REST rate limiting #2439
REST rate limiting #2439
Conversation
|
Can this be per IP? |
|
^This was Github. Sorry, I don't know why these "auto-closes" keep happening. In snarkVM, the branches usually retarget, rather than closing. |
|
(pending the per IP Q) |
There is a crate that facilitates this, but it doesn't seem like it's widely used or well-maintained; the current version is |
|
Would it be inefficient/unwise for us to implement our own? It seems we can use an LRUMap on 100K IPs, and track each IP's last |
|
Args, this is once again an auto-close by Github. A unique issue to only this repo. |
|
and again :-D |
|
@ljedrz I think we have RPS rate limiting now. Is this PR tangential? |
|
#2942 says that this PR may be complementary. Can you add some color? |
|
The rate-limiting in this PR is not related to the source IP - it's a limit applicable to the entire REST server, to avoid a DDoS angle. However, if we are content with the limits we impose per IP, it may be redundant. We can always return to this if we have a stress test that executes many REST requests from unique source IPs, and determine that it's needed. |
|
@ljedrz can you resolve the merge conflicts and set this limit to be at 100 requests per second? For reader's context: snarkOS includes a per IP rate limiter that can be set as a CLI argument. By default, this is set to 10 requests per second (RPS) on a per IP basis. This PR is mean to limit the total requests across all IPs as an upper bound. |
Signed-off-by: ljedrz <[email protected]>
Signed-off-by: ljedrz <[email protected]>
ljedrz
force-pushed
the
rest_rate_limiting
branch
from
401f981 to
047cb3d
Compare
|
Cc https://github.com/AleoHQ/snarkOS/issues/3190 for that one unrelated CI failure. |
This PR introduces a rate limiting service (with a limit of 5 reqs/s) to the REST server.