我的书签
添加书签
移除书签Connection Limit Filter
The filter can protect for resources such as connections, CPU, memory, etc. by making sure every filter chain gets fair share of connection resources and prevent any single entity based on filter chain match or descriptors from consuming a large number of connections. The connection limit filter applies a connection limit to incoming connections that are processed by the filter’s filter chain. Each connection processed by the filter marked as an active connection, and if the number of active connections reaches the max connections limit, the connection will be closed without further filter iteration.
The connection limit filter is similar to the L4 local rate limit filter, but instead of enforcing the limit on connections rate, the filter limits the number of active connections.
The filter maintains an atomic counter of active connection count. It has a max connections limit value based on the configured total number of connections. When a new connection request comes, the filter tries to increment the connection counter. The connection is allowed if the counter is less than the max connections limit, otherwise the connection gets rejected. When an active connection is closed, the filter decrements the active connection counter.
Note
In the current implementation each filter chain has an independent connection limit.
Every configured connection limit filter has statistics rooted at connection_limit.<stat_prefix>. with the following statistics:
The connection limit filter can be runtime feature flagged via the configuration field.
