BestHub
Sign in
Operations 3 min read

How to Limit Concurrent Connections from a Host Using iptables

This guide demonstrates how to simulate a high‑traffic scenario between two machines and use an iptables rule to reject connections from a specific host when its concurrent requests exceed ten, including command syntax, execution steps, and result analysis.

Java High-Performance Architecture
Java High-Performance Architecture
Java High-Performance Architecture
How to Limit Concurrent Connections from a Host Using iptables

Scenario description

Two machines A and B. A runs a web service, B sends many requests.

A wants to limit B's concurrent connections using iptables: reject when B's concurrent connections exceed 10.

Simulation process

A IP: 192.168.31.158 B IP: 192.168.31.207

On B run ApacheBench to generate load: ab -n 10000 -c 20 http://192.168.31.158/test.html After the test, check load on A with w command.

Because A is under pressure, apply iptables rule:

iptables -I INPUT -p tcp --dport 80 -s 192.168.31.207 -m connlimit --connlimit-above 10 -j REJECT

Run the ab command again on B: ab -n 10000 -c 20 http://192.168.31.158/test.html Result shows requests are rejected.

Reducing the -c value to 9 allows normal execution.

Command explanation

The iptables command consists of several parts:

-I INPUT : insert a rule into the INPUT chain.

-p tcp --dport 80 -s 192.168.31.207 : match TCP packets destined for port 80 from IP 192.168.31.207.

-m connlimit --connlimit-above 10 : match when concurrent connections exceed 10.

-j REJECT : reject matching packets.

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

OperationsfirewallLinuxnetwork securityiptablesconnection limiting
Java High-Performance Architecture
Written by

Java High-Performance Architecture

Sharing Java development articles and resources, including SSM architecture and the Spring ecosystem (Spring Boot, Spring Cloud, MyBatis, Dubbo, Docker), Zookeeper, Redis, architecture design, microservices, message queues, Git, etc.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment