Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: support to maintain udp conn state #493

Merged
merged 7 commits into from
Apr 8, 2024
Merged

feat: support to maintain udp conn state #493

merged 7 commits into from
Apr 8, 2024

Conversation

mzz2017
Copy link
Contributor

@mzz2017 mzz2017 commented Apr 7, 2024
edited
Loading

Background

In the past, the eBPF program did not track UDP connections, which resulted in us needing to explicitly add the UDP listen port to the whitelist in routing, which was inelegant.

In this PR, we introduced bpf_timer to maintain the connection state of UDP to solve this problem.

By default, the UDP connection timeout is 300s.

Notice: Kernel version >= 5.15 is required to use bpf_timer, thus the requirement for wan proxy is increased.

Checklist

Full Changelogs

  • [Implement ...]

Issue Reference

Closes #475

Test Result

@mzz2017 mzz2017 requested a review from a team as a code owner April 7, 2024 13:18
@mzz2017 mzz2017 requested review from a team as code owners April 7, 2024 13:33
jschwinger233
jschwinger233 previously approved these changes Apr 8, 2024
View reviewed changes
@sumire88
Copy link
Contributor

sumire88 commented Apr 8, 2024

Could we also fix the linting error?

dae-prow[bot]
dae-prow bot previously approved these changes Apr 8, 2024
View reviewed changes
Copy link
Contributor

@dae-prow dae-prow bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧪 Since the PR has been fully tested, please consider merging it.

@sumire88 sumire88 requested a review from a team April 8, 2024 11:09
@mzz2017 mzz2017 dismissed stale reviews from dae-prow[bot] and jschwinger233 via 523cd1d April 8, 2024 11:33
@mzz2017 mzz2017 mentioned this pull request Apr 8, 2024
Closed
@mzz2017 mzz2017 force-pushed the mzz/input_udp_state branch from 76c9c8f to 20401ae Compare April 8, 2024 12:01
@LostAttractor
Copy link
Contributor

LostAttractor commented Apr 8, 2024
edited
Loading

In my simple test, for DNS traffic it works as expected.
Also, It seems possible to do something similar with lan proxy?

@jschwinger233 jschwinger233 added the documentation Improvements or additions to documentation label Apr 8, 2024
@mzz2017 mzz2017 merged commit 605f005 into main Apr 8, 2024
30 checks passed
@mzz2017 mzz2017 deleted the mzz/input_udp_state branch April 8, 2024 14:23
@dae-prow dae-prow bot mentioned this pull request Apr 8, 2024
Merged
@dae-prow dae-prow bot mentioned this pull request Apr 15, 2024
Closed
@mzz2017 mzz2017 mentioned this pull request Apr 23, 2024
Merged
3 tasks
@dae-prow dae-prow bot mentioned this pull request Jun 11, 2024
Closed
@mzz2017 mzz2017 mentioned this pull request Jun 14, 2024
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jschwinger233 jschwinger233 jschwinger233 approved these changes

@sumire88 sumire88 sumire88 approved these changes

@dae-prow dae-prow[bot] dae-prow[bot] left review comments

Assignees

@mzz2017 mzz2017

Labels
documentation Improvements or additions to documentation feature tested
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Enhancement] UDP 没有连接追踪, 回复流量可能被代理 (进入dae0)
4 participants
@mzz2017 @sumire88 @LostAttractor @jschwinger233