----- Original Message ----- From: "David Hubbard" <dhubbard@dino.hostasaurus.com> To: <nanog@merit.edu> Sent: Wednesday, August 17, 2005 5:50 PM Subject: OT? Device to limit simultaneous connections per host?
Hello everyone, I'm curious if anyone knows of a device that can throttle or limit a remote host's simultaneous connections or requests per second for web traffic on a per-IP basis. --- snip ---
not exactly what you want, but mod_throttle will do (some of) this if you are using apache. however, keep in mind that mod_throttle had an integer underflow bug affecting its concurrent connection counter last time i used it. it's fairly trivial to find and fix and i still have the patch somewhere i think. it was also forwarded to the author, who regrettably expressed little interest in applying it for reasons best known to him (and no longer remembered by me). on a more general note, it is important to think carefully about what it is that you really want to throttle. throttling connections is easy (or easier at least) in comparison to throttling requests, since the latter can be done only if a) you are doing this throttling within the webserver (you already have a request sequence) or b) if you parse individual requests out of a pipelined request stream yourself. you should likewise consider how said throttling should take place - do you want to 'shape' (block for a period of time) or 'rate limit' (drop on the floor)? if it is the former, doing it after it hits your webserver is significantly less useful than preventing it from hitting it in the first place. not sure how on-topic this is (wrt nanog *or* the op's question), so i've kept it to a few assorted thoughts. hth. -p --- paul galynin