Connection Management & Security

Connection management in Geode encompasses establishing secure connections, managing connection pools, handling authentication, and optimizing network performance. Geode uses modern QUIC transport with TLS 1.3 encryption by default, providing secure and efficient connections for all client operations. <h3 id="connection-architecture" class="position-relative d-flex align-items-center group"> Connection Architecture <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="connection-architecture" aria-haspopup="dialog" aria-label="Share link: Connection Architecture"> Share link </button> </h3><div id="headingShareModal" class="heading-share-modal" role="dialog" aria-modal="true" aria-labelledby="headingShareTitle" hidden> <div class="hsm-dialog" role="document"> <div class="hsm-header"> <h2 id="headingShareTitle" class="h6 mb-0 fw-bold">Share this section</h2> <button type="button" class="hsm-close" aria-label="Close"> </button> </div> <div class="hsm-body"> <label for="headingShareInput" class="form-label small text-muted mb-1 text-uppercase fw-bold" style="font-size: 0.7rem; letter-spacing: 0.5px;">Permalink</label> <div class="input-group mb-4 hsm-url-group"> <input id="headingShareInput" type="text" class="form-control font-monospace" readonly aria-readonly="true" style="font-size: 0.85rem;" /> <button class="btn btn-primary hsm-copy" type="button" aria-label="Copy" title="Copy"> </button> </div> <div class="small fw-bold mb-2 text-muted text-uppercase" style="font-size: 0.7rem; letter-spacing: 0.5px;">Share via</div> <div class="hsm-share-grid"> <a id="share-twitter" class="btn btn-outline-secondary w-100" target="_blank" rel="noopener noreferrer"> Twitter </a> <a id="share-linkedin" class="btn btn-outline-secondary w-100" target="_blank" rel="noopener noreferrer"> LinkedIn </a> <a id="share-facebook" class="btn btn-outline-secondary w-100" target="_blank" rel="noopener noreferrer"> Facebook </a> </div> </div> </div> </div> <style> .heading-share-modal { position: fixed; inset: 0; display: flex; justify-content: center; align-items: center; background: rgba(0, 0, 0, 0.6); z-index: 1050; padding: 1rem; backdrop-filter: blur(4px); -webkit-backdrop-filter: blur(4px); } .heading-share-modal[hidden] { display: none !important; } .hsm-dialog { max-width: 420px; width: 100%; background: var(--bs-body-bg, #fff); color: var(--bs-body-color, #212529); border: 1px solid var(--bs-border-color, rgba(0,0,0,0.1)); border-radius: 1rem; box-shadow: 0 25px 50px -12px rgba(0, 0, 0, 0.25); overflow: hidden; animation: hsm-fade-in 0.2s ease-out; } @keyframes hsm-fade-in { from { opacity: 0; transform: scale(0.95); } to { opacity: 1; transform: scale(1); } } [data-bs-theme="dark"] .hsm-dialog { background: #1e293b; border-color: rgba(255,255,255,0.1); color: #f8f9fa; } .hsm-header { display: flex; justify-content: space-between; align-items: center; padding: 1rem 1.5rem; border-bottom: 1px solid var(--bs-border-color, rgba(0,0,0,0.1)); background: rgba(0,0,0,0.02); } [data-bs-theme="dark"] .hsm-header { background: rgba(255,255,255,0.02); border-color: rgba(255,255,255,0.1); } .hsm-close { background: transparent; border: none; color: inherit; opacity: 0.5; padding: 0.25rem 0.5rem; border-radius: 0.25rem; font-size: 1.2rem; line-height: 1; transition: opacity 0.2s; } .hsm-close:hover { opacity: 1; } .hsm-body { padding: 1.5rem; } .hsm-url-group { display: flex !important; align-items: stretch; } .hsm-url-group .form-control { flex: 1; min-width: 0; margin: 0; background: var(--bs-secondary-bg, #f8f9fa); border-color: var(--bs-border-color, #dee2e6); border-top-right-radius: 0; border-bottom-right-radius: 0; height: 42px; } .hsm-url-group .btn { flex: 0 0 auto; margin: 0; margin-left: -1px; border-top-left-radius: 0; border-bottom-left-radius: 0; height: 42px; display: flex; align-items: center; justify-content: center; padding: 0 1.25rem; z-index: 2; } [data-bs-theme="dark"] .hsm-url-group .form-control { background: #0f172a; border-color: #334155; color: #e2e8f0; } .hsm-share-grid { display: flex; flex-direction: column; gap: 0.5rem; } .hsm-share-grid .btn { display: flex; align-items: center; justify-content: center; font-size: 0.9rem; padding: 0.6rem; border-color: var(--bs-border-color); width: 100%; } [data-bs-theme="dark"] .hsm-share-grid .btn { color: #e2e8f0; border-color: #475569; } [data-bs-theme="dark"] .hsm-share-grid .btn:hover { background: #334155; border-color: #cbd5e1; } </style> <script> (function(){ const modal = document.getElementById('headingShareModal'); if(!modal) return; const input = modal.querySelector('#headingShareInput'); const copyBtn = modal.querySelector('.hsm-copy'); const twitter = modal.querySelector('#share-twitter'); const linkedin = modal.querySelector('#share-linkedin'); const facebook = modal.querySelector('#share-facebook'); const closeBtn = modal.querySelector('.hsm-close'); let lastFocus=null; let trapBound=false; function buildUrl(id){ return window.location.origin + window.location.pathname + '#' + id; } function isOpen(){ return !modal.hasAttribute('hidden'); } function hydrate(id){ const url=buildUrl(id); input.value=url; const enc=encodeURIComponent(url); const text=encodeURIComponent(document.title); if(twitter) twitter.href=`https://twitter.com/intent/tweet?url=${enc}&text=${text}`; if(linkedin) linkedin.href=`https://www.linkedin.com/sharing/share-offsite/?url=${enc}`; if(facebook) facebook.href=`https://www.facebook.com/sharer/sharer.php?u=${enc}`; } function openModal(id){ lastFocus=document.activeElement; hydrate(id); if(!isOpen()){ modal.removeAttribute('hidden'); } requestAnimationFrame(()=>{ input.focus(); }); trapFocus(); } function closeModal(){ if(!isOpen()) return; modal.setAttribute('hidden',''); if(lastFocus && typeof lastFocus.focus==='function') lastFocus.focus(); } function copyCurrent(){ try{ navigator.clipboard.writeText(input.value).then(()=>feedback(true),()=>fallback()); } catch(e){ fallback(); } } function fallback(){ input.select(); try{ document.execCommand('copy'); feedback(true);}catch(e){ feedback(false);} } function feedback(ok){ if(!copyBtn) return; const icon=copyBtn.querySelector('i'); if(!icon) return; const prev=copyBtn.getAttribute('data-prev')||icon.className; if(!copyBtn.getAttribute('data-prev')) copyBtn.setAttribute('data-prev',prev); icon.className= ok ? 'fa-duotone fa-clipboard-check':'fa-duotone fa-circle-exclamation'; setTimeout(()=>{ icon.className=prev; },1800); } function handleShareClick(e){ e.preventDefault(); const btn=e.currentTarget; const id=btn.getAttribute('data-share-target'); if(id) openModal(id); } function bindShareButtons(){ document.querySelectorAll('.h-share').forEach(btn=>{ if(!btn.dataset.hShareBound){ btn.addEventListener('click', handleShareClick); btn.dataset.hShareBound='1'; } }); } bindShareButtons(); if(document.readyState==='loading'){ document.addEventListener('DOMContentLoaded', bindShareButtons); } else { requestAnimationFrame(bindShareButtons); } document.addEventListener('click', function(e){ const shareBtn=e.target.closest && e.target.closest('.h-share'); if(shareBtn && !shareBtn.dataset.hShareBound){ handleShareClick.call(shareBtn, e); } }, true); document.addEventListener('click', e=>{ if(e.target===modal) closeModal(); if(e.target.closest && e.target.closest('.hsm-close')){ e.preventDefault(); closeModal(); } if(copyBtn && (e.target===copyBtn || (e.target.closest && e.target.closest('.hsm-copy')))) { e.preventDefault(); copyCurrent(); } }); document.addEventListener('keydown', e=>{ if(e.key==='Escape' && isOpen()) closeModal(); }); function trapFocus(){ if(trapBound) return; trapBound=true; modal.addEventListener('keydown', f=>{ if(f.key==='Tab' && isOpen()){ const focusable=[...modal.querySelectorAll('a[href],button,input,textarea,select,[tabindex]:not([tabindex="-1"])')].filter(el=>!el.hasAttribute('disabled')); if(!focusable.length) return; const first=focusable[0]; const last=focusable[focusable.length-1]; if(f.shiftKey && document.activeElement===first){ f.preventDefault(); last.focus(); } else if(!f.shiftKey && document.activeElement===last){ f.preventDefault(); first.focus(); } } }); } if(closeBtn) closeBtn.addEventListener('click', e=>{ e.preventDefault(); closeModal(); }); })(); </script>Geode implements a modern connection architecture built on: <ul> <li>QUIC Transport: UDP-based transport with built-in encryption and multiplexing</li> <li>TLS 1.3: Latest transport layer security for all connections</li> <li>Connection Pooling: Efficient resource management for high-throughput applications</li> <li>Session Management: Stateful sessions with authentication and context</li> <li>Load Balancing: Automatic distribution across cluster nodes</li> </ul> <h4 id="default-connection-settings" class="position-relative d-flex align-items-center group"> Default Connection Settings <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="default-connection-settings" aria-haspopup="dialog" aria-label="Share link: Default Connection Settings"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Server listens on standard port 3141 geode serve --listen 0.0.0.0:3141 # Alternative secure port 8443 geode serve --listen 0.0.0.0:8443 # IPv6 support geode serve --listen [::]:3141 </code></pre></div> <h3 id="quic-transport" class="position-relative d-flex align-items-center group"> QUIC Transport <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="quic-transport" aria-haspopup="dialog" aria-label="Share link: QUIC Transport"> Share link </button> </h3>Geode uses QUIC (Quick UDP Internet Connections) as its primary transport protocol, providing advantages over traditional TCP: <h4 id="benefits-of-quic" class="position-relative d-flex align-items-center group"> Benefits of QUIC <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="benefits-of-quic" aria-haspopup="dialog" aria-label="Share link: Benefits of QUIC"> Share link </button> </h4><ul> <li>Faster Connection Establishment: 0-RTT and 1-RTT connection setup vs TCP’s 3-way handshake</li> <li>No Head-of-Line Blocking: Independent streams don’t block each other</li> <li>Built-in Encryption: TLS 1.3 encryption mandatory, not optional</li> <li>Connection Migration: Connections survive IP address changes</li> <li>Multiplexing: Multiple queries over single connection without interference</li> </ul> <h4 id="quic-configuration" class="position-relative d-flex align-items-center group"> QUIC Configuration <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="quic-configuration" aria-haspopup="dialog" aria-label="Share link: QUIC Configuration"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Basic QUIC configuration (uses defaults) geode serve --transport=quic # Advanced QUIC tuning geode serve --transport=quic \ --quic-max-streams=1000 \ --quic-max-idle-timeout=300s \ --quic-initial-rtt=100ms \ --quic-congestion-control=cubic </code></pre></div> <h4 id="quic-vs-tcp" class="position-relative d-flex align-items-center group"> QUIC vs TCP <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="quic-vs-tcp" aria-haspopup="dialog" aria-label="Share link: QUIC vs TCP"> Share link </button> </h4><table> <thead> <tr> <th>Feature</th> <th>QUIC</th> <th>TCP</th> </tr> </thead> <tbody> <tr> <td>Connection Setup</td> <td>0-1 RTT</td> <td>1-3 RTT</td> </tr> <tr> <td>Encryption</td> <td>Built-in TLS 1.3</td> <td>Optional</td> </tr> <tr> <td>Head-of-Line Blocking</td> <td>None</td> <td>Yes</td> </tr> <tr> <td>Connection Migration</td> <td>Yes</td> <td>No</td> </tr> <tr> <td>Multiplexing</td> <td>Native</td> <td>Requires HTTP/2</td> </tr> </tbody> </table> <h3 id="tls-configuration" class="position-relative d-flex align-items-center group"> TLS Configuration <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="tls-configuration" aria-haspopup="dialog" aria-label="Share link: TLS Configuration"> Share link </button> </h3>All Geode connections are encrypted using TLS 1.3: <h4 id="basic-tls-setup" class="position-relative d-flex align-items-center group"> Basic TLS Setup <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="basic-tls-setup" aria-haspopup="dialog" aria-label="Share link: Basic TLS Setup"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Generate self-signed certificate for development geode cert-gen --output-dir=/etc/geode/certs \ --common-name=geode.example.com \ --validity-days=365 # Start server with TLS geode serve --tls-cert=/etc/geode/certs/server.crt \ --tls-key=/etc/geode/certs/server.key </code></pre></div> <h4 id="production-tls-configuration" class="position-relative d-flex align-items-center group"> Production TLS Configuration <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="production-tls-configuration" aria-haspopup="dialog" aria-label="Share link: Production TLS Configuration"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Use production certificates from CA geode serve --tls-cert=/etc/geode/certs/production.crt \ --tls-key=/etc/geode/certs/production.key \ --tls-ca=/etc/geode/certs/ca-bundle.crt \ --tls-min-version=1.3 \ --tls-cipher-suites=TLS_AES_256_GCM_SHA384,TLS_CHACHA20_POLY1305_SHA256 </code></pre></div> <h4 id="mutual-tls-mtls" class="position-relative d-flex align-items-center group"> Mutual TLS (mTLS) <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="mutual-tls-mtls" aria-haspopup="dialog" aria-label="Share link: Mutual TLS (mTLS)"> Share link </button> </h4>Require clients to present valid certificates: <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Enable mutual TLS authentication geode serve --require-client-certificates=true \ --client-ca=/etc/geode/certs/client-ca.crt \ --verify-client-certificates=strict # Allow specific client certificates geode serve --require-client-certificates=true \ --client-cert-allowlist=/etc/geode/allowed-clients.txt </code></pre></div>Client connection with certificate: <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"># Python client with mTLS from geode_client import Client client = Client( host='geode.example.com', port=3141, tls_cert='/etc/client/client.crt', tls_key='/etc/client/client.key', tls_ca='/etc/client/ca.crt' ) </code></pre></div> <h3 id="connection-pooling" class="position-relative d-flex align-items-center group"> Connection Pooling <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="connection-pooling" aria-haspopup="dialog" aria-label="Share link: Connection Pooling"> Share link </button> </h3>Connection pools manage multiple connections efficiently: <h4 id="server-side-connection-limits" class="position-relative d-flex align-items-center group"> Server-Side Connection Limits <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="server-side-connection-limits" aria-haspopup="dialog" aria-label="Share link: Server-Side Connection Limits"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Configure server connection limits geode serve --max-connections=10000 \ --max-connections-per-ip=100 \ --connection-timeout=30s \ --idle-timeout=300s </code></pre></div> <h4 id="client-side-connection-pooling" class="position-relative d-flex align-items-center group"> Client-Side Connection Pooling <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="client-side-connection-pooling" aria-haspopup="dialog" aria-label="Share link: Client-Side Connection Pooling"> Share link </button> </h4>Go Client <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-go" data-lang="go">import ( "context" "database/sql" "log" "time" _ "geodedb.com/geode" ) db, err := sql.Open("geode", "quic://geode.example.com:3141") if err != nil { log.Fatal(err) } defer db.Close() // Pooling via database/sql db.SetMaxOpenConns(100) db.SetMaxIdleConns(10) db.SetConnMaxIdleTime(300 * time.Second) rows, err := db.QueryContext(context.Background(), "MATCH (p:Person) RETURN p") </code></pre></div>Python Client <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-python" data-lang="python">from geode_client import ConnectionPool pool = ConnectionPool( host="geode.example.com", port=3141, min_size=10, max_size=100, skip_verify=True, ) async with pool: async with pool.acquire() as conn: page, _ = await conn.query("MATCH (p:Person) RETURN p") for row in page.rows: print(row["p"]) </code></pre></div>Rust Client <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-rust" data-lang="rust">use geode_client::ConnectionPool; let pool = ConnectionPool::new("geode.example.com", 3141, 100) .skip_verify(true) .page_size(1000); let mut conn = pool.acquire().await?; let (page, _) = conn.query("MATCH (p:Person) RETURN p").await?; </code></pre></div> <h4 id="connection-pool-best-practices" class="position-relative d-flex align-items-center group"> Connection Pool Best Practices <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="connection-pool-best-practices" aria-haspopup="dialog" aria-label="Share link: Connection Pool Best Practices"> Share link </button> </h4><ol> <li>Size appropriately: Pool size should match expected concurrent queries</li> <li>Set idle timeouts: Reclaim unused connections automatically</li> <li>Enable health checks: Detect and remove failed connections</li> <li>Monitor pool metrics: Track utilization, wait times, and failures</li> <li>Use connection recycling: Periodically refresh connections to detect issues</li> </ol> <h3 id="authentication" class="position-relative d-flex align-items-center group"> Authentication <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="authentication" aria-haspopup="dialog" aria-label="Share link: Authentication"> Share link </button> </h3>Secure connection authentication methods: <h4 id="usernamepassword-authentication" class="position-relative d-flex align-items-center group"> Username/Password Authentication <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="usernamepassword-authentication" aria-haspopup="dialog" aria-label="Share link: Username/Password Authentication"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Server with password authentication geode serve --auth-method=password \ --user-database=/etc/geode/users.db </code></pre></div>Client connection: <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-python" data-lang="python">client = Client( host='geode.example.com', port=3141, username='[email protected]', password='SecureP@ssw0rd' ) </code></pre></div> <h4 id="token-based-authentication" class="position-relative d-flex align-items-center group"> Token-Based Authentication <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="token-based-authentication" aria-haspopup="dialog" aria-label="Share link: Token-Based Authentication"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Server with JWT token authentication geode serve --auth-method=jwt \ --jwt-secret-key-file=/etc/geode/jwt-secret.key \ --jwt-issuer=geode.example.com \ --jwt-audience=geode-api </code></pre></div>Client with token: <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-python" data-lang="python">client = Client( host='geode.example.com', port=3141, auth_token='eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...' ) </code></pre></div> <h4 id="oauth-20--openid-connect" class="position-relative d-flex align-items-center group"> OAuth 2.0 / OpenID Connect <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="oauth-20--openid-connect" aria-haspopup="dialog" aria-label="Share link: OAuth 2.0 / OpenID Connect"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Server with OAuth 2.0 geode serve --auth-method=oauth2 \ --oauth2-provider=https://auth.example.com \ --oauth2-client-id=geode-server \ --oauth2-client-secret-file=/etc/geode/oauth-secret.txt </code></pre></div> <h4 id="ldap-authentication" class="position-relative d-flex align-items-center group"> LDAP Authentication <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="ldap-authentication" aria-haspopup="dialog" aria-label="Share link: LDAP Authentication"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Server with LDAP authentication geode serve --auth-method=ldap \ --ldap-server=ldap://ldap.example.com:389 \ --ldap-base-dn="dc=example,dc=com" \ --ldap-bind-dn="cn=geode,ou=services,dc=example,dc=com" \ --ldap-bind-password-file=/etc/geode/ldap-password.txt </code></pre></div> <h4 id="multi-factor-authentication" class="position-relative d-flex align-items-center group"> Multi-Factor Authentication <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="multi-factor-authentication" aria-haspopup="dialog" aria-label="Share link: Multi-Factor Authentication"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Require MFA for connections geode serve --require-mfa=true \ --mfa-providers=totp,webauthn \ --mfa-grace-period=0 </code></pre></div> <h3 id="session-management" class="position-relative d-flex align-items-center group"> Session Management <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="session-management" aria-haspopup="dialog" aria-label="Share link: Session Management"> Share link </button> </h3> <h4 id="session-configuration" class="position-relative d-flex align-items-center group"> Session Configuration <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="session-configuration" aria-haspopup="dialog" aria-label="Share link: Session Configuration"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Configure session behavior geode serve --session-timeout=1800 \ --session-max-idle=900 \ --session-max-lifetime=86400 \ --persistent-sessions=true </code></pre></div> <h4 id="session-variables" class="position-relative d-flex align-items-center group"> Session Variables <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="session-variables" aria-haspopup="dialog" aria-label="Share link: Session Variables"> Share link </button> </h4>Set session-specific variables: <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-gql" data-lang="gql">-- Set session variables SET SESSION tenant_id = 'tenant_123'; SET SESSION timeout = 3600; SET SESSION isolation_level = 'SNAPSHOT'; -- Query session settings SHOW SESSION VARIABLES; -- Reset session variable RESET SESSION tenant_id; </code></pre></div> <h4 id="session-monitoring" class="position-relative d-flex align-items-center group"> Session Monitoring <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="session-monitoring" aria-haspopup="dialog" aria-label="Share link: Session Monitoring"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># View active sessions geode sessions list # Terminate specific session geode sessions kill --session-id=sess_abc123 # Terminate idle sessions geode sessions cleanup --idle-timeout=1800 </code></pre></div> <h3 id="connection-security-best-practices" class="position-relative d-flex align-items-center group"> Connection Security Best Practices <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="connection-security-best-practices" aria-haspopup="dialog" aria-label="Share link: Connection Security Best Practices"> Share link </button> </h3> <h4 id="network-security" class="position-relative d-flex align-items-center group"> Network Security <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="network-security" aria-haspopup="dialog" aria-label="Share link: Network Security"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Bind to specific interface geode serve --listen 10.0.1.50:3141 # Use firewall to restrict access # Allow only application servers iptables -A INPUT -p udp --dport 3141 -s 10.0.2.0/24 -j ACCEPT iptables -A INPUT -p udp --dport 3141 -j DROP </code></pre></div> <h4 id="rate-limiting" class="position-relative d-flex align-items-center group"> Rate Limiting <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="rate-limiting" aria-haspopup="dialog" aria-label="Share link: Rate Limiting"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Limit connection rate per IP geode serve --rate-limit-connections=100/min \ --rate-limit-queries=1000/min \ --rate-limit-bandwidth=100mbps </code></pre></div> <h4 id="ip-allowlisting" class="position-relative d-flex align-items-center group"> IP Allowlisting <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="ip-allowlisting" aria-haspopup="dialog" aria-label="Share link: IP Allowlisting"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Only allow specific IPs to connect geode serve --ip-allowlist=/etc/geode/allowed-ips.txt # /etc/geode/allowed-ips.txt: # 10.0.2.0/24 # 192.168.1.100 # 2001:db8::/32 </code></pre></div> <h4 id="automatic-blocking" class="position-relative d-flex align-items-center group"> Automatic Blocking <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="automatic-blocking" aria-haspopup="dialog" aria-label="Share link: Automatic Blocking"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Block IPs with failed authentication attempts geode serve --auto-block-failed-auth=true \ --failed-auth-threshold=5 \ --failed-auth-window=300s \ --block-duration=3600s </code></pre></div> <h3 id="connection-monitoring" class="position-relative d-flex align-items-center group"> Connection Monitoring <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="connection-monitoring" aria-haspopup="dialog" aria-label="Share link: Connection Monitoring"> Share link </button> </h3> <h4 id="connection-metrics" class="position-relative d-flex align-items-center group"> Connection Metrics <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="connection-metrics" aria-haspopup="dialog" aria-label="Share link: Connection Metrics"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># View connection statistics geode stats --component=connections # Example output: # Active Connections: 1,247 # Peak Connections: 2,456 # Total Connections: 15,234,567 # Failed Connections: 123 # Average Connection Duration: 45.3s # Connection Pool Utilization: 62% </code></pre></div> <h4 id="connection-logging" class="position-relative d-flex align-items-center group"> Connection Logging <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="connection-logging" aria-haspopup="dialog" aria-label="Share link: Connection Logging"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Enable connection audit logging geode serve --log-connections=true \ --log-level=info \ --log-file=/var/log/geode/connections.log </code></pre></div>Example log entry: <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-fallback" data-lang="fallback">2026-01-24T10:15:32.123Z INFO connection_accepted remote_addr=192.168.1.100:54321 session_id=sess_abc123 [email protected] tls_version=1.3 cipher_suite=TLS_AES_256_GCM_SHA384 </code></pre></div> <h4 id="health-checks" class="position-relative d-flex align-items-center group"> Health Checks <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="health-checks" aria-haspopup="dialog" aria-label="Share link: Health Checks"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># HTTP health check endpoint geode serve --health-check-enabled=true \ --health-check-port=8080 \ --health-check-path=/health # Check health curl http://geode.example.com:8080/health # {"status": "healthy", "connections": 1247, "uptime": 86400} </code></pre></div> <h3 id="connection-troubleshooting" class="position-relative d-flex align-items-center group"> Connection Troubleshooting <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="connection-troubleshooting" aria-haspopup="dialog" aria-label="Share link: Connection Troubleshooting"> Share link </button> </h3> <h4 id="connection-refused" class="position-relative d-flex align-items-center group"> Connection Refused <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="connection-refused" aria-haspopup="dialog" aria-label="Share link: Connection Refused"> Share link </button> </h4>Check: <ol> <li>Server is running: <code>systemctl status geode</code></li> <li>Firewall allows connections: <code>iptables -L</code></li> <li>Correct port number</li> <li>Server listening on correct interface</li> </ol> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Verify server is listening netstat -ulnp | grep 3141 # Should show: udp 0.0.0.0:3141 ... geode </code></pre></div> <h4 id="tls-handshake-failures" class="position-relative d-flex align-items-center group"> TLS Handshake Failures <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="tls-handshake-failures" aria-haspopup="dialog" aria-label="Share link: TLS Handshake Failures"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Test TLS connection openssl s_client -connect geode.example.com:3141 \ -tls1_3 -showcerts # Verify certificate geode cert-verify --cert=/etc/geode/certs/server.crt </code></pre></div> <h4 id="connection-timeouts" class="position-relative d-flex align-items-center group"> Connection Timeouts <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="connection-timeouts" aria-haspopup="dialog" aria-label="Share link: Connection Timeouts"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-ts" data-lang="ts">// Node.js: configure connect/request timeouts via DSN options import { createClient } from '@geodedb/client'; const client = await createClient( 'quic://geode.example.com:3141?connect_timeout=60000&request_timeout=300000' ); </code></pre></div><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"># Python: wrap operations with asyncio timeouts import asyncio from geode_client import Client client = Client(host="geode.example.com", port=3141, skip_verify=True) async with client.connection() as conn: result, _ = await asyncio.wait_for( conn.query("MATCH (p:Person) RETURN p LIMIT 1"), timeout=30, ) </code></pre></div><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Increase server timeout geode serve --connection-timeout=60s \ --query-timeout=300s </code></pre></div> <h4 id="pool-exhaustion" class="position-relative d-flex align-items-center group"> Pool Exhaustion <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="pool-exhaustion" aria-haspopup="dialog" aria-label="Share link: Pool Exhaustion"> Share link </button> </h4>If connection pool is exhausted: <ol> <li>Increase pool size</li> <li>Reduce connection hold time</li> <li>Enable connection recycling</li> <li>Check for connection leaks</li> </ol> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Monitor pool usage geode stats --component=connection-pool \ --interval=1s \ --duration=60s </code></pre></div> <h3 id="performance-optimization" class="position-relative d-flex align-items-center group"> Performance Optimization <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="performance-optimization" aria-haspopup="dialog" aria-label="Share link: Performance Optimization"> Share link </button> </h3> <h4 id="connection-reuse" class="position-relative d-flex align-items-center group"> Connection Reuse <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="connection-reuse" aria-haspopup="dialog" aria-label="Share link: Connection Reuse"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"># Reuse connections efficiently async with client.connection() as conn: await conn.begin() try: await conn.query("MATCH (p:Person {id: $id}) RETURN p", {"id": 1}) await conn.query("MATCH (c:Company {id: $id}) RETURN c", {"id": 2}) await conn.query("MATCH (p:Product {id: $id}) RETURN p", {"id": 3}) await conn.commit() except Exception: await conn.rollback() raise </code></pre></div> <h4 id="batching" class="position-relative d-flex align-items-center group"> Batching <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="batching" aria-haspopup="dialog" aria-label="Share link: Batching"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-python" data-lang="python"># Batch multiple queries in single round-trip async with client.connection() as conn: results = await conn.batch([ ("MATCH (p:Person {id: $id}) RETURN p", {"id": 1}), ("MATCH (c:Company {id: $id}) RETURN c", {"id": 2}), ("MATCH (p:Product {id: $id}) RETURN p", {"id": 3}), ]) for result in results: if result.success: print(result.page.rows) </code></pre></div> <h4 id="connection-warmup" class="position-relative d-flex align-items-center group"> Connection Warmup <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="connection-warmup" aria-haspopup="dialog" aria-label="Share link: Connection Warmup"> Share link </button> </h4><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"># Pre-warm connection pool on startup geode connection-pool warmup --size=50 \ --target=geode.example.com:3141 </code></pre></div> <h3 id="related-topics" class="position-relative d-flex align-items-center group"> Related Topics <button type="button" class="h-share btn btn-link p-0 text-decoration-none link-secondary opacity-50 hover-opacity-100 transition-all ms-1" data-share-target="related-topics" aria-haspopup="dialog" aria-label="Share link: Related Topics"> Share link </button> </h3><ul> <li><a href="/tags/encryption/" >Encryption</a> - Data encryption in transit and at rest</li> <li><a href="/tags/configuration/" >Configuration</a> - Server and client configuration</li> <li><a href="/docs/security/overview/" >Security Overview</a> - Security documentation</li> <li><a href="/docs/client-libraries/" >Client Libraries</a> - Language-specific client documentation</li> </ul>

Popular

Related Articles

Session Management Guide