Hope that proxy_protocol can be enabled to receive (PROXY protocol v2) when the HTTP/3 server is running.

[lxhao61]

The caddy-l4 plugin is testing the support for sending proxy_protocol (PROXY protocol v2) over UDP.
Hope that proxy_protocol can be enabled to receive (PROXY protocol v2) when the HTTP/3 server is running.
Implementation example:

{
	log {
		level DEBUG
	}
	layer4 {
		tcp/:443 {
			@tsni tls sni zz.yy
			route @tsni {
				proxy {
					proxy_protocol v2
					upstream unix/@uds7443.sock
				}
			}
			route {
				proxy {
					proxy_protocol v2
					upstream tcp/127.0.0.1:8443
				}
			}
		}
		udp/:443 {
			@qsni quic sni xx.yy
			route @qsni {
				proxy {
					upstream udp/127.0.0.1:2443
				}
			}
			route {
				proxy {
					proxy_protocol v2
					upstream udp/127.0.0.1:8443
				}
			}
		}
	}
	servers 127.0.0.1:8443 {
		listener_wrappers {
			proxy_protocol {
				allow 127.0.0.1/32
			}
			tls
		}
	}
}

:8443, xx.zz:8443 {
	bind 127.0.0.1

	header {
		Alt-Svc "h3=\":443\"; ma=2592000"
		Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
	}
	file_server {
		root /var/www/html
	}
}

Related links:
1.mholt/caddy-l4#269
2.mholt/caddy-l4#283

[vnxme]

Good idea! Technically speaking, listener_wrappers do only exist for TCP connections, as they are implemented as net.Conn and net.Listener. UDP is connectionless, so it's implemented as net.PacketConn. Thus we have to develop a kind of packet_conn_wrappers mechanism to provide for processing anything (e.g. proxy protocol, layer4, etc.) before HTTP3 gets the incoming datagram.

By the way, if we do the above, I'd rather call them tcp_wrappers and udp_wrappers instead to account for those who don't speak golang.

[mholt]

tcp_wrappers is probably a better name for it, yeah. Might be too late to change it (easily) but we can look into it. If anyone wants to tinker with an implementation for this issue (if it's not too complicated), we can review it when we have a chance!