Hi, Yes, Haproxy can limit rate connection. Please look for "rate-limit sessions" and "fe_sess_rate" in the configuration.txt documentation [1].
In HAproxy 1.5 [2], there are a few more options, like src_conn_XXXX which are more accurate and might help you better. Bear in mind that 1.5 is still in development. [1] http://haproxy.1wt.eu/download/1.4/doc/configuration.txt [2] http://haproxy.1wt.eu/download/1.5/doc/configuration.txt On Sat, Mar 19, 2011 at 9:31 PM, Allan Wind <[email protected]> wrote: > Is there a way to rate limit per IP (or CDIR)? In the sense our > global capacity (rate limit sessions) might be x requests/sec, > but to protect against abusive bots or DOS attacks we would to > also limit any IP or ideally some bigger buckets like a CDIR to > say x/100 requests/sec. > > > /Allan > -- > Allan Wind > Life Integrity, LLC > <http://lifeintegrity.com> > >
