On Tue, Dec 31, 2019 at 11:38:06AM -0500, Wietse Venema wrote:
> I have a question about the v2 protocol spec.
>
> - \x0 : LOCAL : the connection was established on purpose by the
> proxy without being relayed. The connection endpoints are the
> sender and the receiver. Such connections exist when the proxy
> sends health-checks to the server. The receiver must accept this
> connection as valid and must use the real connection endpoints and
> discard the protocol block including the family which is ignored.
>
> Real connection == the endpoints of the TCP connection from proxy to
> Postfix?
That would be my reading of that text, most likely a health-check or
other proxy-initiated connection.
> - 0x0 : AF_UNSPEC : the connection is forwarded for an unknown,
> unspecified or unsupported protocol. The sender should use this
> family when sending LOCAL commands or when dealing with
> unsupported protocol families. The receiver is free to accept the
> connection anyway and use the real endpoint addresses or to reject
> it. The receiver should ignore address information.
>
> What does 'reject' mean in this context? If it means closing the
> connection, what is the point of rejecting a connection that was
> made for the purpose of a health check?
Yes, reject == close, but presumably only if the connection was not
proxy-originated, i.e. not LOCAL. For Postfix, if the proxy cannot
provide any address information, for a forwarded connection (should
"never" happen in practice) we probably should close the connection.
--
Viktor.
