Product Documentation

ns limitIdentifier

Sep 12, 2016

The following operations can be performed on "ns limitIdentifier":

add | rm | set | unset | show | stat

add ns limitIdentifier

Adds a limit identifier to check if the amount of traffic exceeds a specified value, within a particular time interval.

Synopsys

add ns limitIdentifier <limitIdentifier> [-threshold <positive_integer>] [-timeSlice <positive_integer>] [-mode <mode> [-limitType ( BURSTY | SMOOTH )]] [-selectorName <string>] [-maxBandwidth <positive_integer>] [-trapsInTimeSlice <positive_integer>]

Arguments

limitIdentifier

Name for a rate limit identifier. Must begin with an ASCII letter or underscore (_) character, and must consist only of ASCII alphanumeric or underscore characters. Reserved words must not be used.

threshold

Maximum number of requests that are allowed in the given timeslice when requests (mode is set as REQUEST_RATE) are tracked per timeslice.

When connections (mode is set as CONNECTION) are tracked, it is the total number of connections that would be let through.

Default value: 1

Minimum value: 1

timeSlice

Time interval, in milliseconds, specified in multiples of 10, during which requests are tracked to check if they cross the threshold. This argument is needed only when the mode is set to REQUEST_RATE.

Default value: 1000

Minimum value: 10

mode

Defines the type of traffic to be tracked.

* REQUEST_RATE - Tracks requests/timeslice.

* CONNECTION - Tracks active transactions.

Examples

1. To permit 20 requests in 10 ms and 2 traps in 10 ms:

add limitidentifier limit_req -mode request_rate -limitType smooth -timeslice 1000 -Threshold 2000 -trapsInTimeSlice 200

2. To permit 50 requests in 10 ms:

set limitidentifier limit_req -mode request_rate -timeslice 1000 -Threshold 5000 -limitType smooth

3. To permit 1 request in 40 ms:

set limitidentifier limit_req -mode request_rate -timeslice 2000 -Threshold 50 -limitType smooth

4. To permit 1 request in 200 ms and 1 trap in 130 ms:

set limitidentifier limit_req -mode request_rate -timeslice 1000 -Threshold 5 -limitType smooth -trapsInTimeSlice 8

5. To permit 5000 requests in 1000 ms and 200 traps in 1000 ms:

set limitidentifier limit_req -mode request_rate -timeslice 1000 -Threshold 5000 -limitType BURSTY

Possible values: CONNECTION, REQUEST_RATE, NONE

Default value: REQUEST_RATE

limitType

Smooth or bursty request type.

* SMOOTH - When you want the permitted number of requests in a given interval of time to be spread evenly across the timeslice

* BURSTY - When you want the permitted number of requests to exhaust the quota anytime within the timeslice.

This argument is needed only when the mode is set to REQUEST_RATE.

Possible values: BURSTY, SMOOTH

Default value: BURSTY

selectorName

Name of the rate limit selector. If this argument is NULL, rate limiting will be applied on all traffic received by the virtual server or the NetScaler (depending on whether the limit identifier is bound to a virtual server or globally) without any filtering.

maxBandwidth

Maximum bandwidth permitted, in kbps.

Minimum value: 0

Maximum value: 4294967287

trapsInTimeSlice

Number of traps to be sent in the timeslice configured. A value of 0 indicates that traps are disabled.

Minimum value: 0

Maximum value: 65535

Example

add ns limitIdentifier limit_id -threshold 2 -timeSlice 5000 -mode CONNECTION  -selectorName sel_1 -maxBandwidth 24 -trapsInTimeSlice 8

rm ns limitIdentifier

Removes a rate limit identifier from the appliance.

Synopsys

rm ns limitIdentifier <limitIdentifier>

Arguments

limitIdentifier

Name of the rate limit identifier to be removed.

Example

rm ns limitIdentifier limit_id

set ns limitIdentifier

Modifies the attributes of a rate limit identifier.

Synopsys

set ns limitIdentifier <limitIdentifier> [-threshold <positive_integer>] [-timeSlice <positive_integer>] [-mode <mode> [-limitType ( BURSTY | SMOOTH )]] [-selectorName <string>] [-maxBandwidth <positive_integer>] [-trapsInTimeSlice <positive_integer>]

Arguments

limitIdentifier

Name of the rate limit identifier to be modified.

threshold

Maximum number of requests that are allowed in the given timeslice when requests (mode is set as REQUEST_RATE) are tracked per timeslice.

When connections (mode is set as CONNECTION) are tracked, it is the total number of connections that would be let through.

Default value: 1

Minimum value: 1

timeSlice

Time interval, in milliseconds, specified in multiples of 10, during which requests are tracked to check if they cross the threshold. This argument is needed only when the mode is set to REQUEST_RATE.

Default value: 1000

Minimum value: 10

mode

Defines the type of traffic to be tracked.

* REQUEST_RATE - Tracks requests/timeslice.

* CONNECTION - Tracks active transactions.

Examples

1. To permit 20 requests in 10 ms and 2 traps in 10 ms:

add limitidentifier limit_req -mode request_rate -limitType smooth -timeslice 1000 -Threshold 2000 -trapsInTimeSlice 200

2. To permit 50 requests in 10 ms:

set limitidentifier limit_req -mode request_rate -timeslice 1000 -Threshold 5000 -limitType smooth

3. To permit 1 request in 40 ms:

set limitidentifier limit_req -mode request_rate -timeslice 2000 -Threshold 50 -limitType smooth

4. To permit 1 request in 200 ms and 1 trap in 130 ms:

set limitidentifier limit_req -mode request_rate -timeslice 1000 -Threshold 5 -limitType smooth -trapsInTimeSlice 8

5. To permit 5000 requests in 1000 ms and 200 traps in 1000 ms:

set limitidentifier limit_req -mode request_rate -timeslice 1000 -Threshold 5000 -limitType BURSTY

Possible values: CONNECTION, REQUEST_RATE, NONE

Default value: REQUEST_RATE

limitType

Smooth or bursty request type.

* SMOOTH - When you want the permitted number of requests in a given interval of time to be spread evenly across the timeslice

* BURSTY - When you want the permitted number of requests to exhaust the quota anytime within the timeslice.

This argument is needed only when the mode is set to REQUEST_RATE.

Possible values: BURSTY, SMOOTH

Default value: BURSTY

selectorName

Name of the rate limit selector. If this argument is NULL, rate limiting will be applied on all traffic received by the virtual server or the NetScaler (depending on whether the limit identifier is bound to a virtual server or globally) without any filtering.

maxBandwidth

Maximum bandwidth permitted, in kbps.

Minimum value: 0

Maximum value: 4294967287

trapsInTimeSlice

Number of traps to be sent in the timeslice configured. A value of 0 indicates that traps are disabled.

Minimum value: 0

Maximum value: 65535

Example

set ns limitIdentifier limit_id -threshold 2 -timeSlice 5000 -mode CONNECTION  -selectorName sel_1 -maxBandwidth 24 -trapsInTimeSlice 8

unset ns limitIdentifier

Use this command to remove ns limitIdentifier settings.Refer to the set ns limitIdentifier command for meanings of the arguments.

Synopsys

unset ns limitIdentifier <limitIdentifier> [-selectorName] [-threshold] [-timeSlice] [-mode] [-limitType] [-maxBandwidth] [-trapsInTimeSlice]

show ns limitIdentifier

Displays information about a rate limit identifier.

Synopsys

show ns limitIdentifier [<limitIdentifier>]

Arguments

limitIdentifier

Name of the rate limit identifier about which to display information. If a name is not provided, information about all rate limit identifiers is shown.

Outputs

ngname

Nodegroup name to which this identifier belongs to.

threshold

Maximum number of requests that are allowed in the given timeslice when requests (mode is set as REQUEST_RATE) are tracked per timeslice.

When connections (mode is set as CONNECTION) are tracked, it is the total number of connections that would be let through.

timeSlice

Defines the time interval in msecs specified in multiples of 10 msec during which the requests are tracked to see if they cross the threshold. It is used and displayed only when the mode is REQUEST_RATE while tracking request rate and for defining the trap timeslice.

mode

Defines the type of traffic to be tracked.

* REQUEST_RATE - Tracks requests/timeslice.

* CONNECTION - Tracks active transactions.

Examples

1. To permit 20 requests in 10 ms and 2 traps in 10 ms:

add limitidentifier limit_req -mode request_rate -limitType smooth -timeslice 1000 -Threshold 2000 -trapsInTimeSlice 200

2. To permit 50 requests in 10 ms:

set limitidentifier limit_req -mode request_rate -timeslice 1000 -Threshold 5000 -limitType smooth

3. To permit 1 request in 40 ms:

set limitidentifier limit_req -mode request_rate -timeslice 2000 -Threshold 50 -limitType smooth

4. To permit 1 request in 200 ms and 1 trap in 130 ms:

set limitidentifier limit_req -mode request_rate -timeslice 1000 -Threshold 5 -limitType smooth -trapsInTimeSlice 8

5. To permit 5000 requests in 1000 ms and 200 traps in 1000 ms:

set limitidentifier limit_req -mode request_rate -timeslice 1000 -Threshold 5000 -limitType BURSTY

limitType

Smooth or bursty request type.

* SMOOTH - When you want the permitted number of requests in a given interval of time to be spread evenly across the timeslice

* BURSTY - When you want the permitted number of requests to exhaust the quota anytime within the timeslice.

This argument is needed only when the mode is set to REQUEST_RATE.

selectorName

Name of the rate limit selector. If this argument is NULL, rate limiting will be applied on all traffic received by the virtual server or the NetScaler (depending on whether the limit identifier is bound to a virtual server or globally) without any filtering.

stateflag

This is used internally to identify ip addresses returned.

hits

The number of times this identifier was evaluated.

drop

The number of times action was taken.

rule

Rule.

time

Time interval considered for rate limiting

total

Maximum number of requests permitted in the computed timeslice

maxBandwidth

The maximum bandwidth in kbps permitted

trapsInTimeSlice

The maximum bandwidth permitted in kbps

trapsComputedInTimeSlice

The number of traps that would be sent in the timeslice configured.

computedTrapTimeSlice

The time interval computed for sending traps.

referenceCount

Total number of transactions pointing to this entry.

devno

count

Example

show ns limitIdentifier limit_id

stat ns limitIdentifier

Display statistics of a identifier.

Synopsys

stat ns limitIdentifier [<name> [<pattern> ...]] [-detail] [-fullValues] [-ntimes <positive_integer>] [-logFile <input_filename>] [-clearstats ( basic | full )] [-sortBy Hits [<sortOrder>]]

Arguments

name

The name of the identifier.

pattern

Pattern for the selector field, ? means field is required, * means field value does not matter, anything else is a regular pattern

detail

Specifies detailed output (including more statistics). The output can be quite voluminous. Without this argument, the output will show only a summary.

fullValues

Specifies that numbers and strings should be displayed in their full form. Without this option, long strings are shortened and large numbers are abbreviated

ntimes

The number of times, in intervals of seven seconds, the statistics should be displayed.

Default value: 1

Minimum value: 0

logFile

The name of the log file to be used as input.

clearstats

Clear the statsistics / counters

Possible values: basic, full

sortBy

use this argument to sort by specific key

Possible values: Hits

sortOrder

use this argument to specify sort order

Possible values: ascending, descending

Default value: SORT_DESCENDING

Outputs

count

devno

stateflag

Outputs

Rate Limit Identifier Hits (Hits)

Total hits.

Rate Limit Identifier Drops (Drops)

Total drops

Rate Limit Session Hits (Hits)

Total hits.