Hi,
On 05.04.21 01:13, Maxim Dounin wrote:
> You can use anything as a key in limit_req_zone, including your
> own variables. If you want to limit IPv6 addresses per /64
> subnets, something like this should work:
>
> map $binary_remote_addr $subnet {
> "~^(\C{8})" $1;
> defaul
Hello,
regarding rate limiting in IPv6 configurations I see the following
problem: As normally a subnet between a /56 and a /64 is assigned to a
client by an ISP, and both $binary_remote_addr and $remote_addr always
contain the whole IPv6 address, a single client can always spoof the
rate limiter
