@serve.zone/remoteingress 4.8.19 → 4.9.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/dist_rust/remoteingress-bin_linux_amd64 +0 -0
  2. package/dist_rust/remoteingress-bin_linux_arm64 +0 -0
  3. package/dist_ts/00_commitinfo_data.js +2 -2
  4. package/package.json +1 -1
  5. package/readme.md +43 -1
  6. package/ts/00_commitinfo_data.ts +1 -1
package/dist_ts/00_commitinfo_data.js CHANGED
@@ -3,7 +3,7 @@
3
3
  */
4
4
  export const commitinfo = {
5
5
  name: '@serve.zone/remoteingress',
6
- version: '4.8.19',
6
+ version: '4.9.1',
7
7
  description: 'Edge ingress tunnel for DcRouter - accepts incoming TCP connections at network edge and tunnels them to DcRouter SmartProxy preserving client IP via PROXY protocol v1.'
8
8
  };
9
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiMDBfY29tbWl0aW5mb19kYXRhLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvMDBfY29tbWl0aW5mb19kYXRhLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOztHQUVHO0FBQ0gsTUFBTSxDQUFDLE1BQU0sVUFBVSxHQUFHO0lBQ3hCLElBQUksRUFBRSwyQkFBMkI7SUFDakMsT0FBTyxFQUFFLFFBQVE7SUFDakIsV0FBVyxFQUFFLHlLQUF5SztDQUN2TCxDQUFBIn0=
9
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiMDBfY29tbWl0aW5mb19kYXRhLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvMDBfY29tbWl0aW5mb19kYXRhLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOztHQUVHO0FBQ0gsTUFBTSxDQUFDLE1BQU0sVUFBVSxHQUFHO0lBQ3hCLElBQUksRUFBRSwyQkFBMkI7SUFDakMsT0FBTyxFQUFFLE9BQU87SUFDaEIsV0FBVyxFQUFFLHlLQUF5SztDQUN2TCxDQUFBIn0=
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@serve.zone/remoteingress",
3
- "version": "4.8.19",
3
+ "version": "4.9.1",
4
4
  "private": false,
5
5
  "description": "Edge ingress tunnel for DcRouter - accepts incoming TCP connections at network edge and tunnels them to DcRouter SmartProxy preserving client IP via PROXY protocol v1.",
6
6
  "main": "dist_ts/index.js",
package/readme.md CHANGED
@@ -17,7 +17,7 @@ pnpm install @serve.zone/remoteingress
17
17
  `@serve.zone/remoteingress` uses a **Hub/Edge** topology with a high-performance Rust core and a TypeScript API surface:
18
18
 
19
19
  ```
20
- ┌─────────────────────┐ TLS Tunnel ┌─────────────────────┐
20
+ ┌─────────────────────┐ TLS Tunnel ┌─────────────────────┐
21
21
  │ Network Edge │ ◄══════════════════════════► │ Private Cluster │
22
22
  │ │ (multiplexed frames + │ │
23
23
  │ RemoteIngressEdge │ shared-secret auth) │ RemoteIngressHub │
@@ -48,6 +48,8 @@ pnpm install @serve.zone/remoteingress
48
48
  - 🎛️ **Dynamic port configuration** — the hub assigns listen ports per edge and can hot-reload them at runtime via `FRAME_CONFIG` frames
49
49
  - 📣 **Event-driven** — both Hub and Edge extend `EventEmitter` for real-time monitoring
50
50
  - ⚡ **Rust core** — all frame encoding, TLS, and TCP proxying happen in native code for maximum throughput
51
+ - 🎚️ **3-tier QoS** — control frames, normal data, and sustained (elephant flow) traffic each get their own priority queue
52
+ - 📊 **Adaptive flow control** — per-stream windows scale with active stream count to prevent memory overuse
51
53
 
52
54
  ## 🚀 Usage
53
55
 
@@ -280,6 +282,10 @@ The tunnel uses a custom binary frame protocol over TLS:
280
282
  | `DATA_BACK` | `0x04` | Hub → Edge | Response data flowing downstream |
281
283
  | `CLOSE_BACK` | `0x05` | Hub → Edge | Upstream (SmartProxy) closed the connection |
282
284
  | `CONFIG` | `0x06` | Hub → Edge | Runtime configuration update (e.g. port changes); payload is JSON |
285
+ | `PING` | `0x07` | Hub → Edge | Heartbeat probe (sent every 15s) |
286
+ | `PONG` | `0x08` | Edge → Hub | Heartbeat response |
287
+ | `WINDOW_UPDATE` | `0x09` | Edge → Hub | Per-stream flow control: edge consumed N bytes, hub can send more |
288
+ | `WINDOW_UPDATE_BACK` | `0x0A` | Hub → Edge | Per-stream flow control: hub consumed N bytes, edge can send more |
283
289
 
284
290
  Max payload size per frame: **16 MB**. Stream IDs are 32-bit unsigned integers.
285
291
 
@@ -292,6 +298,42 @@ Max payload size per frame: **16 MB**. Stream IDs are 32-bit unsigned integers.
292
298
  5. Frame protocol begins — `OPEN`/`DATA`/`CLOSE` frames flow in both directions
293
299
  6. Hub can push `CONFIG` frames at any time to update the edge's listen ports
294
300
 
301
+ ## 🎚️ QoS & Flow Control
302
+
303
+ The tunnel multiplexer uses a **3-tier priority system** and **per-stream flow control** to ensure fair bandwidth sharing across thousands of concurrent streams.
304
+
305
+ ### Priority Tiers
306
+
307
+ All outbound frames are queued into one of three priority levels:
308
+
309
+ | Tier | Queue | Frames | Behavior |
310
+ |------|-------|--------|----------|
311
+ | 🔴 **Control** (highest) | `ctrl_queue` | PING, PONG, WINDOW_UPDATE, OPEN, CLOSE, CONFIG | Always drained first. Never delayed. |
312
+ | 🟡 **Data** (normal) | `data_queue` | DATA, DATA_BACK from normal streams | Drained when ctrl is empty. Gated at 64 buffered items for backpressure. |
313
+ | 🟢 **Sustained** (lowest) | `sustained_queue` | DATA, DATA_BACK from elephant flows | Drained freely when ctrl+data are empty. Otherwise guaranteed **1 MB/s** via forced drain every second. |
314
+
315
+ This prevents large bulk transfers (e.g. git clones, file downloads) from starving interactive traffic and ensures `WINDOW_UPDATE` frames are never delayed — which would cause flow control deadlocks.
316
+
317
+ ### Sustained Stream Classification
318
+
319
+ A stream is automatically classified as **sustained** (elephant flow) when:
320
+ - It has been active for **>10 seconds**, AND
321
+ - Its average throughput exceeds **20 Mbit/s** (2.5 MB/s)
322
+
323
+ Once classified, the stream's flow control window is locked to the **1 MB floor** and its data frames move to the lowest-priority queue. Classification is one-way — a stream never gets promoted back to normal.
324
+
325
+ ### Adaptive Per-Stream Windows
326
+
327
+ Each stream has a send window that limits bytes-in-flight. The window size adapts to the number of active streams using a shared **200 MB memory budget**:
328
+
329
+ | Active Streams | Window per Stream |
330
+ |---|---|
331
+ | 1–50 | 4 MB (maximum) |
332
+ | 51–100 | Scales down (4 MB → 2 MB) |
333
+ | 200+ | 1 MB (floor) |
334
+
335
+ The consumer sends `WINDOW_UPDATE` frames after processing data, allowing the producer to send more. This prevents any single stream from consuming unbounded memory and provides natural backpressure.
336
+
295
337
  ## 💡 Example Scenarios
296
338
 
297
339
  ### 1. Expose a Private Kubernetes Cluster to the Internet
package/ts/00_commitinfo_data.ts CHANGED
@@ -3,6 +3,6 @@
3
3
  */
4
4
  export const commitinfo = {
5
5
  name: '@serve.zone/remoteingress',
6
- version: '4.8.19',
6
+ version: '4.9.1',
7
7
  description: 'Edge ingress tunnel for DcRouter - accepts incoming TCP connections at network edge and tunnels them to DcRouter SmartProxy preserving client IP via PROXY protocol v1.'
8
8
  }