Dear HAProxy-maintainers,

As proposed by my colleague Christian Menges in [1], I’ve implemented support 
for fetching arbitrary TLV values for PROXY protocol V2 via a sample fetch. It 
can be used by calling ‘fc_pp_tlv’ with the numerical value of the desired TLV 
type. This also fixes issue [2].

Some design considerations for my approach:
• *Do not break the existing API*: Keep methods for authority and unique ID, 
but refactor them internally with the updated, generified logic.
• *Keep existing behavior and performance*: Pools for authority and unique ID 
are still used. Already implemented parsing logic is still applied. All 
information about a TLV payload that is already should be used for validation.
• *Small memory footprint*: As there might be up to 50k connections, an array 
or hash map is too memory intensive. Therefore, a simple list is used. It is 
the best choice here in my opinion, as there are typically only a handful of 
TLVs. Additionally, memory pooling is used where possible. When TLV values 
become too large there is a fallback to ‘malloc’.

Note that I choose to not overwrite existing TLVs in the list. This way, we 
return always the first found but would allow duplicate entries. This would be 
relevant when there are duplicate TLVs.
Besides, I used ‘strtoul’ for the argument conversion to be consistent with 
other fetches that already use ‘strtoul’.
If ‘strtoul’ is too slow for this use case, I am not opposed to reverting it to 
the more efficient HAProxy helper.

*Important*: I will add the documentation after the code review, when the 
design is finalized.

This email address is not subscribed to the list, please CC it when replying.

Anyway, I would love to hear your feedback on this!

Best Regards,
Alexander Stephan
SAP SE Germany

PS: This is only the front-end part of my implementation, I will follow up with 
a backend implementation that allows to send
user defined TLVs. I already implemented it, since SAP needs it any case. 
However, we are also very interested in contributing it.

[1]: https://www.mail-archive.com/haproxy@formilux.org/msg43381.html
[2]: https://github.com/haproxy/haproxy/issues/1947

Attachment: 0001-MEDIUM-sample-Implement-sample-fetch-for-arbitrary-P.patch
Description: 0001-MEDIUM-sample-Implement-sample-fetch-for-arbitrary-P.patch

Reply via email to