[ https://issues.apache.org/jira/browse/KAFKA-1512?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14049117#comment-14049117 ]
Jay Kreps commented on KAFKA-1512: ---------------------------------- A couple things to review: 0. The new config is max.connections.per.ip 1. I am using Socket.getInetAddress() as the key to limit on. I think an InetAddress is what we want...a socket address includes the port so is always unique, but there is sort of a weird hierarchy of things there. This also depends on this address being properly hashable (which it seems to be). 2. I made an unrelated change to how we set the recv buffer. We were weirdly setting this over and over again on the server socket every time we accepted a connection. I think this was a mistake, so I changed it to set it once. But if anyone knows a reason for this odd code that would make me more confident. 3. I don't know of a way to check the source address of a pending connection without actually accepting the connection. So as a result this patch accepts the connection, and then, if we are over quota, closes it. > Limit the maximum number of connections per ip address > ------------------------------------------------------ > > Key: KAFKA-1512 > URL: https://issues.apache.org/jira/browse/KAFKA-1512 > Project: Kafka > Issue Type: New Feature > Reporter: Jay Kreps > Assignee: Jay Kreps > Attachments: KAFKA-1512.patch > > > To protect against client connection leaks add a new configuration > max.connections.per.ip > that causes the SocketServer to enforce a limit on the maximum number of > connections from each InetAddress instance. For backwards compatibility this > will default to 2 billion. -- This message was sent by Atlassian JIRA (v6.2#6252)