Skip to content

docs: release note and unhide transparent LDS field #593

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
mattklein123 merged 2 commits into from
Mar 30, 2018
Merged

docs: release note and unhide transparent LDS field #593

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
64e2412
docs: release note and unhide transparent LDS field
rlenglet Mar 30, 2018
2f20980
docs: update original_dst_filter doc re: transparent listeners
rlenglet Mar 30, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 6 additions & 5 deletions docs/root/configuration/listener_filters/original_dst_filter.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,11 @@ Original Destination
====================

Original destination listener filter reads the SO_ORIGINAL_DST socket option set when a connection
has been redirected by iptables REDIRECT. Later processing in Envoy sees the restored destination
address as the connection's local address, rather than the address at which the listener is
listening at. Furthermore, :ref:`an original destination cluster
<arch_overview_service_discovery_types_original_destination>` may be used to forward HTTP requests
or TCP connections to the restored destination address.
has been redirected by an iptables REDIRECT target, or by an iptables TPROXY target in combination
with setting the listener's :ref:`transparent <envoy_api_field_Listener.transparent>` option.
Later processing in Envoy sees the restored destination address as the connection's local address,
rather than the address at which the listener is listening at. Furthermore, :ref:`an original
destination cluster <arch_overview_service_discovery_types_original_destination>` may be used to
forward HTTP requests or TCP connections to the restored destination address.

* :ref:`v2 API reference <envoy_api_field_listener.Filter.name>`
2 changes: 2 additions & 0 deletions docs/root/intro/version_history.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@ Version history
* logger: all :ref:`logging levels <operations_admin_interface_logging>` can be configured
at run-time: trace debug info warning error critical.
* logger: added the ability to optionally set the log format via the :option:`--log-format` option.
* sockets: added `IP_TRANSPARENT` socket option support for :ref:`listeners
<envoy_api_field_Listener.transparent>`.
* sockets: added `IP_FREEBIND` socket option support for :ref:`listeners
<envoy_api_field_Listener.freebind>` and upstream connections via
:ref:`cluster manager wide
Expand Down
1 change: 0 additions & 1 deletion envoy/api/v2/lds.proto
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -127,7 +127,6 @@ message Listener {
// before a connection is created.
repeated listener.ListenerFilter listener_filters = 9 [(gogoproto.nullable) = false];

// [#not-implemented-hide:]
// Whether the listener should be set as a transparent socket.
// When this flag is set to true, connections can be redirected to the listener using an
// *iptables* *TPROXY* target, in which case the original source and destination addresses and
Expand Down