Throttle requests with limit_req rate based on header from response to auth subrequest

[Francis Daly]

On Wed, Aug 29, 2018 at 07:14:01PM -0400, jarstewa wrote:

Hi there,

I do not know the answer, and I have not tested the code you provided.

But, one suggestion which might be quick for you to test:

what happens if you change all of your variable names so that they do
not start with a digit?

As in: rename $2X_key to be (for example) $a2X_key.

It is possible that "$2X_key" will be expanded as "X_key" when $2 has
no value.

> >   # Throttle zones based on the results of the above mapping
> >   limit_req_zone $2X_key zone=2x_zone:20m rate=10r/s;
> >   limit_req_zone $3X_key zone=3x_zone:20m rate=100r/s;
> >   limit_req_zone $2X_key_from_upstream zone=2x_zone_from_upstream:20m
> rate=10r/s;
> >   limit_req_zone $3X_key_from_upstream zone=3x_zone_from_upstream:20m
> rate=100r/s;

If the first limit_req_zone argument is true in each case, the lowest rates is
on the first one, so that is the one that will always take effect.

	f
-- 
Francis Daly        francis at daoine.org