Citrix ADC 13.0

Limit the number of concurrent requests on a client connection

You can limit the number of concurrent requests on a single client connection. You can protect the servers from security vulnerabilities by limiting the number of concurrent requests. When the client connection reaches the specified maximum limit, the Citrix ADC appliance drops subsequent requests on the connection until the outstanding request count goes below the limit.

You can configure the maxPipelineNat parameter to limit the number of concurrent requests on a single client connection. This parameter is applicable only to the following service types and when “svrTimeout” is set to zero:

  • ANY
  • All UDP service types except DNS

The default value of maxPipelineNat parameter is 255. A value of zero (0) applies no limit to the number of concurrent requests. When no limit is set, the Citrix ADC appliance executes all requests.

Note

If you set MaxpipelineNAT to a higher value, then the probability of spoofing attack can be higher. Hence, it is recommended to set MaxpipelineNAT to a lower value.

To limit the number of concurrent connections for a client by using the CLI

At the command prompt, type:

set lb parameter -maxPipelineNat <positive_integer>

Example:

set lb parameter -maxPipelineNat 199

To limit the number of concurrent connections for a client by using the GUI

Navigate to Traffic Management > Load Balancing > Configure Load Balancing Parameters, specify a value for Max Pipeline NAT requests.

Limit the number of concurrent requests on a client connection