ns-limitIdentifier¶
The following operations can be performed on "ns-limitIdentifier":
unset| stat| set| add| rm| show|
unset ns limitIdentifier¶
Use this command to remove ns limitIdentifier settings.Refer to the set ns limitIdentifier command for meanings of the arguments.
Synopsis¶
unset ns limitIdentifier
stat ns limitIdentifier¶
Display statistics of a identifier.
Synopsis¶
stat ns limitIdentifier [
Arguments¶
name The name of the identifier.
pattern Pattern for the selector field, ? means field is required, * means field value does not matter, anything else is a regular pattern
detail Specifies detailed output (including more statistics). The output can be quite voluminous. Without this argument, the output will show only a summary.
fullValues Specifies that numbers and strings should be displayed in their full form. Without this option, long strings are shortened and large numbers are abbreviated
ntimes The number of times, in intervals of seven seconds, the statistics should be displayed. Default value: 1 Minimum value: 0
logFile The name of the log file to be used as input.
clearstats Clear the statsistics / counters
Possible values: basic, full
sortBy use this argument to sort by specific key
Possible values: Hits
sortOrder use this argument to specify sort order
Possible values: ascending, descending Default value: SORT_DESCENDING
Output¶
count devno stateflag
Counters¶
Rate Limit Identifier Hits (Hits) Total hits.
Rate Limit Identifier Drops (Drops) Total drops
Rate Limit Session Hits (Hits) Total hits.
Related Commands¶
set ns limitIdentifier¶
Modifies the attributes of a rate limit identifier.
Synopsis¶
set ns limitIdentifier
Arguments¶
limitIdentifier Name of the rate limit identifier to be modified.
threshold Maximum number of requests that are allowed in the given timeslice when requests (mode is set as REQUEST_RATE) are tracked per timeslice. When connections (mode is set as CONNECTION) are tracked, it is the total number of connections that would be let through. Default value: 1 Minimum value: 1
timeSlice Time interval, in milliseconds, specified in multiples of 10, during which requests are tracked to check if they cross the threshold. This argument is needed only when the mode is set to REQUEST_RATE. Default value: 1000 Minimum value: 10
mode Defines the type of traffic to be tracked. * REQUEST_RATE - Tracks requests/timeslice. * CONNECTION - Tracks active transactions.
Examples
-
To permit 20 requests in 10 ms and 2 traps in 10 ms: add limitidentifier limit_req -mode request_rate -limitType smooth -timeslice 1000 -Threshold 2000 -trapsInTimeSlice 200
-
To permit 50 requests in 10 ms: set limitidentifier limit_req -mode request_rate -timeslice 1000 -Threshold 5000 -limitType smooth
-
To permit 1 request in 40 ms: set limitidentifier limit_req -mode request_rate -timeslice 2000 -Threshold 50 -limitType smooth
-
To permit 1 request in 200 ms and 1 trap in 130 ms: set limitidentifier limit_req -mode request_rate -timeslice 1000 -Threshold 5 -limitType smooth -trapsInTimeSlice 8
-
To permit 5000 requests in 1000 ms and 200 traps in 1000 ms: set limitidentifier limit_req -mode request_rate -timeslice 1000 -Threshold 5000 -limitType BURSTY
Possible values: CONNECTION, REQUEST_RATE, NONE Default value: REQUEST_RATE
limitType Smooth or bursty request type. * SMOOTH - When you want the permitted number of requests in a given interval of time to be spread evenly across the timeslice * BURSTY - When you want the permitted number of requests to exhaust the quota anytime within the timeslice. This argument is needed only when the mode is set to REQUEST_RATE.
Possible values: BURSTY, SMOOTH Default value: BURSTY
selectorName Name of the rate limit selector. If this argument is NULL, rate limiting will be applied on all traffic received by the virtual server or the Citrix ADC (depending on whether the limit identifier is bound to a virtual server or globally) without any filtering.
maxBandwidth Maximum bandwidth permitted, in kbps. Minimum value: 0 Maximum value: 4294967287
trapsInTimeSlice Number of traps to be sent in the timeslice configured. A value of 0 indicates that traps are disabled. Minimum value: 0 Maximum value: 65535
Example¶
set ns limitIdentifier limit_id -threshold 2 -timeSlice 5000 -mode CONNECTION -selectorName sel_1 -maxBandwidth 24 -trapsInTimeSlice 8
add ns limitIdentifier¶
Adds a limit identifier to check if the amount of traffic exceeds a specified value, within a particular time interval.
Synopsis¶
add ns limitIdentifier
Arguments¶
limitIdentifier Name for a rate limit identifier. Must begin with an ASCII letter or underscore (_) character, and must consist only of ASCII alphanumeric or underscore characters. Reserved words must not be used.
threshold Maximum number of requests that are allowed in the given timeslice when requests (mode is set as REQUEST_RATE) are tracked per timeslice. When connections (mode is set as CONNECTION) are tracked, it is the total number of connections that would be let through. Default value: 1 Minimum value: 1
timeSlice Time interval, in milliseconds, specified in multiples of 10, during which requests are tracked to check if they cross the threshold. This argument is needed only when the mode is set to REQUEST_RATE. Default value: 1000 Minimum value: 10
mode Defines the type of traffic to be tracked. * REQUEST_RATE - Tracks requests/timeslice. * CONNECTION - Tracks active transactions.
Examples
-
To permit 20 requests in 10 ms and 2 traps in 10 ms: add limitidentifier limit_req -mode request_rate -limitType smooth -timeslice 1000 -Threshold 2000 -trapsInTimeSlice 200
-
To permit 50 requests in 10 ms: set limitidentifier limit_req -mode request_rate -timeslice 1000 -Threshold 5000 -limitType smooth
-
To permit 1 request in 40 ms: set limitidentifier limit_req -mode request_rate -timeslice 2000 -Threshold 50 -limitType smooth
-
To permit 1 request in 200 ms and 1 trap in 130 ms: set limitidentifier limit_req -mode request_rate -timeslice 1000 -Threshold 5 -limitType smooth -trapsInTimeSlice 8
-
To permit 5000 requests in 1000 ms and 200 traps in 1000 ms: set limitidentifier limit_req -mode request_rate -timeslice 1000 -Threshold 5000 -limitType BURSTY
Possible values: CONNECTION, REQUEST_RATE, NONE Default value: REQUEST_RATE
limitType Smooth or bursty request type. * SMOOTH - When you want the permitted number of requests in a given interval of time to be spread evenly across the timeslice * BURSTY - When you want the permitted number of requests to exhaust the quota anytime within the timeslice. This argument is needed only when the mode is set to REQUEST_RATE.
Possible values: BURSTY, SMOOTH Default value: BURSTY
selectorName Name of the rate limit selector. If this argument is NULL, rate limiting will be applied on all traffic received by the virtual server or the Citrix ADC (depending on whether the limit identifier is bound to a virtual server or globally) without any filtering.
maxBandwidth Maximum bandwidth permitted, in kbps. Minimum value: 0 Maximum value: 4294967287
trapsInTimeSlice Number of traps to be sent in the timeslice configured. A value of 0 indicates that traps are disabled. Minimum value: 0 Maximum value: 65535
Example¶
add ns limitIdentifier limit_id -threshold 2 -timeSlice 5000 -mode CONNECTION -selectorName sel_1 -maxBandwidth 24 -trapsInTimeSlice 8
rm ns limitIdentifier¶
Removes a rate limit identifier from the appliance.
Synopsis¶
rm ns limitIdentifier
Arguments¶
limitIdentifier Name of the rate limit identifier to be removed.
Example¶
rm ns limitIdentifier limit_id
show ns limitIdentifier¶
Displays information about a rate limit identifier.
Synopsis¶
show ns limitIdentifier [
Arguments¶
limitIdentifier Name of the rate limit identifier about which to display information. If a name is not provided, information about all rate limit identifiers is shown.
Output¶
ngname Nodegroup name to which this identifier belongs to.
threshold Maximum number of requests that are allowed in the given timeslice when requests (mode is set as REQUEST_RATE) are tracked per timeslice. When connections (mode is set as CONNECTION) are tracked, it is the total number of connections that would be let through.
timeSlice Defines the time interval in msecs specified in multiples of 10 msec during which the requests are tracked to see if they cross the threshold. It is used and displayed only when the mode is REQUEST_RATE while tracking request rate and for defining the trap timeslice.
mode Defines the type of traffic to be tracked. * REQUEST_RATE - Tracks requests/timeslice. * CONNECTION - Tracks active transactions.
Examples
-
To permit 20 requests in 10 ms and 2 traps in 10 ms: add limitidentifier limit_req -mode request_rate -limitType smooth -timeslice 1000 -Threshold 2000 -trapsInTimeSlice 200
-
To permit 50 requests in 10 ms: set limitidentifier limit_req -mode request_rate -timeslice 1000 -Threshold 5000 -limitType smooth
-
To permit 1 request in 40 ms: set limitidentifier limit_req -mode request_rate -timeslice 2000 -Threshold 50 -limitType smooth
-
To permit 1 request in 200 ms and 1 trap in 130 ms: set limitidentifier limit_req -mode request_rate -timeslice 1000 -Threshold 5 -limitType smooth -trapsInTimeSlice 8
-
To permit 5000 requests in 1000 ms and 200 traps in 1000 ms: set limitidentifier limit_req -mode request_rate -timeslice 1000 -Threshold 5000 -limitType BURSTY
limitType Smooth or bursty request type. * SMOOTH - When you want the permitted number of requests in a given interval of time to be spread evenly across the timeslice * BURSTY - When you want the permitted number of requests to exhaust the quota anytime within the timeslice. This argument is needed only when the mode is set to REQUEST_RATE.
selectorName Name of the rate limit selector. If this argument is NULL, rate limiting will be applied on all traffic received by the virtual server or the Citrix ADC (depending on whether the limit identifier is bound to a virtual server or globally) without any filtering.
stateflag This is used internally to identify ip addresses returned.
hits The number of times this identifier was evaluated.
drop The number of times action was taken.
rule Rule.
time Time interval considered for rate limiting
total Maximum number of requests permitted in the computed timeslice
maxBandwidth The maximum bandwidth in kbps permitted
trapsInTimeSlice The maximum bandwidth permitted in kbps
trapsComputedInTimeSlice The number of traps that would be sent in the timeslice configured.
computedTrapTimeSlice The time interval computed for sending traps.
referenceCount Total number of transactions pointing to this entry.
devno count
Example¶
show ns limitIdentifier limit_id