The Throttling Suite has a very simple setup that requires just dropping ThrottlingSuite.dll into the bin directory of the ASP.NET application and adding related configuration to web.config.
Standard configuration
This is the standard example of web.config file that includes all necessary configuration for Throttling Suite:
<?xml version="1.0"?>
    <section name="throttling" type="ThrottlingSuite.Core.ThrottlingConfigurationHandler, ThrottlingSuite" />

      <add name="DuplicatedCallsFilter" type="ThrottlingSuite.Modules.DuplicatedCallsFilter, ThrottlingSuite"/>
      <add verb="*" path="ThrottlingStatistics.ashx" type="ThrottlingSuite.Modules.ThrottlingStatisticsHandler, ThrottlingSuite" />

  <throttling enabled="true" logOnly="false">
      <add name="rsid" />
      <!--don't throttle-->
      <instance name="controller1" timeIntervalMsec="-1" maxThreshold="-1">
        <add path="/main/login.aspx" />
      <!--block completly-->
      <instance name="controller2" timeIntervalMsec="0" maxThreshold="0">
        <add path="/main/sitemonitor.ashx" />
      <!--throttle at 2 calls per sec if ASP.NET_SessionId is available-->
      <instance name="controller3" timeIntervalMsec="1000" maxThreshold="2" method="ShortAverage">
        <remove path="/main/login.aspx" />
        <remove path="/main/sitemonitor.ashx" />
        <add path="*.*" condition="HasSessionId" />
      <!--throttle at 100 calls per sec if ASP.NET_SessionId is unavailable-->
      <instance name="controller4" timeIntervalMsec="1000" maxThreshold="100">
        <remove path="/main/login.aspx" />
        <remove path="/main/mymonitor.ashx" />
        <add path="*.*" condition="NoSessionId" />

The first requirement is configuring the section for Throttling Suite. This is achieved by adding ThrottlingSuite.Core.ThrottlingConfigurationHandler configuration section handler mapped to throttling section added into configuration sections declaration.

The second step is adding ThrottlingSuite.Modules.DuplicatedCallsFilter type as an HTTP Module for the ASP.NET web application. This will assure Throttling Suite running upon application begins processing the request.

Next step is configuring the throttling section. This section must have at least single Throttling Controller instance declared. The number of instances theoretically is not limited, but it is current set to 8 to assure web-site stability and performance. Each instance must provide the name; timeIntervalMsec - the time interval (must be an integer number in msecs) as a boundary to measure the number of requests;
maxThreshold - the number of requests allowed to be processed within specified time interval (must be an integer number). To set an unlimited throttling both values should be set to -1. To prevent specific section of the application from being served, both values should be set to 0. An optional attribute method accepted by instance to specify the type of throttling controller used by the instance. The ShortAverage (default), LongAverage, and Linear are acceptable values.
Each instance should be given one or more of path elements as a description of filtered paths that specific instance should handle throttling for. You can combine add and remove nodes to form desired filter. It is recommended to include remove first following the add to assure proper filtering. The filter's path works as startsWith condition, so you may use path="/manager/account" to filter all pages that begin with 'account' located under 'manager' folder. All paths must be relative to the IIS root and must begin with "/" character. The "*.*" is supported for "all urls". The add and remove path node can include condition accepting one of two values: "HasSessionId" and "NoSessionId". This condition allows to provide different throttling for requests made by a client having ASP.NET SessionId and those that do not.

The Throttling Suite uses full URL, including QueryString to determine the request target. You may set the list of query string parameters that should be excluded from URL used by throttling controller. This configuration is provided via ignoreParameters configuration node.
LogOnly Mode
Throttling configuration allows to set LogOnly mode to record "blocking" events, but avoid blocking request processing. This configuration is very useful as an exploration mode when you need to determine the most appropriate throttling settings and filters for your web application. The [BLOCKED:controllername] message will appear in IIS log for those calls that determined to be blocked by throttling suite. Review this sample:
2012-10-26 00:04:59 GET /ThrottlingSuite/default.aspx - 80 - Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 200 0 0 0
2012-10-26 00:04:59 GET /ThrottlingSuite/default.aspx [BLOCKED:controller3] 80 - Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 429 0 0 0
Current status and statistics
The Throttling Suite provides internal ability to query current status and statistics for all controllers. For this reason the following handler added to HttpHandlers section:
      <add verb="*" path="ThrottlingStatistics.ashx" type="ThrottlingSuite.Modules.ThrottlingStatisticsHandler, ThrottlingSuite" />
When you request the URL <root>/ThrottlingStatistics.ashx, it will respond with JSON providing information like below:
It is fully your decision whether this URL is available for your application - you may opt to remove this for security reasons, or, add permission verification layer on top of it. The path you configure to call this data is customizable; you choose what fits the best for your application.
IIS configuration
The Throttling Suite issues HTTP Status 429 "Too many requests" should blocking conditions occur. By default IIS lacks this status at the default error oages list. This HTTP Status should be added to assure proper response by IIS. Follow these steps for IIS7/7.5:
1. Open %SystemDrive%\inetpub\custerr\ folder;
2. Create text file named 429.txt at this location; insert "Too many requests" text into the file;
3. Open IIS Manager >> Open (double-click) IIS>Error Pages section;
4. Once the Error Pages section opened, click Add button on the right panel to open "Edit Custom Error Page" dialog;
5. In the dialog window enter "429" into Status Code field; make sure the "Insert content from static file into the error response" option is selected under "Response Action"; enter "%SystemDrive%\inetpub\custerr\429.txt" into "File Path" entry box; click Save button.

You may also add the following section to web.config to assure Application level error messaging coming through the IIS:

    <httpErrors existingResponse="PassThrough" />

NOTE: it is an important to note that in case you use IIS "Integrated" mode, you should include httpModules and httpHandlers nodes under <system.webServer> section instead of <system.web>:

      <add name="DuplicatedCallsFilter" type="ThrottlingSuite.Modules.DuplicatedCallsFilter, ThrottlingSuite"/>
      <add verb="*" path="ThrottlingStatistics.ashx" type="ThrottlingSuite.Modules.ThrottlingStatisticsHandler, ThrottlingSuite" />

    <httpErrors existingResponse="PassThrough" />

Last edited Apr 9, 2014 at 1:40 PM by lennygran, version 6


No comments yet.