On Mon, Jul 03, 2017 at 10:11:29PM +1000, Marc Boschma wrote: > Is there anyway to log details from the PROXY protocol version 2, such as > namespace or any other TLVs? Especially custom... > > On TLVs I'm looking at someway to pass through a unique ID across a series > of proxies. So being able to inspect TLV and or passed in namespace values > and make processing decisions based on that; even if having to utilise Lua > to effect the inspection...
There's no such thing for now. The proxy protocol is used to pass front connection information to the next hop, so in general, the next hop will replace its own information extraction methods with the information retrieved from the proxy protocol header. It's possible that haproxy is still missing certain sample fetch methods to extract certain information (I don't think we can extract a namespace ID for example, but I could be wrong ; maybe that just needs to be added). So once the information is properly available, what you pass over proxy protocol should be transparently available. Now, regarding the ability to pass extra information, I'm not fond of this idea. Not for the idea itself, it would be great. It's regarding the purpose of the proxy protocol. It's not meant to be used to transport metadata for a connection, just to forward connection information. So in general you should keep in mind that it must not do something that would not be possible without the proxy in the middle, if the server would simply receive the original connection itself. If we start to do this, we'll see people abuse this protocol and use it everywhere as an intermediary layer to carry extra information and that opens a new can of worms. Regards, Willy
