From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 293C8138359 for ; Wed, 12 Aug 2020 18:38:21 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id EB027E091C; Wed, 12 Aug 2020 18:38:19 +0000 (UTC) Received: from mail-il1-x133.google.com (mail-il1-x133.google.com [IPv6:2607:f8b0:4864:20::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id A239BE0919 for ; Wed, 12 Aug 2020 18:38:19 +0000 (UTC) Received: by mail-il1-x133.google.com with SMTP id t13so2885139ile.9 for ; Wed, 12 Aug 2020 11:38:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=W9bp+MVwNOv6maamOraXIRwNYIVrqKSvTxqtjFeeAwg=; b=IICxQNutkiKD3f/Yw88lv/7+93ydYIkRfP7VADyY8iFVMmCpoSVKoheyO6h5AUOvkv aekbtcLC1LyH6rEerjzSB5tMUQ5X6yJcXd+e4KjxbDUu8hyCapOCRspBlFrwoGd3qv8k GEjzLJ5gs8XCzl+uckXT4REM/ttIyIr9B50mMnVbTIkkce7SIx7xyjKig4utS9uRB16+ RuAccZVAyxESRnuNLnioQkmeBrmYMXIsHb906FwscMJIKQ7JrOLB8703eDJkUewnWXRc YK6Rh5Z354eyOOM2n9keSURO2yrGV6R762h+HFgFzEEPp+1XEzEro5xylz33vRI2l93M G3tw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=W9bp+MVwNOv6maamOraXIRwNYIVrqKSvTxqtjFeeAwg=; b=UxmS2o1SBm+klrDiIbfZE9LbVkcX/ymvvd6cJnxbzu9/esJIItDNigA4PmNrdDSt4g 67t5G7upSVi36vvDOSSjHWN1ebSDucGiNrfusTB8gjFEdeS8f8tNJ4DAt//0isAzXQR0 b4aBob818bIwrycRyvfaK6DHvcu4340eucvLbpo/lYlJvbxbMObLn+0wt7Coyhpxe4x8 NXMAUbr7e91SeUqwK7kf3BuO1ceW1KCTB7oyJr523cprevOcs78yB8yuyF7YhskXbSd2 3nbcGOS2sJTla4F4DCmkZkPOaRf3Fcf+oOPW+E9rPNdgGCqGP2VlcdKkraiM/1Y9Uu0S 2h2g== X-Gm-Message-State: AOAM532K9yRUyL0E39+mHvLJjRXHRL1/WSUQD/fvvKQDrCR9WGjGmVFT oCC1ima0tshnp/MF800FgAmj8oD4L26/lI0xlvPs4+CZ X-Google-Smtp-Source: ABdhPJz6zOQBJ6FbrV6bI5wfAdIdUT7eAtawo9Kc3cFPsfkAYyCrdsmCUo+OsV0BI+q0nEEMW6NeYfVL5g12YUmmj+E= X-Received: by 2002:a92:8b11:: with SMTP id i17mr959970ild.212.1597257498359; Wed, 12 Aug 2020 11:38:18 -0700 (PDT) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Project discussion list X-BeenThere: gentoo-project@lists.gentoo.org Reply-To: gentoo-project@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 References: In-Reply-To: From: Raymond Jennings Date: Wed, 12 Aug 2020 11:37:42 -0700 Message-ID: Subject: Re: [gentoo-project] [Bugzilla] IP-based limits To: gentoo-project@lists.gentoo.org Content-Type: multipart/alternative; boundary="000000000000cdff1205acb27dbd" X-Archives-Salt: c3984343-c9be-4813-bf14-d418b592fa51 X-Archives-Hash: 2fb30daec2bae81bf5b6a35f85539d4c --000000000000cdff1205acb27dbd Content-Type: text/plain; charset="UTF-8" On Wed, Aug 12, 2020 at 11:24 AM Tomas Mozes wrote: > On Wednesday, August 12, 2020, Alec Warner wrote: > > Bugzilla now has connection limits per IP. I won't say what the limit > is, but if you are crawling bugzilla or using automated tools from a single > source IP you may hit the limit and receive 503's for requests over the > limit. > > This may be a particular problem for users behind things like carrier > grade NAT (where many users are multiplexed through a single egress IP.) > However we have seen numerous slowdowns from bot traffic and this is a > relatively straightforward change to make on our end. If you believe you > are being unfairly limited / blocked, please reach out to infra@gentoo.org > . > > Thanks, > > -A > > Wouldn't 429 be more appropriate? > I second the motion, a 5xx code implies that it's the server's fault and iirc 503 means the server is unable to handle the request, which is deceptive because an IP ratelimit is a deliberate choice on the point of the server and if it refuses to fulfill a request due to client behavior then it belongs in a 4xx code. > > Tomas --000000000000cdff1205acb27dbd Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
On Wed, Aug 12, 2020 at 11:24 AM Tomas Mo= zes <hydrapolic@gmail.com>= ; wrote:
On Wednesday, August 12, 2020, Alec Warner <antarus@gentoo.org>= wrote:
> Bugzilla now has connection limits per IP. I won't say = what the limit is, but if you are crawling bugzilla or using automated tool= s from a single source IP you may hit the limit and receive 503's for r= equests over the limit.
> This may be a particular problem for users = behind things like carrier grade NAT (where many users are multiplexed thro= ugh a single egress IP.) However we have seen numerous slowdowns from bot t= raffic and this is a relatively straightforward change to make on our end. = If you believe you are being unfairly limited / blocked, please reach out t= o infra@gentoo.org.
> Thanks,
> -A

Wouldn't 429 be more appropriate?<= br>

Tomas
--000000000000cdff1205acb27dbd--