[network] add so_mark as a socket option#5352
Merged
zuercher merged 4 commits intoenvoyproxy:masterfrom Dec 22, 2018
Merged
Conversation
We can use this to control whether or not a packet is marked when emitted by Envoy. Signed-off-by: Kyle Larose <kyle@agilicus.com>
Contributor
Author
Contributor
Author
|
@zuercher I'd appreciate it you looked over this again (since it's just a chunk of what you've already reviewed. :) ) |
zuercher
reviewed
Dec 20, 2018
zuercher
previously approved these changes
Dec 20, 2018
Member
zuercher
left a comment
There was a problem hiding this comment.
Looks good to me, modulo maybe adding a comment.
We can simplify the tests in the future. Leave a TODO. Signed-off-by: Kyle Larose <kyle@agilicus.com>
Signed-off-by: Kyle Larose <kyle@agilicus.com>
zuercher
previously approved these changes
Dec 21, 2018
As requested in review. Signed-off-by: Kyle Larose <kyle@agilicus.com>
mattklein123
approved these changes
Dec 21, 2018
zuercher
approved these changes
Dec 22, 2018
fredlas
pushed a commit
to fredlas/envoy
that referenced
this pull request
Mar 5, 2019
IP Source transparency involves non-local IP addresses being routed as though they were local. This requires some magic in the stack to ensure that those flows are sent back to envoy from the upstream host, rather than back to the original source IP address. We plan on using SO_MARK to do this. So, add it into the socket option factory. My intention is for it to be used by a follow-up PR to envoyproxy#5337. This was cherry-picked from PR envoyproxy#5035 where it was already reviewed. I plan on closing that PR. Risk Level: Low. No code invoked in production yet. Testing: Ran newly added UT and other UT in network. Docs Changes: None until we expose this through config. Release Notes: None Signed-off-by: Kyle Larose <kyle@agilicus.com> Signed-off-by: Fred Douglas <fredlas@google.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description: IP Source transparency involves non-local IP addresses being routed as though they were local. This requires some magic in the stack to ensure that those flows are sent back to envoy from the upstream host, rather than back to the original source IP address. We plan on using SO_MARK to do this. So, add it into the socket option factory. My intention is for it to be used by a follow-up PR to #5337.
This was cherry-picked from PR #5035 where it was already reviewed. I plan on closing that PR.
Risk Level: Low. No code invoked in production yet.
Testing: Ran newly added UT and other UT in network.
Docs Changes: None until we expose this through config.
Release Notes: None