diff --git a/README.md b/README.md
index 69ba058..b4d7214 100644
--- a/README.md
+++ b/README.md
@@ -385,7 +385,7 @@ by adding account management and it is one of the easiest way to start.
  - [x] Stateless reset key for the server
  - [x] Name access restrictions for clients
  - [x] File http server
- - [ ] Use quic-go tracer, instead of ping (and duration estimation)
+ - [x] Use quic-go tracer, instead of ping (and duration estimation)
  - [ ] error wrapping
 
 ## Future
@@ -393,3 +393,5 @@ by adding account management and it is one of the easiest way to start.
  - [ ] UDP support
  - [ ] Optimize global IP restrictions - check earlier
  - [ ] Gen config
+ - [ ] proxy proto support
+ - [ ] http source
diff --git a/client/peer_direct.go b/client/peer_direct.go
index ebe7b58..435067e 100644
--- a/client/peer_direct.go
+++ b/client/peer_direct.go
@@ -303,7 +303,7 @@ func (p *directPeerOutgoing) connect(ctx context.Context) (quic.Connection, erro
 		}
 
 		if err := p.check(ctx, conn); err != nil {
-			// TODO conn close?
+			conn.CloseWithError(quic.ApplicationErrorCode(pb.Error_CheckFailed), "connection check failed")
 			errs = append(errs, err)
 			continue
 		}
diff --git a/client/peer_relay.go b/client/peer_relay.go
index 9178552..3b9fdee 100644
--- a/client/peer_relay.go
+++ b/client/peer_relay.go
@@ -99,7 +99,7 @@ func (r *relayPeer) connect(ctx context.Context) (quic.Connection, error) {
 	}
 
 	if err := r.check(ctx, conn); err != nil {
-		// TODO conn close?
+		conn.CloseWithError(quic.ApplicationErrorCode(pb.Error_CheckFailed), "connection check failed")
 		return nil, err
 	}
 	return conn, nil
@@ -123,7 +123,7 @@ func (r *relayPeer) check(ctx context.Context, conn quic.Connection) error {
 }
 
 func (r *relayPeer) keepalive(ctx context.Context, conn quic.Connection) error {
-	defer conn.CloseWithError(quic.ApplicationErrorCode(pb.Error_DirectKeepaliveClosed), "keepalive closed") // TODO relay?
+	defer conn.CloseWithError(quic.ApplicationErrorCode(pb.Error_RelayKeepaliveClosed), "keepalive closed")
 
 	r.local.addRelayConn(r.serverHostport, conn)
 	defer r.local.removeRelayConn(r.serverHostport)
diff --git a/pb/shared.pb.go b/pb/shared.pb.go
index bd751db..39c3133 100644
--- a/pb/shared.pb.go
+++ b/pb/shared.pb.go
@@ -75,6 +75,7 @@ const (
 	// Generic
 	Error_Unknown        Error_Code = 0
 	Error_RequestUnknown Error_Code = 1
+	Error_CheckFailed    Error_Code = 2
 	// Authentication
 	Error_AuthenticationFailed Error_Code = 100
 	Error_ForwardNotAllowed    Error_Code = 101
@@ -85,6 +86,7 @@ const (
 	// Relay
 	Error_RelayValidationFailed   Error_Code = 300
 	Error_RelayInvalidCertificate Error_Code = 301
+	Error_RelayKeepaliveClosed    Error_Code = 302
 	// Direct
 	Error_DirectConnectionClosed Error_Code = 400
 	Error_DirectKeepaliveClosed  Error_Code = 401
@@ -98,6 +100,7 @@ var (
 	Error_Code_name = map[int32]string{
 		0:   "Unknown",
 		1:   "RequestUnknown",
+		2:   "CheckFailed",
 		100: "AuthenticationFailed",
 		101: "ForwardNotAllowed",
 		200: "AnnounceValidationFailed",
@@ -105,6 +108,7 @@ var (
 		202: "AnnounceInvalidServerCertificate",
 		300: "RelayValidationFailed",
 		301: "RelayInvalidCertificate",
+		302: "RelayKeepaliveClosed",
 		400: "DirectConnectionClosed",
 		401: "DirectKeepaliveClosed",
 		500: "DestinationNotFound",
@@ -113,6 +117,7 @@ var (
 	Error_Code_value = map[string]int32{
 		"Unknown":                          0,
 		"RequestUnknown":                   1,
+		"CheckFailed":                      2,
 		"AuthenticationFailed":             100,
 		"ForwardNotAllowed":                101,
 		"AnnounceValidationFailed":         200,
@@ -120,6 +125,7 @@ var (
 		"AnnounceInvalidServerCertificate": 202,
 		"RelayValidationFailed":            300,
 		"RelayInvalidCertificate":          301,
+		"RelayKeepaliveClosed":             302,
 		"DirectConnectionClosed":           400,
 		"DirectKeepaliveClosed":            401,
 		"DestinationNotFound":              500,
@@ -422,41 +428,44 @@ var file_shared_proto_rawDesc = []byte{
 	0x12, 0x12, 0x0a, 0x04, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x04,
 	0x70, 0x6f, 0x72, 0x74, 0x22, 0x1d, 0x0a, 0x07, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x12,
 	0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e,
-	0x61, 0x6d, 0x65, 0x22, 0xba, 0x03, 0x0a, 0x05, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x12, 0x26, 0x0a,
+	0x61, 0x6d, 0x65, 0x22, 0xe6, 0x03, 0x0a, 0x05, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x12, 0x26, 0x0a,
 	0x04, 0x63, 0x6f, 0x64, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x12, 0x2e, 0x73, 0x68,
 	0x61, 0x72, 0x65, 0x64, 0x2e, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x2e, 0x43, 0x6f, 0x64, 0x65, 0x52,
 	0x04, 0x63, 0x6f, 0x64, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65,
 	0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22,
-	0xee, 0x02, 0x0a, 0x04, 0x43, 0x6f, 0x64, 0x65, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x6e, 0x6b, 0x6e,
+	0x9a, 0x03, 0x0a, 0x04, 0x43, 0x6f, 0x64, 0x65, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x6e, 0x6b, 0x6e,
 	0x6f, 0x77, 0x6e, 0x10, 0x00, 0x12, 0x12, 0x0a, 0x0e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
-	0x55, 0x6e, 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x10, 0x01, 0x12, 0x18, 0x0a, 0x14, 0x41, 0x75, 0x74,
-	0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x61, 0x69, 0x6c, 0x65,
-	0x64, 0x10, 0x64, 0x12, 0x15, 0x0a, 0x11, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x4e, 0x6f,
-	0x74, 0x41, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x10, 0x65, 0x12, 0x1d, 0x0a, 0x18, 0x41, 0x6e,
-	0x6e, 0x6f, 0x75, 0x6e, 0x63, 0x65, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e,
-	0x46, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x10, 0xc8, 0x01, 0x12, 0x25, 0x0a, 0x20, 0x41, 0x6e, 0x6e,
-	0x6f, 0x75, 0x6e, 0x63, 0x65, 0x49, 0x6e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x43, 0x6c, 0x69, 0x65,
-	0x6e, 0x74, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x10, 0xc9, 0x01,
-	0x12, 0x25, 0x0a, 0x20, 0x41, 0x6e, 0x6e, 0x6f, 0x75, 0x6e, 0x63, 0x65, 0x49, 0x6e, 0x76, 0x61,
-	0x6c, 0x69, 0x64, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69,
-	0x63, 0x61, 0x74, 0x65, 0x10, 0xca, 0x01, 0x12, 0x1a, 0x0a, 0x15, 0x52, 0x65, 0x6c, 0x61, 0x79,
-	0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x61, 0x69, 0x6c, 0x65, 0x64,
-	0x10, 0xac, 0x02, 0x12, 0x1c, 0x0a, 0x17, 0x52, 0x65, 0x6c, 0x61, 0x79, 0x49, 0x6e, 0x76, 0x61,
-	0x6c, 0x69, 0x64, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x10, 0xad,
-	0x02, 0x12, 0x1b, 0x0a, 0x16, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x43, 0x6f, 0x6e, 0x6e, 0x65,
-	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x6c, 0x6f, 0x73, 0x65, 0x64, 0x10, 0x90, 0x03, 0x12, 0x1a,
-	0x0a, 0x15, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x4b, 0x65, 0x65, 0x70, 0x61, 0x6c, 0x69, 0x76,
-	0x65, 0x43, 0x6c, 0x6f, 0x73, 0x65, 0x64, 0x10, 0x91, 0x03, 0x12, 0x18, 0x0a, 0x13, 0x44, 0x65,
-	0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4e, 0x6f, 0x74, 0x46, 0x6f, 0x75, 0x6e,
-	0x64, 0x10, 0xf4, 0x03, 0x12, 0x1a, 0x0a, 0x15, 0x44, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74,
-	0x69, 0x6f, 0x6e, 0x44, 0x69, 0x61, 0x6c, 0x46, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x10, 0xf5, 0x03,
-	0x2a, 0x3c, 0x0a, 0x04, 0x52, 0x6f, 0x6c, 0x65, 0x12, 0x0f, 0x0a, 0x0b, 0x52, 0x6f, 0x6c, 0x65,
-	0x55, 0x6e, 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x10, 0x00, 0x12, 0x13, 0x0a, 0x0f, 0x52, 0x6f, 0x6c,
-	0x65, 0x44, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x10, 0x01, 0x12, 0x0e,
-	0x0a, 0x0a, 0x52, 0x6f, 0x6c, 0x65, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x10, 0x02, 0x42, 0x21,
-	0x5a, 0x1f, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6f, 0x6e,
-	0x6e, 0x65, 0x74, 0x2d, 0x64, 0x65, 0x76, 0x2f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x74, 0x2f, 0x70,
-	0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+	0x55, 0x6e, 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x10, 0x01, 0x12, 0x0f, 0x0a, 0x0b, 0x43, 0x68, 0x65,
+	0x63, 0x6b, 0x46, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x10, 0x02, 0x12, 0x18, 0x0a, 0x14, 0x41, 0x75,
+	0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x61, 0x69, 0x6c,
+	0x65, 0x64, 0x10, 0x64, 0x12, 0x15, 0x0a, 0x11, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x4e,
+	0x6f, 0x74, 0x41, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x10, 0x65, 0x12, 0x1d, 0x0a, 0x18, 0x41,
+	0x6e, 0x6e, 0x6f, 0x75, 0x6e, 0x63, 0x65, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x46, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x10, 0xc8, 0x01, 0x12, 0x25, 0x0a, 0x20, 0x41, 0x6e,
+	0x6e, 0x6f, 0x75, 0x6e, 0x63, 0x65, 0x49, 0x6e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x43, 0x6c, 0x69,
+	0x65, 0x6e, 0x74, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x10, 0xc9,
+	0x01, 0x12, 0x25, 0x0a, 0x20, 0x41, 0x6e, 0x6e, 0x6f, 0x75, 0x6e, 0x63, 0x65, 0x49, 0x6e, 0x76,
+	0x61, 0x6c, 0x69, 0x64, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66,
+	0x69, 0x63, 0x61, 0x74, 0x65, 0x10, 0xca, 0x01, 0x12, 0x1a, 0x0a, 0x15, 0x52, 0x65, 0x6c, 0x61,
+	0x79, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x61, 0x69, 0x6c, 0x65,
+	0x64, 0x10, 0xac, 0x02, 0x12, 0x1c, 0x0a, 0x17, 0x52, 0x65, 0x6c, 0x61, 0x79, 0x49, 0x6e, 0x76,
+	0x61, 0x6c, 0x69, 0x64, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x10,
+	0xad, 0x02, 0x12, 0x19, 0x0a, 0x14, 0x52, 0x65, 0x6c, 0x61, 0x79, 0x4b, 0x65, 0x65, 0x70, 0x61,
+	0x6c, 0x69, 0x76, 0x65, 0x43, 0x6c, 0x6f, 0x73, 0x65, 0x64, 0x10, 0xae, 0x02, 0x12, 0x1b, 0x0a,
+	0x16, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f,
+	0x6e, 0x43, 0x6c, 0x6f, 0x73, 0x65, 0x64, 0x10, 0x90, 0x03, 0x12, 0x1a, 0x0a, 0x15, 0x44, 0x69,
+	0x72, 0x65, 0x63, 0x74, 0x4b, 0x65, 0x65, 0x70, 0x61, 0x6c, 0x69, 0x76, 0x65, 0x43, 0x6c, 0x6f,
+	0x73, 0x65, 0x64, 0x10, 0x91, 0x03, 0x12, 0x18, 0x0a, 0x13, 0x44, 0x65, 0x73, 0x74, 0x69, 0x6e,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4e, 0x6f, 0x74, 0x46, 0x6f, 0x75, 0x6e, 0x64, 0x10, 0xf4, 0x03,
+	0x12, 0x1a, 0x0a, 0x15, 0x44, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x44,
+	0x69, 0x61, 0x6c, 0x46, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x10, 0xf5, 0x03, 0x2a, 0x3c, 0x0a, 0x04,
+	0x52, 0x6f, 0x6c, 0x65, 0x12, 0x0f, 0x0a, 0x0b, 0x52, 0x6f, 0x6c, 0x65, 0x55, 0x6e, 0x6b, 0x6e,
+	0x6f, 0x77, 0x6e, 0x10, 0x00, 0x12, 0x13, 0x0a, 0x0f, 0x52, 0x6f, 0x6c, 0x65, 0x44, 0x65, 0x73,
+	0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x10, 0x01, 0x12, 0x0e, 0x0a, 0x0a, 0x52, 0x6f,
+	0x6c, 0x65, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x10, 0x02, 0x42, 0x21, 0x5a, 0x1f, 0x67, 0x69,
+	0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x74, 0x2d,
+	0x64, 0x65, 0x76, 0x2f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x74, 0x2f, 0x70, 0x62, 0x62, 0x06, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x33,
 }
 
 var (
diff --git a/pb/shared.proto b/pb/shared.proto
index 5e64faa..9c7d099 100644
--- a/pb/shared.proto
+++ b/pb/shared.proto
@@ -36,6 +36,7 @@ message Error {
     // Generic
     Unknown = 0;
     RequestUnknown = 1;
+    CheckFailed = 2;
 
     // Authentication
     AuthenticationFailed = 100;
@@ -49,6 +50,7 @@ message Error {
     // Relay
     RelayValidationFailed = 300;
     RelayInvalidCertificate = 301;
+    RelayKeepaliveClosed = 302;
 
     // Direct
     DirectConnectionClosed = 400;