-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Transparent udp proxy #12513
Comments
Could you review my idea? |
@chadr123 at a high level this LGTM, though you will need to use the socket open abstractions in the final PR (see https://github.com/envoyproxy/envoy/blob/master/source/common/network/socket_option_impl.h). Thank you! |
Thank you for your review. |
There is a similar feature for no snat but it only works for tcp case. The envoy supports filter structure so that we can add or remove the filter dynamically. But the udp load banalcer has a limitation that can have only one filter. So, we cannot add more filters on udp load banalcer. So, the new option is introduced that name is use_original_src_ip on udp_proxy filter. If it is set as true, all packets that start from envoy can have original source ip address that same as sender's ip address. Fixes envoyproxy#12513, envoyproxy#12277 Signed-off-by: DongRyeol Cha <dr83.cha@samsung.com>
I'm working on the transparent udp proxy for envoy.
By my understanding, the udp filter system supports only one filter.
And udp filter system cannot utilize the existing original_src filter because it is not compatible with udp filter system.
So, I thought that there is no way to extend the existing original_src filter or add a new filter for that.
So, if I add a new option to udp_proxy filter for transparent udp proxy, it is feasible.
Actually I add a new option to udp_proxy and it works fine now but it is better to discuss with you to contribute this feature.
What do you think about this?
You can see the my WIP patch at chadr123@aed05ad
The text was updated successfully, but these errors were encountered: