HAProxy Enterprise Documentation 2.7r1

Set a bandwidth limit per client IP address

You can limit the network bandwidth used by a single client, based on their IP address. This can be for either download or upload speed. The limit is applied across all of the client's streams, giving them a total bandwidth allotment. The limit is expressed in bytes per second.

Use cases for this configuration include:

  • Ensuring that clients cannot consume an unfair portion of your bandwidth, applied across all of their requests.

To set a per-client bandwidth limit:

  1. Define a stick table that will store the outbound bytes-per-second rate and another that will store the inbound bytes-per-second rate. The key for each record in the table will be an IP address, so set type to ip. To have this work in an active-active or active-standby load balancer setup, it's best to define the tables in a peers section. For more information on aggregating stick table data across load balancers, see Global Profiling Engine.

    peers mypeers
       peer hapee
       table downloadrate type ip size 1m expire 3600s store bytes_out_rate(1s)
       table uploadrate type ip size 1m expire 3600s store bytes_in_rate(1s)
  2. In the frontend section where you would like to enable the limit, add a filter bwlim-out directive to limit download speeds and a filter bwlim-in directive to limit upload speeds. For each, set the limit parameter, which defines the bytes-per-second maximum, the key, which adds or updates a record in the stick table using the client's source IP address as the table key, and table, which references the stick table where the client's current data transfer information is stored.

    frontend  fe_main
       bind :80
       filter bwlim-out mydownloadlimit limit 625000 key src table mypeers/downloadrate
       filter bwlim-in myuploadlimit limit 625000 key src table mypeers/uploadrate
  3. Add the http-response set-bandwidth-limit and http-request set-bandwidth-limit directives frontend, which enable the filters.

    http-response set-bandwidth-limit mydownloadlimit
    http-request set-bandwidth-limit myuploadlimit

Next up

Traffic Routing