Exactly and just to add a little colour because that's not widely known: The server channel reads the Channels that you accept. So with HTTP/2 you'll have three layers of channel:
- layer 1: the server channel. It reads the accepted connections (i.e. its reads are
Channelobjects) - layer 2: the TCP stream connection channels (one per TCP connection). They read the bytes that come from the remote peer (
ByteBuffer) which then get decoded by the HTTP/2 handlers - layer 3: the HTTP/2 stream channels (one per HTTP/2 stream and per TCP connection): They read the HTTP/2 frames (
HTTP2Frame).
That hierarchy is also represented using the Channel.parent property. Layer 3's .parent will be the layer 2 channel. And layer 2's .parent will be the layer 1.
All of them are back-pressured and in every case you delay outbound read() calls from happening to put on the brakes and exert backpressure. If you wanted to not put on the brakes on everybody but filter (say) by IP address and only ignore those that do more than 100 connections per second you can do that by closing the accepted channel straight in the server channel.
FWIW, if you exert backpressure on layer 1 (the server channel) then you'll fill up the operating system's listen backlog. And when that's full the OS will stop accepting new connections. The size of the listen backlog is configured using the ChannelOptions.backlog option on the server channel (.serverChannelOption(ChannelOptions.backlog, value: 256)). The OSes don't guarantee to follow your value exactly, treat it more like a suggestion. But just like SwiftNIO, the OSes will only have buffers of a fixed size. So whilst you might not be able to control the exact limit (in precise bytes/connections), the key bit of information is that everything is backpressured and limited in the OSes as well as SwiftNIO. So you will be able to build a system that is resilient to attacks that are trying to exhaust your resources.
Finally @taylorswift thank you so much for asking these questions on the forums where everybody can see them. A lot of times they get asked in DMs in various places. This kind of information should be widely available.