Skip to Content [alt-c]

Comment

In reply to Writing an SNI Proxy in 115 Lines of Go

Reader Nuno on 2021-01-25 at 11:38:

Hi, nice work!

If you're using this on Linux, I advise doing away with the io.MultiReader. Just return the bytes.Buffer, and io.Copy both. net.TCPConn implements io.ReaderFrom using the splice(2) syscall, which makes this much more efficient (everything happens in kernel space). io.Copy uses this implementation if it gets the unwrapped net.TCPConn.

Note, however, that this raises the number of open files. Every proxied connection uses 6 fds, 2 for the TCP connections and 4 pipes; your version is doing io.Copy on the return connection so it uses 4 fds per proxied connection.

So if you're using this for something more popular this might require some ulimit magic (the default is 1024, which is good for about 170 proxied connections).

Reply

Post a Reply

Your comment will be public. If you would like to contact me privately, please email me. Please keep your comment on-topic, polite, and comprehensible.

(Optional; will be published)

(Optional; will not be published)

(Optional; will be published)

  • Blank lines separate paragraphs.
  • Lines starting with ">" are indented as block quotes.
  • Lines starting with two spaces are reproduced verbatim.
  • Text surrounded by *asterisks* is italicized.
  • Text surrounded by `back ticks` is monospaced.
  • URLs are turned into links.
  • Use the Preview button to check your formatting.