Skip to content

upstream: set IP_BIND_ADDRESS_NO_PORT when bind port is 0#45916

Open
404SkillNotFound wants to merge 3 commits into
envoyproxy:mainfrom
404SkillNotFound:fix-bind-address-no-port
Open

upstream: set IP_BIND_ADDRESS_NO_PORT when bind port is 0#45916
404SkillNotFound wants to merge 3 commits into
envoyproxy:mainfrom
404SkillNotFound:fix-bind-address-no-port

Conversation

@404SkillNotFound

Copy link
Copy Markdown
Contributor

Commit Message:
upstream: set IP_BIND_ADDRESS_NO_PORT for upstream_bind_config

Additional Description:
Automatically enable IP_BIND_ADDRESS_NO_PORT when upstream_bind_config binds
to a source IP with port 0. This defers ephemeral port allocation until
connect() and helps prevent ephemeral port exhaustion.

Risk Level:
Low

Testing:
Unit test

Docs Changes:
N/A

Release Notes:
Added changelog fragment.

Platform Specific Features:
Linux

[Optional Runtime guard:]
envoy.reloadable_features.upstream_bind_config_fix_port_exhaustion

[Optional Fixes #Issue]
Fixes #44747

[Optional Fixes commit #PR or SHA]
Builds on the approach used in #38288 and the earlier work in #44837.

[Optional Deprecated:]
N/A

[Optional API Considerations:]
N/A

Signed-off-by: 404SkillNotFound <shivang.upadhyay1@gmail.com>
@repokitteh-read-only

Copy link
Copy Markdown

CC @envoyproxy/runtime-guard-changes: FYI only for changes made to (source/common/runtime/runtime_features.cc).

🐱

Caused by: #45916 was opened by 404SkillNotFound.

see: more, trace.

Signed-off-by: 404SkillNotFound <shivang.upadhyay1@gmail.com>
Signed-off-by: 404SkillNotFound <shivang.upadhyay1@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Ephemeral Port Exhaustion With upstream_bind_config

1 participant