To configure rate limiting for Diameter messages:
- Configure a Diameter traffic selectors.
- Configure Limit identifiers to be applied on the Diameter traffic.
Go to AppExpert > Rate Limiting > Selectors
Click “Add” to initiate the creation of new Selector
Give a name to the selector and click Insert to create the selector expression
Click “Expression Editor” to add the selectlets
Note: There is also a provision to type the whole expression manually in the text box below “Expression”
Select DIAMETER to create expression (combination of selectlets) for DIAMETER traffic
Select the next selectlet from the drop down and continue adding selectlets which will be used to analyse the traffic.
Click Done to complete the creation of Expression.
Click “Insert” to insert the expression into Selector.
Click “Create” to create the selector
Go to Rate Limiting > Limit Identifiers.
Click “Add” to start creation of Limit Identifier.
Select the Diameter selector which was created in the earlier step and fill the other required information (Name, mode, limit type etc) and click create to create the limit identifier which will be applied on the selector.
REQUEST_RATE – Tracks requests/timeslice.
CONNECTION – Tracks active transactions.
SMOOTH – When you want the permitted number of requests in a given interval of time to be spread evenly across the timeslice
BURSTY – When you want the permitted number of requests to exhaust the quota anytime within the timeslice. This argument is needed only when the mode is set to REQUEST_RATE
Maximum number of requests that are allowed in the given timeslice when requests (mode is set as REQUEST_RATE) are tracked per timeslice. When connections (mode is set as CONNECTION) are tracked, it is the total number of connections that would be let through.
Time interval, in milliseconds, specified in multiples of 10, during which requests are tracked to check if they cross the threshold. This argument is needed only when the mode is set to REQUEST_RATE.
Number of traps to be sent in the timeslice configured. A value of 0 indicates that traps are disabled.
To permit 20 requests in 10 ms and 2 traps in 10 ms:
add limitidentifier limit_req -mode request_rate -limitType smooth -timeslice 1000 -Threshold 2000 -trapsInTimeSlice 200
Note: For information on the parameters, please click on which appears when the pointer is moved on to the fields.
To create stream selector and limit identifier using command line interface
At the command prompt, type:
add stream selector <name> <rule>….
add ns limitIdentifier <limitIdentifiername> -threshold <positive_integer> -timeSlice <positive_integer> -mode <mode> -limitType ( BURSTY | SMOOTH ) -selectorName <string> -maxBandwidth <positive_integer> -trapsInTimeSlice <positive_integer>
Citrix Documentation – Examples of Rate-Based Policies.