3.3.8. Resource Quota Options

The maximum number of connections can be restricted with the --max-connections broker option.

Expand

Table 3.5. Resource Quota Options
Option	Description	Default Value
`--max-connections N`	Total concurrent connections to the broker.	500
`--max-negotiate-time N`	The time during which initial protocol negotiation must succeed. This prevents resource starvation by badly behaved clients or transient network issues that prevent connections from completing.	500
`--session-max-unacked N`	The broker will send messages on a session without waiting for acknowledgement up to this limit (or sooner, if the aggregate link credit for the session is lower). When this limit is reached, the broker will wait for acknowledgement from the client before sending more messages.	5000 (or approxiamately 625 KB / session)

Notes

--max-connections is a qpid core limit and is enforced whether ACL is enabled or not.
--max-connections is enforced per Broker. In a cluster of N nodes where all Brokers set the maximum connections to 20 the total number of allowed connections for the cluster will be N*20.
--session-max-unacked helps control memory use in cases where a large number of sessions are used with AMQP 1.0, which allocates a per-session buffer for unacknowledged message deliveries.
--session-max-unacked can be used to make each session's buffer smaller, if the broker has a large number of sessions and memory overhead is an issue.

To enable ACL-based quotas, an ACL file must be loaded:

Expand

Table 3.6. ACL Command-line Option
Option	Description	Default Value
`--acl-file FILE (policy.acl)`	The policy file to load from, loaded from data dir.

When an ACL file is loaded, the following ACL options can be specified at the command-line to enforce resource quotas:

Expand

Table 3.7. ACL-based Resource Quota Options
Option	Description	Default Value
`--connection-limit-per-user N`	The maximum number of connections allowed per user. 0 implies no limit.	0
`--connection-limit-per-ip N`	The maximum number of connections allowed per host IP address. 0 implies no limit.	0
`--max-queues-per-user N`	Total concurrent queues created by individual user	0

Notes

In a cluster system the actual number of connections may exceed the connection quota value N by one less than the number of member nodes in the cluster. For example: in a 5-node cluster, with a limit of 20 connections, the actual number of connections can reach 24 before limiting takes place.
Cluster connections are checked against the connection limit when they are established. The cluster connection is denied if a free connection is not available. After establishment, however, a cluster connection does not consume a connection.
Allowed values for N are 0..65535.
These limits are enforced per cluster.
A value of zero (0) disables that option's limit checking.
Per-user connections are identified by the authenticated user name.
Per-ip connections are identified by the <broker-ip><broker-port>-<client-ip><client-port> tuple which is also the management connection index.
- With this scheme host systems may be identified by several names such as localhost IPv4, 127.0.0.1 IPv4, or ::1 IPv6, and a separate set of connections is allowed for each name.
- Per-IP connections are counted regardless of the user credentials provided with the connections. An individual user may be allowed 20 connections but if the client host has a 5 connection limit then that user may connect from that system only 5 times.