我的书签
添加书签
移除书签IP Tagging
The HTTP IP Tagging filter sets the header x-envoy-ip-tags with the string tags for the trusted address from x-forwarded-for. If there are no tags for an address, the header is not set.
The implementation for IP Tagging provides a scalable way to compare an IP address to a large list of CIDR ranges efficiently. The underlying algorithm for storing tags and IP address subnets is a Level-Compressed trie described in the paper IP-address lookup using LC-tries by S. Nilsson and G. Karlsson.
Configuration
This filter should be configured with the name envoy.filters.http.ip_tagging.
Statistics
The IP Tagging filter outputs statistics in the http.<stat_prefix>.ip_tagging. namespace. The stat prefix comes from the owning HTTP connection manager.
Name | Type | Description |
|---|---|---|
<tag_name>.hit | Counter | Total number of requests that have the <tag_name> applied to it |
no_hit | Counter | Total number of requests with no applicable IP tags |
total | Counter | Total number of requests the IP Tagging Filter operated on |
Runtime
The IP Tagging filter supports the following runtime settings:
ip_tagging.http_filter_enabled
The % of requests for which the filter is enabled. Default is 100.
