We are testing the Spike Arrest policies of our proxies lately and the error messages returned seem unpredictable. Sometimes it's triggered when there are still requests available and sometimes it's not triggered even after surpassing the limit configured.
Here's how the policy is written:
The trace results:
Error returned:
Is this how it's supposed to be? If yes, is there any configuration to make it more intuitive?
Solved! Go to Solution.
The behavior you're expecting falls more under the actual behavior of a quota policy instead of a spike arrest.
Spike arrest divides the amount of requests from minutes to seconds in order to prevent attacks.
The following example sets the rate to 12 per minute:
<SpikeArrest name="Spike-Arrest-1">
<Rate>12pm</Rate>
<UseEffectiveCount>true</UseEffectiveCount>
</SpikeArrest>
This sample policy allows a maximum of 12 requests per minute at the rate of one request per 5 second (60/12) interval. If there is more than one request in the 5 second interval, such requests are allowed (no smoothing) provided the number of requests is less than the configured rate limit of 12 per minute.
If your expected behavior is for your requests to add up until 9 and then return an error code, using a quota is what you're looking for.
Here is a video explaining the main differences between the two.
The behavior you're expecting falls more under the actual behavior of a quota policy instead of a spike arrest.
Spike arrest divides the amount of requests from minutes to seconds in order to prevent attacks.
The following example sets the rate to 12 per minute:
<SpikeArrest name="Spike-Arrest-1">
<Rate>12pm</Rate>
<UseEffectiveCount>true</UseEffectiveCount>
</SpikeArrest>
This sample policy allows a maximum of 12 requests per minute at the rate of one request per 5 second (60/12) interval. If there is more than one request in the 5 second interval, such requests are allowed (no smoothing) provided the number of requests is less than the configured rate limit of 12 per minute.
If your expected behavior is for your requests to add up until 9 and then return an error code, using a quota is what you're looking for.
Here is a video explaining the main differences between the two.