CRE-2025-0181

Redis Maximum Client Connections Limit ExceededCritical

Impact: 10/10

Mitigation: 7/10

CRE-2025-0181View on GitHub

RedisConnectionMax ClientsConnection PoolLimit

Description

Detects when Redis reaches its maximum client connection limit, preventing new clients from connecting. This critical issue causes connection failures and service unavailability for new requests.\n

Mitigation

IMMEDIATE ACTIONS:\n- Check current connections: `redis-cli CLIENT LIST | wc -l`\n- Review max clients limit: `redis-cli CONFIG GET maxclients`\n- Identify connection sources: `redis-cli CLIENT LIST | awk '{print $2}' | cut -d= -f2 | sort | uniq -c`\n- Monitor connection metrics: `redis-cli INFO clients`\n\nRECOVERY:\n- Increase max clients limit:\n `redis-cli CONFIG SET maxclients 50000`\n- Kill idle connections:\n ```\n redis-cli CLIENT LIST | grep idle | awk '{print $2}' | cut -d= -f2 | xargs -I{} redis-cli CLIENT KILL ID {}\n ```\n- Kill old connections (›300 seconds):\n `redis-cli CLIENT KILL TYPE normal SKIPME yes`\n- Restart specific client applications\n\nCONNECTION ANALYSIS:\n- Find connections per IP:\n `redis-cli CLIENT LIST | grep addr= | sed 's/.*addr=//' | cut -d: -f1 | sort | uniq -c | sort -rn`\n- Identify slow clients:\n `redis-cli CLIENT LIST | grep -E "idle=[0-9]{4,}"`\n\nPREVENTION:\n- Implement connection pooling with limits\n- Set appropriate connection timeouts\n- Monitor connection metrics continuously\n- Use connection pool validation\n- Regular connection pool recycling\n- Implement circuit breakers\n- Load testing to determine optimal maxclients\n

References

• https://redis.io/commands/client-list/
• https://redis.io/commands/client-kill/
• https://redis.io/docs/latest/operate/oss_and_stack/reference/clients/