3.3.8. Resource Quota Options
The maximum number of connections can be restricted with the
--max-connections broker option.
Table 3.5. Resource Quota Options
| Option | Description | Default Value |
|---|---|---|
--max-connections N
|
Total concurrent connections to the broker.
|
500
|
--max-negotiate-time N
|
The time during which initial protocol negotiation must succeed. This prevents resource starvation by badly behaved clients or transient network issues that prevent connections from completing.
|
500
|
--session-max-unacked N
|
The broker will send messages on a session without waiting for acknowledgement up to this limit (or sooner, if the aggregate link credit for the session is lower). When this limit is reached, the broker will wait for acknowledgement from the client before sending more messages.
|
5000 (or approxiamately 625 KB / session)
|
Notes
--max-connectionsis a qpid core limit and is enforced whether ACL is enabled or not.--max-connectionsis enforced per Broker. In a cluster of N nodes where all Brokers set the maximum connections to 20 the total number of allowed connections for the cluster will be N*20.--session-max-unackedhelps control memory use in cases where a large number of sessions are used with AMQP 1.0, which allocates a per-session buffer for unacknowledged message deliveries.--session-max-unackedcan be used to make each session's buffer smaller, if the broker has a large number of sessions and memory overhead is an issue.
ACL-based Quotas
To enable ACL-based quotas, an ACL file must be loaded:
Table 3.6. ACL Command-line Option
| Option | Description | Default Value |
|---|---|---|
--acl-file FILE (policy.acl)
|
The policy file to load from, loaded from data dir.
|
When an ACL file is loaded, the following ACL options can be specified at the command-line to enforce resource quotas:
Table 3.7. ACL-based Resource Quota Options
|
Option
| Description | Default Value |
|---|---|---|
--connection-limit-per-user N
|
The maximum number of connections allowed per user. 0 implies no limit.
|
0
|
--connection-limit-per-ip N
|
The maximum number of connections allowed per host IP address. 0 implies no limit.
| 0 |
--max-queues-per-user N
|
Total concurrent queues created by individual user
|
0
|
Notes
- In a cluster system the actual number of connections may exceed the connection quota value
Nby one less than the number of member nodes in the cluster. For example: in a 5-node cluster, with a limit of 20 connections, the actual number of connections can reach 24 before limiting takes place. - Cluster connections are checked against the connection limit when they are established. The cluster connection is denied if a free connection is not available. After establishment, however, a cluster connection does not consume a connection.
- Allowed values for
Nare 0..65535. - These limits are enforced per cluster.
- A value of zero (0) disables that option's limit checking.
- Per-user connections are identified by the authenticated user name.
- Per-ip connections are identified by the
<broker-ip><broker-port>-<client-ip><client-port>tuple which is also the management connection index.- With this scheme host systems may be identified by several names such as
localhostIPv4,127.0.0.1IPv4, or::1IPv6, and a separate set of connections is allowed for each name. - Per-IP connections are counted regardless of the user credentials provided with the connections. An individual user may be allowed 20 connections but if the client host has a 5 connection limit then that user may connect from that system only 5 times.
