Skip to content

Latest commit

 

History

History
70 lines (60 loc) · 3.84 KB

2017-05-28.md

File metadata and controls

70 lines (60 loc) · 3.84 KB

Weekly VPNkit dev report for 2017-05-15 to 2017-05-28 (weeks 20 and 21)

This report covers weekly developments in the moby/vpnkit, mirage/ocaml-dns, mirage/ocaml-hvsock, djs55/ocaml-osx-dnssd, mirage/mirage-tcpip and djs55/ocaml-dns-forward repositories. These form the basis of the VPNKit toolkit used to translate container network traffic into native platform socket calls on Windows and OSX.

VPNKit now has an experimental transparent HTTP proxy builtin, which lets it proxy all outgoing traffic on port 80 at the HTTP level, and all outgoing traffic on port 443 via HTTP CONNECT. This has the advantage that the client doesn't need to know it's being proxied so that if the client moves on the network everything continues to work. (moby/vpnkit#225 @djs55).

Scalability of VPNKit was also improved for a large number of connections, and is now configurable via the --listen-backlog <n> flag.

Various spurious DNS failures were also fixed, leading to the release of mirage/ocaml-dns:0.20.1.

One area where we could use contributions in TCP/IP is with the test suite, to help spot regressions in performance and retransmission behaviour. Please see mirage/mirage-tcpip#140 or mirage/mirage-tcpip#314 for more information, as well as the testing tcpip page on the MirageOS dev wiki.

PRs merged

Other reports in this series can be browsed directly in the repository at moby/vpnkit:/reports.