mod_qos

Additional Information

 

This page gives you additional information about certain aspects of mod_qos to get a better understanding how to use the module.


Directives

The module is configured by directives. All directives process the connection, HTTP request, and response data in a pre-defined sequence. The following graph shows the order in which the directives work.

directive sequence


Rules

mod_qos allows you to configure different kind of rules. The main component of a rule is its counter. A rule measures either the concurrency (how many times something happens at the same time), the occurrence (how often does something happen in a certain amount of time), or the throughput (sent amount of data or number of request) and stores this information within that counter.

Every rule has it's own threshold and maintains its own counter. A rule is identified by either an URL pattern/matching string or by an environment variable name. You can configure as many rules as you want.

Note: Some counters are only available once. This applies to the counters of the rules using the QS_Block, QS_SrvSerialize, and QS_Serialize environment variables.


Environment Variables

The Apache web server provides a mechanism for storing information in so called environment variables. mod_qos uses these variables to exchange data respectively signalize events between different rules defined by the corresponding directive. These variables can also be written or read by other Apache modules, such as mod_setenvifplus .

It is also possible to write the values of these variables to your log file using the format string %{VARNAME}e within the TransferLog/CustomLog directives. Or you can use them within error pages using server-side includes (SSI).


Concurrency Counter

A "concurrency counter" is used to determine how many times something happens at the same time, e.g. HTTP requests accessing the same resource/URL at the same time. The rules using this counter type are either defined by an environment variable name or an URL pattern (regular expression of a string matching the request's URL). Such a rule automatically increments the counter when the Apache web server starts to process a matching request and decrements the counter when the request processing is completed.

You have to configure a threshold and the rule's variable name resp. URL pattern. Requests (or new connections) are denied as soon as the configured threshold is reached.

Directives using this counter type are:

Also the QS_SrvMaxConn, QS_SrvMaxConnClose, and QS_SrvMaxConnPerIP directives use this counter type, although with fewer parameter options.


Repeat Counter

"Repeat counters" limit the number how often (Cr) something is allowed to happen in a certain amount of time (Td). These rules trigger a timer whenever the defined event occurs the first time and start to count every subsequent event until the timer expires. If the event counter reaches the defined limitation, requests are blocked until the time is up.

reapet counter

All repeat counters allow you to define an event which shall increment the counter if they occur. You also have to configure a duration Td and the threshold Cr, defining how many events are allowed within the time Td.

Directive parameter example:
QS_ClientEventLimitCount

While the counter is automatically cleared (set to 0) when the time Td is up, you might also configure additional events to decrement or clear the counter earlier.

The directives using this counter type are:


Throughput Control

Throughput control is implemented by measuring the current usage and calculating a necessary delay which needs to be applied to the data processing in order to achieve the desired limitation (closed loop control system).

closed loop

mod_qos can limit the bandwidth when downloading data from your web server to the client. This throughput control can be configured by the following directives:

It is also possible to limit the number or requests per second to a resource. This control function is less accurate than the bandwidth limitation, since the measurement of the request rate takes longer (several seconds) and the request delay is more coarse-grained.
The following directive can be used to limit the number of requests per second:


Serialization

mod_qos offers you the option to serialize requests. Serialization means, that requests are processed one after the other. Incomming requests are queued if another request is in process and have to wait until the previous request is finished.

serialization

Requests, which shall be serialized, are tagged by one of the following environment variables:

Serialization might be applied on a per server level (serializing all HTTP requests) or on a per client level (serializing multiple requests comming from the same client/IP address).



© 2017, Pascal Buchbinder