Hi, On Fri, 2020-04-17 at 20:22 +0200, Olivier D wrote: > Hello everyone, > I would like to implement a "max concurrent connection" in HAProxy. > This is easy to do at TCP level : > > stick-table type ipv6 size 100k expire 30s store conn_cur > http-request track-sc0 src > http-request deny deny_status 429 if { src_conn_cur ge 20 } > > But now, I want to do the same for concurrent HTTP queries, based on > header 'X-Forwarded-For'. For example, I want to send a 429 error > code if someone is sending an HTTP query when he already have 20 > ongoing. > > My first tries are based on something like this : > stick-table type ipv6 size 100k expire 30s store > http_req_rate(10s) > http-request track-sc0 req.hdr( X-Forwarded-For )
Does it work if you use: http-request track-sc0 req.hdr_ip(X-Forwarded-For) ( https://cbonte.github.io/haproxy-dconv/2.0/configuration.html#7.3.6-req.hdr_ip ) Do you get any entries in the stick-table (show table ... command to stats socket). -Jarno > http-request deny deny_status 429 if { sc0_conn_cur ge 20 } > > but it doesn't seem to work the way I want ... -- Jarno Huuskonen