Kea 3.1.1
isc::limits::LimitManager Struct Reference

Provides the capability to limit the number of leases or the response rate. More...

#include <limit_manager.h>

Public Member Functions

template<isc::util::DhcpSpace D>
int cb_updated (isc::hooks::CalloutHandle &handle)
 cbX_updated hook point
 
void clear ()
 Clears the time series circular buffers in order to start over rate limiting.
 
template<isc::util::DhcpSpace D>
int dhcp_srv_configured (isc::hooks::CalloutHandle &handle)
 dhcpX_srv_configured hook point
 
void initialize (isc::dhcp::SrvConfigPtr const &config)
 Reinitialize data structures required for limiting.
 
template<isc::util::DhcpSpace D>
int lease_callout (isc::hooks::CalloutHandle &handle, bool lease_update=false)
 leaseX_select hook point
 
void parse (isc::dhcp::SrvConfigPtr const &config)
 Fetches limits from the given Kea configuration.
 
template<isc::util::DhcpSpace D>
int pkt_receive (isc::hooks::CalloutHandle &handle)
 pktX_receive hook point
 
template<isc::util::DhcpSpace D>
int subnet_select (isc::hooks::CalloutHandle &handle)
 subnetX_select hook point
 

Static Public Member Functions

static LimitManagerinstance ()
 singleton access function
 

Detailed Description

Provides the capability to limit the number of leases or the response rate.

Definition at line 55 of file limit_manager.h.

Member Function Documentation

◆ cb_updated()

template<isc::util::DhcpSpace D>
int isc::limits::LimitManager::cb_updated ( isc::hooks::CalloutHandle & handle)
inline

cbX_updated hook point

If changes are detected for any client classes or subnets, the whole limits configuration is updated. Time points are not reset, because there might be a significant amount of client classes and subnets that remain the same. On top of that, the ones who changed might still match clients that have been limited with the same client class or subnet prior to the CB update, so there is some relevancy to the current calculation.

Template Parameters
DDHCP space
Parameters
handlecallout handle used for retrieving audit entries
Returns
always 0 meaning success

Definition at line 93 of file limit_manager.h.

References isc::util::formatDhcpSpace(), isc::hooks::CalloutHandle::getArgument(), isc::hooks::CalloutHandle::getStatus(), isc::dhcp::CfgMgr::instance(), instance(), isc_throw, isc::hooks::CalloutHandle::NEXT_STEP_DROP, isc::hooks::CalloutHandle::NEXT_STEP_SKIP, and parse().

+ Here is the call graph for this function:

◆ clear()

void isc::limits::LimitManager::clear ( )

Clears the time series circular buffers in order to start over rate limiting.

Definition at line 37 of file limit_manager.cc.

Referenced by initialize().

◆ dhcp_srv_configured()

template<isc::util::DhcpSpace D>
int isc::limits::LimitManager::dhcp_srv_configured ( isc::hooks::CalloutHandle & handle)
inline

dhcpX_srv_configured hook point

Reconfigures limits with the given configuration and recounts leases.

Template Parameters
DDHCP space
Parameters
handlecallout handle used for retrieving audit entries
Returns
0 if configuration is successful, 1 otherwise

Definition at line 130 of file limit_manager.h.

References isc::db::error, isc::hooks::CalloutHandle::getStatus(), isc::dhcp::LeaseMgrFactory::haveInstance(), isc::dhcp::CfgMgr::instance(), isc::dhcp::LeaseMgrFactory::instance(), isc::limits::LIMITS_CONFIGURATION_LEASE_BACKEND_NOT_AVAILABLE, isc::limits::LIMITS_CONFIGURATION_LEASE_BACKEND_SHOULD_HAVE_BEEN_AVAILABLE, isc::limits::limits_logger, LOG_ERROR, LOG_WARN, isc::hooks::CalloutHandle::NEXT_STEP_DROP, isc::hooks::CalloutHandle::NEXT_STEP_SKIP, isc::hooks::CalloutHandle::setArgument(), and isc::hooks::CalloutHandle::setStatus().

+ Here is the call graph for this function:

◆ initialize()

void isc::limits::LimitManager::initialize ( isc::dhcp::SrvConfigPtr const & config)

Reinitialize data structures required for limiting.

First clears the time series circular buffers, then proceeds to parse the relevant configuration.

Parameters
configthe configuration to be parsed - usually current or staging

Definition at line 43 of file limit_manager.cc.

References clear(), and parse().

Referenced by isc::limits::load(), and isc::limits::unload().

+ Here is the call graph for this function:

◆ instance()

LimitManager & isc::limits::LimitManager::instance ( )
static

◆ lease_callout()

template<isc::util::DhcpSpace D>
int isc::limits::LimitManager::lease_callout ( isc::hooks::CalloutHandle & handle,
bool lease_update = false )
inline

leaseX_select hook point

Handles all lease limits.

  1. Adds client classes to the lease context.
  2. Creates a JSON with the applicable limits from the configuration.
  3. Checks lease limits by passing the JSON to a function of the lease manager.
  4. Logs if limit is exceeded or not.
  5. Sets the SKIP callout if the limit is being exceeded so that the lease is not assigned.
Template Parameters
DDHCP space
Parameters
handlecallout handle used for the subnet ID
lease_updatetrue if the lease is being updated, false if it is a new lease
Returns
always 0 meaning success

Definition at line 395 of file limit_manager.h.

References isc::data::Element::createMap(), isc::log::DBGLVL_TRACE_BASIC, isc::util::formatDhcpSpace(), isc::hooks::CalloutHandle::getArgument(), isc::hooks::CalloutHandle::getStatus(), isc_throw, isc::limits::LIMITS_LEASE_LIMIT_EXCEEDED, isc::limits::LIMITS_LEASE_WITHIN_LIMITS, isc::limits::limits_logger, LOG_DEBUG, isc::hooks::CalloutHandle::NEXT_STEP_DROP, isc::hooks::CalloutHandle::NEXT_STEP_SKIP, and isc::hooks::CalloutHandle::setStatus().

+ Here is the call graph for this function:

◆ parse()

void isc::limits::LimitManager::parse ( isc::dhcp::SrvConfigPtr const & config)

Fetches limits from the given Kea configuration.

Searches the Kea configuration for any limits in user contexts, then sets the new capacities on the buffers.

Parameters
configthe configuration to be parsed - usually current or staging

Definition at line 85 of file limit_manager.cc.

Referenced by cb_updated(), and initialize().

◆ pkt_receive()

template<isc::util::DhcpSpace D>
int isc::limits::LimitManager::pkt_receive ( isc::hooks::CalloutHandle & handle)
inline

pktX_receive hook point

Handles per-client-class rate limits. For every packet, remove all expired counted packets from the buffer, check if the limit is reached i.e. if the buffer is full, and finally count the current packet toward the limit if there is still room in the buffer.

Template Parameters
DDHCP space
Parameters
handlecallout handle used for the subnet ID
Returns
always 0 meaning success

Definition at line 179 of file limit_manager.h.

References isc::limits::RateLimit::allowed_packets_, isc::log::DBGLVL_TRACE_BASIC, isc::log::DBGLVL_TRACE_DETAIL_DATA, isc::util::formatDhcpSpace(), isc::hooks::CalloutHandle::getArgument(), isc::dhcp::CfgMgr::getCurrentCfg(), isc::hooks::CalloutHandle::getStatus(), isc::dhcp::CfgMgr::instance(), isc_throw, isc::limits::limits_logger, isc::limits::LIMITS_PACKET_WITH_CLIENT_CLASSES_RATE_LIMIT_DROPPED, isc::limits::LIMITS_PACKET_WITH_CLIENT_CLASSES_RATE_LIMIT_HONORED, LOG_DEBUG, isc::hooks::CalloutHandle::NEXT_STEP_DROP, isc::hooks::CalloutHandle::NEXT_STEP_SKIP, isc::hooks::CalloutHandle::setStatus(), isc::limits::RateLimit::text_, and isc::limits::RateLimit::time_unit_.

+ Here is the call graph for this function:

◆ subnet_select()

template<isc::util::DhcpSpace D>
int isc::limits::LimitManager::subnet_select ( isc::hooks::CalloutHandle & handle)
inline

subnetX_select hook point

Handles per-subnet rate limits. For every packet, remove all expired counted packets from the buffer, check if the limit is reached i.e. if the buffer is full, and finally count the current packet toward the limit if there is still room in the buffer. This function also checks if subnets were updated through subnet commands, or any other method that circumvented reconfiguration, and updates the limits accordingly.

Template Parameters
DDHCP space
Parameters
handlecallout handle used for the subnet ID
Returns
always 0 meaning success

Definition at line 296 of file limit_manager.h.

References isc::limits::RateLimit::allowed_packets_, isc::log::DBGLVL_TRACE_BASIC, isc::log::DBGLVL_TRACE_DETAIL_DATA, isc::util::formatDhcpSpace(), isc::hooks::CalloutHandle::getArgument(), isc::hooks::CalloutHandle::getStatus(), isc::limits::limits_logger, isc::limits::LIMITS_PACKET_WIIH_SUBNET_ID_RATE_NO_SUBNET, isc::limits::LIMITS_PACKET_WITH_SUBNET_ID_RATE_LIMIT_DROPPED, isc::limits::LIMITS_PACKET_WITH_SUBNET_ID_RATE_LIMIT_HONORED, LOG_DEBUG, isc::hooks::CalloutHandle::NEXT_STEP_DROP, isc::hooks::CalloutHandle::NEXT_STEP_SKIP, isc::hooks::CalloutHandle::setStatus(), isc::limits::RateLimit::text_, and isc::limits::RateLimit::time_unit_.

+ Here is the call graph for this function:

The documentation for this struct was generated from the following files: