awe4lb is a layer 4 load balancer

• TCP buffer sizes are currently determined by the Operating System.
• UDP buffer sizes are application specific. Default is 16384 bytes.

• Do not allow public access to the REST api, since it allows for full management. Expose it only within a trusted network perimeter.
• Most applications and use cases should work fine with the default TCP buffer size. However, applications which stream large amounts of data should make sure that the underlying hardware has enough memory capacity to handle backpressure from either clients or backends.

Note: the docker compose dependent tests can run on MacOS, but the networking setup is too cumbersome. So just run tests inside a Linux machine, much simpler.

Generate a self-signed SSL certificate for local subdomains:

openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
  -addext "subjectAltName = DNS:*.localhost" \
  -keyout ./awe4lb.key -out ./awe4lb.pem

1. Generate UDP connections in large numbers. This should exercise the LB's capability to clear out expired UDP sessions (TTL timeout).

• Schema modeling (configuration template).
• SSL connection tracking.
• ACME certificate issuance/renewal. For now, use certbot to rotate certificates, then restart awe4lb.

• UDP backend selection strategies (weight, random, round robin).
• Sticky session support.
• UDP Transparent proxying.

• DNS records.
• Exec return value.
• Any others provided by gobetween.

• Metrics capturing.
  • Bytes sent/received (global).
  • Whichever other metrics gobetween exposes.
• Metrics access (prometheus endpoint).

• REST API access for configuration changes.
• UI implementation.
• Documentation/Usage notes/caveats.

• https://www.envoyproxy.io/
• https://gost.run/
• https://github.com/yyyar/gobetween

• https://docs.oracle.com/en/java/javase/11/docs/specs/security/standard-names.html#jsse-cipher-suite-names
• https://stackoverflow.com/questions/53323855/sslserversocket-and-certificate-setup
• https://stackoverflow.com/a/62263402/491160
• https://github.com/raell2/SSLAsynchronousSocketChannel/tree/master
• https://stackoverflow.com/questions/14225957/socket-vs-socketchannel
• https://bugs.openjdk.org/browse/JDK-8202625
• yyyar/gobetween#335
• https://github.com/felipejfc/go-udp-echo-server

Test audio:

• https://archive.org/details/MusopenCollectionAsFlac/Bach_GoldbergVariations/JohannSebastianBach-16-GoldbergVariationsBwv.988-Variation15.CanonOnTheFifth.flac
• https://ia800307.us.archive.org/34/items/MusopenCollectionAsFlac/Bach_GoldbergVariations/JohannSebastianBach-16-GoldbergVariationsBwv.988-Variation15.CanonOnTheFifth.flac

In memory of James Perry McCaffrey (March 27, 1958 – December 17, 2023).