Support proxy protocol #1985
Description
Proxy protocol is a way for a load balancer to indicate the original client address of the connection. It serves a similar function to the X-Forwarded-For header, but it's protocol-agnostic, e.g. it works with tunneled TLS requests and any other non-HTTP TCP connection. Proxy protocol is gaining wide adoption in "cloud" environments, so it would be nice to see support for it in TS.
The protocol is documented here; essentially, some data is sent at the start of the TCP connection containing the client address.
There are two separate parts to feature:
- TS should optionally accept proxy protocol in incoming requests, and store the client address somewhere.
- TS should optionally send a proxy protocol header in origin connections. This header would contain the stored client address if the client sent its own proxy protocol header, or else the client socket address.
This should be configurable:
- On TCP listeners to accept incoming proxy protocol (e.g. using a port definition like
80:proxy 8443:ssl,proxy). - On origin connections, possibly by a default records.config option that can be changed in a remap.
- On origin connections in a plugin, using
TSHttpTxnConfigIntSet(txnp, TS_CONFIG_PROXY_PROTOCOL, 1). - There should be a way for plugins to change the stored client address, e.g. with
TSHttpTxnSetProxyAddress(txnp, sockaddr).