Closed juliens closed 4 years ago
We also would be interested in this feature and the UDP Support in Traefik v2. Below is a description of our needs.
We have developed 15 years ago a smart photovoltaïc metering system (with GPRS) and have thousands of meters deployed in the world. Every night, in a 30' window, these meters connect to our server opening a UDP socket and send their data in UDP packets. Note that the server IP is hardcoded in the meter firmware and can't be upgraded. These data are collected and processed by a Java web app deployed in a Tomcat servlet container.
Today, we suffer a scalability problem. Our activity growth, the server is pretty old and suffer heavy load every night.
We expect to deploy Traefik on our server to route the UDP traffic with load balancing to others VPS to support this seasonal load.
+1 would love to see this to support more protocol pass-through: dns, ipsec, openvpn, kerberos, radius, nfs, ntp, ftp,tftp.
HTTP/3 (QUIC) applications would need UDP based load balancing solution, it would be good to consider this request on priority. HTTP/3 is going to fundamentally change how web is going to communicate and fecilitate low latency connection is limited bandwidth networks. If you would need community contribution, please make a architectural proposal and list the action items. So interested parties can drive individual action items.
I too would love to see this feature added. I run a huge home lab with Docker and this gets me closer to having everything go through traefik so I wont need to expose anything else. Thanks for the awesome project.
Running DNS filters and having a crazy hard time getting transparent proxy with nginx so the DNS servers are aware of the client.
Definitely would like to see the UDP feature, another use case is sending UDP packets from Wazuh Agents for IDS events.
Glad to see others are also looking for this feature. I think this provides a good bit of value.
I would love to see UDP support. Currently I have a teamspeak voice-communication server and some parts of the application (filetransfer and serverquery) are running perfectly over TCP, while the main part, voice, needs UDP. This is sadly the one thing of my many docker containers, I cant route over traefik. Looking forward to UDP support on this very great edge router :)
Hi there.
First of all many thanks to everybody involved in this project and your time.
I need this feature to being able to route DNS queries.
I would love to see UDP support. Currently I have a teamspeak voice-communication server and some parts of the application (filetransfer and serverquery) are running perfectly over TCP, while the main part, voice, needs UDP. This is sadly the one thing of my many docker containers, I cant route over traefik. Looking forward to UDP support on this very great edge router :)
unrelated but can i see how you defined the entrypoints for multi-port containers like teamspeak? seems like traefik doesn't support multiple port definitions for a single entrypoint yet.
seems like traefik doesn't support multiple port definitions for a single entrypoint yet.
How I interpret the docs, you can just define multiple routers for the same container/service.
Something like:
services:
foobar:
labels:
traefik.http.routers.foo.rule: Host(`foo.example.com`)
traefik.http.services.foo.loadbalancer.server.port: 8080
traefik.http.routers.foo.service: foo
traefik.http.routers.bar.rule: Host(`bar.example.com`)
traefik.http.services.bar.loadbalancer.server.port: 9090
traefik.http.routers.bar.service: bar
ports:
- ":8080" # foo
- ":9090" # bar
but that is just speculation on my part as I haven't tried it out.
Take a look to the PR https://github.com/containous/traefik/pull/6172, this case is explained.
I would love to see UDP support. Currently I have a teamspeak voice-communication server and some parts of the application (filetransfer and serverquery) are running perfectly over TCP, while the main part, voice, needs UDP. This is sadly the one thing of my many docker containers, I cant route over traefik. Looking forward to UDP support on this very great edge router :)
unrelated but can i see how you defined the entrypoints for multi-port containers like teamspeak? seems like traefik doesn't support multiple port definitions for a single entrypoint yet.
Hi crameth, I have used multiple Entrypoints, one for each port.
traefik.yml
entryPoints:
teamspeak-filetransfer:
address: ":30033"
teamspeak-serverquery:
address: ":10011"
For every Entrypoint I do have one corresponding Router, which points to the Service. The Service-Address is just the container-name and the port inside the container.
_dynamicconf.yml
tcp:
routers:
teamspeak-filetransfer:
entryPoints:
- "teamspeak-filetransfer"
rule: HostSNI(`*`)
service: teamspeak-filetransfer@file
teamspeak-serverquery:
entryPoints:
- "teamspeak-serverquery"
rule: HostSNI(`*`)
service: teamspeak-serverquery@file
services:
teamspeak-filetransfer:
loadBalancer:
servers:
- address: "teamspeak:30033"
teamspeak-serverquery:
loadBalancer:
servers:
- address: "teamspeak:10011"
I hope I can help you with that 😃 Kind regards Sharknoon
Closed by #6172, #6327, #6348
unrelated to the issue but: @Sharknoon did you already tried to make use of the UDP support? For me it's working but the TeamSpeak Server is getting far more package loss.
version: "3.7"
services:
traefik:
image: traefik
container_name: traefik
restart: always
command:
#- "--log.level=DEBUG"
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --entrypoints.teamspeak.address=:9987/udp
- --entrypoints.teamspeak_serverquery_raw.address=:10011
- --entrypoints.teamspeak_serverquery_ssh.address=:10022
- --entrypoints.teamspeak_filetransfer.address=:30033
- --providers.docker
- --api
- "--certificatesresolvers.mytlschallenge.acme.tlschallenge=true"
- "--certificatesresolvers.mytlschallenge.acme.email=redacted"
- "--certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json"
labels:
# Dashboard
- "traefik.http.routers.traefik.rule=Host(`redacted`)"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefik.tls.certresolver=mytlschallenge"
- "traefik.http.routers.traefik.entrypoints=websecure"
- "traefik.http.routers.traefik.middlewares=authtraefik"
- "traefik.http.middlewares.authtraefik.basicauth.users=admin:redacted"
# global redirect to https
- "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.redirs.entrypoints=web"
- "traefik.http.routers.redirs.middlewares=redirect-to-https"
# middleware redirect
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
ports:
- 80:80
- 443:443
- 9987:9987/udp
- 10011:10011
- 10022:10022
- 30033:30033
networks:
- web
- internal
volumes:
- "/home/user/traefik/acme.json:/letsencrypt/acme.json"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
teamspeak:
image: teamspeak
container_name: teamspeak
restart: always
networks:
internal:
aliases:
- teamspeak.docker.local
volumes:
- teamspeak:/var/ts3server
environment:
- TS3SERVER_LICENSE=accept
- TS3SERVER_QUERY_PROTOCOLS=ssh,raw
- TS3SERVER_DB_PLUGIN=ts3db_mariadb
- TS3SERVER_DB_SQLCREATEPATH=create_mariadb
- TS3SERVER_DB_HOST=teamspeakdb
- TS3SERVER_DB_USER=root
- "TS3SERVER_DB_PASSWORD=redacted"
- TS3SERVER_DB_NAME=teamspeak
- TS3SERVER_DB_WAITUNTILREADY=30
labels:
- "traefik.enable=true"
- "traefik.docker.network=traefik_web"
- "traefik.http.routers.teamspeak.rule=Host(`ts.redacted`)"
- "traefik.http.routers.teamspeak.entrypoints=websecure"
- "traefik.http.routers.teamspeak.tls.certresolver=mytlschallenge"
# UDP
- "traefik.udp.routers.teamspeak.entrypoints=teamspeak"
# Filetransfer
- "traefik.tcp.routers.teamspeak-filetransfer.entrypoints=teamspeak_filetransfer"
- "traefik.tcp.routers.teamspeak-filetransfer.rule=HostSNI(`*`)"
- "traefik.tcp.routers.teamspeak-filetransfer.service=teamspeak-filetransfer@docker"
# RAW Query
- "traefik.tcp.routers.teamspeak-serverquery-raw.entrypoints=teamspeak_serverquery_raw"
- "traefik.tcp.routers.teamspeak-serverquery-raw.rule=HostSNI(`*`)"
- "traefik.tcp.routers.teamspeak-serverquery-raw.service=teamspeak-serverquery-raw@docker"
# SSH Query
- "traefik.tcp.routers.teamspeak-serverquery-ssh.entrypoints=teamspeak_serverquery_ssh"
- "traefik.tcp.routers.teamspeak-serverquery-ssh.rule=HostSNI(`*`)"
- "traefik.tcp.routers.teamspeak-serverquery-ssh.service=teamspeak-serverquery-ssh@docker"
# Services
- "traefik.udp.services.teamspeak.loadbalancer.server.port=9987"
- "traefik.tcp.services.teamspeak-filetransfer.loadbalancer.server.port=30033"
- "traefik.tcp.services.teamspeak-serverquery-raw.loadBalancer.server.port=10011"
- "traefik.tcp.services.teamspeak-serverquery-ssh.loadBalancer.server.port=10022"
depends_on:
- teamspeakdb
teamspeakdb:
image: mariadb
container_name: teamspeakdb
restart: always
volumes:
- teamspeakdb:/var/lib/mysql
labels:
- "traefik.enable=false"
networks:
- internal
environment:
- "MYSQL_ROOT_PASSWORD=redacted"
- MYSQL_DATABASE=teamspeak
networks:
web:
external: true
internal:
external: false
volumes:
teamspeak:
teamspeakdb:
Hi @SvenC56, yes, I have tried it immediatly but I cant use it, because the voice of some people is chopped off and the packet loss is gigantic, unfortunately :(
Do you want to request a feature or report a bug?
Proposal
What did you expect to see?
The configuration for UDP could be the same as TCP/HTTP routers/services. As UDP doesn't support TLS and HostSNI yet, there will be no routing and so no
Rule
part. The only way to "route", will be to use a non-used entrypoint (only one UDP router per entrypoint)