[83521] in North American Network Operators' Group
Re: OT? Device to limit simultaneous connections per host?
daemon@ATHENA.MIT.EDU (Fergie (Paul Ferguson))
Wed Aug 17 18:05:35 2005
From: "Fergie (Paul Ferguson)" <fergdawg@netzero.net>
Date: Wed, 17 Aug 2005 22:03:56 GMT
To: dhubbard@dino.hostasaurus.com
Cc: nanog@merit.edu
Errors-To: owner-nanog@merit.edu
WFQ/wRED? :-)
- ferg
-- "David Hubbard" <dhubbard@dino.hostasaurus.com> wrote:
Hello everyone, I'm curious if anyone knows of a
device that can throttle or limit a remote
host's simultaneous connections or requests per
second for web traffic on a per-IP basis. So I
don't want to say web server X can only have 100
simultaneous connections and 10 requests per second.
I want to say that for any given IP connecting to
web server X, any one IP can have no more than 5 open
connections and should be throttled if it starts
making more than ten requests per second. If it
could even be url-aware in that it could only apply
the rules to specific types of web requests, that
would be even better.
The motivation here is to find a piece of equipment
that can protect compute-intensive, database-driven
websites from overly aggressive proxies, firewalls,
search engines, etc. which like to hammer a given
site with 50+ simultaneous requests against pages
that could potentially need a few seconds of
processing time per request.
I've looked at a Packeteer PacketShaper running
in reverse of what it normally would, trying to
throttle and shape requests against the server
rather than optimizing traffic for a low speed
link like it was designed, but that didn't really
work out as it could not have the policies applied
on a per remote IP basis.
Thanks,
David
