mirror of
https://git.haproxy.org/git/haproxy.git/
synced 2025-08-07 15:47:01 +02:00
7735cf3854
Increment actconn and check maxconn limit when a quic_conn is instantiated. This is necessary because prior to this patch, quic_conn instances where not counted. Global actconn was only incremented after the handshake has been completed and the connection structure is allocated. The increment is done using increment_actconn() on INITIAL packet parsing if a new connection is about to be created. If the limit is reached, the allocation is cancelled and the INITIAL packet is dropped. The decrement is done under quic_conn_release(). This means that quic_cc_conn instances are not taken into account. This seems safe enough because quic_cc_conn are only used for minimal usage. The counterpart of this change is that maxconn must not be checked a second time when listener_accept() is done over a QUIC connection. For this, a new bind_conf flag BC_O_XPRT_MAXCONN is set for listeners when maxconn is already counted by the lower layer. For the moment, it is positionned only for QUIC listeners. Without this patch, haproxy process could suffer from heavy memory/CPU load if the number of concurrent handshake is high. This patch is not considered a bug fix per-se. However, it has a major benefit to protect against too many QUIC handshakes. As such, it should be backported up to 2.6. For this, it relies on the following patch : "MINOR: frontend: implement a dedicated actconn increment function" |
||
|---|---|---|
| .github | ||
| addons | ||
| admin | ||
| dev | ||
| doc | ||
| examples | ||
| include | ||
| reg-tests | ||
| scripts | ||
| src | ||
| tests | ||
| .cirrus.yml | ||
| .gitattributes | ||
| .gitignore | ||
| .mailmap | ||
| .travis.yml | ||
| BRANCHES | ||
| BSDmakefile | ||
| CHANGELOG | ||
| CONTRIBUTING | ||
| INSTALL | ||
| LICENSE | ||
| MAINTAINERS | ||
| Makefile | ||
| README | ||
| SUBVERS | ||
| VERDATE | ||
| VERSION | ||
The HAProxy documentation has been split into a number of different files for ease of use. Please refer to the following files depending on what you're looking for : - INSTALL for instructions on how to build and install HAProxy - BRANCHES to understand the project's life cycle and what version to use - LICENSE for the project's license - CONTRIBUTING for the process to follow to submit contributions The more detailed documentation is located into the doc/ directory : - doc/intro.txt for a quick introduction on HAProxy - doc/configuration.txt for the configuration's reference manual - doc/lua.txt for the Lua's reference manual - doc/SPOE.txt for how to use the SPOE engine - doc/network-namespaces.txt for how to use network namespaces under Linux - doc/management.txt for the management guide - doc/regression-testing.txt for how to use the regression testing suite - doc/peers.txt for the peers protocol reference - doc/coding-style.txt for how to adopt HAProxy's coding style - doc/internals for developer-specific documentation (not all up to date)