Maximum concurrent requests per user (Network security protection/DOS attack)
By default, the number of maximum concurrent requests per user is 48. The root user in ONTAP tools can change this value depending on the requirements of their environment. This value should not be set to a very high value as this provides a mechanism against denial of service (DOS) attacks.
Users can change the number of maximum concurrent sessions and other supported parameters in the /opt/netapp/vscserver/etc/dosfilterParams.json file.
We can configure the filter by following parameters :
-
delayMs: The delay in milliseconds given to all requests over the rate limit before they are considered. Give -1 to just reject the request.
-
throttleMs: How long to async wait for semaphore.
-
maxRequestMs: How long to allow this request to run.
-
ipWhitelist: A comma-separated list of IP addresses that will not be rate-limited. (This can be Vcenter, ESXi and SRA IPs)
-
maxRequestsPerSec: The maximum number of requests from a connection per second.
Default values in the dosfilterParams file:
{"delayMs":"-1", "throttleMs":"1800000", "maxRequestMs":"300000", "ipWhitelist":"10.224.58.52", "maxRequestsPerSec":"48"}