GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  PERLBAL::PLUGIN::THROTTLE (3)

.ds Aq ’

NAME

Perlbal::Plugin::Throttle - Perlbal plugin that throttles connections from hosts that connect too frequently.

CONTENTS

SYNOPSIS



    # in perlbal.conf

    LOAD Throttle

    CREATE POOL web
        POOL web ADD 10.0.0.1:80

    CREATE SERVICE throttler
        SET role                        = reverse_proxy
        SET listen                      = 0.0.0.0:80
        SET pool                        = web

        # adjust throttler aggressiveness
        SET initial_delay               = 10
        SET max_delay                   = 60
        SET throttle_threshold_seconds  = 3
        SET max_concurrent              = 2
        SET ban_threshold               = 4
        SET ban_expiration              = 180

        # limit which requests are throttled
        SET path_regex                  = ^/webapp/
        SET method_regex                = ^GET$

        # allow or ban specific addresses or range (requires Net::CIDR::Lite)
        SET whitelist_file              = conf/whitelist.txt
        SET blacklist_file              = conf/blacklist.txt

        # granular logging (requires Perlbal::Plugin::Syslogger)
        SET log_events                  = ban,unban,throttled,banned
        SET log_only                    = false

        # share state between perlbals (requires Cache::Memcached::Async)
        SET memcached_servers           = 10.0.2.1:11211,10.0.2.2:11211
        SET memcached_async_clients     = 4
        SET instance_name               = mywebapp

        SET plugins                     = Throttle
    ENABLE throttler



DESCRIPTION

This plugin intercepts HTTP requests to a Perlbal service and slows or drops connections from IP addresses which are determined to be connecting too fast.

BEHAVIOR

An IP address address may be in one of four states depending on its recent activity; that state determines how new requests from the IP are handled:
o <B>allowedB>

An IP begins in the <B>allowedB> state. When a request is received from an IP in this state, the request is handled immediately and the IP enters the <B>probationB> state.

o <B>probationB>

If no requests are received from an IP in the <B>probationB> state for throttle_threshold_seconds, it returns to the <B>allowedB> state.

When a new request is received from an IP in the <B>probationB> state, the IP enters the <B>throttledB> state and is assigned a delay property initially equal to initial_delay. Connection to a backend is postponed for delay seconds while perlbal continues to work. If the connection is still open after the delay, the request is then handled normally. A dropped connection does not change the IP’s delay value.

o <B>throttledB>

If no requests are received from an IP in the <B>throttledB> state for delay seconds, it returns to the <B>probationB> state.

When a new request is received from an IP in the <B>throttledB> state, its violations property is incremented, and its delay property is doubled (up to a maximum of max_delay). The request is postponed for the new value of delay.

Only after the most recently created connection from a given IP exits the <B>throttledB> state do violations and delay reset to 0.

Furthermore, if the violations exceeds ban_threshold, the connection is closed and the IP moves to the <B>bannedB> state.

IPs in the <B>throttledB> state may have no more than max_concurrent connections being delayed at once. Any additional requests received in that circumstance are sent a 503 Too many connections response. Long-running requests which have already been connected to a backend do not count towards this limit.

o <B>bannedB>

New connections from IPs in the banned state are immediately closed with a 403 error response.

An IP leaves the <B>bannedB> state after ban_expiration seconds have elapsed.

FEATURES

o IP whitelist

Connections from IPs/CIDRs listed in the file specified by whitelist_file are always allowed.

o IP blacklist

Connections from IPs/CIDRs listed in the file specified by blacklist_file immediately sent a 403 Forbidden response.

o Flexible attack response

For services where throttling should not normally be enabled, use the default_action tunable. When default_action is set to allow, new connections from non-white/blacklisted IPs will not be throttled.

Furthermore, if throttling should only apply to specific clients, set blacklist_action to throttle. Blacklisted connections will then be throttled instead of denied.

o Dynamic configuration

Most service tunables may be updated from the management port, after which the new values will be respected (although see CAVEATS). To reload the whitelist and blacklist files, issue the throttle reload whitelist or throttle reload blacklist command to the service.

o Path specificity

Throttling may be restricted to URI paths matching the path_regex regex.

o External shared state

The plugin stores state which IPs have been seen in a memcached(1) instance. This allows many throttlers to share their state and also minimizes memory use within the perlbal. If state exceeds the capacity of the memcacheds, the least-recently seen IPs will be forgotten, effectively resetting them to the <B>allowedB> state.

Orthogonally, multiple throttlers which need to share memcacheds but not state may specify distinct instance_name values.

o Logging

If Perlbal::Plugin::Syslogger is installed and registered with the service, Throttle can use it to send syslog messages regarding actions that are taken. Granular control for which events are logged is available via the log_events parameter. log_events is composed of one or more of the following events, separated by commas:
o ban

Log when a temporary local ban is added for an IP address.

o unban

Log when a temporary local ban is removed for an IP address.

o whitelisted

Log when a request is allowed because the source IP is on the whitelist.

o blacklisted

Log when a request is denied or throttled because the source IP is on the blacklist.

o banned

Log when a request is denied because the source IP is on the temporary ban list for connecting excessively.

o concurrent

Log when a request is denied because the source IP has too many open connections waiting to be unthrottled.

o throttled

Log when a request is throttled because the source IP was not on the whitelist or blacklist.

o all

Enables all the above logging options.

o none

Disables all the above logging options.

CAVEATS

o Dynamic configuration changes

Changes to certain service tunables will not be noticed until the <B>throttle reload configB> management command is issued. These include log_events, path_regex, and method_regex).

Changes to certain other tunables will not be respected after the plugin has been registered. These include memcached_servers and memcached_async_clients.

o List loading is blocking

The throttle reload whitelist and throttle reload blacklist management commands load the whitelist and blacklist files synchronously, which will cause the perlbal to hang until it completes.

o Redirects

If a handled request returns a 30x response code and the redirect URI is also throttled, then the client’s attempt to follow the redirect will necessarily be delayed by initial_delay. Fixing this would require that the plugin inspect the HTTP response headers, which would incur a lot of overhead. To workaround, try to have your backend not return 30x’s if both the original and redirect URI are proxied by the same throttler instance (yes, this is difficult for the case where a backend 302s to add a trailing / to a directory).

OPTIONAL DEPENDENCIES

o Cache::Memcached::Async

Required for memcached support. This is the supported way to share state between different perlbal instances.

o Net::CIDR::Lite

Required for blacklist/whitelist support.

o Perlbal::Plugin::Syslogger

Required for event logging support.

SEE ALSO

o List of tunables in Throttle.pm.

TODO

o Fix white/blacklist loading

Load CIDR lists asynchronously (perhaps in the manner of Perlbal::Pool::_load_nodefile_async).

AUTHOR

Adam Thomason, <athomason@cpan.org>

COPYRIGHT AND LICENSE

Copyright (C) 2007-2011 by Say Media Inc, <cpan@sixapart.com>

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available.

Search for    or go to Top of page |  Section 3 |  Main Index


perl v5.20.3 PERLBAL::PLUGIN::THROTTLE (3) 2012-02-01

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.