fyntr 0.2.5

A minimal forward proxy to tame bursty outbound traffic
Documentation

GitHub License Release Version Crates.io Version

About

Fyntr (/ˈfɪn.tər/) is a minimal forward proxy that smooths bursts of outbound TLS traffic, stabilizing connections on constrained networks. No server-side changes required, no auth, no inspection. Fyntr runs with a tiny footprint (typically <14MB RSS on macOS) and uses an actor-driven scheduler to relay traffic transparently, making bursty workloads more stable and reliable without terminating TLS.

Internals

  • Traffic shaping: Prevents burst congestion by interleaving packets via Deficit Round-Robin (DRR) scheduling.
  • Adaptive quantum tuning: Optimizes quantum size via packet size statistics to reduce latency spikes and improve throughput.
  • FD limit guard: Validates file descriptor limits against max connection settings.

Quick Start

  1. Install and run Fyntr:

    Install the crates.io release and run it locally (defaults to port 9999).

    cargo install fyntr
fyntr

    Or build from source:

    cargo run --release

    Override defaults via CLI flags or env vars:

    cargo run --release -- --port 8080 --max-connections 512

# Or use environment variables
FYNTR_PORT=8080 FYNTR_MAX_CONNECTIONS=512 cargo run --release

    By default, Fyntr caps concurrent connections at 1000 (set to 0 to disable).

  2. Configure Your Environment:

    Export the following environment variables in a separate terminal.

    export HTTPS_PROXY=http://127.0.0.1:9999

    This configuration affects not only aws-cli but also various tools that use libcurl, including git, brew, wget, and more.

  3. Verify It Works:

    You can test the connection with a simple curl command.

    curl https://ifconfig.me

CLI Options

Option Env var Default Description
--port <PORT> FYNTR_PORT 9999 Port to listen on.
--max-connections <MAX_CONNECTIONS> FYNTR_MAX_CONNECTIONS 1000 Maximum number of concurrent connections allowed (set to 0 for unlimited).

Why Fyntr?

Cloud automation tools such as Terraform spawn bursts of TCP connections that rapidly open and close. The simultaneous transmission of data from these flows often causes micro-bursts that choke routers with limited capacity, particularly on consumer-grade NAT devices, which can lead to unresponsive networks due to overwhelming CPU interrupt loads.

Rather than relying on connection pooling, Fyntr regulates the traffic itself. Its scheduler uses DRR to distribute sending opportunities across active flows fairly, so packet bursts from many parallel flows get interleaved instead of letting them fire all at once.

This smoothing reduces CPU pressure on routers during connection storms. This effect is most critical when scheduling overhead, rather than bandwidth, is the primary bottleneck.

Usage with Terraform

Example: AWS Provider

# Set environment variables
export HTTPS_PROXY=http://127.0.0.1:9999

# Standard usage
terraform apply

# Or use aws-vault wrapper
aws-vault exec my-profile -- terraform apply