summaryrefslogtreecommitdiffhomepage
path: root/control/controlhttp/controlhttpserver/controlhttpserver.go
diff options
context:
space:
mode:
authorMike O'Driscoll <mikeo@tailscale.com>2026-04-07 18:40:41 -0400
committerGitHub <noreply@github.com>2026-04-07 18:40:41 -0400
commite689283ebdc8ea18f0631d97a2f8a00d722fe511 (patch)
treec07323b565c71cc21980d382bc834e188184455e /control/controlhttp/controlhttpserver/controlhttpserver.go
parentbd09e84a6e2f4ee0d1c1f5cda5b1237d52fbd646 (diff)
downloadtailscale-e689283ebdc8ea18f0631d97a2f8a00d722fe511.tar.xz
tailscale-e689283ebdc8ea18f0631d97a2f8a00d722fe511.zip
derp/derpserver: add per-connection receive rate limiting (#19222)
Add server-side per-client bandwidth enforcement using TCP backpressure. When configured, the server calls WaitN after reading each DERP frame, which delays the next read, fills the TCP receive buffer, shrinks the TCP window, and naturally throttles the sender — no packets are dropped. - Rate limiting is on the receive (inbound) side, which is what an abusive client controls - Mesh peers are exempt since they are trusted infrastructure - The burst size is at least MaxPacketSize (64KB) to ensure a single max-size frame can always be processed Also refactors sclient to store a context.Context directly instead of a done channel, which simplifies the rate limiter's WaitN call. Flags added to cmd/derper: --per-client-rate-limit (bytes/sec, default 0 = unlimited) --per-client-rate-burst (bytes, default 0 = 2x rate limit) Example for 10Mbps: --per-client-rate-limit=1250000 Updates #38509 Signed-off-by: Mike O'Driscoll <mikeo@tailscale.com>
Diffstat (limited to 'control/controlhttp/controlhttpserver/controlhttpserver.go')
0 files changed, 0 insertions, 0 deletions