Testing a Rate-Based Policy
To test a rate-based policy, you can send traffic to any virtual server to which a rate-based policy is bound.
Task overview: Testing a rate-based policy
配置a stream selector (optional) and a rate limit identifier (required). For example:
add stream selector sel_subnet Q.URL "CLIENT.IP.SRC.SUBNET(24)" add ns limitIdentifier k_subnet -Threshold 4 -timeSlice 3600 -mode REQUEST_RATE -limittype smooth -selectorName sel_subnet -trapsInTimeSlice 8
配置the action that you want to associate with the policy that uses the rate limit identifier. For example:
add responder action resp_redirect redirect "\"http://response_site.com/\""
配置一个政策,使用系统。check_limit expression prefix to call the rate limit identifier. For example, the policy can apply a rate limit identifier to all requests arriving from a particular subnet, as follows:
add responder policy resp_subnet "SYS.CHECK_LIMIT(\"k_subnet\")" resp_redirect
Bind the policy globally or to a virtual server. For example:
bind responder global resp_subnet 6 END -type DEFAULT
In a browser address bar, send a test HTTP query to a virtual server. For example:
http://
/testsite/test.txt At the Citrix ADC command prompt, type:
show ns limitSessions \
Example
> sh limitsession k_subnet 1) Time Remaining: 98 secs Hits: 2 Action Taken: 0 Total Hash: 1718618 Hash String: /test.txt IPs gathered: 1) 10.217.253.0 Active Transactions: 0 Done >
Repeat the query and check the limit identifier statistics again to verify that the statistics are being updated correctly.