zrepl icon indicating copy to clipboard operation
zrepl copied to clipboard

Published 20 hours ago verified publisher icon zrepl

transport tcp: allow client to specify its `client_identity` to enable dynamic IPs

Open problame opened this issue 1 year ago • 1 comments

Problem

Currently, the serve (sink,source) side determines the client_identity exclusively based on the client IP address.

This doesn't work well in

  • environment with dynamic client IPs (DHCP, VPNs)
  • NAT

Solution

Allow the client to announce its identity and if the server has opted in, accept that.

connect:
  type: tcp
  client_identity: laptop
  address: backupserver.yak-bebop.ts.net:1234 # 100.64.23.42:1234

serve:
  listen: ...
  clients:
    # old way, needs to be supported
    "192.168.122.123": "mysql01"
    "10.23.42.0/24": "cluster-*"
    # this feature
    "client:laptop": "laptop"
    # future
    "rdns:somebox.example.net": "sombebox"

Syntax is up for debate.

(cf https://zrepl.github.io/configuration/transports.html#tcp-transport )

Implementation Constraints

It's ok to break the network protocol, just bump the protocol version:

https://github.com/zrepl/zrepl/blob/908807bd59d8fa76bf4db51b4ca64466fba65ae1/internal/rpc/versionhandshake/versionhandshake.go#L192-L195

I don't think there's a way to avoid breaking the protocol.

Refs

refs https://github.com/zrepl/zrepl/issues/817

problame avatar Oct 27 '24 21:10 problame

Anyone who wants to implement this, please post here before starting to do it - I might get back to this in ~2 weeks if time permits.

problame avatar Oct 27 '24 21:10 problame

I'm going to tackle this one in the following week or two. I took a quick look at the code and it appears that the RPC versioning mechanism has some basic support for 'extensions' which would be useful here, but it's only implemented at the handshake layer. Nothing above that layer knows how to request support for extensions or determine if the other end supports them.

kpfleming avatar Aug 10 '25 12:08 kpfleming