Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement binding-level rate limiting #22

Open
19 tasks
gnarea opened this issue Apr 6, 2020 · 0 comments
Open
19 tasks

Implement binding-level rate limiting #22

gnarea opened this issue Apr 6, 2020 · 0 comments
Labels
enhancement New feature or request
Milestone
General Availability

Comments

@gnarea
Copy link
Member

gnarea commented Apr 6, 2020
edited
Loading

To prevent abuse, we should rate-limit the operations from Internet clients. Most of the limits will be tied to the IP address of the client, and it is assumed that multiple private gateways can be behind the same IP address.

The following limits should be implemented, with the concrete parameters defined via configuration by the operator:

  • Number of HTTP requests per IP address across all bindings.
    • X requests per IP address per second.
    • Y requests per IP address per minute.
    • Z requests per IP address per hour.
  • PoWeb binding:
    • Number of private gateway registrations (global).
      • Y registrations per minute.
      • Z registrations per hour.
    • Number of private gateway registrations per IP address.
      • X registrations per IP address per minute.
      • Y registrations per IP address per hour.
      • Z registrations per IP address per day.
    • Number of parcel deliveries per IP address.
      • X deliveries per IP address per second.
      • Y deliveries per IP address per minute.
      • X deliveries per IP address per second.
    • Number of parcel collection requests per IP address. This boils down to: How many private gateways do we want to allow per IP address?
      • X requests per IP address per minute.
  • PoHTTP binding:
    • Number of parcel deliveries per IP address.
      • X deliveries per IP address per second.
      • Y deliveries per IP address per minute.
      • Z deliveries per IP address per hour.
  • CogRPC binding:
    • Number of cargo collection calls per IP address.
      • X calls per IP address per second.
      • Y calls per IP address per minute.
      • Z calls per IP address per hour.
    • Number of cargo delivery calls per IP address.
      • X calls per IP address per minute.

System and software stack

Use rate-limiter-flexible with a Redis backend.

Related issues
@gnarea gnarea added the enhancement New feature or request label Apr 6, 2020
@gnarea gnarea added this to the Production release milestone Apr 6, 2020
@gnarea gnarea mentioned this issue Apr 6, 2020
Open
6 tasks
@gnarea gnarea changed the title Implement binding-agnostic throttling to prevent abuse Implement binding-level rate limiting Jul 18, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
General Availability
Development

No branches or pull requests
1 participant
@gnarea