Solved: Spike Arrest

rmagsomb · 10-31-2019 09:12 AM

In my spike arrest policy:

According to apigee documentation:

Per-second rates get smoothed into full requests allowed in intervals of milliseconds.

For example, 10ps gets smoothed like this:
1000 milliseconds (1 second) / 10ps = 100-millisecond intervals, or 1 request allowed every 100 milliseconds. A second request inside of 100ms will fail. Also, an 11th request within a second will fail.

If I understand it correctly, my settings would mean:

1000 milliseconds (1 second) / 1000ps = 1-millisecond intervals, or 1 request allowed every 1 milliseconds.

is my understanding correct?

next question will be... is my settings wrong?

sidd-harth

Technically yes, 1000ps = 1 request allowed every 1 millisecond. But do you really want to have 1000ps? Why? What is your requirement?

BTW if you are using reference, ref is applied and takes precedence over the value when the flow variable is set in the request.

View solution in original post

sidd-harth

Technically yes, 1000ps = 1 request allowed every 1 millisecond. But do you really want to have 1000ps? Why? What is your requirement?

BTW if you are using reference, ref is applied and takes precedence over the value when the flow variable is set in the request.

rmagsomb

actually I just copied the 1000ps from another existing.

but as I understand it, that setting is opening up for a DDoS attack. i.e. 1000 calls per second. would you agree?

dchiesa1

DDos attack is protected by multiple levels, primarily in how Apigee infrastructure is provisioned in GCP.

But yes, 1000ps is probably more than most people, most customers need.

You could be more conservative.

rmagsomb

we are running on-prem by the way. you think 1000ps is too much? it is giving me thoughts that having this numbers is like not having spike arrest at all