![]() |
Kea 3.1.1
|
Provides the capability to limit the number of leases or the response rate. More...
#include <limit_manager.h>
Public Member Functions | |
template<isc::util::DhcpSpace D> | |
int | cb_updated (isc::hooks::CalloutHandle &handle) |
cbX_updated hook point | |
void | clear () |
Clears the time series circular buffers in order to start over rate limiting. | |
template<isc::util::DhcpSpace D> | |
int | dhcp_srv_configured (isc::hooks::CalloutHandle &handle) |
dhcpX_srv_configured hook point | |
void | initialize (isc::dhcp::SrvConfigPtr const &config) |
Reinitialize data structures required for limiting. | |
template<isc::util::DhcpSpace D> | |
int | lease_callout (isc::hooks::CalloutHandle &handle, bool lease_update=false) |
leaseX_select hook point | |
void | parse (isc::dhcp::SrvConfigPtr const &config) |
Fetches limits from the given Kea configuration. | |
template<isc::util::DhcpSpace D> | |
int | pkt_receive (isc::hooks::CalloutHandle &handle) |
pktX_receive hook point | |
template<isc::util::DhcpSpace D> | |
int | subnet_select (isc::hooks::CalloutHandle &handle) |
subnetX_select hook point | |
Static Public Member Functions | |
static LimitManager & | instance () |
singleton access function | |
Provides the capability to limit the number of leases or the response rate.
Definition at line 55 of file limit_manager.h.
|
inline |
cbX_updated hook point
If changes are detected for any client classes or subnets, the whole limits configuration is updated. Time points are not reset, because there might be a significant amount of client classes and subnets that remain the same. On top of that, the ones who changed might still match clients that have been limited with the same client class or subnet prior to the CB update, so there is some relevancy to the current calculation.
D | DHCP space |
handle | callout handle used for retrieving audit entries |
Definition at line 93 of file limit_manager.h.
References isc::util::formatDhcpSpace(), isc::hooks::CalloutHandle::getArgument(), isc::hooks::CalloutHandle::getStatus(), isc::dhcp::CfgMgr::instance(), instance(), isc_throw, isc::hooks::CalloutHandle::NEXT_STEP_DROP, isc::hooks::CalloutHandle::NEXT_STEP_SKIP, and parse().
void isc::limits::LimitManager::clear | ( | ) |
Clears the time series circular buffers in order to start over rate limiting.
Definition at line 37 of file limit_manager.cc.
Referenced by initialize().
|
inline |
dhcpX_srv_configured hook point
Reconfigures limits with the given configuration and recounts leases.
D | DHCP space |
handle | callout handle used for retrieving audit entries |
Definition at line 130 of file limit_manager.h.
References isc::db::error, isc::hooks::CalloutHandle::getStatus(), isc::dhcp::LeaseMgrFactory::haveInstance(), isc::dhcp::CfgMgr::instance(), isc::dhcp::LeaseMgrFactory::instance(), isc::limits::LIMITS_CONFIGURATION_LEASE_BACKEND_NOT_AVAILABLE, isc::limits::LIMITS_CONFIGURATION_LEASE_BACKEND_SHOULD_HAVE_BEEN_AVAILABLE, isc::limits::limits_logger, LOG_ERROR, LOG_WARN, isc::hooks::CalloutHandle::NEXT_STEP_DROP, isc::hooks::CalloutHandle::NEXT_STEP_SKIP, isc::hooks::CalloutHandle::setArgument(), and isc::hooks::CalloutHandle::setStatus().
void isc::limits::LimitManager::initialize | ( | isc::dhcp::SrvConfigPtr const & | config | ) |
Reinitialize data structures required for limiting.
First clears the time series circular buffers, then proceeds to parse the relevant configuration.
config | the configuration to be parsed - usually current or staging |
Definition at line 43 of file limit_manager.cc.
References clear(), and parse().
Referenced by isc::limits::load(), and isc::limits::unload().
|
static |
singleton access function
Definition at line 31 of file limit_manager.cc.
References instance().
Referenced by isc::limits::cb4_updated(), isc::limits::cb6_updated(), cb_updated(), isc::limits::dhcp4_srv_configured(), isc::limits::dhcp6_srv_configured(), instance(), isc::limits::lease4_renew(), isc::limits::lease4_select(), isc::limits::lease6_rebind(), isc::limits::lease6_renew(), isc::limits::lease6_select(), isc::limits::load(), isc::limits::pkt4_receive(), isc::limits::pkt6_receive(), isc::limits::subnet4_select(), isc::limits::subnet6_select(), and isc::limits::unload().
|
inline |
leaseX_select hook point
Handles all lease limits.
D | DHCP space |
handle | callout handle used for the subnet ID |
lease_update | true if the lease is being updated, false if it is a new lease |
Definition at line 395 of file limit_manager.h.
References isc::data::Element::createMap(), isc::log::DBGLVL_TRACE_BASIC, isc::util::formatDhcpSpace(), isc::hooks::CalloutHandle::getArgument(), isc::hooks::CalloutHandle::getStatus(), isc_throw, isc::limits::LIMITS_LEASE_LIMIT_EXCEEDED, isc::limits::LIMITS_LEASE_WITHIN_LIMITS, isc::limits::limits_logger, LOG_DEBUG, isc::hooks::CalloutHandle::NEXT_STEP_DROP, isc::hooks::CalloutHandle::NEXT_STEP_SKIP, and isc::hooks::CalloutHandle::setStatus().
void isc::limits::LimitManager::parse | ( | isc::dhcp::SrvConfigPtr const & | config | ) |
Fetches limits from the given Kea configuration.
Searches the Kea configuration for any limits in user contexts, then sets the new capacities on the buffers.
config | the configuration to be parsed - usually current or staging |
Definition at line 85 of file limit_manager.cc.
Referenced by cb_updated(), and initialize().
|
inline |
pktX_receive hook point
Handles per-client-class rate limits. For every packet, remove all expired counted packets from the buffer, check if the limit is reached i.e. if the buffer is full, and finally count the current packet toward the limit if there is still room in the buffer.
D | DHCP space |
handle | callout handle used for the subnet ID |
Definition at line 179 of file limit_manager.h.
References isc::limits::RateLimit::allowed_packets_, isc::log::DBGLVL_TRACE_BASIC, isc::log::DBGLVL_TRACE_DETAIL_DATA, isc::util::formatDhcpSpace(), isc::hooks::CalloutHandle::getArgument(), isc::dhcp::CfgMgr::getCurrentCfg(), isc::hooks::CalloutHandle::getStatus(), isc::dhcp::CfgMgr::instance(), isc_throw, isc::limits::limits_logger, isc::limits::LIMITS_PACKET_WITH_CLIENT_CLASSES_RATE_LIMIT_DROPPED, isc::limits::LIMITS_PACKET_WITH_CLIENT_CLASSES_RATE_LIMIT_HONORED, LOG_DEBUG, isc::hooks::CalloutHandle::NEXT_STEP_DROP, isc::hooks::CalloutHandle::NEXT_STEP_SKIP, isc::hooks::CalloutHandle::setStatus(), isc::limits::RateLimit::text_, and isc::limits::RateLimit::time_unit_.
|
inline |
subnetX_select hook point
Handles per-subnet rate limits. For every packet, remove all expired counted packets from the buffer, check if the limit is reached i.e. if the buffer is full, and finally count the current packet toward the limit if there is still room in the buffer. This function also checks if subnets were updated through subnet commands, or any other method that circumvented reconfiguration, and updates the limits accordingly.
D | DHCP space |
handle | callout handle used for the subnet ID |
Definition at line 296 of file limit_manager.h.
References isc::limits::RateLimit::allowed_packets_, isc::log::DBGLVL_TRACE_BASIC, isc::log::DBGLVL_TRACE_DETAIL_DATA, isc::util::formatDhcpSpace(), isc::hooks::CalloutHandle::getArgument(), isc::hooks::CalloutHandle::getStatus(), isc::limits::limits_logger, isc::limits::LIMITS_PACKET_WIIH_SUBNET_ID_RATE_NO_SUBNET, isc::limits::LIMITS_PACKET_WITH_SUBNET_ID_RATE_LIMIT_DROPPED, isc::limits::LIMITS_PACKET_WITH_SUBNET_ID_RATE_LIMIT_HONORED, LOG_DEBUG, isc::hooks::CalloutHandle::NEXT_STEP_DROP, isc::hooks::CalloutHandle::NEXT_STEP_SKIP, isc::hooks::CalloutHandle::setStatus(), isc::limits::RateLimit::text_, and isc::limits::RateLimit::time_unit_.