envoy icon indicating copy to clipboard operation
envoy copied to clipboard

Published 20 hours ago verified publisher icon envoyproxy

CONNECT-IP (RFC 9484) support

Open ericorth opened this issue 5 months ago • 2 comments

Title:

Add support in Envoy for CONNECT-IP (RFC 9484)

Description:

Envoy has long supported HTTP CONNECT, a mechanism that allows tunneling the data stream inside TCP over an HTTP stream. Recently, support was added (#23564) for CONNECT-UDP (RFC 9298), a similar mechanism that allows tunneling UDP (and subsequently QUIC and HTTP/3 connections) inside an HTTP stream.

We propose and plan to contribute similar Envoy support for CONNECT-IP. RFC 9484, Proxying IP in HTTP, colloquially and here referred to as “CONNECT-IP”, is a similar newly IETF-standardized protocol for tunneling IP packets over an HTTP stream. This functionality is generally useful to tunnel multi-transport data such as is needed to implement VPN connections.

See this Design Document for our detailed plan.

ericorth avatar Sep 18 '24 19:09 ericorth