Need suggestion on Throughput Quota vs Ratelimit
search cancel

Need suggestion on Throughput Quota vs Ratelimit

book

Article ID: 234373

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

We are looking to understand "Apply Throughput Quota  Assertion" VS "Apply Rate Limit Assertion"

Environment

Release : 10.0

Component :

Resolution

These assertions are documented: 

The Apply Rate Limit assertion allows you to limit the rate of transactions passing through the Layer7 API Gateway for a given user, client IP address, or other identifier - Not global and for Transaction passing through at a given time.

If you are looking to limit calls at one time (overload), the Apply rate limit could be used.

  • Throttle: Excess requests causes this assertion to fail and send audit code 6950 (Rate limit exceeded on rate limiter XXXX) to the audit log.
  • Shape: The assertion attempts to delay requests to avoid exceeding the limit. If the Layer7 API Gateway is unable to spare sufficient resources to hold a request any further, a 503 (Service Unavailable) error may still occur.

For a lot more details see documentation 

https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/10-1/policy-assertions/assertion-palette/service-availability-assertions/apply-rate-limit-assertion.html

The Apply Throughput Quota Assertion allows you to limit the number of service requests permitted within a predetermined time period.

 

https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/10-1/policy-assertions/assertion-palette/service-availability-assertions/apply-throughput-quota-assertion.html

This counter is global to the Gateway and stored in the SSG db table counters, different services can contain Apply Throughput Quota assertions that use the same counter

In the example I only allow 2000 transactions a day once reached the assertions will log and fail for the remainder of the day.  Query on the counters table showing my CLientIP and day limit reached 

mysql> SELECT from_unixtime(last_update/1000), countername, cnt_day FROM ssg.counters ORDER BY from_unixtime(last_update/1000) ASC;

+---------------------------------+---------------------------------------+---------+

| from_unixtime(last_update/1000) | countername                           | cnt_day |

+---------------------------------+---------------------------------------+---------+

| 2022-02-09 15:36:17.9010        | PRESET(eeb3791fca0a74b9)<ClientIP>|    2000 |

+---------------------------------+---------------------------------------+---------+

1 row in set (0.00 sec)



Powered by Wolken Software