personal_interest_mirrors/nebula
1
0
Fork 0
mirror of https://github.com/slackhq/nebula.git synced 2026-05-16 12:57:38 +02:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Address PR feedback: remove outbound rate limit, improve config docs

Browse Source 
Remove rate limiting from StartHandshake (outbound) since DoS
protection only needs to limit inbound handshakes. This also avoids
returning nil from StartHandshake which historically always returned
non-nil. Update config comment to note openssl speed is single-core
and suggest scaling by routines.

Co-Authored-By: Claude <svc-devxp-claude@slack-corp.com>
This commit is contained in:
Jay Wren
2026-04-10 14:36:32 -04:00
parent 3df60ae195
commit 7794e93762
3 changed files with 12 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
handshake_manager.go
View File

@@ -496,14 +496,6 @@ func (hm *HandshakeManager) StartHandshake(vpnAddr netip.Addr, cacheCb func(*Han
return hh.hostinfo
}
// Check rate limit for new outbound handshakes
if !hm.handshakeRateAllow(time.Now()) {
hm.metricRateLimited.Inc(1)
hm.l.WithField("vpnAddr", vpnAddr).Debug("Handshake rate limit reached, dropping outbound handshake")
hm.Unlock()
return nil
}
hostinfo := &HostInfo{
vpnAddrs: []netip.Addr{vpnAddr},
HandshakePacket: make(map[uint8][]byte, 0),