Apache as HTTPS Reverse Proxy for IPFS Node: memory leak

I created the HTTPS proxy for IPFS node on my Apache server with the following settings:


<VirtualHost *:443>
    SSLEngine on
    SSLProtocol all -SSLv2
    SSLHonorCipherOrder on
    Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
    SSLCompression Off
    SSLCertificateFile /etc/letsencrypt/live/ipfs.mydoma.in/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/ipfs.mydoma.in/privkey.pem
    Include /etc/letsencrypt/options-ssl-apache.conf
    ServerName ipfs.mydoma.in
    ServerAdmin admin@ad.min
    ProxyRequests On
    ProxyPreserveHost On
    ProxyPass / http://localhost:48080/
    ProxyPassReverse / http://localhost:48080/

IPFS (fragment):

"Addresses": {
    "Swarm": [
    "Announce": [
    "AppendAnnounce": [],
    "NoAnnounce": [
    "API": "/ip4/",
    "Gateway": "/ip4/"

The problem is that running daemon starts immediately to hang up many opened connections on Apache, and to consume a lot of memory spamming the log with the message:

2022-02-13T14:38:45.172+0300	INFO	bs:sess	session/session.go:459	No peers - broadcasting	{"session": 45, "want-count": 1}

This process consumes about 3GiB of memory when session value reaches ~1000.

The process works normally when proxying is disabled.

I tried to implement a lot of samples of HTTP proxying for IPFS, nothing works. Please help me to clarify the keystone of this situation. What could be a reason for such behaviour? How to set up Apache HTTPS-HTTP proxy for IPFS node properly?

Perhaps you are affected by 51814 – mod_proxy in Apache HTTP 2.2 FIN_WAIT2 in server side, it leaves as CLOSE_WAIT for a long time in mod_proxy side. ? (see apache 2.2 - Apache2 reverse proxy connections staying persistent, filling ssh channels - Server Fault)

In principle, the bitswap messages you see are not related to the reverse proxy connections not being closed though.

1 Like

We run our reverse proxies with nginx and it works fine btw.

Thanks, @hector ! These messages, however, I used as an indication point if the problem is present, and they indicate. It seems the migration to Nginx is becoming necessary in the old project to start involving IPFS…