-
Notifications
You must be signed in to change notification settings - Fork 171
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(iroh-relay): Rate-limit client connections (#2961)
## Description Add a rate limit to the incoming data from client connections. ## Breaking Changes If not configured there is now a default rate limit for incoming data from client connections: 4KiB/s steady-stream and 16MiB burst capacity. ## Notes & open questions - The choice here is made to rate-limit the incoming bytes, regardless of what they are. The benefit is that the incoming stream is slowed down, pushing back to the client over the TCP connection. The downside is that someone who is rate-limited will get a fairly bad experience since all DISCO traffic is also delayed. - Only rate-limiting non-disco traffic is an option, but it would not push back on the TCP stream, which is worse as then you'd still have to swallow all the incoming traffic. Also it would be open to abuse fairly easy as the detection of disco packets is based on a magic number which could easily be spoofed. - Maybe the `RateLimitedRelayedStream` should live in `stream.rs` next to the `RelayedStream`? Not really sure. ### TODO - [x] Allow rate-limit configuration in the config file. - [x] Test config file loading. - [x] Set a sensible default rate-limit. - [x] Improve tests to more fully test the rate limiting. - [x] Metrics when rate limits are hit. ## Change checklist - [x] Self-review. - [x] Documentation updates following the [style guide](https://rust-lang.github.io/rfcs/1574-more-api-documentation-conventions.html#appendix-a-full-conventions-text), if relevant. - [x] Tests if relevant. - [x] All breaking changes documented.
- Loading branch information
Showing
13 changed files
with
488 additions
and
101 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.