Skip to content

RFC-0027: Add route options size limit#1447

Open
rkoster wants to merge 3 commits intomainfrom
rfc-0027-route-options-size-limit
Open

RFC-0027: Add route options size limit#1447
rkoster wants to merge 3 commits intomainfrom
rfc-0027-route-options-size-limit

Conversation

@rkoster
Copy link
Contributor

@rkoster rkoster commented Mar 6, 2026
edited
Loading

Summary

Adds a Size Limits section to RFC-0027 (Generic Per-Route Features) specifying that Cloud Controller must enforce a configurable maximum size for route options.

Changes

  • Default limit: 1024 bytes (1 KB)
  • Configurable via cc.max_route_options_size BOSH property
  • Cloud Controller returns HTTP 422 when limit is exceeded
  • Documents relationship with route emit interval for operator tuning

Context

This addresses feedback from the App-to-App mTLS RFC (PR #1438) where @maxmoehl raised concerns about NATS bandwidth impact of per-route options. The discussion concluded that a global size limit enforced at the Cloud Controller level (with immediate user feedback) is the appropriate solution.

Rationale

Route registration messages are transmitted via NATS at a configurable interval from each app instance to each GoRouter instance. Large route options can significantly impact NATS bandwidth in deployments with many app instances. A 1 KB default accommodates most use cases (e.g., ~25 app GUIDs in an mTLS allowlist) while protecting platform stability.

cc @maxmoehl

@rkoster
Add size limit for route options to RFC-0027
aa0d02c 
Add a new Size Limits section specifying that Cloud Controller must
enforce a configurable maximum size (default: 1 KB) for route options
to prevent excessive NATS bandwidth consumption.

- Default limit: 1024 bytes
- Configurable via cc.max_route_options_size BOSH property
- CC returns HTTP 422 when limit is exceeded
- Documents relationship with route emit interval for tuning

This addresses feedback from the App-to-App mTLS RFC (PR #1438) where
concerns were raised about NATS bandwidth impact of per-route options.
@rkoster rkoster mentioned this pull request Mar 6, 2026
Open
@beyhan beyhan requested review from a team, Gerg, beyhan, cweibel and stephanme and removed request for a team March 6, 2026 09:48
@beyhan beyhan added the toc label Mar 6, 2026
maxmoehl
maxmoehl reviewed Mar 6, 2026
View reviewed changes
Copy link
Member

@maxmoehl maxmoehl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for preparing this amendment. I like it overall, just 1.5 small comments.

rkoster and others added 2 commits March 6, 2026 15:57
@rkoster @maxmoehl
Apply suggestions from code review
e1af718 
Co-authored-by: Maximilian Moehl <44866320+maxmoehl@users.noreply.github.com>
@rkoster
Address PR feedback: fix duplicate line and add caveat
34c62ce 
- Remove duplicate 'Operator guidance' line from suggestion merge
- Change 'bandwidth usage' to 'resource usage' for consistency
- Add note that lowering size limit doesn't affect existing routes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@beyhan beyhan Awaiting requested review from beyhan beyhan was automatically assigned from cloudfoundry/toc

@Gerg Gerg Awaiting requested review from Gerg Gerg was automatically assigned from cloudfoundry/toc

@stephanme stephanme Awaiting requested review from stephanme stephanme was automatically assigned from cloudfoundry/toc

@cweibel cweibel Awaiting requested review from cweibel cweibel was automatically assigned from cloudfoundry/toc

1 more reviewer

@maxmoehl maxmoehl maxmoehl left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

toc

Projects

CF Community
Status: Inbox

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@rkoster @maxmoehl @beyhan