoring-event/A000001 AND monte_as1_exceeds_limit } > > You're tracking connections with src, but the stick table is type string, > have you checked from admin socket that the stick table has entries, > something like: > echo 'show table st_src_monte' | nc -U /var/lib/haproxy/stats > (insted of nc -U, socat stdio /var/lib/haproxy/stats should also work). > > If you want to track src ip, then stick-table type ip or ipv6 is > probably better. > > >> I would want to configure 1000 tps for url > /api/v1/client1/transfer_data or > >> 500 tps for /api/v1/client2/user_data and so on.... > > Do you mean that only 1000 tps goes to > /api/v1/client1/transfer_data (no matter what the source ip addresses > are) or each source ip can send 1000 tps to /api/v1/client1/transfer_data ? > > -Jarno > > -- > Jarno Huuskonen >
