diff --git a/CHANGELOG.md b/CHANGELOG.md
index c13771dec7..ebb220d11e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,6 +10,7 @@ Changelog for NeoFS Node
 - IR `fschain.consensus.keep_only_latest_state` and `fschain.consensus.remove_untraceable_blocks` config options (#3093)
 - `logger.timestamp` config option (#3105)
 - Container system attributes verification on IR side (#3107)
+- IR `fschain.consensus.rpc.max_websocket_clients` and `fschain.consensus.rpc.session_pool_size` config options (#3126)
 
 ### Fixed
 - `neofs-cli object delete` command output (#3056)
diff --git a/cmd/neofs-ir/internal/validate/config.go b/cmd/neofs-ir/internal/validate/config.go
index 47e0680de7..f4ac16f1ef 100644
--- a/cmd/neofs-ir/internal/validate/config.go
+++ b/cmd/neofs-ir/internal/validate/config.go
@@ -45,8 +45,10 @@ type validConfig struct {
 			} `mapstructure:"validators_history"`
 
 			RPC struct {
-				Listen []string `mapstructure:"listen"`
-				TLS    struct {
+				Listen              []string `mapstructure:"listen"`
+				MaxWebSocketClients uint32   `mapstructure:"max_websocket_clients"`
+				SessionPoolSize     uint32   `mapstructure:"session_pool_size"`
+				TLS                 struct {
 					Enabled  bool     `mapstructure:"enabled"`
 					Listen   []string `mapstructure:"listen"`
 					CertFile string   `mapstructure:"cert_file"`
@@ -102,8 +104,10 @@ type validConfig struct {
 			} `mapstructure:"validators_history"`
 
 			RPC struct {
-				Listen []string `mapstructure:"listen"`
-				TLS    struct {
+				Listen              []string `mapstructure:"listen"`
+				MaxWebSocketClients uint32   `mapstructure:"max_websocket_clients"`
+				SessionPoolSize     uint32   `mapstructure:"session_pool_size"`
+				TLS                 struct {
 					Enabled  bool     `mapstructure:"enabled"`
 					Listen   []string `mapstructure:"listen"`
 					CertFile string   `mapstructure:"cert_file"`
diff --git a/config/example/ir.yaml b/config/example/ir.yaml
index 393426d3c9..c784134e7a 100644
--- a/config/example/ir.yaml
+++ b/config/example/ir.yaml
@@ -59,6 +59,10 @@ fschain:
         # TCP addresses in 'host:port' format, or just 'host', then it will use the default port ':30333'.
         - localhost
         - localhost:30334
+      max_websocket_clients: 100 # Optional maximum simultaneous websocket client connection number. Defaults to 64.
+        # Must be unsigned integer in range [1:2147483647].
+      session_pool_size: 100 # Optional maximum number of concurrent iterator sessions. Defaults to 20.
+        # Must be unsigned integer in range [1:2147483647].
       tls: # Additional addresses to listen to using TLS setup; must not overlap with `listen` section
         enabled: false # Additional TLS serving switcher
         listen: # Addresses to listen to; required to be at least 1-length if 'enabled' is 'true'
diff --git a/pkg/innerring/config.go b/pkg/innerring/config.go
index ac207ebcb1..63d9e4a874 100644
--- a/pkg/innerring/config.go
+++ b/pkg/innerring/config.go
@@ -164,6 +164,18 @@ func parseBlockchainConfig(v *viper.Viper, _logger *zap.Logger) (c blockchain.Co
 			return c, err
 		}
 
+		maxWebSocketClients, err := parseConfigUint64Range(v, rpcSection+".max_websocket_clients", "maximum simultaneous websocket client connection number", 1, math.MaxInt32)
+		if err != nil && !errors.Is(err, errMissingConfig) {
+			return c, err
+		}
+		c.RPC.MaxWebSocketClients = uint(maxWebSocketClients)
+
+		sessionPoolSize, err := parseConfigUint64Range(v, rpcSection+".session_pool_size", "maximum number of concurrent iterator sessions", 1, math.MaxInt32)
+		if err != nil && !errors.Is(err, errMissingConfig) {
+			return c, err
+		}
+		c.RPC.SessionPoolSize = uint(sessionPoolSize)
+
 		var rpcTLSSection = rpcSection + ".tls"
 		if v.GetBool(rpcTLSSection + ".enabled") {
 			c.RPC.TLSConfig.Enabled = true
diff --git a/pkg/innerring/internal/blockchain/blockchain.go b/pkg/innerring/internal/blockchain/blockchain.go
index c20f94854e..fee87bb1e6 100644
--- a/pkg/innerring/internal/blockchain/blockchain.go
+++ b/pkg/innerring/internal/blockchain/blockchain.go
@@ -98,6 +98,16 @@ type RPCConfig struct {
 	//
 	// Optional.
 	TLSConfig
+
+	// The maximum simultaneous websocket client connection number.
+	//
+	// Optional: defaults to 64. Must not be larger than math.MaxInt32.
+	MaxWebSocketClients uint
+
+	// The maximum number of concurrent iterator sessions.
+	//
+	// Optional: defaults to 20. Must not be larger than math.MaxInt32.
+	SessionPoolSize uint
 }
 
 // TLSConfig configures additional RPC serving over TLS.
@@ -351,6 +361,12 @@ func New(cfg Config) (res *Blockchain, err error) {
 	if cfg.P2P.Ping.Timeout == 0 {
 		cfg.P2P.Ping.Timeout = time.Minute
 	}
+	if cfg.RPC.MaxWebSocketClients == 0 {
+		cfg.RPC.MaxWebSocketClients = 64
+	}
+	if cfg.RPC.SessionPoolSize == 0 {
+		cfg.RPC.SessionPoolSize = 20
+	}
 
 	standByCommittee := make([]string, len(cfg.Committee))
 	for i := range cfg.Committee {
@@ -408,6 +424,8 @@ func New(cfg Config) (res *Blockchain, err error) {
 
 	cfgBaseApp.RPC.Enabled = true
 	cfgBaseApp.RPC.Addresses = cfg.RPC.Addresses
+	cfgBaseApp.RPC.MaxWebSocketClients = int(cfg.RPC.MaxWebSocketClients)
+	cfgBaseApp.RPC.SessionPoolSize = int(cfg.RPC.SessionPoolSize)
 	if tlsCfg := cfg.RPC.TLSConfig; tlsCfg.Enabled {
 		cfgBaseApp.RPC.TLSConfig.Enabled = true
 		cfgBaseApp.RPC.TLSConfig.Addresses = tlsCfg.Addresses