“It’s a fine line between ‘intentionally connecting hundreds of thousands of devices to a single IoT hub instance’ and ‘trying to DoS the service by spamming hundreds of thousands of connection attempts to an IoT hub,’” wrote Nicole Berdy, Program Manager at Microsoft Azure IoT.
“It’s important to understand that the IoT Hub service does not inherently know anything about your IoT scenario! All it knows are connections and data packet sizes, nothing about contents; we don't open your mail and peek inside,” she added.
As a result, if set up incorrectly, your system might be throttled as if it looks like the work of hackers.
When an engineer focuses on their IoT system, they might forget that services like the IoT Hub are a shared resource. And like any tragedy of the commons, this shared resource can risk depletion if it isn’t policed in some fashion.
In order to keep data center costs down, the Azure IoT Hub is designed for the intended use of the service, not worst-case scenarios. This makes the IoT Hub a limited resource. Therefore, if everyone pings the service at once, or half a million of your devices ping it at once, IoT systems will need to be throttled to ensure the proper operations of the Azure IoT Hub.
“If we were to allow spikes in usage without any throttling limits, then we are unprotected against usage peaks that would take down the service,” wrote Berdy. “Instead of allowing that to happen, we protect the service and our customers by imposing throttling limits. Monitoring the service’s resource usage allows us to better forecast future resource needs and plan accordingly.”
How to Avoid Having your IoT System Throttled
To help avoid throttling customers, the IoT Hub has caps on the number of devices that customers can register. This also helps to avoid DoS attacks. However, customers can request to add more devices if they speak with Microsoft Support.
Currently, the cap is at half a million devices, which should be more than enough for most IoT systems. This cap is really in place to limit the IoT systems of larger organizations, as well as sneaky hackers who want to appear as though they have half a million devices.
If you suspect that your system is being affected by the Azure IoT Hub throttling procedure, Berdy suggests you look into how often your devices are sending information and hitting a block. Users can also use the Operation Monitoring features in the IoT Hub to assess which devices are pinging the Hub the most and causing(?) throttling errors.
The Azure IoT Hub can throttle your IoT system in a number of ways. As a result, engineers should keep these throttling procedures in mind when designing IoT systems:
- Device connections might trigger throttling if more than expected connect at a given time.
- Device-to-cloud communication can trigger throttling if the communication rate looks like it will surpass the message limit in your license.
- Cloud-to-device commands tend to be throttled more for commands received than commands sent; due to protocol issues HTTP1 is throttled the most.
- Device CRUD (create, read, update, delete) Operations should be rare as there are bulk tools to import and export list of devices. If individual CRUD operations are being sent, this typically is a sign that something is wrong with the system. As a result, the Azure IoT Hub will throttle the system.
To find out more about how the IoT Hub might throttle your connections follow this link.