Dynamic forward proxy common configuration


[extensions.common.dynamic_forward_proxy.v3.DnsCacheCircuitBreakers proto]

Configuration of circuit breakers for resolver.

  "max_pending_requests": "{...}"

(UInt32Value) The maximum number of pending requests that Envoy will allow to the resolver. If not specified, the default is 1024.


[extensions.common.dynamic_forward_proxy.v3.DnsCacheConfig proto]

Configuration for the dynamic forward proxy DNS cache. See the architecture overview for more information.

  "name": "...",
  "dns_lookup_family": "...",
  "dns_refresh_rate": "{...}",
  "host_ttl": "{...}",
  "max_hosts": "{...}",
  "dns_failure_refresh_rate": "{...}",
  "dns_cache_circuit_breaker": "{...}",
  "use_tcp_for_dns_lookups": "..."

(string, REQUIRED) The name of the cache. Multiple named caches allow independent dynamic forward proxy configurations to operate within a single Envoy process using different configurations. All configurations with the same name must otherwise have the same settings when referenced from different configuration components. Configuration will fail to load if this is not the case.


(config.cluster.v3.Cluster.DnsLookupFamily) The DNS lookup family to use during resolution.


(Duration) The DNS refresh rate for currently cached DNS hosts. If not specified defaults to 60s.

The refresh rate is rounded to the closest millisecond, and must be at least 1ms.


(Duration) The TTL for hosts that are unused. Hosts that have not been used in the configured time interval will be purged. If not specified defaults to 5m.


(UInt32Value) The maximum number of hosts that the cache will hold. If not specified defaults to 1024.


(config.cluster.v3.Cluster.RefreshRate) If the DNS failure refresh rate is specified, this is used as the cache’s DNS refresh rate when DNS requests are failing. If this setting is not specified, the failure refresh rate defaults to the dns_refresh_rate.


(extensions.common.dynamic_forward_proxy.v3.DnsCacheCircuitBreakers) The config of circuit breakers for resolver. It provides a configurable threshold. Envoy will use dns cache circuit breakers with default settings even if this value is not set.


(bool) Always use TCP queries instead of UDP queries for DNS lookups. Setting this value causes failure if the envoy.restart_features.use_apple_api_for_dns_lookups runtime value is true during server startup. Apple’ API only uses UDP for DNS resolution.