Are you an EPFL student looking for a semester project?
Work with us on data science and visualisation projects, and deploy your project as an app on top of Graph Search.
Concept
Rate limiting
Summary
In computer networks, rate limiting is used to control the rate of requests sent or received by a network interface controller. It can be used to prevent DoS attacks and limit web scraping.
Research indicates flooding rates for one zombie machine are in excess of 20 HTTP GET requests per second, legitimate rates much less.
Hardware appliances can limit the rate of requests on layer 4 or 5 of the OSI model.
Rate limiting can be induced by the network protocol stack of the sender due to a received ECN-marked packet and also by the network scheduler of any router along the way.
While a hardware appliance can limit the rate for a given range of IP-addresses on layer 4, it risks blocking a network with many users which are masked by NAT with a single IP address of an ISP.
Deep packet inspection can be used to filter on the session layer but will effectively disarm encryption protocols like TLS and SSL between the appliance and the protocol server (i.e. web server).
Protocol servers using a request / response model, such as FTP servers or typically Web servers may use a central in-memory key-value database, like Redis or Aerospike, for session management. A rate limiting algorithm is used to check if the user session (or IP address) has to be limited based on the information in the session cache.
In case a client made too many requests within a given time frame, HTTP servers can respond with status code 429: Too Many Requests.
However, in some cases (i.e. web servers) the session management and rate limiting algorithm should be built into the application (used for dynamic content) running on the web server, rather than the web server itself.
When a protocol server or a network device notice that the configured request limit is reached, then it will offload new requests and not respond to them. Sometimes they may be added to a queue to be processed once the input rate reaches an acceptable level, but at peak times the request rate can even exceed the capacities of such queues and requests have to be thrown away.
Official source
About this result
This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.
Related lectures (3)
Guided Modes: Amplitude Calculation
Covers guided modes amplitudes, superposition of waves, separation of parts, higher-order modes, cutoff frequency, reflection coefficients, Fresnel coefficients, and optical guide engineering.
Decentralized Patterns and Distributed Workload Management
Explores decentralized patterns, distributed workload management, and Scalog's architecture in advanced blockchain systems.
Related publications (22)
Enhancing the Reliability of Dense LoRaWAN Networks With Multi-User Receivers
Andreas Peter Burg, Joachim Tobias Tapparel, Mathieu Pierre Xhonneux
LoRaWAN is a low-power wireless technology that provides long-range connectivity to battery-powered Internet of Things (IoT) devices. To minimize the energy consumption of the IoT nodes, LoRaWAN networks use for the uplink a pure non-slotted ALOHA multiple ...
IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC2021Related people (2)
Related concepts (8)
Computer network
A computer network is a set of computers sharing resources located on or provided by network nodes. Computers use common communication protocols over digital interconnections to communicate with each other. These interconnections are made up of telecommunication network technologies based on physically wired, optical, and wireless radio-frequency methods that may be arranged in a variety of network topologies. The nodes of a computer network can include personal computers, servers, networking hardware, or other specialized or general-purpose hosts.
Bandwidth management
Bandwidth management is the process of measuring and controlling the communications (traffic, packets) on a network link, to avoid filling the link to capacity or overfilling the link, which would result in network congestion and poor performance of the network. Bandwidth is described by bit rate and measured in units of bits per second (bit/s) or bytes per second (B/s).
Token bucket
The token bucket is an algorithm used in packet-switched and telecommunications networks. It can be used to check that data transmissions, in the form of packets, conform to defined limits on bandwidth and burstiness (a measure of the unevenness or variations in the traffic flow). It can also be used as a scheduling algorithm to determine the timing of transmissions that will comply with the limits set for the bandwidth and burstiness: see network scheduler.