astelm/telemt
1
0
Fork 0
mirror of https://github.com/telemt/telemt.git synced 2026-06-27 05:11:11 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,725 Commits 2 Branches 97 Tags
840713a359a9275078a862e8e7d0b4d461b0d62b
Commit Graph

245 Commits

Author SHA1 Message Date
Alexey 840713a359 Merge pull request #847 from AndreyOsipuk/feat/client-mss-relay 
feat(server): client_mss_bulk — fragment only the handshake, restore MSS for bulk data (cuts pps)
 2026-06-20 22:10:04 +03:00
Andrey Osipuk 50b67a93d6 feat(server): client_mss_bulk — raise MSS after handshake to cut pps 
client_mss (e.g. "tspu", MSS=92) fragments the whole connection to evade
DPI on the ServerHello, but it also fragments bulk payload, multiplying
outgoing packets-per-second ~10x. On hosts whose abuse detection counts
pps (not bandwidth) this trips packet-flood limits.

Add an optional [server].client_mss_bulk: keep the low client_mss for the
handshake (ServerHello stays fragmented => DPI bypass intact), then raise
the client socket MSS to client_mss_bulk once the connection enters the
post-handshake (bulk transfer) phase, so bulk data uses normal-size
segments and pps drops back to normal. Same preset/int grammar as
client_mss. Opt-in: when unset, the handshake MSS is kept for the whole
connection (unchanged behavior).

Linux-only (setsockopt TCP_MAXSEG via raw fd, mirroring TCP_USER_TIMEOUT);
no-op on other unix. Documented in CONFIG_PARAMS.{en,ru}.
 2026-06-19 11:11:01 +03:00
Alexey 37d0184a0b Implement shared MTProto framing and ME address role separation 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-06-15 08:50:08 +03:00
Alexey d81d7dba62 Rustfmt 2026-06-14 19:59:06 +03:00
Alexey d414c73c9b Hardened KDF-Tuple + NAT Probing + Paddings 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-06-14 16:15:41 +03:00
Alexey 27a5f5a4ec MSS Tuning with config 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-06-06 12:11:05 +03:00
Alexey 462215b53c Dual-stack fixes for Upstreams by #798 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-06-01 19:50:26 +03:00
Alexey d4adf0ef9a ME: Bound writer queue waits under backpressure 2026-05-25 00:28:29 +03:00
Alexey dc8951eae8 Reduce MR + ME Routing hot-path contention 2026-05-22 20:19:09 +03:00
Alexey 77a7f89075 Reuse ME reader scratch buffer across read loop iterations 2026-05-22 19:56:38 +03:00
Alexey 9abaf9006c Prioritize Cancellation in MP select paths 2026-05-22 16:47:54 +03:00
Alexey 98c985091c Decomposing hot-path modules into focused submodules 
Signed-off-by: Alexey <247128645+axkurcom@users.noreply.github.com>
 2026-05-21 18:03:55 +03:00
Alexey c02c7fbe43 Reducing hot-path allocs + duplicate telemetry touchs 
Signed-off-by: Alexey <247128645+axkurcom@users.noreply.github.com>
 2026-05-20 17:07:54 +03:00
Alexey 8379b48f69 Fix hot-path replay bounds and ME control allocations 
Signed-off-by: Alexey <247128645+axkurcom@users.noreply.github.com>
 2026-05-20 14:05:22 +03:00
Alexey 914f141715 Exclusive Mask + Startup Speed-up 
Signed-off-by: Alexey <247128645+axkurcom@users.noreply.github.com>
 2026-05-19 22:17:59 +03:00
Alexey b2aa9b8c9e Hardened API & Management-plane Admission 
- bound API and metrics connection handling
- default metrics listener to localhost
- reject untrusted PROXY protocol peers before parsing headers
- cap API request body size and PROXY v2 payload allocation
- validate route usernames and TLS domains consistently
 2026-05-09 20:50:23 +03:00
Alexey 86573be493 Event-driven Wakeup for ME Admission-gate 2026-05-08 13:34:41 +03:00
Alexey 876b74ebf7 Hot-path Cleanup and Timeout Invariants 2026-04-29 23:16:11 +03:00
Alexey 37c916056a Rustfmt 2026-04-25 14:35:35 +03:00
Alexey 2f2fe9d5d3 Bound relay queues by bytes 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
Signed-off-by: Alexey <247128645+axkurcom@users.noreply.github.com>
 2026-04-25 13:54:20 +03:00
Alexey 4ce6b14bd8 Rustfmt 2026-04-21 13:31:24 +03:00
Alexey 1e5b84c0ed Fairshare Disabled semantics fix 2026-04-21 11:21:58 +03:00
Alexey 926e3aa987 Fairness Regression fixes 2026-04-21 01:11:43 +03:00
Alexey 9cb49bc024 Fix in Fairness tests 2026-04-19 19:03:45 +03:00
Alexey f1bf95a7de Merge pull request #718 from astronaut808/fix/me-downstream-retry 
Improve ME downstream retries for queued fairness backlog
 2026-04-18 14:03:37 +03:00
Alexey a54f9ba719 Merge branch 'flow' into feature/configurable-proxy-confi-urls 2026-04-18 11:16:38 +03:00
astronaut808 2d5cd9c8e1 Improve ME downstream retries for queued fairness backlog 2026-04-18 02:40:32 +05:00
Alexey 37b6f7b985 Weighted Fairness + 3-Leveled Pressure Model 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-04-18 00:37:04 +03:00
Alexey 50e9e5cf32 Active Ring and DRR Hardening 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-04-18 00:34:35 +03:00
Alexey d72cfd6bc4 Merge branch 'flow' into feature/configurable-proxy-confi-urls 2026-04-17 19:44:46 +03:00
Dmitry Zarva fa3566a9cb - fix: fmt issues 2026-04-17 16:20:16 +00:00
Alexey 3ca3e8ff0e Docker Health-Check 2026-04-17 16:36:15 +03:00
Dmitry Zarva 2a168b2600 feat: make URLS to obtain proxy_secret, getProxyConfig, getProxyConfigV6 files optionally configurable 2026-04-17 13:04:46 +00:00
Alexey 191ca35076 Update scheduler.rs 2026-04-17 11:20:58 +03:00
Alexey 44485a545e Fixes for unused imports 2026-04-17 11:06:42 +03:00
Alexey 17a966b822 Rustfmt 2026-04-17 10:48:01 +03:00
Alexey 5c99cd8eb7 Backpressure-driven Fairness 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-04-17 10:33:37 +03:00
Alexey 902a4e83cf Specific scopes for Connectivity by #699 and #700 2026-04-15 01:56:49 +03:00
Alexey 696316f919 Rustfmt 2026-04-15 01:39:47 +03:00
Alexey d7a0319696 Server.Listeners + Upstream V4/V6 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-04-15 01:32:49 +03:00
Alexey 13f86062f4 BINDTODEVICE for Direct Upstreams by #683 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-04-14 18:32:06 +03:00
Alexey 16c7a63fbc Fix test for single-endpoint DC 2026-04-12 10:38:22 +03:00
Alexey 69a73d5fec Merge pull request #647 from miniusercoder/flow 
fix(me): stabilize single-endpoint DC writer recovery and floor behavior
 2026-04-12 10:19:25 +03:00
sintanial ddeda8d914 feat: add configurable RST-on-close mode for client sockets 
Add `rst_on_close` config option (off/errors/always) to control
SO_LINGER(0) behaviour on accepted TCP connections.

- `off` (default): normal FIN on all closes, no behaviour change.
- `errors`: SO_LINGER(0) set on accept, cleared after successful
  handshake auth. Pre-handshake failures (scanners, DPI probes,
  timeouts) send RST instead of FIN, eliminating FIN-WAIT-1 and
  orphan socket accumulation. Authenticated relay sessions still
  close gracefully with FIN.
- `always`: SO_LINGER(0) on accept, never cleared — all closes
  send RST regardless of handshake outcome.
 2026-04-10 05:01:38 +03:00
Alexey 4a77335ba9 Round-bounded Retries + Bounded Retry-Round Constant 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-04-07 19:19:40 +03:00
miniusercoder 185e0081d7 fix(pool): improve endpoint handling during single endpoint outages 2026-04-07 18:57:22 +03:00
Alexey e8cf97095f QueueFall Bounded Retry on Data-route 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-04-07 18:41:59 +03:00
Alexey 3b717c75da Memory Hard-bounds + Handshake Budget in Metrics + No mutable in hotpath ConnRegistry 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-04-07 18:18:47 +03:00
miniusercoder b6a30c1b51 refactor: cargo fmt fixes 2026-04-07 13:52:35 +03:00
miniusercoder 2b8159a65e fix(pool): enhance reconnect logic for single-endpoint data centers 2026-04-06 21:06:53 +03:00