arodland
commented
6 years ago Thinking of a 2.0 protocol version in which every accounting message contains 1 or more identifiers (e.g. you can include IP address, username, and session ID all in the same accounting message, and write rules for each, instead of requiring separate domains for each), and also 1 or more "resource consumptions" — e.g. 1 request, 3000 bytes, 5 tokens. Then within a domain, each rule would be of the form
per $IDENTIFIER limit $RATE $RESOURCE/sec burst $BURSTwhich seems like a fairly flexible way to accomplish this.
One caveat: the current model is based on keeping track of the time when it would be acceptable for a client to send one more request. If it's possible to use up more than one resource-unit at a time, it has to be accepted that clients will be able to overrun the limit by some amount.
Support something like this where you have an overall rate of tokens/sec, but different requests can cost different numbers of "tokens", so a client can make many cheap requests, or a smaller number of expensive requests.