# Limiting Connections ## Background As you maintain your nodes, you may see multiple nodes trying to connect to you. Normally you should only have 1 or 2 per relay IP that tries to connect to you. Many SPO have shared instances when they see up to 30 connections from a particular IP address. There can be many reasons for these multiple connections ranging from wrong configuration to actual denial of service (DOS) attacks. Irregardless of the reason, these multiple connections will eventually slow down your nodes and in extreme circumstances, can prevent you from minting blocks. ## Remediation There are many ways to mitigate the effects of these unwanted multiple connections. I'll share with you two of them: ### Solution 1: Block the IP address The most basic solution is to block the IP address that is making multiple connections to your node. For example, if the offending IP address is 1.2.3.4, you can use the following ufw command to deny it: ``` sudo ufw deny from 1.2.3.4 ``` Restart your cardano node service to refresh your connection list ### Solution 2: Limit Connections Blocking IP addresses is a manual activity so a better solution is to setup rules to limit the number of connections each IP can make to your relays. To do this, in the /etc/ufw/before.rules file, look for these these lines: ``` # Don't delete these required lines, otherwise there will be errors *filter :ufw-before-input - [:] :ufw-before-output - [:] :ufw-before-forward - [:] :ufw-not-local - [:] # End of required lines ``` The following is a sample command you can add after the above lines: ``` # Limit to 3 concurrent connections on port 6101 per IP -A ufw-before-input -p tcp --syn --dport 6101 -m connlimit --connlimit-above 3 -j DROP ``` The above command will limit the number of concurrent connections to 3 for the port 6101 which is the port number of this particular relay. Please change these numbers according to your configuration. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://blockchainlens.gitbook.io/cardano-spot-check/tips/limiting-connections.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.