chore: Add Benchmarks for IsProxyTrusted()

[gaby]

Description

Add benchmarks for IsProxyTrusted() with different configurations to compare performance between: No proxies, proxies, multiple subnets, and all subnets.

These benchmarks will be relevant when #2930 gets implemented.

Changes introduced

List the new features or adjustments introduced in this pull request. Provide details on benchmarks, documentation updates, changelog entries, and if applicable, the migration guide.

• Benchmarks: Describe any performance benchmarks and improvements related to the changes.

Type of change

Please delete options that are not relevant.

• Code consistency (non-breaking change which improves code reliability and robustness)

Summary by CodeRabbit

• Tests
  • Expanded benchmark scenarios for the IsProxyTrusted function to cover a wider range of trusted proxy configurations.

[coderabbitai]

Walkthrough

The update introduces benchmark scenarios for testing the IsProxyTrusted function, covering various trusted proxy configurations. These scenarios include simple checks, subnet-based checks, and multiple subnet checks, executed both sequentially and in parallel, aiming to enhance the reliability and performance of proxy validation processes.

Changes

File(s)	Change Summary
ctx_test.go	Added benchmark scenarios for IsProxyTrusted function with different trusted proxy configurations.

Possibly related issues

• 🚀 [v3 Maintenance]: Perform and Document Benchmarks for v2 vs v3 Features for Release Notes #2714: The benchmarks added for IsProxyTrusted method align with the objective of comparing performance between versions v2 and v3, offering new testing scenarios that could reveal performance enhancements or regressions.

Poem

In the code where logic threads,
A rabbit hops, its mission spreads.
To test, to check, across the net,
Ensuring proxies pose no threat. 🐾

Through subnets wide, in parallel,
It leaps, ensuring all is well.
"For safe and swift connections," it said,
"I'll hop until the moon to bed." 🌙🐇

---

Recent Review Details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 7d6d027 and 6827e8f.

Files selected for processing (1)

• ctx_test.go (1 hunks)

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 82.85%. Comparing base (3a0313d) to head (6827e8f).

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2933      +/-   ##
==========================================
+ Coverage   82.80%   82.85%   +0.04%     
==========================================
  Files         115      115              
  Lines        8409     8409              
==========================================
+ Hits         6963     6967       +4     
+ Misses       1108     1105       -3     
+ Partials      338      337       -1     

Flag	Coverage Δ
unittests	82.85% <ø> (+0.04%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[coderabbitai]

Review Status

Actionable comments generated: 0

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between 95c1814 and 7d6d027.

Files selected for processing (1)

• ctx_test.go (1 hunks)

Additional comments: 12

ctx_test.go (12)

• 5762-5771: The benchmark NoProxyCheck tests the performance of IsProxyTrusted without any proxy check. This scenario is straightforward and correctly sets up the context for the test.
• 5775-5887: The parallel version of the NoProxyCheck benchmark, NoProxyCheckParallel, correctly utilizes b.RunParallel for concurrent execution. This is an appropriate use of parallel benchmarking to simulate concurrent requests.
• 5790-5801: The WithProxyCheckSimple benchmark tests IsProxyTrusted with a simple proxy check enabled but without specifying any trusted proxies. This scenario is valid for testing the overhead of enabling the proxy check feature.
• 5806-5921: Similar to the previous comment, the parallel version WithProxyCheckSimpleParallel correctly uses b.RunParallel to test the simple proxy check feature under concurrent load. This ensures the benchmark reflects real-world usage patterns.
• 5823-5889: The WithProxyCheck benchmark tests the IsProxyTrusted method with a specific trusted proxy configured. This scenario is crucial for understanding the performance impact of validating against a list of trusted proxies.
• 5892-5929: The parallel version WithProxyCheckParallel is correctly set up to test the trusted proxy check feature under concurrent requests. This benchmark is essential for assessing the scalability of the proxy trust mechanism.
• 5923-5930: The WithProxyCheckSubnet benchmark tests the IsProxyTrusted method with a subnet as a trusted proxy. This scenario is important for understanding the performance when using CIDR notation for trusted proxies.
• 5931-5938: The parallel version WithProxyCheckParallelSubnet correctly benchmarks the subnet-based trusted proxy check under concurrent load. This is a valuable scenario for assessing the performance of CIDR-based proxy trust checks.
• 5939-5946: The WithProxyCheckMultipleSubnet benchmark tests the IsProxyTrusted method with multiple subnets as trusted proxies. This scenario is essential for understanding the performance implications of having a complex list of trusted proxies.
• 5947-5954: The parallel version WithProxyCheckParallelMultipleSubnet is well-constructed to test the performance of multiple subnet-based trusted proxy checks under concurrent requests. This benchmark is crucial for evaluating the scalability of the feature.
• 5955-5962: The WithProxyCheckAllSubnets benchmark tests the IsProxyTrusted method with a comprehensive list of subnets as trusted proxies. This scenario is critical for understanding the performance when a wide range of trusted proxies is configured.
• 5963-5970: The parallel version WithProxyCheckParallelAllSubnets correctly benchmarks the comprehensive list of subnet-based trusted proxy checks under concurrent load. This is an important scenario for assessing the performance and scalability of the proxy trust mechanism with a complex configuration.

[xEricL]

I believe I have found the reason for the slow benchmark results for IsProxyTrusted(). I would like to open a pull request but I am waiting on this one to be merged into main branch.

Is there anything we're waiting on before merging this?

[sixcolors]

@gaby ^^^

[gaby]

@xEricL I have two fixes:

• Using an IP Trie
• Using the built-in golang functions to detect if IP is private

Did you find something else?

I have my stuff in my VM, just been busy with life 😂

[xEricL]

@gaby I've been thinking about the slow benchmarks separately from my suggestion in #2930.

My proposed solution is to use an array for trustedProxiesMap instead of a map. Although checking the map is O(1) and checking the array is O(n), the ip.String() call actually adds a decent bit of overhead, especially since it get's called even if the trustedProxiesMap is empty. I was able to verify this by simply adding an extra _ = ip.String() to the current IsProxyTrusted() function and it added 50 ns/op to every benchmark.

The downside to my solution is that if a developer adds 20+ IP addresses to TrustedProxies, and in the worst case scenario, the requesting IP is the last IP in the list (forcing the for-loop to check every single IP), the current implementation outperforms.

I guess it comes down to whether it's more realistic that most users will want to whitelist 20+ individual IP addresses or if they will be whitelisting ranges instead.

This only solves half the problem though. I suspect the other half of the problem is from ip.Contains() but I couldn't think of a better solution.

Here are my benchmarks for reference:

Current implementation

goos: linux
goarch: amd64
pkg: github.com/gofiber/fiber/v3
cpu: AMD Ryzen 9 3900X 12-Core Processor            
Benchmark_Ctx_IsProxyTrusted
Benchmark_Ctx_IsProxyTrusted/NoProxyCheck
Benchmark_Ctx_IsProxyTrusted/NoProxyCheck-24            605113776                1.965 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/NoProxyCheck-24            553704753                2.002 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/NoProxyCheck-24            530436745                1.957 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/NoProxyCheck-24            611135898                2.044 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/NoProxyCheckParallel
Benchmark_Ctx_IsProxyTrusted/NoProxyCheckParallel-24    1000000000               0.1525 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/NoProxyCheckParallel-24    1000000000               0.1500 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/NoProxyCheckParallel-24    1000000000               0.1531 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/NoProxyCheckParallel-24    1000000000               0.1500 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimple
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimple-24    22222408                78.92 ns/op            8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimple-24    11848071                96.85 ns/op            8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimple-24    14972828                83.63 ns/op            8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimple-24    13903108                82.40 ns/op            8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimpleParallel
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimpleParallel-24            202995936                5.877 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimpleParallel-24            199381120                6.090 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimpleParallel-24            204846280                5.909 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimpleParallel-24            198770077                5.875 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck-24                          17368752               109.5 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck-24                          11246956               110.7 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck-24                          11142314               107.8 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck-24                          13061412                99.92 ns/op            8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallel
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallel-24                  169163952                6.845 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallel-24                  173939835                6.875 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallel-24                  181574010                6.987 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallel-24                  173716432                6.917 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSubnet
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSubnet-24                    16739224               118.0 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSubnet-24                     9131364               119.3 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSubnet-24                     8816920               121.8 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSubnet-24                     9259167               119.5 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelSubnet
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelSubnet-24            155859190                7.489 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelSubnet-24            159973749                7.607 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelSubnet-24            158976006                7.866 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelSubnet-24            157844370                7.564 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckMultipleSubnet
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckMultipleSubnet-24            12728920               141.6 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckMultipleSubnet-24             8121392               147.2 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckMultipleSubnet-24             7238390               150.5 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckMultipleSubnet-24             7525976               145.7 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelMultipleSubnet
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelMultipleSubnet-24    100000000               16.40 ns/op            8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelMultipleSubnet-24    129874810               16.35 ns/op            8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelMultipleSubnet-24    130746064               15.97 ns/op            8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelMultipleSubnet-24    128136829               16.20 ns/op            8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckAllSubnets
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckAllSubnets-24                 7030033               217.1 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckAllSubnets-24                 4592562               223.3 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckAllSubnets-24                 5514955               217.7 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckAllSubnets-24                 5381100               205.6 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelAllSubnets
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelAllSubnets-24        78653205                15.24 ns/op            8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelAllSubnets-24        71542933                15.69 ns/op            8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelAllSubnets-24        77864503                15.83 ns/op            8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelAllSubnets-24        68276124                15.79 ns/op            8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10Addresses
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10Addresses-24               17726733               113.0 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10Addresses-24                9864669               112.2 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10Addresses-24                9516404               107.2 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10Addresses-24               10851849               107.8 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10AddressesParallel
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10AddressesParallel-24       159951436                7.052 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10AddressesParallel-24       166051856                7.278 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10AddressesParallel-24       164930794                7.105 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10AddressesParallel-24       159986422                7.284 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20Addresses
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20Addresses-24               17803844               110.4 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20Addresses-24               14102856               108.9 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20Addresses-24               14054077               113.6 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20Addresses-24               12533685               117.3 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20AddressesParallel
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20AddressesParallel-24       162210136                6.922 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20AddressesParallel-24       161783959                7.123 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20AddressesParallel-24       168077814                7.269 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20AddressesParallel-24       167089930                7.203 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30Addresses
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30Addresses-24               18360225               111.5 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30Addresses-24               11634297               107.9 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30Addresses-24               10669686               104.5 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30Addresses-24               10049222               111.7 ns/op             8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30AddressesParallel
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30AddressesParallel-24       156527042                7.070 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30AddressesParallel-24       165206025                7.478 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30AddressesParallel-24       172193680                8.490 ns/op           8 B/op          1 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30AddressesParallel-24       165631020                7.392 ns/op           8 B/op          1 allocs/op
PASS
ok      github.com/gofiber/fiber/v3     115.348s

My proposed solution

goos: linux
goarch: amd64
pkg: github.com/gofiber/fiber/v3
cpu: AMD Ryzen 9 3900X 12-Core Processor            
Benchmark_Ctx_IsProxyTrusted
Benchmark_Ctx_IsProxyTrusted/NoProxyCheck
Benchmark_Ctx_IsProxyTrusted/NoProxyCheck-24            617246289                2.012 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/NoProxyCheck-24            604398892                1.972 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/NoProxyCheck-24            540851950                1.977 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/NoProxyCheck-24            569224873                2.000 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/NoProxyCheckParallel
Benchmark_Ctx_IsProxyTrusted/NoProxyCheckParallel-24    1000000000               0.1488 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/NoProxyCheckParallel-24    1000000000               0.1517 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/NoProxyCheckParallel-24    1000000000               0.1498 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/NoProxyCheckParallel-24    1000000000               0.1516 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimple
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimple-24    206944617                5.696 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimple-24    189700209                5.823 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimple-24    200323731                6.012 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimple-24    200586568                6.116 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimpleParallel
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimpleParallel-24            1000000000               0.4312 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimpleParallel-24            1000000000               0.4353 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimpleParallel-24            1000000000               0.4363 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimpleParallel-24            1000000000               0.4302 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck-24                          132334128                8.843 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck-24                          121564198                9.133 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck-24                          127911225                9.132 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck-24                          131801748                9.031 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallel
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallel-24                  1000000000               0.6727 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallel-24                  1000000000               0.6995 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallel-24                  1000000000               0.6798 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallel-24                  1000000000               0.7111 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSubnet
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSubnet-24                    64162332                19.34 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSubnet-24                    61056673                18.97 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSubnet-24                    58767282                19.26 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSubnet-24                    60737899                18.84 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelSubnet
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelSubnet-24            824892652                1.472 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelSubnet-24            802640113                1.439 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelSubnet-24            837806574                1.457 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelSubnet-24            821047902                1.444 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckMultipleSubnet
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckMultipleSubnet-24            26733908                43.12 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckMultipleSubnet-24            27515335                45.34 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckMultipleSubnet-24            27332385                44.15 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckMultipleSubnet-24            27317745                43.85 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelMultipleSubnet
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelMultipleSubnet-24    360951961                8.727 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelMultipleSubnet-24    363876369                8.762 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelMultipleSubnet-24    362400188                8.336 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelMultipleSubnet-24    363153147                8.864 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckAllSubnets
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckAllSubnets-24                 9778562               119.0 ns/op             0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckAllSubnets-24                 8083856               125.7 ns/op             0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckAllSubnets-24                 8894328               127.3 ns/op             0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckAllSubnets-24                 8111486               123.6 ns/op             0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelAllSubnets
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelAllSubnets-24        128206828                9.427 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelAllSubnets-24        127779043                9.485 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelAllSubnets-24        126454441                9.400 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelAllSubnets-24        125328006                9.835 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10Addresses
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10Addresses-24               20639256                55.86 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10Addresses-24               20758695                59.53 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10Addresses-24               20958236                59.17 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10Addresses-24               20398456                57.84 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10AddressesParallel
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10AddressesParallel-24       256720050                4.519 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10AddressesParallel-24       266713135                4.486 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10AddressesParallel-24       263473716                4.493 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10AddressesParallel-24       262789754                4.527 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20Addresses
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20Addresses-24                8347125               145.3 ns/op             0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20Addresses-24                7869093               144.6 ns/op             0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20Addresses-24                7008846               146.5 ns/op             0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20Addresses-24                8545388               145.5 ns/op             0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20AddressesParallel
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20AddressesParallel-24       102893182               11.75 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20AddressesParallel-24       95427874                11.79 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20AddressesParallel-24       88052991                11.83 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20AddressesParallel-24       92519104                11.71 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30Addresses
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30Addresses-24                6349824               191.6 ns/op             0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30Addresses-24                5549013               195.3 ns/op             0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30Addresses-24                5489998               194.0 ns/op             0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30Addresses-24                5354854               198.6 ns/op             0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30AddressesParallel
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30AddressesParallel-24       76196077                15.65 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30AddressesParallel-24       70849645                15.65 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30AddressesParallel-24       70699461                15.72 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30AddressesParallel-24       73972603                15.67 ns/op            0 B/op          0 allocs/op
PASS
ok      github.com/gofiber/fiber/v3     107.878s

[xEricL]

@xEricL I have two fixes:

• Using an IP Trie
• Using the built-in golang functions to detect if IP is private

Did you find something else?

I have my stuff in my VM, just been busy with life 😂

I've never heard of an IP Trie before, but after googling it a bit it appears that might be a great solution for efficiently checking if the IP is within a range. In any case, that still leaves the overheard from ip.String() if we stick with the trustedProxiesMap for storing individual IPs.

[xEricL]

@gaby I found a better solution than using an arrray, since it probably isn't ideal to sacrifice performance if developers specify 30+ ip addresses.

Perhaps we keep the map but use [16]byte as the key, since it avoids the overhead from ip.String(). It looks a bit ugly and maybe I'm overlooking a serious flaw. If that is the case, please let me know and forgive me for my stupidity 🤣

Here is implementation: 3d2c8e1

Here are the benchmarks:

goos: linux
goarch: amd64
pkg: github.com/gofiber/fiber/v3
cpu: AMD Ryzen 9 3900X 12-Core Processor            
Benchmark_Ctx_IsProxyTrusted
Benchmark_Ctx_IsProxyTrusted/NoProxyCheck
Benchmark_Ctx_IsProxyTrusted/NoProxyCheck-24            622869054                2.029 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/NoProxyCheck-24            614042248                1.989 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/NoProxyCheck-24            541544001                2.131 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/NoProxyCheck-24            519463242                2.055 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/NoProxyCheckParallel
Benchmark_Ctx_IsProxyTrusted/NoProxyCheckParallel-24    1000000000               0.1767 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/NoProxyCheckParallel-24    1000000000               0.1838 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/NoProxyCheckParallel-24    1000000000               0.1917 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/NoProxyCheckParallel-24    1000000000               0.1866 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimple
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimple-24    151092057                8.075 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimple-24    145398632                7.839 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimple-24    148868292                7.918 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimple-24    154412205                7.968 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimpleParallel
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimpleParallel-24            1000000000               0.6126 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimpleParallel-24            1000000000               0.6120 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimpleParallel-24            1000000000               0.6103 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimpleParallel-24            1000000000               0.6389 ns/op          0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck-24                          70232811                16.77 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck-24                          74220379                17.15 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck-24                          73348520                16.85 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck-24                          68849607                17.61 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallel
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallel-24                  928642455                1.243 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallel-24                  959787679                1.220 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallel-24                  910924426                1.263 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallel-24                  909145801                1.229 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSubnet
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSubnet-24                    53370284                22.89 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSubnet-24                    53492571                23.13 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSubnet-24                    51564986                23.35 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSubnet-24                    54520773                22.79 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelSubnet
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelSubnet-24            680989587                1.766 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelSubnet-24            701610202                1.720 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelSubnet-24            691389550                1.724 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelSubnet-24            705371517                1.724 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckMultipleSubnet
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckMultipleSubnet-24            23234601                47.23 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckMultipleSubnet-24            26301228                45.56 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckMultipleSubnet-24            22220694                46.29 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckMultipleSubnet-24            25056038                47.60 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelMultipleSubnet
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelMultipleSubnet-24    354335451                9.033 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelMultipleSubnet-24    353501385                8.202 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelMultipleSubnet-24    349242138                9.068 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelMultipleSubnet-24    351701113                7.451 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckAllSubnets
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckAllSubnets-24                 9617131               128.1 ns/op             0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckAllSubnets-24                 9885453               125.8 ns/op             0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckAllSubnets-24                 8005768               125.9 ns/op             0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckAllSubnets-24                 7921315               129.0 ns/op             0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelAllSubnets
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelAllSubnets-24        129226399                9.231 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelAllSubnets-24        129307545                9.221 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelAllSubnets-24        129116313                9.524 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelAllSubnets-24        100000000               10.52 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10Addresses
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10Addresses-24               48022063                23.33 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10Addresses-24               61927863                20.38 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10Addresses-24               47879314                21.00 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10Addresses-24               62752130                20.07 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10AddressesParallel
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10AddressesParallel-24       871034166                1.246 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10AddressesParallel-24       830964984                1.354 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10AddressesParallel-24       885383817                1.234 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck10AddressesParallel-24       860581920                1.337 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20Addresses
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20Addresses-24               58747732                23.62 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20Addresses-24               65644263                19.06 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20Addresses-24               60227331                18.89 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20Addresses-24               61734218                20.60 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20AddressesParallel
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20AddressesParallel-24       943296964                1.218 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20AddressesParallel-24       992621215                1.229 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20AddressesParallel-24       961114107                1.222 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck20AddressesParallel-24       958675080                1.172 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30Addresses
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30Addresses-24               60216093                19.16 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30Addresses-24               59357103                21.74 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30Addresses-24               58708578                18.73 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30Addresses-24               53247742                20.84 ns/op            0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30AddressesParallel
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30AddressesParallel-24       939241360                1.289 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30AddressesParallel-24       796786506                1.471 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30AddressesParallel-24       876189866                1.225 ns/op           0 B/op          0 allocs/op
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck30AddressesParallel-24       924505226                1.488 ns/op           0 B/op          0 allocs/op
PASS
ok      github.com/gofiber/fiber/v3     104.671s

[gaby]

@xEricL I will check in 30mins my VM to see the difference with IPTrie.

[ReneWerner87]

@gaby is it ready ?

[gaby]

@ReneWerner87 Not yet

@xEricL These are the benchmark results using an IPTree structure:

Running tool: /snap/go/current/bin/go test -benchmem -run=^$ -bench ^Benchmark_Ctx_IsProxyTrusted$ github.com/gofiber/fiber/v3 -count=1

goos: linux
goarch: amd64
pkg: github.com/gofiber/fiber/v3
cpu: AMD Ryzen 7 7800X3D 8-Core Processor
=== RUN   Benchmark_Ctx_IsProxyTrusted
Benchmark_Ctx_IsProxyTrusted
=== RUN   Benchmark_Ctx_IsProxyTrusted/NoProxyCheck
Benchmark_Ctx_IsProxyTrusted/NoProxyCheck
Benchmark_Ctx_IsProxyTrusted/NoProxyCheck-8             927750666                1.283 ns/op           0 B/op          0 allocs/op
=== RUN   Benchmark_Ctx_IsProxyTrusted/NoProxyCheckParallel
Benchmark_Ctx_IsProxyTrusted/NoProxyCheckParallel
Benchmark_Ctx_IsProxyTrusted/NoProxyCheckParallel-8     1000000000               0.2021 ns/op          0 B/op          0 allocs/op
=== RUN   Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimple
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimple
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimple-8     97314169                11.72 ns/op            0 B/op          0 allocs/op
=== RUN   Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimpleParallel
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimpleParallel
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSimpleParallel-8             662134918                1.793 ns/op           0 B/op          0 allocs/op
=== RUN   Benchmark_Ctx_IsProxyTrusted/WithProxyCheck
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck
Benchmark_Ctx_IsProxyTrusted/WithProxyCheck-8                           83734636                14.43 ns/op            0 B/op          0 allocs/op
=== RUN   Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallel
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallel
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallel-8
480217296                2.565 ns/op           0 B/op          0 allocs/op
=== RUN   Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSubnet
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSubnet
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckSubnet-8
75707968                15.67 ns/op            0 B/op          0 allocs/op
=== RUN   Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelSubnet
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelSubnet
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelSubnet-8             463856074                2.508 ns/op           0 B/op          0 allocs/op
=== RUN   Benchmark_Ctx_IsProxyTrusted/WithProxyCheckMultipleSubnet
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckMultipleSubnet
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckMultipleSubnet-8             49793104                24.35 ns/op            0 B/op          0 allocs/op
=== RUN   Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelMultipleSubnet
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelMultipleSubnet
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelMultipleSubnet-8     298989013                4.056 ns/op           0 B/op          0 allocs/op
=== RUN   Benchmark_Ctx_IsProxyTrusted/WithProxyCheckAllSubnets
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckAllSubnets
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckAllSubnets-8
39440409                30.48 ns/op            0 B/op          0 allocs/op
=== RUN   Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelAllSubnets
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelAllSubnets
Benchmark_Ctx_IsProxyTrusted/WithProxyCheckParallelAllSubnets-8         246390986                4.814 ns/op           0 B/op          0 allocs/op
PASS
ok      github.com/gofiber/fiber/v3     16.049s

[gaby]

@xEricL Summary:

Test Case	Ryzen 9 3900X (ns/op)	Ryzen 7 7800X3D (ns/op)	Difference (ns/op)	% Change
NoProxyCheck (Single)	~2.06	1.283	-0.777	-37.72%
NoProxyCheck (Parallel)	~0.18	0.2021	0.0221	12.28%
WithProxyCheckSimple (Single)	~7.95	11.72	3.77	47.42%
WithProxyCheckSimple (Parallel)	~0.62	1.793	1.173	189.19%
WithProxyCheck (Single)	~17.12	14.43	-2.69	-15.72%
WithProxyCheck (Parallel)	~1.24	2.565	1.325	106.85%
WithProxyCheckSubnet (Single)	~22.79	15.67	-7.12	-31.25%
WithProxyCheckSubnet (Parallel)	~1.72	2.508	0.788	45.81%
WithProxyCheckMultipleSubnet (Single)	~46.67	24.35	-22.32	-47.82%
WithProxyCheckMultipleSubnet (Parallel)	~8.44	4.056	-4.384	-51.94%
WithProxyCheckAllSubnets (Single)	~127.20	30.48	-96.72	-76.06%
WithProxyCheckAllSubnets (Parallel)	~9.37	4.814	-4.556	-48.61%
WithProxyCheck10Addresses (Single)	~22.69	21.20	-1.49	-6.57%
WithProxyCheck10Addresses (Parallel)	~1.293	1.306	0.013	1.01%
WithProxyCheck20Addresses (Single)	~20.54	20.39	-0.15	-0.73%
WithProxyCheck20Addresses (Parallel)	~1.210	1.243	0.033	2.73%
WithProxyCheck30Addresses (Single)	~20.12	20.12	0.00	0.00%
WithProxyCheck30Addresses (Parallel)	~1.368	1.368	0.00	0.00%

The parallel tests being faster in your CPU makes sense since it's a Ryzen 9. What i can determine is:

• For simple proxy check we should use the Map, since it's faster. For anything using subnets we should use an IPTree.

[xEricL]

• For simple proxy check we should use the Map, since it's faster. For anything using subnets we should use an IPTree.

@gaby I agree. These benchmarks look promising. Nice work 👍🏻

[ReneWerner87]

So it's ready for review, right?

[gaby]

@ReneWerner87 Yes, i will do the changes to improve performance in a separate PR once the IPTree funcs are added to gofiber/utils

[coderabbitai]

Actionable comments posted: 1

Out of diff range and nitpick comments (1)

ctx_test.go (1)

5760-5986: Ensure consistent use of comments and formatting in the benchmark Benchmark_Ctx_IsProxyTrusted.

It's good practice to maintain consistency in comment styles and code formatting. This helps in improving the readability and maintainability of the code.