gquintard
commented
1 year ago @slimhazard, I think I remember you were the one adding the block logic. In this case, I think we are missing a check in run_gc, it completely ignores the block period
Closed sumit-kushwah closed 1 year ago
gquintard
commented
1 year ago @slimhazard, I think I remember you were the one adding the block logic. In this case, I think we are missing a check in run_gc, it completely ignores the block period
slimhazard
commented
1 year ago @gquintard thanks for the heads up, I believe I've heard about something like this before. Will look into it.
gquintard
commented
1 year ago my pleasure, I'm happy to look deeper into it if time is lacking on your side
gquintard
commented
1 year ago opened #208 that seems consistent with the block theory
We have fourth parameter block in function
is_denied(key, limit, period, block). Which basically blocks key for that length of time after hitting the threshold.We have tested it and it's working properly on testing varnish machine as expected.
But when we deployed it in production for our site where varnish server receives around 200k requests per hour. The key(in my case client ip) gets unblocked after 10 minutes after reaching threshold. Actually we wanted to blocks these kind of client ips for 2 hours so we used below is_denied function.
vsthrottle.is_denied(client.ip, 100, 60s, 7200s). But it is not working properly.So I am interested to know what might be possible reason of key gets unblocked before specified duration at high volume of traffic .
Varnish Version: 6.0(LTS). Varnish Module (vsthrottle): 6.0-lts