How Many TCP Connections Can One Server Really Handle? A Deep Dive into Linux Limits

Understanding the Theoretical Connection Limit

TCP connections are identified by a four‑tuple: source IP, source port, destination IP, and destination port. With a fixed server IP and port 80, the variable parts are source IP (2^32 possibilities) and source port (2^16), yielding a theoretical maximum of 2^48 ≈ 2.8×10^14 connections.

Practical Linux Limits on Open Files

Each opened file descriptor, including sockets, consumes kernel memory. Linux therefore caps the number of simultaneously open file descriptors at several levels for safety.

System‑wide limit: configurable via fs.file-max.

User‑level limit: set in /etc/security/limits.conf.

Process‑level limit: adjustable with fs.nr_open.

Configuring Receive and Send Buffers

The receive buffer size can be inspected and tuned with sysctl:

$ sysctl -a | grep rmem
net.ipv4.tcp_rmem = 4096 87380 8388608
net.core.rmem_default = 212992
net.core.rmem_max = 8388608

The first value in tcp_rmem is the minimum memory allocated per socket (default 4 KB, max 8 MB). Similarly, the send buffer is controlled by net.ipv4.tcp_wmem:

$ sysctl -a | grep wmem
net.ipv4.tcp_wmem = 4096 65536 8388608
net.core.wmem_default = 212992
net.core.wmem_max = 8388608

Experiment: Achieving One Million Concurrent Connections

By raising the system, user, and process limits to 1.1 million and ensuring essential commands remain usable, the author ran a test that established 1,000,024 ESTABLISHED connections:

$ ss -n | grep ESTAB | wc -l
1000024

Memory statistics showed a 3.9 GB total RAM, with the kernel slab consuming about 3.2 GB, leaving only ~100 MB free. The slabtop output revealed roughly one million entries each for sock_inode_cache and TCP structures.

Conclusion

While the theoretical ceiling for TCP connections is astronomically high, real‑world Linux servers are limited by file descriptor caps, kernel memory allocation, and buffer settings. Adjusting these parameters allows a single machine to handle hundreds of thousands to a few million concurrent connections, but careful monitoring of memory usage is essential.