Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type PacketConn ¶
type PacketConn struct {
net.PacketConn
ConnPolicy proxyproto.ConnPolicyFunc
ValidateHeader proxyproto.Validator
ReadHeaderTimeout time.Duration
// UDPSessionTrackingTTL enables per-remote-address session state for UDP
// when set to a positive duration. A header-only datagram (valid PPv2
// header with or without payload) causes the parsed source address to be
// cached for this duration. Subsequent datagrams from the same remote
// address that carry no PPv2 header are assigned the cached source
// address. The TTL is refreshed on every matching packet. A zero or
// negative value disables session tracking entirely.
UDPSessionTrackingTTL time.Duration
// UDPSessionTrackingMaxSessions is the maximum number of concurrent UDP
// sessions held in the LRU cache. Zero or negative means use the default
// (udpSessionMaxEntries). Has no effect unless UDPSessionTrackingTTL is
// positive.
UDPSessionTrackingMaxSessions int
// contains filtered or unexported fields
}
PacketConn wraps a net.PacketConn and strips PROXY Protocol v2 headers from incoming UDP datagrams.
When UDPSessionTrackingTTL is greater than zero the connection implements Cloudflare Spectrum's PPv2-over-UDP behavior: the PROXY header arrives in the very first datagram of a session (which may carries an empty payload) while all subsequent datagrams carry real DNS payload without any header. The real source address parsed from the first datagram is cached keyed by the Spectrum-side remote address and applied to every headerless datagram that arrives from the same remote address within UDPSessionTrackingTTL.
The session cache is a fixed-capacity LRU (capped at udpSessionMaxEntries) so that memory usage is bounded regardless of the number of distinct remote addresses seen.
Source Files