Open bdecoste opened 10 months ago
Zendesk ticket #2573 has been linked to this issue.
The full requirement is PP through this entire chain: Client -> tunneling proxy1 -> GE1 -> tunneling proxy2 -> GE2 -> service
where the original client IP is transmitted via PP to the service.
https://github.com/solo-io/gloo/pull/8636/files an exampleof using proxy protocol on test proxy. Does not execute them with proxy protocol fully but should unblock the creation of a tunneling proxy example
Currently we do not support passing along a tcp proxy protocol to the target of our tunnel. However since it is http we can use http header. Is there any need for a tcp proxy protocol in this case?
Since the customer asking for this was advised of cleaner ways to pass along ip info (headers) unassigning this issue
This issue has been marked as stale because of no activity in the last 180 days. It will be closed in the next 180 days unless it is tagged "no stalebot" or other activity occurs.
Gloo Edge Product
Open Source
Gloo Edge Version
1.13.x
Is your feature request related to a problem? Please describe.
We do not test http tunneling (https://github.com/solo-io/gloo/blob/main/test/e2e/http_tunneling_test.go) using proxy protocol. Testing with the the same tunneling proxy impl I see:
1) With TLS:
OPENSSL_internal:WRONG_VERSION_NUMBER
2) Without TLS:Sending local reply with details http1.codec_error
I suspect this is an issue with the tunneling proxy impl we test against: https://github.com/solo-io/gloo/blob/main/test/e2e/http_tunneling_test.go#L402
Describe the solution you'd like
Add a test for http tunneling with proxy protocol and resolve any issues
Describe alternatives you've considered
None
Additional Context
No response