This document describes how to enable and configure the tlBMC Redfish Rate Limiter Module for an NPI. This module protects the BMC from being overwhelmed by too many Redfish requests, which could lead to resource exhaustion or denial of service.
The rate limiter uses a “leaky bucket” algorithm with optional Random Early Detection (RED) to manage incoming request traffic.
To use the Redfish Rate Limiter Module, it must be enabled for your platform in tlbmc_config_bundle.textproto. See tlbmc_config_bundle.textproto in tlbmc source.
To enable the module, add redfish_rate_limiter_module { enabled: true } to your platform's configuration in platform_to_config map and configure its parameters. For example:
platform_to_config { key: "your_platform_name" value { redfish_rate_limiter_module { enabled: true leak_rate_per_sec: 100.0 bucket_capacity: 200.0 red { enabled: true min_threshold: 50.0 max_threshold: 150.0 max_drop_prob: 0.1 } } } }
The rate limiter is configured using the RedfishRateLimiterModule message in tlbmc_config_bundle.textproto, as defined in central_config.proto.
The leaky bucket algorithm works like a bucket that can hold a certain amount of water (requests) and leaks at a constant rate. Each incoming request adds to the bucket. If a request arrives when the bucket is full, it is dropped (rejected).
leak_rate_per_sec: This is the rate at which requests are “leaked” from the bucket, measured in requests per second. It determines the average sustained rate of requests that the system can handle. Default: 100.0.bucket_capacity: This is the maximum number of requests the bucket can hold. It determines how large a burst of requests can be handled before requests start getting dropped. Default: 200.0.Random Early Detection (RED) is an optional mechanism that helps prevent congestion by randomly dropping requests before the bucket reaches full capacity. This signals to clients that they should slow down, preventing the server from being overwhelmed by sudden bursts of traffic.
red.enabled: Set to true to enable RED. Default: false.red.min_threshold: The bucket fullness level below which no requests are dropped by RED. Default: 50.0.red.max_threshold: The bucket fullness level above which requests are dropped with probability red.max_drop_prob. Default: 150.0.red.max_drop_prob: The maximum probability (between 0.0 and 1.0) that a request will be dropped by RED. When bucket fullness is between min_threshold and max_threshold, the drop probability increases linearly from 0 up to max_drop_prob. When bucket fullness exceeds max_threshold, the drop probability is max_drop_prob. Default: 0.1.If RED is enabled:
min_threshold, RED drop probability = 0.min_threshold <= level < max_threshold, RED drop probability increases linearly from 0 to max_drop_prob.max_threshold, RED drop probability = max_drop_prob.