[squid-users] limit new req/sec on squid to X per sec

--Ahmad-- ahmed.zaeem at netstream.ps
Wed Nov 27 12:03:44 UTC 2019 

Hello Amos , Thank you for your response .

we have an APP behind squid http APP that will crash if # of (req/sec ) exceeded X .
it won’t crash about Already established session , it only care about new req/sec hitting squid .

I think its doable by iptables , but i really was hopping we can do it from squid level .

so you can imagine http req/sec or tcp req/sec same here as squid is being used only on http protocol .


Let me know your thoughts .


Thanks 


> On Nov 27, 2019, at 2:57 PM, Amos Jeffries <squid3 at treenet.co.nz> wrote:
> 
> On 27/11/19 6:31 pm, --Ahmad-- wrote:
>> Hello Folks ,
>> 
>> 
>> im looking for limiting TCP req/sec on squid to X speed .
>> 
> 
> TCP does not make requests.
> 
>> 
>> say i have an instance running .
>> 
>> 
>> i want to limit it to 100 req/sec for “new connections “ not  just for concurrent connections .
>> 
> 
> req/sec is an HTTP term to Squid. It has nothing to do with "connections".
> 
> The part where you say "not just for concurrent connections" implies
> that is something Squid does, does not match up with any existing Squid
> behaviour or features. Squid does not limit req/sec for anything.
> 
> Squid can limit *bytes* per second. Or limit total connections a given
> client has open concurrently.
> 
> 
>> so if connection is old or “ established “ its out of the game .
> 
> In HTTP terms there is no such thing as a connection.
> 
> In TCP terms a connection is established as soon as it exists. If you
> mean the TCP handshake process, that is a thing for firewall rules to
> control. Squid cannot prevent SYN packets being sent to it.
> 
> 
> If you mean something else, then please define this concept you have of
> "new connection".
> 
> 
>> if the connection is new , all new should be limited to 100 req/sec .
>> 
>> i made search on all max_conn but it seems count “concurrent sessions “ even old +  new .
>> 
>> is there a way in squid to limit only new sessions ?
>> 
> 
> Sessions are a very different thing to connections.
> 
> max_conn as its name should indicate sets the maximum connection count a
> client can open *concurrently*.
> 
> 
> Why exactly do you want this?
> 
> What problem will it solve?
> 
> 
> Amos
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

More information about the squid-users mailing list