Proxy protocol (proto)

config.core.v3.ProxyProtocolPassThroughTLVs

[config.core.v3.ProxyProtocolPassThroughTLVs proto]

{
  "match_type": ...,
  "tlv_type": []
}
match_type

(config.core.v3.ProxyProtocolPassThroughTLVs.PassTLVsMatchType) The strategy to pass through TLVs. Default is INCLUDE_ALL. If INCLUDE_ALL is set, all TLVs will be passed through no matter the tlv_type field.

tlv_type

(repeated uint32) The TLV types that are applied based on match_type. TLV type is defined as uint8_t in proxy protocol. See the spec for details.

Enum config.core.v3.ProxyProtocolPassThroughTLVs.PassTLVsMatchType

[config.core.v3.ProxyProtocolPassThroughTLVs.PassTLVsMatchType proto]

INCLUDE_ALL

(DEFAULT) ⁣Pass all TLVs.

INCLUDE

⁣Pass specific TLVs defined in tlv_type.

config.core.v3.TlvEntry

[config.core.v3.TlvEntry proto]

Represents a single Type-Length-Value (TLV) entry.

{
  "type": ...,
  "value": ...
}
type

(uint32) The type of the TLV. Must be a uint8 (0-255) as per the Proxy Protocol v2 specification.

value

(bytes) The value of the TLV. Must be at least one byte long.

config.core.v3.ProxyProtocolConfig

[config.core.v3.ProxyProtocolConfig proto]

{
  "version": ...,
  "pass_through_tlvs": {...},
  "added_tlvs": []
}
version

(config.core.v3.ProxyProtocolConfig.Version) The PROXY protocol version to use. See https://www.haproxy.org/download/2.1/doc/proxy-protocol.txt for details

pass_through_tlvs

(config.core.v3.ProxyProtocolPassThroughTLVs) This config controls which TLVs can be passed to upstream if it is Proxy Protocol V2 header. If there is no setting for this field, no TLVs will be passed through.

added_tlvs

(repeated config.core.v3.TlvEntry) This config allows additional TLVs to be included in the upstream PROXY protocol V2 header. Unlike pass_through_tlvs, which passes TLVs from the downstream request, added_tlvs provides an extension mechanism for defining new TLVs that are included with the upstream request. These TLVs may not be present in the downstream request and can be defined at either the transport socket level or the host level to provide more granular control over the TLVs that are included in the upstream request.

Host-level TLVs are specified in the metadata.typed_filter_metadata field under the envoy.transport_sockets.proxy_protocol namespace.

49                address: 127.0.0.1
50                port_value: 8080
51          metadata:
52            typed_filter_metadata:
53              envoy.transport_sockets.proxy_protocol:
54                "@type": type.googleapis.com/envoy.config.core.v3.PerHostConfig
55                added_tlvs:
56                - type: 0xEE
57                  value: b3ZlcnJpZGU=

Precedence behavior:

  • When a TLV is defined at both the host level and the transport socket level, the value from the host level configuration takes precedence. This allows users to define default TLVs at the transport socket level and override them at the host level.

  • Any TLV defined in the pass_through_tlvs field will be overridden by either the host-level or transport socket-level TLV.

Enum config.core.v3.ProxyProtocolConfig.Version

[config.core.v3.ProxyProtocolConfig.Version proto]

V1

(DEFAULT) ⁣PROXY protocol version 1. Human readable format.

V2

⁣PROXY protocol version 2. Binary format.

config.core.v3.PerHostConfig

[config.core.v3.PerHostConfig proto]

{
  "added_tlvs": []
}
added_tlvs

(repeated config.core.v3.TlvEntry) Enables per-host configuration for Proxy Protocol.