I was creating counter-measures against a DOS attack, but I failed to
understand some numbers I received.
I'm using HAProxy 2.0.14

My (expurged) frontend config is :

listen test
    bind X.X.X.X:443
    maxconn 65536
    rate-limit sessions 128

But during the attack, the following numbers are reported on HAProxy status
page :
Session rate: max=1821 ; limit=128
Putting cursor on "max" shows :
max connection rate: 2368/s
max session rate: 1821/s
max request rate: 3901/s

I wondered why session-rate exceeded my maximal number of 128 I set on
config file. I'm probably not understanding something correctly here. The
documentation seems quite clear : "Since the session rate is measured every
millisecond, it is extremely accurate"

Any clue ?

Unfortunately I was not quick enough to record the traffic received, or
dump internal HAProxy counters when this happens :(

Thank you !


Reply via email to