Short text
Limit values for the number of connections per client IP address in SAP Web Dispatcher ánd ICM.
Parameter Description
With each new connection, the number of open connections on each client IP address is checked.
If the connections currently occupied exceed defined limits, either a warning is created or the connection is canceled. A system log entry is created in both cases.
These limits are defined in parameter icm/client_ip_connection_limit. The parameter also has subparameters WARN und REJECT with respective values. These values are percentages. 100 stands for the entire number of connections available, which is defined in profile parameter icm/max_conn.
Example: With value WARN=50, REJECT=100:
- If a server permits a maximum of 1000 connections, there are no warnings provided the number of simultaneous connections is less than or equal to than 500.
- With 501 connections from the same client IP address, the system creates a syslog entry.
- However, no connection is rejected because the REJECT value is 100.
There is the option to set a subparameter USE=X-FORWARDED-FOR. This is necessary if a reverse proxy was configured in front of the Web Dispatcher or ICM. Then instead of the client IP address, the last IP address from the x-forwarded-for header field is used.
Application Area
SAP Web Dispatcher
Parameter Unit
Percentages
Default Value
WARN=90, REJECT=100
Who is permitted to make changes?
Customer
Operating System Restrictions
None
Database System Restrictions
None
Values allowed
The following rules apply:
- Subparameters WARN und REJECT are mandatory
- The values of the WARN subparameter must lie in the interval [0, 100].
- The values of the REJECT subparameter must lie in the interval [1, 100].
- The value of WARN must not be greater than the value of REJECT
- Subparameter USE is optional, it has to either have value X-FORWARDED-FOR or CLIENT-IP.
