Reference

set rate-limit ssl-sessions global

On this page

Set the process-wide SSL session rate limit.

Description Jump to heading

By setting the global setting maxsslrate, you can limit the rate at which the load balancer creates SSL sessions. When it reaches the limit, it stops accepting new connections. In the snippet below, 1,000 SSL sessions per second are allowed:

haproxy
global
  maxsslrate 1000
haproxy
global
  maxsslrate 1000

By default, it’s set to 0, which means unlimited.

Use the set rate-limit ssl-sessions global command to change the global maxsslrate setting dynamically.

Examples Jump to heading

Below, we set the global SSL session rate limit to 5,000 sessions per second:

nix
echo "set rate-limit ssl-sessions global 5000" | \
  sudo socat stdio tcp4-connect:127.0.0.1:9999
nix
echo "set rate-limit ssl-sessions global 5000" | \
  sudo socat stdio tcp4-connect:127.0.0.1:9999

See also Jump to heading

Do you have any suggestions on how we can improve the content of this page?

Previous page set rate-limit sessions global Next page set server
© 2024 HAProxy Technologies, LLC. All Rights Reserved
Manage Cookie Preferences