iRule implementation for limiting concorrent connections

Question

Hello All,&nbsp;
&nbsp;We are running the BIG-IP LTM 1600 ver. 10.2.2 &nbsp;
&nbsp;I need help to know how we can implement an iRule to limit the number of concorrent connection per server. &nbsp;
&nbsp;We have one applicaiton where there is a need to implement some kind of rule which can bind the number of concorrent connection reaching to some limit let's say 500. I tried to implement using the 'connection limit' option available in VS setting. Setting this blocks the existing connection if it open another stream or connection. &nbsp;
&nbsp;User don't want to loose the existing connection but want to stop NEW connection. &nbsp;
&nbsp;Is there any way to implement the same. &nbsp;
&nbsp;Thanks in advance. &nbsp;
&nbsp;- Ankit

hooleylist · Answer

Hi Ankit, 
&nbsp;  
&nbsp; You could track current client IP addresses in a subtable and the current connection count in a table entry and only reject connections from clients not in a subtable when the connections hit your threshold.  See Spark's table articles for details: 
&nbsp;  
&nbsp; https://devcentral.f5.com/wiki/iRules.table.ashx 
&nbsp; https://devcentral.f5.com/Default.aspx?tabid=63&amp;articleType=ArticleView&amp;articleId=2375 
&nbsp;  
&nbsp; Aaron

Forum Discussion

iRule implementation for limiting concorrent connections

1 Reply

Recent Discussions

Pricing when used with aws waf

F5 Rseries R2600 Tenant sizing

iRule help masking IBM host URL/URI

Need advise to setup a policy on F5

Advise on setting up IRULE

Related Content

CORS implementation

Implementing basic OAuth with F5 BIG-IP APM

API Security: How to implement API Access Control with F5

Implementing SSL Orchestrator with OPSWAT MetaDefender

Implement WAF service