Buy commercial curl support. We
help you work out your issues, debug your libcurl applications, use the API,
port to new platforms, add new features and more. With a team lead by the
curl founder Daniel himself.
Re: Max connections per peer / IP
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Stefan Eissing via curl-library <curl-library_at_lists.haxx.se>
Date: Thu, 30 Oct 2025 15:27:03 +0100
> Am 30.10.2025 um 15:05 schrieb Patrick Schlangen via curl-library <curl-library_at_lists.haxx.se>:
>
> Hi,
>
> I've been looking for a way to have something like CURLMOPT_MAX_HOST_CONNECTIONS - but instead of limiting by hostname:port, limit by peer / IP address.
>
> It seems it's not straightforward to add this in a way similar to CURLMOPT_MAX_HOST_CONNECTIONS since that limit seem to be checked before the address resolution has been done.
>
> Another idea I had was trying to use CURLOPT_OPENSOCKETFUNCTION and introduce some kind of special return value (like CURL_SOCKET_BAD) which causes the connection to be put in pending state, and have libcurl retry the socket creation later. That could also be useful for implementing other custom ways of limiting connections, or to retry socket creation if the system (or application) runs out of sockets.
>
> Any thoughts on this? Maybe I'm missing some way in which this can already be implemented right now without changes to libcurl?
You are correct that there is no obvious place in libcurl where to add that. Connection are chosen/reused based on the url authority (and config parameters) and once a connection is created, it counts and is used.
Limiting on IP address has another tricky issue: a hostname can resolve to many IP addresses. Which one will eventually be used depends on the IP Eyeballing and what it succeeds with. For a new connection with a previous host name, that might be a different address.
This also should show that intercepting somehow at socket creation is also tricky. Sockets are created for IP eyeballing, maybe many per connection (until one succeeds, then the rest is closed).
Maybe it would be good to take a step back and describe what you actually want to achieve? Is this for a private setup only or should it work on the public internet? etc.
Kind Regards,
Stefan
>
> Thanks,
>
> Patrick
> --
> Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library
> Etiquette: https://curl.se/mail/etiquette.html
Date: Thu, 30 Oct 2025 15:27:03 +0100
> Am 30.10.2025 um 15:05 schrieb Patrick Schlangen via curl-library <curl-library_at_lists.haxx.se>:
>
> Hi,
>
> I've been looking for a way to have something like CURLMOPT_MAX_HOST_CONNECTIONS - but instead of limiting by hostname:port, limit by peer / IP address.
>
> It seems it's not straightforward to add this in a way similar to CURLMOPT_MAX_HOST_CONNECTIONS since that limit seem to be checked before the address resolution has been done.
>
> Another idea I had was trying to use CURLOPT_OPENSOCKETFUNCTION and introduce some kind of special return value (like CURL_SOCKET_BAD) which causes the connection to be put in pending state, and have libcurl retry the socket creation later. That could also be useful for implementing other custom ways of limiting connections, or to retry socket creation if the system (or application) runs out of sockets.
>
> Any thoughts on this? Maybe I'm missing some way in which this can already be implemented right now without changes to libcurl?
You are correct that there is no obvious place in libcurl where to add that. Connection are chosen/reused based on the url authority (and config parameters) and once a connection is created, it counts and is used.
Limiting on IP address has another tricky issue: a hostname can resolve to many IP addresses. Which one will eventually be used depends on the IP Eyeballing and what it succeeds with. For a new connection with a previous host name, that might be a different address.
This also should show that intercepting somehow at socket creation is also tricky. Sockets are created for IP eyeballing, maybe many per connection (until one succeeds, then the rest is closed).
Maybe it would be good to take a step back and describe what you actually want to achieve? Is this for a private setup only or should it work on the public internet? etc.
Kind Regards,
Stefan
>
> Thanks,
>
> Patrick
> --
> Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library
> Etiquette: https://curl.se/mail/etiquette.html
-- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.htmlReceived on 2025-10-30