Hi,

On Fri, 2020-04-17 at 20:22 +0200, Olivier D wrote:
> Hello everyone,
> I would like to implement a "max concurrent connection" in HAProxy.
> This is easy to do at TCP level : 
> 
>     stick-table  type ipv6 size 100k  expire 30s  store conn_cur
>     http-request track-sc0 src
>     http-request deny deny_status 429 if { src_conn_cur ge 20 }
> 
> But now, I want to do the same for concurrent HTTP queries, based on
> header 'X-Forwarded-For'. For example, I want to send a 429 error
> code if someone is sending an HTTP query when he already have 20
> ongoing.
> 
> My first tries are based on something like this : 
>    stick-table type ipv6 size 100k  expire 30s  store
> http_req_rate(10s)
>    http-request track-sc0 req.hdr( X-Forwarded-For )

Does it work if you use:
http-request track-sc0 req.hdr_ip(X-Forwarded-For)
(
https://cbonte.github.io/haproxy-dconv/2.0/configuration.html#7.3.6-req.hdr_ip
)

Do you get any entries in the stick-table (show table ... command to
stats socket).

-Jarno

>    http-request deny deny_status 429 if { sc0_conn_cur ge 20 }
> 
> but it doesn't seem to work the way I want ...

-- 
Jarno Huuskonen

Reply via email to