7. Features
From hyperglass/hyperglass/configuration/configuration.toml
[features]
Rate Limiting¶
hyperglass supports configurable rate limiting of both site loads and queries. By default, users are able to reach the site up to 60 times per minute, and submit up to 5 queries per minute. When the site limit is reached, users are directed to a separate error page until the timer expires. When the query limit is reached, an error message is displayed, and no further queries are allowed until the timer expires. Both of these limits are configurabale in configuration.toml
.
hyperglass uses Flask-Limiter to handle application rate limiting, and a Redis database as the backend storage mechanism. Redis is used so that the Flask-Limiter state can be tracked across multiple WSGI workers.
[features.rate_limit]
Key Name | Type | Default Value | Function |
---|---|---|---|
redis_id |
Integer | 1 |
Sets the Redis database ID where the back-end rate-limiting data is stored. |
By Query
[features.rate_limit.query]
Configuration paramters for rate limiting the number of queries per visitor.
Key Name | Type | Default Value | Function |
---|---|---|---|
rate |
Integer | 5 |
Sets the number of queries per period allowed from the remote IP address of the request. |
period |
String | "minute" |
Sets the time period to which rate applies. |
message |
String | "Query limit of {rate} per minute reached. Please wait one {period} and try again." |
Message presented to the user when the query limit is reached. {rate_limit_query} will be formatted as the [features.rate_limit.query.rate] parameter. |
By Site Visit
[features.rate_limit.site]
Configuration parameters for rate limiting the number of site visits per visitor.
Key Name | Type | Default Value | Function |
---|---|---|---|
rate |
Integer | 60 |
Sets the number of queries per period allowed from the remote IP address of the request. |
period |
String | "minute" |
Sets the time period to which rate applies. |
title |
String | "Limit Reached" |
Title text on Rate Limit error page. |
subtitle |
String | "You have accessed this site more than {rate} times in the last {period}." |
Subtitle text on Rate Limit error page. |
button |
String | "Try Again" |
Button text on Rate Limit error page. |
Caching¶
hyperglass supports caching the application's responses for a configurable period of time to reduce the number of lookups passed back to routers for repetitive/common lookups. By default, all application responses (including error messages), are cached for 2 minutes in the local file system.
To accomplish this, hyperglass makes use of a Redis database, with a stringified combination of location name, query type, and target as a key, and the output and status code as values. If a lookup matching the exact key is found, the cached value will be returned. If not, a standard lookup is performed (and that data is subsequently cached).
[features.cache]
Key Name | Type | Default Value | Function |
---|---|---|---|
redis_id |
Integer | 0 |
Sets the Redis database ID where the back-end responses are cached. |
timeout |
Integer | 120 |
Sets the number of seconds to cache the back-end response. |
show_text |
Boolean | true |
If true , a message will be displayed at the bottom of the results box. |
text |
String | "Results will be cached for {seconds / 60} minutes" |
Sets the caching message text if show_text is true . |
Maximum Prefix Length¶
[features.max_prefix]
If enabled, the prefix length of BGP Route queries must be shorter than the max_prefix_length_ipv4
and max_prefix_length_ipv6
parameters. For example, a BGP Route query for 192.0.2.0/25
would result in the following error message:
Key Name | Type | Default Value | Function |
---|---|---|---|
enable |
Boolean | false |
Enables/disables max_prefix feature. |
ipv4 |
Integer | 24 |
Sets the maxiumum prefix length allowed for IPv4 BGP Route queries. |
ipv6 |
Integer | 64 |
Sets the maxiumum prefix length allowed for IPv6 BGP Route queries. |
message |
String | "Prefix length must be smaller than /{m}. <b>{i}</b> is too specific." |
Sets the error message displayed to users when the maximum prefix length is queried. |
BGP Route¶
[features.bgp_route]
Key Name | Type | Default Value | Function |
---|---|---|---|
enable |
Boolean | true |
Enables or disables the BGP Route query type. |
BGP Community¶
[features.bgp_community]
Key Name | Type | Default Value | Function |
---|---|---|---|
enable |
Boolean | true |
Enables or disables the BGP Community query type. |
Regex
[features.bgp_community.regex]
Override the default regex patterns for validating BGP Community input.
Key Name | Type | Default Value | Function |
---|---|---|---|
decimal |
String | "^[0-9]{1,10}$" |
Decimal/32 bit community format. |
extended_as |
String | "^([0-9]{0,5})\:([0-9]{1,5})$" |
Extended community format |
large |
String | "^([0-9]{1,10})\:([0-9]{1,10})\:[0-9]{1,10}$" |
Large community format |
BGP AS Path¶
[features.bgp_aspath]
Key Name | Type | Default Value | Function |
---|---|---|---|
enable |
Boolean | true |
Enables or disables the BGP AS Path query type. |
Regex
[features.bgp_aspath.regex]
Key Name | Type | Default Value | Function |
---|---|---|---|
mode |
String | "asplain" |
Sets the AS Path type used network-wide. Options are asplain , asdot . |
asplain |
String | "^(\^|^\_)(\d+\_|\d+\$|\d+\(\_\.\+\_\))+$" |
Regex pattern used to validate asplain formatted AS numbers in an AS_PATH. Only used if mode is set to asplain. |
asdot |
String | "^(\^|^\_)((\d+\.\d+)\_|(\d+\.\d+)\$|(\d+\.\d+)\(\_\.\+\_\))+$" |
Regex pattern used to validate asdot formatted AS numbers in an AS_PATH. Only used if mode is set to asdot. |
AS_PATH Format
This pattern will be used to validate AS_PATH queries to your routers, so it should match how your routers are actually configured.
Ping¶
[features.ping]
Key Name | Type | Default Value | Function |
---|---|---|---|
enable |
Boolean | true |
Enables or disables the Ping query type. |
Traceroute¶
[features.traceroute]
Key Name | Type | Default Value | Function |
---|---|---|---|
enable |
Boolean | true |
Enables or disables the Traceroute query type. |
Example¶
[features]
[features.rate_limit]
redis_id = 1
[features.rate_limit.query]
rate = 5
title = "Query Limit Reached"
message = "Query limit of {rate} per minute reached. Please wait one {period} and try again."
button = "Try Again"
[features.rate_limit.site]
rate = 60
title = "Limit Reached"
subtitle = "You have accessed this site more than {rate} times in the last {period}."
[features.cache]
timeout = 120
redis_id = 0
show_text = true
text = "Results will be cached for {seconds / 60} minutes"
[features.bgp_route]
enable = true
[features.bgp_community]
enable = true
[features.bgp_community.regex]
decimal = "^[0-9]{1,10}$"
extended_as = "^([0-9]{0,5})\:([0-9]{1,5})$"
large = "^([0-9]{1,10})\:([0-9]{1,10})\:[0-9]{1,10}$"
[features.bgp_aspath]
enable = true
[features.bgp_aspath.regex]
mode = "asplain"
asplain = "^(\^|^\_)(\d+\_|\d+\$|\d+\(\_\.\+\_\))+$"
asdot = "^(\^|^\_)((\d+\.\d+)\_|(\d+\.\d+)\$|(\d+\.\d+)\(\_\.\+\_\))+$"
[features.ping]
enable = true
[features.traceroute]
enable = true
[features.max_prefix]
enable = false
ipv4 = 24
ipv6 = 64
message = "Prefix length must be smaller than /{m}. <b>{i}</b> is too specific."