hasambaJan 4

🛠️ Tool
===================

Executive summary: Drip is a self-hosted tunneling solution written for Go that exposes HTTP, HTTPS and TCP services using a client/server model and a user-owned domain. Version 0.5.0 replaces a bespoke multiplexing stack with yamux, yielding measurable stability and performance gains while introducing a protocol-level incompatibility with v0.4.x.

Key features:
• Exposes local services over the internet using the operator's own infrastructure and domain.
• Supports HTTP, HTTPS and TCP tunneling and forwarding to arbitrary LAN addresses.
• No built-in bandwidth or endpoint caps; unlimited tunnels per agent subject to server resources.
• Open-source repository with BSD-3-Clause license, built on Go (requires Go 1.21+), uses TLS 1.3 for transport security.

Technical implementation:
• The project removed a custom multiplexing implementation (which included HPACK-style compression, bespoke flow control, binary framing and an HTTP codec) and integrated HashiCorp's yamux for stream multiplexing, session management and flow control.
• The change reduced protocol-specific code by approximately 60% and delegated keepalive and flow control semantics to a maintained library.
• Performance metrics reported by the project include ~3x faster connection setup due to session reuse, -50% memory per tunnel from simplified state handling, -40% p99 latency by removing encoding layers, and +80% throughput from more efficient multiplexing.

Use cases:
• Self-hosted alternative to third-party tunneling services where privacy and use of a custom domain are priorities.
• Exposing internal web services, developer previews, SSH/TCP services, or database ports across NATs without external relay infrastructure.

Limitations & considerations:
• Protocol in v0.5.0 is not backward-compatible with v0.4.x; coordinated client and server upgrades are required.
• Operational capacity depends on the server infrastructure; unlimited tunnels are constrained by available CPU, memory and network bandwidth.
• The repository maintains transport security via TLS 1.3, but deployment hardening, DNS and certificate management are operational considerations outside the project scope.

References:
• yamux integration and metric claims are called out in the v0.5.0 release notes.

🔹 tool #yamux #tunneling #go #open_source

🔗 Source: https://github.com/Gouryella/drip

GitHub - Gouryella/drip: Self-hosted tunneling solution to expose localhost securely - unlimited bandwidth, no third-party servers

Self-hosted tunneling solution to expose localhost securely - unlimited bandwidth, no third-party servers - Gouryella/drip

GitHub