New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CONNECT-UDP example configuration error #33775
Comments
@jeongseokson could you take a look at this one please? |
Hi @Bfarkiani, thank you for reporting the issue. Does sending a CONNECT-UDP request directly to the server-proxy work? I will try to test the forwarding and terminating proxy two-hop setup myself and see if there's any issue in the current example configs. |
Hi @jeongseokson
So, it seems that sending directly to the server works fine. |
Thanks for the update. I will test the two proxy setup myself when time permits to see if I can reproduce the issue. |
If you are reporting any crash or any potential security issue, do not
open an issue in this repo. Please report the issue via emailing
envoy-security@googlegroups.com where the issue will be triaged appropriately.
Title: CONNECT-UDP example configuration error
Description:
I am trying to test the configuration provided in https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/http/upgrades#connect-udp-support. I am also using quiche masque_client https://github.com/google/quiche/tree/main/quiche/quic/masque. Also I am using envoy:dev latest container. The client side proxy configuration is as below:
Server side proxy (192.168.170.128) that terminates connect-udp and forward request to google is as follows:
And the command for masque client is
./masque_client --disable_certificate_verification=true 127.0.0.1:10000 https://www.google.com
It fails. The output of client envoy is
The server envoy output is
The client and server envoy proxies both use the same self-signed certificate, and the configuration is the same as provided in the website.
If I enable auto_sni in client side :
I still get the following error
I also changed server proxy to the follow and nothing changed:
Thank you for checking this.
The text was updated successfully, but these errors were encountered: