package envoy.extensions.quic.connection_id_generator.quic_lb.v3

Get desktop application:
View/edit binary Protocol Buffers messages

Configuration for a connection ID generator implementation for the QUIC-LB draft RFC for routable connection IDs. Connection IDs always have the length self encoded, as described in https://datatracker.ietf.org/doc/html/draft-ietf-quic-load-balancers#name-length-self-description. See https://datatracker.ietf.org/doc/html/draft-ietf-quic-load-balancers for details. .. warning:: This is still a work in progress. Performance is expected to be poor. Interoperability testing has not yet been performed. [#next-free-field: 6]

• bool unsafe_unencrypted_testing_mode = 1

  Use the unencrypted mode. This is useful for testing, but allows for linking different CIDs for the same connection, and leaks information about the valid server IDs in use. This should only be used for testing.

• optional config.core.v3.DataSource server_id = 2

  Must be at least 1 octet. The length of server_id and nonce_length_bytes must be 18 or less. See https://datatracker.ietf.org/doc/html/draft-ietf-quic-load-balancers#name-server-id-allocation.

• uint32 expected_server_id_length = 3

  Optional validation of the expected server ID length. If this is non-zero and the value in ``server_id`` does not have a matching length, a configuration error is generated. This can be useful for validating that the server ID is valid.

• uint32 nonce_length_bytes = 4

  The nonce length must be at least 4 bytes. The length of server_id and nonce_length_bytes must be 18 bytes or less.

• optional transport_sockets.tls.v3.SdsSecretConfig encryption_parameters = 5

  Configuration to fetch the encryption key and configuration version. The SDS service is for a :ref:`GenericSecret <envoy_v3_api_msg_extensions.transport_sockets.tls.v3.GenericSecret>`. The data should populate :ref:`secrets <envoy_v3_api_field_extensions.transport_sockets.tls.v3.GenericSecret.secrets>`: "encryption_key" must contain the 16 byte encryption key. "configuration_version" must contain a 1 byte unsigned integer of value less than 7. See https://datatracker.ietf.org/doc/html/draft-ietf-quic-load-balancers#name-config-rotation.