0

I have an issue with rate-limit-by-key, the repsonse are not as expected.

When using this policy snippet:

<rate-limit-by-key calls="1" renewal-period="2" counter-key="@(context.Request.IpAddress)" increment-condition="@(context.Response.StatusCode == 200)" />

It gives sometimes "500 Internal Server Error" and sometimes "401 Unauthorized" responses when reaching the limit.

However when I use this:

<set-variable name="CounterKey" value="context.Request.IpAddress" />
<rate-limit-by-key calls="1" renewal-period="2" counter-key="@(context.Variables.GetValueOrDefault<string>("CounterKey"))" increment-condition="@(context.Response.StatusCode == 200)" />

I got the expected "429 Too Many Requests" response code when reaching limit.

Tried also with .Tostring of the IpAddress.

<rate-limit-by-key calls="1" renewal-period="2" counter-key="@(context.Request.IpAddress.ToString())" increment-condition="@(context.Response.StatusCode == 200)" />

Still the 500 and 401 responses

The set-varaiable and rate-limit-by-key are in the exact same context/scope so don't get why it gives different ressonses.

Any ideas?

Ikhtesam Afrin
  • 897
  • 1
  • 1
  • 6
user20424031
  • 1
  • 1

1 Answers1

0

I have tried the below policy at my end using Echo API but always got 200 OK result, as renewal-period is set to 2sec, so the limit is getting renewed very soon. But after making frequent calls, I got to see "429 Too Many Requests" response code.

Please check if you have any other policy configured or create any new API and try this policy because its giving me expected result.

Policy:

<policies>
<inbound>
<base  />
<rate-limit-by-key  calls="1"  renewal-period="2"  counter-key="@(context.Request.IpAddress)"  increment-condition="@(context.Response.StatusCode == 200)"  />
</inbound>
<backend>
<base  />
</backend>
<outbound>
<base  />
</outbound>
<on-error>
<base  />
</on-error>
</policies>

Output:

enter image description here

To get "429 Too Many Requests" response code frequently, I increased the renewal-period to 30sec and got the below result.

enter image description here

I have tried <rate-limit-by-key calls="1" renewal-period="2" counter key="@(context.Request.IpAddress.ToString())" increment-condition="@(context.Response.StatusCode == 200)" /> policy too and it also worked as expected for me.

Ikhtesam Afrin
  • 897
  • 1
  • 1
  • 6