Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
branch: benchmark
Fetching contributors…

Cannot retrieve contributors at this time

file 62 lines (57 sloc) 2.989 kb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62
/*
* You may redistribute this program and/or modify it under the terms of
* the GNU General Public License as published by the Free Software Foundation,
* either version 3 of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef RATE_LIMIT_MODULE_H
#define RATE_LIMIT_MODULE_H

#include <event2/event.h>

#include "dht/DHTModules.h"

/**
* The rate limit module enforces limits on the number of packets which can be sent.
* The global limit is enforced by dropping outgoing replies instead of incoming
* queries so that the router module can benefit from additional information.
* not getting replies will cause other nodes to remove us from their tables which
* is important if we are swamped.
*
* When the number of replies sent in a second exceeds targetRequestsPerSecond
* the chance of a reply being dropped is increased by a precentage equal to the
* number of "unwanted" packets divided by the targetRequestsPerSecond.
* (requestsHandledThisSecond - targetRequestsPerSecond) / targetRequestsPerSecond
* the drop rate is updated during each reply once the limit has been exceeded
* for the current second so it will react very quickly to sudden floods and it is
* impossible for it to send more than twice the target amount of replies.
*
* The drop rate is deincemented by 1% for every second without any overages.
* This means it will recover in less than 2 minutes no matter how bad the flood is.
*
* If a reply is dropped, it is not counted against the number of replies sent in
* that second so while the packet which causes the drop rate to increase from 0% is
* guaranteed to be sent, the chance of a packet being sent which would cause the
* drop rate to become 100% is 1 / targetRequestsPerSecond.
*
* Not only does it react quickly to sudden floods but the effort required to make
* it drop traffic is exponentially proportional to the amount of traffic which it
* must be made to drop so it is very difficult to abuse by crafting floods to make
* it drop legitiment traffic. The exponential nature also serves to dampen resonance.
*/

/**
* Register a new RateLimitModule.
*
* @param registry the DHT module registry for signal handling.
* @param allocator a means to allocate memory.
* @param targetRequestsPerSecond the target number of requests to handle per second.
*/
void RateLimitModule_register(struct DHTModuleRegistry* registry,
                              const struct Allocator* allocator,
                              uint32_t targetRequestsPerSecond,
                              struct event_base* base);

#endif
Something went wrong with that request. Please try again.