filter_chain_match does not apply to dynamic_forward_proxy HTTP targets #15348

aSapien · 2021-03-06T23:32:32Z

Title:
Prefix ranges for destination CIDR do not match

Description:
When using a filter chain match for destination using prefix_ranges (for example) 192.168.0.0/16 the filter chain is not found and the connection is closed.

Repro steps:
Start a standard envoy docker container with the command and config (provided below). Once running, try to perform a request and match on the filter, reaching the dynamic_forward_proxy cluster.

Request command:

curl --proxy http://localhost:10000 http://192.168.0.1

The expected result is to have a "Filter match!" response (as defined in the direct_response route), but no response is returned (curl: (52) Empty reply from server) and the log shows that there was no matching filter.

Relevant log line:

[debug][conn_handler] [source/server/connection_handler_impl.cc:469] closing connection: no matching filter chain found

Envoy docker command:

docker run --rm -it -v $(pwd)/config.yaml:/config.yaml \
                                  -p 9901:9901 \
                                  -p 10000:10000 \
                                  envoyproxy/envoy:v1.17-latest \
                                  -c /config.yaml --log-level debug

Admin and Stats Output:

*/stats*: (Click to expand)

cluster.dynamic_forward_proxy_cluster.assignment_stale: 0
cluster.dynamic_forward_proxy_cluster.assignment_timeout_received: 0
cluster.dynamic_forward_proxy_cluster.bind_errors: 0
cluster.dynamic_forward_proxy_cluster.circuit_breakers.default.cx_open: 0
cluster.dynamic_forward_proxy_cluster.circuit_breakers.default.cx_pool_open: 0
cluster.dynamic_forward_proxy_cluster.circuit_breakers.default.rq_open: 0
cluster.dynamic_forward_proxy_cluster.circuit_breakers.default.rq_pending_open: 0
cluster.dynamic_forward_proxy_cluster.circuit_breakers.default.rq_retry_open: 0
cluster.dynamic_forward_proxy_cluster.circuit_breakers.high.cx_open: 0
cluster.dynamic_forward_proxy_cluster.circuit_breakers.high.cx_pool_open: 0
cluster.dynamic_forward_proxy_cluster.circuit_breakers.high.rq_open: 0
cluster.dynamic_forward_proxy_cluster.circuit_breakers.high.rq_pending_open: 0
cluster.dynamic_forward_proxy_cluster.circuit_breakers.high.rq_retry_open: 0
cluster.dynamic_forward_proxy_cluster.default.total_match_count: 0
cluster.dynamic_forward_proxy_cluster.lb_healthy_panic: 0
cluster.dynamic_forward_proxy_cluster.lb_local_cluster_not_ok: 0
cluster.dynamic_forward_proxy_cluster.lb_recalculate_zone_structures: 0
cluster.dynamic_forward_proxy_cluster.lb_subsets_active: 0
cluster.dynamic_forward_proxy_cluster.lb_subsets_created: 0
cluster.dynamic_forward_proxy_cluster.lb_subsets_fallback: 0
cluster.dynamic_forward_proxy_cluster.lb_subsets_fallback_panic: 0
cluster.dynamic_forward_proxy_cluster.lb_subsets_removed: 0
cluster.dynamic_forward_proxy_cluster.lb_subsets_selected: 0
cluster.dynamic_forward_proxy_cluster.lb_zone_cluster_too_small: 0
cluster.dynamic_forward_proxy_cluster.lb_zone_no_capacity_left: 0
cluster.dynamic_forward_proxy_cluster.lb_zone_number_differs: 0
cluster.dynamic_forward_proxy_cluster.lb_zone_routing_all_directly: 0
cluster.dynamic_forward_proxy_cluster.lb_zone_routing_cross_zone: 0
cluster.dynamic_forward_proxy_cluster.lb_zone_routing_sampled: 0
cluster.dynamic_forward_proxy_cluster.max_host_weight: 0
cluster.dynamic_forward_proxy_cluster.membership_change: 0
cluster.dynamic_forward_proxy_cluster.membership_degraded: 0
cluster.dynamic_forward_proxy_cluster.membership_excluded: 0
cluster.dynamic_forward_proxy_cluster.membership_healthy: 0
cluster.dynamic_forward_proxy_cluster.membership_total: 0
cluster.dynamic_forward_proxy_cluster.original_dst_host_invalid: 0
cluster.dynamic_forward_proxy_cluster.retry_or_shadow_abandoned: 0
cluster.dynamic_forward_proxy_cluster.update_attempt: 0
cluster.dynamic_forward_proxy_cluster.update_empty: 0
cluster.dynamic_forward_proxy_cluster.update_failure: 0
cluster.dynamic_forward_proxy_cluster.update_no_rebuild: 0
cluster.dynamic_forward_proxy_cluster.update_success: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_active: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_close_notify: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_connect_attempts_exceeded: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_connect_fail: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_connect_timeout: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_destroy: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_destroy_local: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_destroy_local_with_active_rq: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_destroy_remote: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_destroy_remote_with_active_rq: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_destroy_with_active_rq: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_http1_total: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_http2_total: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_idle_timeout: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_max_requests: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_none_healthy: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_overflow: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_pool_overflow: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_protocol_error: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_rx_bytes_buffered: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_rx_bytes_total: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_total: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_tx_bytes_buffered: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_tx_bytes_total: 0
cluster.dynamic_forward_proxy_cluster.upstream_flow_control_backed_up_total: 0
cluster.dynamic_forward_proxy_cluster.upstream_flow_control_drained_total: 0
cluster.dynamic_forward_proxy_cluster.upstream_flow_control_paused_reading_total: 0
cluster.dynamic_forward_proxy_cluster.upstream_flow_control_resumed_reading_total: 0
cluster.dynamic_forward_proxy_cluster.upstream_internal_redirect_failed_total: 0
cluster.dynamic_forward_proxy_cluster.upstream_internal_redirect_succeeded_total: 0
cluster.dynamic_forward_proxy_cluster.upstream_rq_active: 0
cluster.dynamic_forward_proxy_cluster.upstream_rq_cancelled: 0
cluster.dynamic_forward_proxy_cluster.upstream_rq_completed: 0
cluster.dynamic_forward_proxy_cluster.upstream_rq_maintenance_mode: 0
cluster.dynamic_forward_proxy_cluster.upstream_rq_max_duration_reached: 0
cluster.dynamic_forward_proxy_cluster.upstream_rq_pending_active: 0
cluster.dynamic_forward_proxy_cluster.upstream_rq_pending_failure_eject: 0
cluster.dynamic_forward_proxy_cluster.upstream_rq_pending_overflow: 0
cluster.dynamic_forward_proxy_cluster.upstream_rq_pending_total: 0
cluster.dynamic_forward_proxy_cluster.upstream_rq_per_try_timeout: 0
cluster.dynamic_forward_proxy_cluster.upstream_rq_retry: 0
cluster.dynamic_forward_proxy_cluster.upstream_rq_retry_backoff_exponential: 0
cluster.dynamic_forward_proxy_cluster.upstream_rq_retry_backoff_ratelimited: 0
cluster.dynamic_forward_proxy_cluster.upstream_rq_retry_limit_exceeded: 0
cluster.dynamic_forward_proxy_cluster.upstream_rq_retry_overflow: 0
cluster.dynamic_forward_proxy_cluster.upstream_rq_retry_success: 0
cluster.dynamic_forward_proxy_cluster.upstream_rq_rx_reset: 0
cluster.dynamic_forward_proxy_cluster.upstream_rq_timeout: 0
cluster.dynamic_forward_proxy_cluster.upstream_rq_total: 0
cluster.dynamic_forward_proxy_cluster.upstream_rq_tx_reset: 0
cluster.dynamic_forward_proxy_cluster.version: 0
cluster_manager.active_clusters: 1
cluster_manager.cluster_added: 1
cluster_manager.cluster_modified: 0
cluster_manager.cluster_removed: 0
cluster_manager.cluster_updated: 0
cluster_manager.cluster_updated_via_merge: 0
cluster_manager.update_merge_cancelled: 0
cluster_manager.update_out_of_merge_window: 0
cluster_manager.warming_clusters: 0
dns_cache.dynamic_forward_proxy_cache_config.circuit_breakers.rq_pending_open: 0
dns_cache.dynamic_forward_proxy_cache_config.circuit_breakers.rq_pending_remaining: 1024
dns_cache.dynamic_forward_proxy_cache_config.dns_query_attempt: 0
dns_cache.dynamic_forward_proxy_cache_config.dns_query_failure: 0
dns_cache.dynamic_forward_proxy_cache_config.dns_query_success: 0
dns_cache.dynamic_forward_proxy_cache_config.dns_rq_pending_overflow: 0
dns_cache.dynamic_forward_proxy_cache_config.host_added: 0
dns_cache.dynamic_forward_proxy_cache_config.host_address_changed: 0
dns_cache.dynamic_forward_proxy_cache_config.host_overflow: 0
dns_cache.dynamic_forward_proxy_cache_config.host_removed: 0
dns_cache.dynamic_forward_proxy_cache_config.num_hosts: 0
filesystem.flushed_by_timer: 76
filesystem.reopen_failed: 0
filesystem.write_buffered: 0
filesystem.write_completed: 0
filesystem.write_failed: 0
filesystem.write_total_buffered: 0
http.admin.downstream_cx_active: 1
http.admin.downstream_cx_delayed_close_timeout: 0
http.admin.downstream_cx_destroy: 0
http.admin.downstream_cx_destroy_active_rq: 0
http.admin.downstream_cx_destroy_local: 0
http.admin.downstream_cx_destroy_local_active_rq: 0
http.admin.downstream_cx_destroy_remote: 0
http.admin.downstream_cx_destroy_remote_active_rq: 0
http.admin.downstream_cx_drain_close: 0
http.admin.downstream_cx_http1_active: 1
http.admin.downstream_cx_http1_total: 1
http.admin.downstream_cx_http2_active: 0
http.admin.downstream_cx_http2_total: 0
http.admin.downstream_cx_http3_active: 0
http.admin.downstream_cx_http3_total: 0
http.admin.downstream_cx_idle_timeout: 0
http.admin.downstream_cx_max_duration_reached: 0
http.admin.downstream_cx_overload_disable_keepalive: 0
http.admin.downstream_cx_protocol_error: 0
http.admin.downstream_cx_rx_bytes_buffered: 556
http.admin.downstream_cx_rx_bytes_total: 556
http.admin.downstream_cx_ssl_active: 0
http.admin.downstream_cx_ssl_total: 0
http.admin.downstream_cx_total: 1
http.admin.downstream_cx_tx_bytes_buffered: 0
http.admin.downstream_cx_tx_bytes_total: 0
http.admin.downstream_cx_upgrades_active: 0
http.admin.downstream_cx_upgrades_total: 0
http.admin.downstream_flow_control_paused_reading_total: 0
http.admin.downstream_flow_control_resumed_reading_total: 0
http.admin.downstream_rq_1xx: 0
http.admin.downstream_rq_2xx: 0
http.admin.downstream_rq_3xx: 0
http.admin.downstream_rq_4xx: 0
http.admin.downstream_rq_5xx: 0
http.admin.downstream_rq_active: 1
http.admin.downstream_rq_completed: 0
http.admin.downstream_rq_header_timeout: 0
http.admin.downstream_rq_http1_total: 1
http.admin.downstream_rq_http2_total: 0
http.admin.downstream_rq_http3_total: 0
http.admin.downstream_rq_idle_timeout: 0
http.admin.downstream_rq_max_duration_reached: 0
http.admin.downstream_rq_non_relative_path: 0
http.admin.downstream_rq_overload_close: 0
http.admin.downstream_rq_response_before_rq_complete: 0
http.admin.downstream_rq_rx_reset: 0
http.admin.downstream_rq_timeout: 0
http.admin.downstream_rq_too_large: 0
http.admin.downstream_rq_total: 1
http.admin.downstream_rq_tx_reset: 0
http.admin.downstream_rq_ws_on_non_ws_route: 0
http.admin.rs_too_large: 0
http.async-client.no_cluster: 0
http.async-client.no_route: 0
http.async-client.passthrough_internal_redirect_bad_location: 0
http.async-client.passthrough_internal_redirect_no_route: 0
http.async-client.passthrough_internal_redirect_predicate: 0
http.async-client.passthrough_internal_redirect_too_many_redirects: 0
http.async-client.passthrough_internal_redirect_unsafe_scheme: 0
http.async-client.rq_direct_response: 0
http.async-client.rq_redirect: 0
http.async-client.rq_reset_after_downstream_response_started: 0
http.async-client.rq_total: 0
http.egress_edge.downstream_cx_active: 0
http.egress_edge.downstream_cx_delayed_close_timeout: 0
http.egress_edge.downstream_cx_destroy: 0
http.egress_edge.downstream_cx_destroy_active_rq: 0
http.egress_edge.downstream_cx_destroy_local: 0
http.egress_edge.downstream_cx_destroy_local_active_rq: 0
http.egress_edge.downstream_cx_destroy_remote: 0
http.egress_edge.downstream_cx_destroy_remote_active_rq: 0
http.egress_edge.downstream_cx_drain_close: 0
http.egress_edge.downstream_cx_http1_active: 0
http.egress_edge.downstream_cx_http1_total: 0
http.egress_edge.downstream_cx_http2_active: 0
http.egress_edge.downstream_cx_http2_total: 0
http.egress_edge.downstream_cx_http3_active: 0
http.egress_edge.downstream_cx_http3_total: 0
http.egress_edge.downstream_cx_idle_timeout: 0
http.egress_edge.downstream_cx_max_duration_reached: 0
http.egress_edge.downstream_cx_overload_disable_keepalive: 0
http.egress_edge.downstream_cx_protocol_error: 0
http.egress_edge.downstream_cx_rx_bytes_buffered: 0
http.egress_edge.downstream_cx_rx_bytes_total: 0
http.egress_edge.downstream_cx_ssl_active: 0
http.egress_edge.downstream_cx_ssl_total: 0
http.egress_edge.downstream_cx_total: 0
http.egress_edge.downstream_cx_tx_bytes_buffered: 0
http.egress_edge.downstream_cx_tx_bytes_total: 0
http.egress_edge.downstream_cx_upgrades_active: 0
http.egress_edge.downstream_cx_upgrades_total: 0
http.egress_edge.downstream_flow_control_paused_reading_total: 0
http.egress_edge.downstream_flow_control_resumed_reading_total: 0
http.egress_edge.downstream_rq_1xx: 0
http.egress_edge.downstream_rq_2xx: 0
http.egress_edge.downstream_rq_3xx: 0
http.egress_edge.downstream_rq_4xx: 0
http.egress_edge.downstream_rq_5xx: 0
http.egress_edge.downstream_rq_active: 0
http.egress_edge.downstream_rq_completed: 0
http.egress_edge.downstream_rq_header_timeout: 0
http.egress_edge.downstream_rq_http1_total: 0
http.egress_edge.downstream_rq_http2_total: 0
http.egress_edge.downstream_rq_http3_total: 0
http.egress_edge.downstream_rq_idle_timeout: 0
http.egress_edge.downstream_rq_max_duration_reached: 0
http.egress_edge.downstream_rq_non_relative_path: 0
http.egress_edge.downstream_rq_overload_close: 0
http.egress_edge.downstream_rq_response_before_rq_complete: 0
http.egress_edge.downstream_rq_rx_reset: 0
http.egress_edge.downstream_rq_timeout: 0
http.egress_edge.downstream_rq_too_large: 0
http.egress_edge.downstream_rq_total: 0
http.egress_edge.downstream_rq_tx_reset: 0
http.egress_edge.downstream_rq_ws_on_non_ws_route: 0
http.egress_edge.no_cluster: 0
http.egress_edge.no_route: 0
http.egress_edge.passthrough_internal_redirect_bad_location: 0
http.egress_edge.passthrough_internal_redirect_no_route: 0
http.egress_edge.passthrough_internal_redirect_predicate: 0
http.egress_edge.passthrough_internal_redirect_too_many_redirects: 0
http.egress_edge.passthrough_internal_redirect_unsafe_scheme: 0
http.egress_edge.rq_direct_response: 0
http.egress_edge.rq_redirect: 0
http.egress_edge.rq_reset_after_downstream_response_started: 0
http.egress_edge.rq_total: 0
http.egress_edge.rs_too_large: 0
http.egress_edge.tracing.client_enabled: 0
http.egress_edge.tracing.health_check: 0
http.egress_edge.tracing.not_traceable: 0
http.egress_edge.tracing.random_sampling: 0
http.egress_edge.tracing.service_forced: 0
http1.dropped_headers_with_underscores: 0
http1.metadata_not_supported_error: 0
http1.requests_rejected_with_underscores_in_headers: 0
http1.response_flood: 0
listener.0.0.0.0_10000.downstream_cx_active: 0
listener.0.0.0.0_10000.downstream_cx_destroy: 0
listener.0.0.0.0_10000.downstream_cx_overflow: 0
listener.0.0.0.0_10000.downstream_cx_overload_reject: 0
listener.0.0.0.0_10000.downstream_cx_total: 0
listener.0.0.0.0_10000.downstream_global_cx_overflow: 0
listener.0.0.0.0_10000.downstream_pre_cx_active: 0
listener.0.0.0.0_10000.downstream_pre_cx_timeout: 0
listener.0.0.0.0_10000.http.egress_edge.downstream_rq_1xx: 0
listener.0.0.0.0_10000.http.egress_edge.downstream_rq_2xx: 0
listener.0.0.0.0_10000.http.egress_edge.downstream_rq_3xx: 0
listener.0.0.0.0_10000.http.egress_edge.downstream_rq_4xx: 0
listener.0.0.0.0_10000.http.egress_edge.downstream_rq_5xx: 0
listener.0.0.0.0_10000.http.egress_edge.downstream_rq_completed: 0
listener.0.0.0.0_10000.no_filter_chain_match: 1
listener.0.0.0.0_10000.worker_0.downstream_cx_active: 0
listener.0.0.0.0_10000.worker_0.downstream_cx_total: 0
listener.0.0.0.0_10000.worker_1.downstream_cx_active: 0
listener.0.0.0.0_10000.worker_1.downstream_cx_total: 0
listener.0.0.0.0_10000.worker_2.downstream_cx_active: 0
listener.0.0.0.0_10000.worker_2.downstream_cx_total: 0
listener.0.0.0.0_10000.worker_3.downstream_cx_active: 0
listener.0.0.0.0_10000.worker_3.downstream_cx_total: 0
listener.admin.downstream_cx_active: 1
listener.admin.downstream_cx_destroy: 0
listener.admin.downstream_cx_overflow: 0
listener.admin.downstream_cx_overload_reject: 0
listener.admin.downstream_cx_total: 1
listener.admin.downstream_global_cx_overflow: 0
listener.admin.downstream_pre_cx_active: 0
listener.admin.downstream_pre_cx_timeout: 0
listener.admin.http.admin.downstream_rq_1xx: 0
listener.admin.http.admin.downstream_rq_2xx: 0
listener.admin.http.admin.downstream_rq_3xx: 0
listener.admin.http.admin.downstream_rq_4xx: 0
listener.admin.http.admin.downstream_rq_5xx: 0
listener.admin.http.admin.downstream_rq_completed: 0
listener.admin.main_thread.downstream_cx_active: 1
listener.admin.main_thread.downstream_cx_total: 1
listener.admin.no_filter_chain_match: 0
listener_manager.listener_added: 1
listener_manager.listener_create_failure: 0
listener_manager.listener_create_success: 4
listener_manager.listener_in_place_updated: 0
listener_manager.listener_modified: 0
listener_manager.listener_removed: 0
listener_manager.listener_stopped: 0
listener_manager.total_filter_chains_draining: 0
listener_manager.total_listeners_active: 1
listener_manager.total_listeners_draining: 0
listener_manager.total_listeners_warming: 0
listener_manager.workers_started: 1
main_thread.watchdog_mega_miss: 0
main_thread.watchdog_miss: 0
runtime.admin_overrides_active: 0
runtime.deprecated_feature_seen_since_process_start: 1
runtime.deprecated_feature_use: 1
runtime.load_error: 0
runtime.load_success: 1
runtime.num_keys: 0
runtime.num_layers: 2
runtime.override_dir_exists: 0
runtime.override_dir_not_exists: 1
server.concurrency: 4
server.days_until_first_cert_expiring: 2147483647
server.debug_assertion_failures: 0
server.dynamic_unknown_fields: 0
server.envoy_bug_failures: 0
server.hot_restart_epoch: 0
server.hot_restart_generation: 1
server.live: 1
server.main_thread.watchdog_mega_miss: 0
server.main_thread.watchdog_miss: 0
server.memory_allocated: 8553744
server.memory_heap_size: 12582912
server.memory_physical_size: 14303382
server.parent_connections: 0
server.seconds_until_first_ocsp_response_expiring: 0
server.state: 0
server.static_unknown_fields: 0
server.stats_recent_lookups: 1160
server.total_connections: 0
server.uptime: 385
server.version: 14066761
server.worker_0.watchdog_mega_miss: 0
server.worker_0.watchdog_miss: 0
server.worker_1.watchdog_mega_miss: 0
server.worker_1.watchdog_miss: 0
server.worker_2.watchdog_mega_miss: 0
server.worker_2.watchdog_miss: 0
server.worker_3.watchdog_mega_miss: 0
server.worker_3.watchdog_miss: 0
vhost.local_service.vcluster.other.upstream_rq_retry: 0
vhost.local_service.vcluster.other.upstream_rq_retry_limit_exceeded: 0
vhost.local_service.vcluster.other.upstream_rq_retry_overflow: 0
vhost.local_service.vcluster.other.upstream_rq_retry_success: 0
vhost.local_service.vcluster.other.upstream_rq_timeout: 0
vhost.local_service.vcluster.other.upstream_rq_total: 0
workers.watchdog_mega_miss: 0
workers.watchdog_miss: 0
cluster.dynamic_forward_proxy_cluster.upstream_cx_connect_ms: No recorded values
cluster.dynamic_forward_proxy_cluster.upstream_cx_length_ms: No recorded values
http.admin.downstream_cx_length_ms: No recorded values
http.admin.downstream_rq_time: No recorded values
http.egress_edge.downstream_cx_length_ms: No recorded values
http.egress_edge.downstream_rq_time: No recorded values
listener.0.0.0.0_10000.downstream_cx_length_ms: No recorded values
listener.admin.downstream_cx_length_ms: No recorded values
server.initialization_time_ms: P0(nan,22.0) P25(nan,22.25) P50(nan,22.5) P75(nan,22.75) P90(nan,22.9) P95(nan,22.95) P99(nan,22.99) P99.5(nan,22.995) P99.9(nan,22.999) P100(nan,23.0)

*/clusters*: (Click to expand)

dynamic_forward_proxy_cluster::default_priority::max_connections::1024
dynamic_forward_proxy_cluster::default_priority::max_pending_requests::1024
dynamic_forward_proxy_cluster::default_priority::max_requests::1024
dynamic_forward_proxy_cluster::default_priority::max_retries::3
dynamic_forward_proxy_cluster::high_priority::max_connections::1024
dynamic_forward_proxy_cluster::high_priority::max_pending_requests::1024
dynamic_forward_proxy_cluster::high_priority::max_requests::1024
dynamic_forward_proxy_cluster::high_priority::max_retries::3
dynamic_forward_proxy_cluster::added_via_api::false

*/server_info*: (Click to expand)

{
 "version": "d6a4496e712d7a2335b26e2f76210d5904002c26/1.17.1/Clean/RELEASE/BoringSSL",
 "state": "LIVE",
 "hot_restart_version": "11.104",
 "command_line_options": {
  "base_id": "0",
  "use_dynamic_base_id": false,
  "base_id_path": "",
  "concurrency": 4,
  "config_path": "/config.yaml",
  "config_yaml": "",
  "allow_unknown_static_fields": false,
  "reject_unknown_dynamic_fields": false,
  "ignore_unknown_dynamic_fields": false,
  "admin_address_path": "",
  "local_address_ip_version": "v4",
  "log_level": "debug",
  "component_log_level": "",
  "log_format": "[%Y-%m-%d %T.%e][%t][%l][%n] [%g:%#] %v",
  "log_format_escaped": false,
  "log_path": "",
  "service_cluster": "",
  "service_node": "",
  "service_zone": "",
  "drain_strategy": "Gradual",
  "mode": "Serve",
  "disable_hot_restart": false,
  "enable_mutex_tracing": false,
  "restart_epoch": 0,
  "cpuset_threads": false,
  "disabled_extensions": [],
  "bootstrap_version": 0,
  "enable_fine_grain_logging": false,
  "socket_path": "@envoy_domain_socket",
  "socket_mode": 0,
  "hidden_envoy_deprecated_max_stats": "0",
  "hidden_envoy_deprecated_max_obj_name_len": "0",
  "file_flush_interval": "10s",
  "drain_time": "600s",
  "parent_shutdown_time": "900s"
 },
 "node": {
  "id": "",
  "cluster": "",
  "user_agent_name": "envoy",
  "user_agent_build_version": {
   "version": {
    "major_number": 1,
    "minor_number": 17,
    "patch": 1
   },
   "metadata": {
    "build.type": "RELEASE",
    "revision.sha": "d6a4496e712d7a2335b26e2f76210d5904002c26",
    "ssl.version": "BoringSSL",
    "revision.status": "Clean"
   }
  },
  "extensions": [
   {
    "name": "dubbo",
    "category": "envoy.dubbo_proxy.protocols",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.dynamic.ot",
    "category": "envoy.tracers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.lightstep",
    "category": "envoy.tracers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.tracers.datadog",
    "category": "envoy.tracers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.tracers.dynamic_ot",
    "category": "envoy.tracers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.tracers.lightstep",
    "category": "envoy.tracers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.tracers.opencensus",
    "category": "envoy.tracers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.tracers.skywalking",
    "category": "envoy.tracers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.tracers.xray",
    "category": "envoy.tracers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.tracers.zipkin",
    "category": "envoy.tracers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.zipkin",
    "category": "envoy.tracers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "udp_default_writer",
    "category": "envoy.udp_packet_writers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "udp_gso_batch_writer",
    "category": "envoy.udp_packet_writers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.bootstrap.wasm",
    "category": "envoy.bootstrap",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.extensions.network.socket_interface.default_socket_interface",
    "category": "envoy.bootstrap",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.extensions.http.cache.simple",
    "category": "envoy.http.cache",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "quiche_quic_listener",
    "category": "envoy.udp_listeners",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "raw_udp_listener",
    "category": "envoy.udp_listeners",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.access_loggers.file",
    "category": "envoy.access_loggers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.access_loggers.http_grpc",
    "category": "envoy.access_loggers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.access_loggers.tcp_grpc",
    "category": "envoy.access_loggers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.access_loggers.wasm",
    "category": "envoy.access_loggers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.file_access_log",
    "category": "envoy.access_loggers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.http_grpc_access_log",
    "category": "envoy.access_loggers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.tcp_grpc_access_log",
    "category": "envoy.access_loggers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.wasm_access_log",
    "category": "envoy.access_loggers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.buffer",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.cors",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.csrf",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.ext_authz",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.ext_proc",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.fault",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.adaptive_concurrency",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.admission_control",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.aws_lambda",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.aws_request_signing",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.buffer",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.cache",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.cdn_loop",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.compressor",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.cors",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.csrf",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.decompressor",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.dynamic_forward_proxy",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.dynamo",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.ext_authz",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.ext_proc",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.fault",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.grpc_http1_bridge",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.grpc_http1_reverse_bridge",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.grpc_json_transcoder",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.grpc_stats",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.grpc_web",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.gzip",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.header_to_metadata",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.health_check",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.ip_tagging",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.jwt_authn",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.local_ratelimit",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.lua",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.oauth2",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.on_demand",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.original_src",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.ratelimit",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.rbac",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.router",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.squash",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.tap",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.http.wasm",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.grpc_http1_bridge",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.grpc_json_transcoder",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.grpc_web",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.gzip",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.health_check",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.http_dynamo_filter",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.ip_tagging",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.local_rate_limit",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.lua",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.rate_limit",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.router",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.squash",
    "category": "envoy.filters.http",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.watchdog.abort_action",
    "category": "envoy.guarddog_actions",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.watchdog.profile_action",
    "category": "envoy.guarddog_actions",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.ip",
    "category": "envoy.resolvers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "quiche",
    "category": "envoy.quic_server_codec",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.extensions.upstreams.http.v3.HttpProtocolOptions",
    "category": "envoy.upstream_options",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.upstreams.http.http_protocol_options",
    "category": "envoy.upstream_options",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.grpc_credentials.aws_iam",
    "category": "envoy.grpc_credentials",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.grpc_credentials.default",
    "category": "envoy.grpc_credentials",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.grpc_credentials.file_based_metadata",
    "category": "envoy.grpc_credentials",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.client_ssl_auth",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.echo",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.ext_authz",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.network.client_ssl_auth",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.network.direct_response",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.network.dubbo_proxy",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.network.echo",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.network.ext_authz",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.network.http_connection_manager",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.network.kafka_broker",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.network.local_ratelimit",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.network.mongo_proxy",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.network.mysql_proxy",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.network.postgres_proxy",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.network.ratelimit",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.network.rbac",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.network.redis_proxy",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.network.rocketmq_proxy",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.network.sni_cluster",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.network.sni_dynamic_forward_proxy",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.network.tcp_proxy",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.network.thrift_proxy",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.network.wasm",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.network.zookeeper_proxy",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.http_connection_manager",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.mongo_proxy",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.ratelimit",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.redis_proxy",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.tcp_proxy",
    "category": "envoy.filters.network",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "auto",
    "category": "envoy.thrift_proxy.transports",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "framed",
    "category": "envoy.thrift_proxy.transports",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "header",
    "category": "envoy.thrift_proxy.transports",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "unframed",
    "category": "envoy.thrift_proxy.transports",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.cluster.eds",
    "category": "envoy.clusters",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.cluster.logical_dns",
    "category": "envoy.clusters",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.cluster.original_dst",
    "category": "envoy.clusters",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.cluster.static",
    "category": "envoy.clusters",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.cluster.strict_dns",
    "category": "envoy.clusters",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.clusters.aggregate",
    "category": "envoy.clusters",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.clusters.dynamic_forward_proxy",
    "category": "envoy.clusters",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.clusters.redis",
    "category": "envoy.clusters",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "dubbo.hessian2",
    "category": "envoy.dubbo_proxy.serializers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.udp.dns_filter",
    "category": "envoy.filters.udp_listener",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.udp_listener.udp_proxy",
    "category": "envoy.filters.udp_listener",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.internal_redirect_predicates.allow_listed_routes",
    "category": "envoy.internal_redirect_predicates",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.internal_redirect_predicates.previous_routes",
    "category": "envoy.internal_redirect_predicates",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.internal_redirect_predicates.safe_cross_scheme",
    "category": "envoy.internal_redirect_predicates",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.compression.gzip.decompressor",
    "category": "envoy.compression.decompressor",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.rate_limit_descriptors.expr",
    "category": "envoy.rate_limit_descriptors",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.transport_sockets.alts",
    "category": "envoy.transport_sockets.downstream",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.transport_sockets.quic",
    "category": "envoy.transport_sockets.downstream",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.transport_sockets.raw_buffer",
    "category": "envoy.transport_sockets.downstream",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.transport_sockets.starttls",
    "category": "envoy.transport_sockets.downstream",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.transport_sockets.tap",
    "category": "envoy.transport_sockets.downstream",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.transport_sockets.tls",
    "category": "envoy.transport_sockets.downstream",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "raw_buffer",
    "category": "envoy.transport_sockets.downstream",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "starttls",
    "category": "envoy.transport_sockets.downstream",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "tls",
    "category": "envoy.transport_sockets.downstream",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.listener.http_inspector",
    "category": "envoy.filters.listener",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.listener.original_dst",
    "category": "envoy.filters.listener",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.listener.original_src",
    "category": "envoy.filters.listener",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.listener.proxy_protocol",
    "category": "envoy.filters.listener",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.listener.tls_inspector",
    "category": "envoy.filters.listener",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.listener.http_inspector",
    "category": "envoy.filters.listener",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.listener.original_dst",
    "category": "envoy.filters.listener",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.listener.original_src",
    "category": "envoy.filters.listener",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.listener.proxy_protocol",
    "category": "envoy.filters.listener",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.listener.tls_inspector",
    "category": "envoy.filters.listener",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.compression.gzip.compressor",
    "category": "envoy.compression.compressor",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.dubbo.router",
    "category": "envoy.dubbo_proxy.filters",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.resource_monitors.fixed_heap",
    "category": "envoy.resource_monitors",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.resource_monitors.injected_resource",
    "category": "envoy.resource_monitors",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "quiche",
    "category": "envoy.quic_client_codec",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.retry_priorities.previous_priorities",
    "category": "envoy.retry_priorities",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "auto",
    "category": "envoy.thrift_proxy.protocols",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "binary",
    "category": "envoy.thrift_proxy.protocols",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "binary/non-strict",
    "category": "envoy.thrift_proxy.protocols",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "compact",
    "category": "envoy.thrift_proxy.protocols",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "twitter",
    "category": "envoy.thrift_proxy.protocols",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.retry_host_predicates.omit_canary_hosts",
    "category": "envoy.retry_host_predicates",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.retry_host_predicates.omit_host_metadata",
    "category": "envoy.retry_host_predicates",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.retry_host_predicates.previous_hosts",
    "category": "envoy.retry_host_predicates",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.health_checkers.redis",
    "category": "envoy.health_checkers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "default",
    "category": "envoy.dubbo_proxy.route_matchers",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.thrift.rate_limit",
    "category": "envoy.thrift_proxy.filters",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.thrift.router",
    "category": "envoy.thrift_proxy.filters",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.dog_statsd",
    "category": "envoy.stats_sinks",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.metrics_service",
    "category": "envoy.stats_sinks",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.stat_sinks.dog_statsd",
    "category": "envoy.stats_sinks",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.stat_sinks.hystrix",
    "category": "envoy.stats_sinks",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.stat_sinks.metrics_service",
    "category": "envoy.stats_sinks",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.stat_sinks.statsd",
    "category": "envoy.stats_sinks",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.stat_sinks.wasm",
    "category": "envoy.stats_sinks",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.statsd",
    "category": "envoy.stats_sinks",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.filters.connection_pools.tcp.generic",
    "category": "envoy.upstreams",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.wasm.runtime.null",
    "category": "envoy.wasm.runtime",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.wasm.runtime.v8",
    "category": "envoy.wasm.runtime",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.transport_sockets.alts",
    "category": "envoy.transport_sockets.upstream",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.transport_sockets.quic",
    "category": "envoy.transport_sockets.upstream",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.transport_sockets.raw_buffer",
    "category": "envoy.transport_sockets.upstream",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.transport_sockets.tap",
    "category": "envoy.transport_sockets.upstream",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.transport_sockets.tls",
    "category": "envoy.transport_sockets.upstream",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "envoy.transport_sockets.upstream_proxy_protocol",
    "category": "envoy.transport_sockets.upstream",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "raw_buffer",
    "category": "envoy.transport_sockets.upstream",
    "type_descriptor": "",
    "disabled": false
   },
   {
    "name": "tls",
    "category": "envoy.transport_sockets.upstream",
    "type_descriptor": "",
    "disabled": false
   }
  ],
  "client_features": [],
  "listening_addresses": [],
  "hidden_envoy_deprecated_build_version": "d6a4496e712d7a2335b26e2f76210d5904002c26/1.17.1/Clean/RELEASE/BoringSSL"
 },
 "uptime_current_epoch": "100s",
 "uptime_all_epochs": "100s"
}

Config:

static_resources:
  listeners:
  - name: listener_0
    listener_filters:
    - name: envoy.listener.original_dst  # Make sure the original IP/PORT is being evaluated on the filter matched
    address:
      socket_address:
        protocol: TCP
        address: 0.0.0.0
        port_value: 10000
    use_original_dst: true  # Make sure the original IP/PORT is being evaluated on the filter matched
    filter_chains:
    - filter_chain_match:
        prefix_ranges:
           # Use this filter for destinations in this local network CIDR
        - address_prefix: 192.168.0.1
          prefix_len: 16
      filters:
      - name: envoy.filters.network.http_connection_manager
        typed_config:
          "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
          stat_prefix: egress_edge
          route_config:
            name: local_route
            virtual_hosts:
            - name: local_service
              domains:
              - "*"
              routes:
              - match:
                  prefix: "/"
                direct_response: # Verify the filter is matching
                  status: 200
                  body:
                    inline_string: |
                      Filter match!
          http_filters:
          - name: envoy.filters.http.dynamic_forward_proxy
            typed_config:
              "@type": type.googleapis.com/envoy.extensions.filters.http.dynamic_forward_proxy.v3.FilterConfig
              dns_cache_config:
                name: dynamic_forward_proxy_cache_config
                dns_lookup_family: V4_ONLY
          - name: envoy.filters.http.router
            typed_config:
              "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
  clusters:
  - name: dynamic_forward_proxy_cluster
    connect_timeout: 1s
    lb_policy: CLUSTER_PROVIDED
    cluster_type:
      name: envoy.clusters.dynamic_forward_proxy
      typed_config:
        "@type": type.googleapis.com/envoy.extensions.clusters.dynamic_forward_proxy.v3.ClusterConfig
        dns_cache_config:
          name: dynamic_forward_proxy_cache_config
          dns_lookup_family: V4_ONLY

*Logs*: (Click to expand)

[2021-03-06 23:12:20.765][1][info][main] [source/server/server.cc:323] initializing epoch 0 (base id=0, hot restart version=11.104)
[2021-03-06 23:12:20.765][1][info][main] [source/server/server.cc:325] statically linked extensions:
[2021-03-06 23:12:20.765][1][info][main] [source/server/server.cc:327]   envoy.compression.decompressor: envoy.compression.gzip.decompressor
[2021-03-06 23:12:20.765][1][info][main] [source/server/server.cc:327]   envoy.grpc_credentials: envoy.grpc_credentials.aws_iam, envoy.grpc_credentials.default, envoy.grpc_credentials.file_based_metadata
[2021-03-06 23:12:20.765][1][info][main] [source/server/server.cc:327]   envoy.udp_listeners: quiche_quic_listener, raw_udp_listener
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.guarddog_actions: envoy.watchdog.abort_action, envoy.watchdog.profile_action
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.resolvers: envoy.ip
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.filters.network: envoy.client_ssl_auth, envoy.echo, envoy.ext_authz, envoy.filters.network.client_ssl_auth, envoy.filters.network.direct_response, envoy.filters.network.dubbo_proxy, envoy.filters.network.echo, envoy.filters.network.ext_authz, envoy.filters.network.http_connection_manager, envoy.filters.network.kafka_broker, envoy.filters.network.local_ratelimit, envoy.filters.network.mongo_proxy, envoy.filters.network.mysql_proxy, envoy.filters.network.postgres_proxy, envoy.filters.network.ratelimit, envoy.filters.network.rbac, envoy.filters.network.redis_proxy, envoy.filters.network.rocketmq_proxy, envoy.filters.network.sni_cluster, envoy.filters.network.sni_dynamic_forward_proxy, envoy.filters.network.tcp_proxy, envoy.filters.network.thrift_proxy, envoy.filters.network.wasm, envoy.filters.network.zookeeper_proxy, envoy.http_connection_manager, envoy.mongo_proxy, envoy.ratelimit, envoy.redis_proxy, envoy.tcp_proxy
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.filters.http: envoy.buffer, envoy.cors, envoy.csrf, envoy.ext_authz, envoy.ext_proc, envoy.fault, envoy.filters.http.adaptive_concurrency, envoy.filters.http.admission_control, envoy.filters.http.aws_lambda, envoy.filters.http.aws_request_signing, envoy.filters.http.buffer, envoy.filters.http.cache, envoy.filters.http.cdn_loop, envoy.filters.http.compressor, envoy.filters.http.cors, envoy.filters.http.csrf, envoy.filters.http.decompressor, envoy.filters.http.dynamic_forward_proxy, envoy.filters.http.dynamo, envoy.filters.http.ext_authz, envoy.filters.http.ext_proc, envoy.filters.http.fault, envoy.filters.http.grpc_http1_bridge, envoy.filters.http.grpc_http1_reverse_bridge, envoy.filters.http.grpc_json_transcoder, envoy.filters.http.grpc_stats, envoy.filters.http.grpc_web, envoy.filters.http.gzip, envoy.filters.http.header_to_metadata, envoy.filters.http.health_check, envoy.filters.http.ip_tagging, envoy.filters.http.jwt_authn, envoy.filters.http.local_ratelimit, envoy.filters.http.lua, envoy.filters.http.oauth2, envoy.filters.http.on_demand, envoy.filters.http.original_src, envoy.filters.http.ratelimit, envoy.filters.http.rbac, envoy.filters.http.router, envoy.filters.http.squash, envoy.filters.http.tap, envoy.filters.http.wasm, envoy.grpc_http1_bridge, envoy.grpc_json_transcoder, envoy.grpc_web, envoy.gzip, envoy.health_check, envoy.http_dynamo_filter, envoy.ip_tagging, envoy.local_rate_limit, envoy.lua, envoy.rate_limit, envoy.router, envoy.squash
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.compression.compressor: envoy.compression.gzip.compressor
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.udp_packet_writers: udp_default_writer, udp_gso_batch_writer
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.resource_monitors: envoy.resource_monitors.fixed_heap, envoy.resource_monitors.injected_resource
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.rate_limit_descriptors: envoy.rate_limit_descriptors.expr
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.tracers: envoy.dynamic.ot, envoy.lightstep, envoy.tracers.datadog, envoy.tracers.dynamic_ot, envoy.tracers.lightstep, envoy.tracers.opencensus, envoy.tracers.skywalking, envoy.tracers.xray, envoy.tracers.zipkin, envoy.zipkin
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.filters.udp_listener: envoy.filters.udp.dns_filter, envoy.filters.udp_listener.udp_proxy
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.retry_host_predicates: envoy.retry_host_predicates.omit_canary_hosts, envoy.retry_host_predicates.omit_host_metadata, envoy.retry_host_predicates.previous_hosts
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.access_loggers: envoy.access_loggers.file, envoy.access_loggers.http_grpc, envoy.access_loggers.tcp_grpc, envoy.access_loggers.wasm, envoy.file_access_log, envoy.http_grpc_access_log, envoy.tcp_grpc_access_log, envoy.wasm_access_log
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.upstreams: envoy.filters.connection_pools.tcp.generic
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.transport_sockets.downstream: envoy.transport_sockets.alts, envoy.transport_sockets.quic, envoy.transport_sockets.raw_buffer, envoy.transport_sockets.starttls, envoy.transport_sockets.tap, envoy.transport_sockets.tls, raw_buffer, starttls, tls
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.quic_server_codec: quiche
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.thrift_proxy.transports: auto, framed, header, unframed
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.stats_sinks: envoy.dog_statsd, envoy.metrics_service, envoy.stat_sinks.dog_statsd, envoy.stat_sinks.hystrix, envoy.stat_sinks.metrics_service, envoy.stat_sinks.statsd, envoy.stat_sinks.wasm, envoy.statsd
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.filters.listener: envoy.filters.listener.http_inspector, envoy.filters.listener.original_dst, envoy.filters.listener.original_src, envoy.filters.listener.proxy_protocol, envoy.filters.listener.tls_inspector, envoy.listener.http_inspector, envoy.listener.original_dst, envoy.listener.original_src, envoy.listener.proxy_protocol, envoy.listener.tls_inspector
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.clusters: envoy.cluster.eds, envoy.cluster.logical_dns, envoy.cluster.original_dst, envoy.cluster.static, envoy.cluster.strict_dns, envoy.clusters.aggregate, envoy.clusters.dynamic_forward_proxy, envoy.clusters.redis
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.thrift_proxy.protocols: auto, binary, binary/non-strict, compact, twitter
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.dubbo_proxy.filters: envoy.filters.dubbo.router
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.wasm.runtime: envoy.wasm.runtime.null, envoy.wasm.runtime.v8
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.upstream_options: envoy.extensions.upstreams.http.v3.HttpProtocolOptions, envoy.upstreams.http.http_protocol_options
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.retry_priorities: envoy.retry_priorities.previous_priorities
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.health_checkers: envoy.health_checkers.redis
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.dubbo_proxy.protocols: dubbo
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.dubbo_proxy.serializers: dubbo.hessian2
[2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327]   envoy.thrift_proxy.filters: envoy.filters.thrift.rate_limit, envoy.filters.thrift.router
[2021-03-06 23:12:20.767][1][info][main] [source/server/server.cc:327]   envoy.bootstrap: envoy.bootstrap.wasm, envoy.extensions.network.socket_interface.default_socket_interface
[2021-03-06 23:12:20.767][1][info][main] [source/server/server.cc:327]   envoy.quic_client_codec: quiche
[2021-03-06 23:12:20.767][1][info][main] [source/server/server.cc:327]   envoy.transport_sockets.upstream: envoy.transport_sockets.alts, envoy.transport_sockets.quic, envoy.transport_sockets.raw_buffer, envoy.transport_sockets.tap, envoy.transport_sockets.tls, envoy.transport_sockets.upstream_proxy_protocol, raw_buffer, tls
[2021-03-06 23:12:20.767][1][info][main] [source/server/server.cc:327]   envoy.http.cache: envoy.extensions.http.cache.simple
[2021-03-06 23:12:20.767][1][info][main] [source/server/server.cc:327]   envoy.dubbo_proxy.route_matchers: default
[2021-03-06 23:12:20.767][1][info][main] [source/server/server.cc:327]   envoy.internal_redirect_predicates: envoy.internal_redirect_predicates.allow_listed_routes, envoy.internal_redirect_predicates.previous_routes, envoy.internal_redirect_predicates.safe_cross_scheme
[2021-03-06 23:12:20.776][1][warning][misc] [source/common/protobuf/message_validator_impl.cc:21] Deprecated field: type envoy.api.v2.Listener Using deprecated option 'envoy.api.v2.Listener.use_original_dst' from file listener.proto. This configuration will be removed from Envoy soon. Please see https://www.envoyproxy.io/docs/envoy/latest/version_history/version_history for details. If continued use of this field is absolutely necessary, see https://www.envoyproxy.io/docs/envoy/latest/configuration/operations/runtime#using-runtime-overrides-for-deprecated-features for how to apply a temporary and highly discouraged override.
[2021-03-06 23:12:20.776][1][info][main] [source/server/server.cc:343] HTTP header map info:
[2021-03-06 23:12:20.777][1][warning][runtime] [source/common/runtime/runtime_features.cc:31] Unable to use runtime singleton for feature envoy.http.headermap.lazy_map_min_size
[2021-03-06 23:12:20.777][1][warning][runtime] [source/common/runtime/runtime_features.cc:31] Unable to use runtime singleton for feature envoy.http.headermap.lazy_map_min_size
[2021-03-06 23:12:20.778][1][warning][runtime] [source/common/runtime/runtime_features.cc:31] Unable to use runtime singleton for feature envoy.http.headermap.lazy_map_min_size
[2021-03-06 23:12:20.778][1][warning][runtime] [source/common/runtime/runtime_features.cc:31] Unable to use runtime singleton for feature envoy.http.headermap.lazy_map_min_size
[2021-03-06 23:12:20.778][1][info][main] [source/server/server.cc:346]   request header map: 616 bytes: :authority,:method,:path,:protocol,:scheme,accept,accept-encoding,access-control-request-method,authentication,authorization,cache-control,cdn-loop,connection,content-encoding,content-length,content-type,expect,grpc-accept-encoding,grpc-timeout,if-match,if-modified-since,if-none-match,if-range,if-unmodified-since,keep-alive,origin,pragma,proxy-connection,referer,te,transfer-encoding,upgrade,user-agent,via,x-client-trace-id,x-envoy-attempt-count,x-envoy-decorator-operation,x-envoy-downstream-service-cluster,x-envoy-downstream-service-node,x-envoy-expected-rq-timeout-ms,x-envoy-external-address,x-envoy-force-trace,x-envoy-hedge-on-per-try-timeout,x-envoy-internal,x-envoy-ip-tags,x-envoy-max-retries,x-envoy-original-path,x-envoy-original-url,x-envoy-retriable-header-names,x-envoy-retriable-status-codes,x-envoy-retry-grpc-on,x-envoy-retry-on,x-envoy-upstream-alt-stat-name,x-envoy-upstream-rq-per-try-timeout-ms,x-envoy-upstream-rq-timeout-alt-response,x-envoy-upstream-rq-timeout-ms,x-forwarded-client-cert,x-forwarded-for,x-forwarded-proto,x-ot-span-context,x-request-id
[2021-03-06 23:12:20.778][1][info][main] [source/server/server.cc:346]   request trailer map: 128 bytes:
[2021-03-06 23:12:20.779][1][info][main] [source/server/server.cc:346]   response header map: 424 bytes: :status,access-control-allow-credentials,access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,access-control-expose-headers,access-control-max-age,age,cache-control,connection,content-encoding,content-length,content-type,date,etag,expires,grpc-message,grpc-status,keep-alive,last-modified,location,proxy-connection,server,transfer-encoding,upgrade,vary,via,x-envoy-attempt-count,x-envoy-decorator-operation,x-envoy-degraded,x-envoy-immediate-health-check-fail,x-envoy-ratelimited,x-envoy-upstream-canary,x-envoy-upstream-healthchecked-cluster,x-envoy-upstream-service-time,x-request-id
[2021-03-06 23:12:20.779][1][info][main] [source/server/server.cc:346]   response trailer map: 152 bytes: grpc-message,grpc-status
[2021-03-06 23:12:20.780][1][debug][main] [source/server/overload_manager_impl.cc:385] No overload action is configured for envoy.overload_actions.shrink_heap.
[2021-03-06 23:12:20.781][1][debug][main] [source/server/overload_manager_impl.cc:385] No overload action is configured for envoy.overload_actions.stop_accepting_connections.
[2021-03-06 23:12:20.781][1][debug][main] [source/server/overload_manager_impl.cc:385] No overload action is configured for envoy.overload_actions.reject_incoming_connections.
[2021-03-06 23:12:20.781][1][debug][main] [source/server/overload_manager_impl.cc:385] No overload action is configured for envoy.overload_actions.stop_accepting_connections.
[2021-03-06 23:12:20.781][1][debug][main] [source/server/overload_manager_impl.cc:385] No overload action is configured for envoy.overload_actions.reject_incoming_connections.
[2021-03-06 23:12:20.781][1][debug][main] [source/server/overload_manager_impl.cc:385] No overload action is configured for envoy.overload_actions.stop_accepting_connections.
[2021-03-06 23:12:20.781][1][debug][main] [source/server/overload_manager_impl.cc:385] No overload action is configured for envoy.overload_actions.reject_incoming_connections.
[2021-03-06 23:12:20.781][1][debug][main] [source/server/overload_manager_impl.cc:385] No overload action is configured for envoy.overload_actions.stop_accepting_connections.
[2021-03-06 23:12:20.781][1][debug][main] [source/server/overload_manager_impl.cc:385] No overload action is configured for envoy.overload_actions.reject_incoming_connections.
[2021-03-06 23:12:20.781][1][info][main] [source/server/server.cc:486] admin address: 0.0.0.0:9901
[2021-03-06 23:12:20.783][1][info][main] [source/server/server.cc:634] runtime: layers:
  - name: base
    static_layer:
      {}
  - name: admin
    admin_layer:
      {}
[2021-03-06 23:12:20.783][1][info][config] [source/server/configuration_impl.cc:125] loading tracing configuration
[2021-03-06 23:12:20.783][1][info][config] [source/server/configuration_impl.cc:85] loading 0 static secret(s)
[2021-03-06 23:12:20.783][1][info][config] [source/server/configuration_impl.cc:91] loading 1 cluster(s)
[2021-03-06 23:12:20.784][12][debug][grpc] [source/common/grpc/google_async_client_impl.cc:50] completionThread running
[2021-03-06 23:12:20.785][1][debug][upstream] [source/common/upstream/upstream_impl.cc:1018] initializing Primary cluster dynamic_forward_proxy_cluster completed
[2021-03-06 23:12:20.785][1][debug][init] [source/common/init/manager_impl.cc:49] init manager Cluster dynamic_forward_proxy_cluster contains no targets
[2021-03-06 23:12:20.785][1][debug][init] [source/common/init/watcher_impl.cc:14] init manager Cluster dynamic_forward_proxy_cluster initialized, notifying ClusterImplBase
[2021-03-06 23:12:20.785][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:947] adding TLS cluster dynamic_forward_proxy_cluster
[2021-03-06 23:12:20.785][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:120] cm init: init complete: cluster=dynamic_forward_proxy_cluster primary=0 secondary=0
[2021-03-06 23:12:20.785][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:140] maybe finish initialize state: 0
[2021-03-06 23:12:20.786][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:91] cm init: adding: cluster=dynamic_forward_proxy_cluster primary=0 secondary=0
[2021-03-06 23:12:20.786][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:140] maybe finish initialize state: 1
[2021-03-06 23:12:20.786][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:149] maybe finish initialize primary init clusters empty: true
[2021-03-06 23:12:20.786][1][info][config] [source/server/configuration_impl.cc:95] loading 1 listener(s)
[2021-03-06 23:12:20.786][1][debug][config] [source/server/configuration_impl.cc:97] listener #0:
[2021-03-06 23:12:20.788][1][debug][config] [source/server/listener_manager_impl.cc:395] begin add/update listener: name=listener_0 hash=18262469619681037125
[2021-03-06 23:12:20.788][1][debug][config] [source/server/listener_manager_impl.cc:432] use full listener update path for listener name=listener_0 hash=18262469619681037125
[2021-03-06 23:12:20.788][1][debug][config] [source/server/listener_manager_impl.cc:129]   filter #0:
[2021-03-06 23:12:20.788][1][debug][config] [source/server/listener_manager_impl.cc:130]     name: envoy.listener.original_dst
[2021-03-06 23:12:20.788][1][debug][config] [source/server/listener_manager_impl.cc:137]   config: {}

[2021-03-06 23:12:20.788][1][warning][misc] [bazel-out/k8-opt/bin/source/extensions/common/_virtual_includes/utility_lib/extensions/common/utility.h:65] Using deprecated extension name 'envoy.listener.original_dst' for 'envoy.filters.listener.original_dst'. This name will be removed from Envoy soon. Please see https://www.envoyproxy.io/docs/envoy/latest/version_history/version_history for details.
[2021-03-06 23:12:20.788][1][debug][config] [source/server/listener_manager_impl.cc:95]   filter #0:
[2021-03-06 23:12:20.788][1][debug][config] [source/server/listener_manager_impl.cc:96]     name: envoy.filters.network.http_connection_manager
[2021-03-06 23:12:20.789][1][debug][config] [source/server/listener_manager_impl.cc:103]   config: {
 "@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager",
 "http_filters": [
  {
   "typed_config": {
    "@type": "type.googleapis.com/envoy.extensions.filters.http.dynamic_forward_proxy.v3.FilterConfig",
    "dns_cache_config": {
     "dns_lookup_family": "V4_ONLY",
     "name": "dynamic_forward_proxy_cache_config"
    }
   },
   "name": "envoy.filters.http.dynamic_forward_proxy"
  },
  {
   "name": "envoy.filters.http.router",
   "typed_config": {
    "@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router"
   }
  }
 ],
 "access_log": [
  {
   "name": "envoy.access_loggers.file",
   "typed_config": {
    "@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog",
    "path": "/dev/stdout"
   }
  }
 ],
 "route_config": {
  "name": "local_route",
  "virtual_hosts": [
   {
    "routes": [
     {
      "direct_response": {
       "body": {
        "inline_string": "Filter match!\n"
       },
       "status": 200
      },
      "match": {
       "prefix": "/"
      }
     },
     {
      "match": {
       "connect_matcher": {}
      },
      "route": {
       "cluster": "dynamic_forward_proxy_cluster",
       "upgrade_configs": [
        {
         "connect_config": {},
         "upgrade_type": "CONNECT"
        }
       ]
      }
     }
    ],
    "name": "local_service",
    "domains": [
     "*"
    ]
   }
  ]
 },
 "stat_prefix": "egress_edge"
}

[2021-03-06 23:12:20.793][1][debug][config] [source/extensions/filters/network/http_connection_manager/config.cc:495]     http filter #0
[2021-03-06 23:12:20.796][1][debug][config] [source/extensions/filters/network/http_connection_manager/config.cc:517]       name: envoy.filters.http.dynamic_forward_proxy
[2021-03-06 23:12:20.796][1][debug][config] [source/extensions/filters/network/http_connection_manager/config.cc:524]     config: {
 "@type": "type.googleapis.com/envoy.extensions.filters.http.dynamic_forward_proxy.v3.FilterConfig",
 "dns_cache_config": {
  "dns_lookup_family": "V4_ONLY",
  "name": "dynamic_forward_proxy_cache_config"
 }
}

[2021-03-06 23:12:20.796][1][debug][config] [source/extensions/filters/network/http_connection_manager/config.cc:495]     http filter #1
[2021-03-06 23:12:20.796][1][debug][config] [source/extensions/filters/network/http_connection_manager/config.cc:517]       name: envoy.filters.http.router
[2021-03-06 23:12:20.796][1][debug][config] [source/extensions/filters/network/http_connection_manager/config.cc:524]     config: {
 "@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router"
}

[2021-03-06 23:12:20.797][1][debug][config] [source/server/filter_chain_manager_impl.cc:222] new fc_contexts has 1 filter chains, including 1 newly built
[2021-03-06 23:12:20.797][1][debug][init] [source/common/init/manager_impl.cc:24] added target Listener-init-target listener_0 to init manager Server
[2021-03-06 23:12:20.797][1][debug][config] [source/server/listener_impl.cc:130] Create listen socket for listener listener_0 on address 0.0.0.0:10000
[2021-03-06 23:12:20.797][1][debug][config] [source/server/listener_impl.cc:120] Set listener listener_0 socket factory local address to 0.0.0.0:10000
[2021-03-06 23:12:20.797][1][debug][config] [source/server/listener_impl.cc:683] add active listener: name=listener_0, hash=18262469619681037125, address=0.0.0.0:10000
[2021-03-06 23:12:20.797][1][info][config] [source/server/configuration_impl.cc:107] loading stats configuration
[2021-03-06 23:12:20.797][1][debug][init] [source/common/init/manager_impl.cc:49] init manager RTDS contains no targets
[2021-03-06 23:12:20.797][1][debug][init] [source/common/init/watcher_impl.cc:14] init manager RTDS initialized, notifying RTDS
[2021-03-06 23:12:20.797][1][info][runtime] [source/common/runtime/runtime_impl.cc:425] RTDS has finished initialization
[2021-03-06 23:12:20.797][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:209] continue initializing secondary clusters
[2021-03-06 23:12:20.797][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:140] maybe finish initialize state: 2
[2021-03-06 23:12:20.797][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:149] maybe finish initialize primary init clusters empty: true
[2021-03-06 23:12:20.797][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:164] maybe finish initialize secondary init clusters empty: true
[2021-03-06 23:12:20.797][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:185] maybe finish initialize cds api ready: false
[2021-03-06 23:12:20.797][1][info][upstream] [source/common/upstream/cluster_manager_impl.cc:191] cm init: all clusters initialized
[2021-03-06 23:12:20.797][1][warning][main] [source/server/server.cc:609] there is no configured limit to the number of allowed active connections. Set a limit via the runtime key overload.global_downstream_max_connections
[2021-03-06 23:12:20.798][1][info][main] [source/server/server.cc:712] all clusters initialized. initializing init manager
[2021-03-06 23:12:20.798][1][debug][init] [source/common/init/manager_impl.cc:53] init manager Server initializing
[2021-03-06 23:12:20.798][1][debug][init] [source/common/init/target_impl.cc:15] init manager Server initializing target Listener-init-target listener_0
[2021-03-06 23:12:20.798][1][debug][init] [source/common/init/manager_impl.cc:49] init manager Listener-local-init-manager listener_0 18262469619681037125 contains no targets
[2021-03-06 23:12:20.798][1][debug][init] [source/common/init/watcher_impl.cc:14] init manager Listener-local-init-manager listener_0 18262469619681037125 initialized, notifying Listener-local-init-watcher listener_0
[2021-03-06 23:12:20.798][1][debug][init] [source/common/init/watcher_impl.cc:14] target Listener-init-target listener_0 initialized, notifying init manager Server
[2021-03-06 23:12:20.798][1][debug][init] [source/common/init/watcher_impl.cc:14] init manager Server initialized, notifying RunHelper
[2021-03-06 23:12:20.798][1][info][config] [source/server/listener_manager_impl.cc:888] all dependencies initialized. starting workers
[2021-03-06 23:12:20.799][1][debug][config] [source/server/listener_manager_impl.cc:899] starting worker 0
[2021-03-06 23:12:20.799][1][debug][config] [source/server/listener_manager_impl.cc:899] starting worker 1
[2021-03-06 23:12:20.799][1][debug][config] [source/server/listener_manager_impl.cc:899] starting worker 2
[2021-03-06 23:12:20.799][16][debug][main] [source/server/worker_impl.cc:127] worker entering dispatch loop
[2021-03-06 23:12:20.799][1][debug][config] [source/server/listener_manager_impl.cc:899] starting worker 3
[2021-03-06 23:12:20.799][18][debug][main] [source/server/worker_impl.cc:127] worker entering dispatch loop
[2021-03-06 23:12:20.799][16][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:947] adding TLS cluster dynamic_forward_proxy_cluster
[2021-03-06 23:12:20.800][1][info][main] [source/server/server.cc:731] starting main dispatch loop
[2021-03-06 23:12:20.800][19][debug][grpc] [source/common/grpc/google_async_client_impl.cc:50] completionThread running
[2021-03-06 23:12:20.800][18][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:947] adding TLS cluster dynamic_forward_proxy_cluster
[2021-03-06 23:12:20.800][20][debug][grpc] [source/common/grpc/google_async_client_impl.cc:50] completionThread running
[2021-03-06 23:12:20.800][17][debug][main] [source/server/worker_impl.cc:127] worker entering dispatch loop
[2021-03-06 23:12:20.800][15][debug][main] [source/server/worker_impl.cc:127] worker entering dispatch loop
[2021-03-06 23:12:20.801][15][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:947] adding TLS cluster dynamic_forward_proxy_cluster
[2021-03-06 23:12:20.801][22][debug][grpc] [source/common/grpc/google_async_client_impl.cc:50] completionThread running
[2021-03-06 23:12:20.801][17][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:947] adding TLS cluster dynamic_forward_proxy_cluster
[2021-03-06 23:12:20.801][21][debug][grpc] [source/common/grpc/google_async_client_impl.cc:50] completionThread running
[2021-03-06 23:12:23.656][17][debug][filter] [source/extensions/filters/listener/original_dst/original_dst.cc:18] original_dst: New connection accepted
[2021-03-06 23:12:23.656][17][debug][filter] [source/extensions/filters/listener/original_dst/original_dst.cc:18] original_dst: New connection accepted
[2021-03-06 23:12:23.656][17][debug][conn_handler] [source/server/connection_handler_impl.cc:469] closing connection: no matching filter chain found

The text was updated successfully, but these errors were encountered:

dio · 2021-03-07T11:04:25Z

cc. @lambdai

lambdai · 2021-03-07T20:21:22Z

i suspect the l4 original address is what localhost is resolved to. The 192.168 ip in the curl is not particiing the L4 address match. I can give it a try and update later today

aSapien · 2021-03-07T22:05:37Z

@lambdai thanks! I was able to confirm your suspicion by doing the following:

Change the filter_chain_match to:

    prefix_ranges:
    - address_prefix: 127.0.0.1
      prefix_len: 24

Exec in the Envoy container and install curl:

docker exec -it <container_id> /bin/bash
apt update && apt install curl

Test with curl:

# Matches
curl --proxy http://127.0.0.1:10000 http://google.com
curl --proxy http://127.0.0.254:10000 http://google.com

# Does not match
curl --proxy http://127.0.1.1:10000 http://google.com

Can you advise how to filter the destination IP CIDRs when the Envoy cluster acts as a dynamic_forward_proxy ?

aSapien · 2021-03-07T22:33:26Z

To add more context, I would like to add what is my final goal:

I want Envoy to forward HTTP requests that are resolved to a private subnet destination IP via one dynamic forward cluster, and all the requests that resolve to public IP subnets via another.

lambdai · 2021-03-08T00:08:30Z

@aSapien Thank you for the update!
Filter chain matching procedure happens immediately after envoy receives the tcp connection. I wouldn't expect to extend the functionality to parse the http request.

I don't see the solution that you can combine multiple httpfilter/cluster/router to reach your goal. Other smarter people can add.

I probably choose one from a) or b)
a) Use 2+ routes to select the target cluster from the 2 dynamic forward clusters
Since you are using dynamic_forward_proxy http filter and you expect branches after the dns resolve, you can write a new filter and insert after dynamic_forward_proxy. The new filter can

consume the destination ip and map to route recognisable token, e.g. adding http header "X-ip-pool: private" or "x-ip-pool: public"
refresh the route
Of course, you also to populate the routes, one route with "X-ip-pool:"

b) Use dynamic forward cluster but different behaviors upon ip pool.
Alternatively, you can choose the same cluster for both private and public ip pool. And use the subset/match/upstream_config to choose different behavior. I had an example in #13915 . I am not sure if the example code could work with dynamic_foward_cluster though.

aSapien · 2021-03-08T00:11:19Z

One more thing I just tried is using the domains list to match on the virtual_hosts configuration, instead of the filter_chain_match.

I was able to match the destination IP on the domains with a wildcard list using the http_connection_manager configuration below and running

          route_config:
            internal_only_headers: [] # TODO: Set intrnal headers
            name: local_route
            virtual_hosts:
            - name: local_service
              domains:
              - "127.*"
              routes:
              - match: 
                  prefix: "/"
                direct_response:
                  status: 200
                  body:
                    inline_string: |
                      Filter match!

However, since domains wildcards cannot really describe or enforce target CIDR filters, this configuration is not suited to solve the above issue that occurs when Envoy is configured to be a dynamic forward proxy.

aSapien · 2021-03-08T00:28:31Z

@lambdai thank you for the suggestions! I'm optimistic again :)

a)
...
consume the destination ip and map to route recognisable token

Can you please point me to any docs that would describe the process of implementing a new filter and how I can consume the destination IP from it?

b) Use dynamic forward cluster but different behaviors upon ip pool.

Is it possible to configure the target IP "filter" from within the cluster configuration?

lambdai · 2021-03-08T00:40:53Z

Can you please point me to any docs that would describe the process of implementing a new filter and how I can consume the destination IP from it?

I don't have the quick answer. You probably need to forge the existing https://github.com/envoyproxy/envoy/blob/main/source/extensions/filters/http/dynamic_forward_proxy/proxy_filter.cc

lambdai · 2021-03-08T00:43:47Z

Is it possible to configure the target IP "filter" from within the cluster configuration?

The upstream network filter within cluster: https://github.com/envoyproxy/envoy/blob/main/api/envoy/config/cluster/v3/cluster.proto#L963

aSapien · 2021-03-08T01:29:58Z

@lambdai I was thinking about this idea:

Create 2 listeners:

Listener1 that directs all the traffic to the dynamic_forward_proxy cluster.
Listener2 that has the filter_chain_match configured to match on specific IP CIDRs as in my example.

Then configure the dynamic_forward_proxy cluster use Listener2 as the only available upstream.

Will the dynamic_forward_proxy resolve the DNS and the "target" IP (resolved from the host header domain) will be the match candidate on the Listener2 filter chain?

lambdai · 2021-03-08T17:49:14Z

This generally works but there is a critical missing piece.
The filter chain match is always attached to a listener(in your example listener2) which listens on some L4 address "*:80", or ":443".

To complete the last piece, you can

Use iptables to redirect traffic to a port. Istio use this machenism, and redirect traffic to localport 15001. Thus you can use the listener "*:15001" and the filter chain matches there.
I am creating a short path between cluster and listener in the same envoy process. See Discussion: envoy internal connection #11725 The listener is WIP. But the wip listener allows the listener2 listening on a EnvoyInternalAddress(underlying is a string) and the destination address "public or private address" passed by metadata.
When my part of work is done, the downstream filter chain match and upstream cluster can be stitched together at almost 0 cost.

aSapien · 2021-03-09T17:35:37Z

@lambdai thanks for explaining. I see now that there's quite the missing piece there.

Use iptables to redirect traffic to a port. Istio use this machenism, and redirect traffic to localport 15001. Thus you can use the listener "*:15001" and the filter chain matches there.

Wow, I was reading through this blog post assuming it might help me understand, but I'm not very experienced with iptables and this solution is too-advanced-for-production in my use-case. However, it looks very interesting and I will try to understand it fully.

I am creating a short path between cluster and listener in the same envoy process. See Discussion: envoy internal connection #11725 The listener is WIP. But the wip listener allows the listener2 listening on a EnvoyInternalAddress(underlying is a string) and the destination address "public or private address" passed by metadata.

From what I understand, in my use case a listener (listener2) will be able to act as a router/gateway for outgoing traffic from dynamic_forward_proxy cluster? So it will use the filter_chain_match and pass requests to any (public or private) upstream, given that the filter chain matched?

I really need the dynamic_forward_proxy to somehow respect a filter chain prefix_ranges and act similar to a squid-proxy acl dst.

I think that restricting the destination IPs is an important feature in forward proxies. It seems like (2) will require some wiring/configuration support on dynamic_forward_proxy side. Should I open a feature request?

lambdai · 2021-03-09T21:05:46Z

Wow, I was reading through this blog post assuming it might help me understand, but I'm not very experienced with iptables and this solution is too-advanced-for-production in my use-case. However, it looks very interesting and I will try to understand it fully.

Yeah... It is somewhat overkill.

lambdai · 2021-03-09T21:12:47Z

I really need the dynamic_forward_proxy to somehow respect a filter chain prefix_ranges and act similar to a squid-proxy acl dst.

+1. It can be done by adding functionality in dynamic_forward_proxy cluster, or by chaining the dynamic_forward_proxy and the internal listener I am proposing in #15376

Both require a few changes in dynamic_forward_proxy. It's up to you whether you want to create a dedicated issue or CC more people in this one.

aSapien · 2021-03-10T15:09:52Z

Adding @mattklein123 @alyssawilk, the code owners of dynamic_forward_proxy 🙂

Dear code owners, I would love to have your blessing on the idea of enabling the filter-chain-match functionality (or equivalent) in the dynamic_forward_proxy. Any objections? Limitations? Complexity? WDYT?

mattklein123 · 2021-03-10T21:45:28Z

Dear code owners, I would love to have your blessing on the idea of enabling the filter-chain-match functionality (or equivalent) in the dynamic_forward_proxy. Any objections? Limitations? Complexity? WDYT?

Is there a TL/DR summary of the changes you would like to see?

aSapien · 2021-03-11T14:59:34Z

@mattklein123

The idea is to have an ability to configure an ACL to filter the target upstream of a request coming out of the dynamic_forward_proxy cluster.
So that when a client connects through Envoy's dynamic_forward_proxy, I would be able to configure allowed/disallowed upstream IPs/ports.

For example:

curl http://<envoy_ip>:10000 http://<allowed_ip>:<allowed_port> # Should pass

curl http://<envoy_ip>:10000 http://<disallowed_ip>:<or_allowed_port> # Should not pass

curl http://<envoy_ip>:10000 http://<domain_resolving_to_disallowed_ip> # Should not pass

The cluster configuration could look as follows:

  clusters:
  - name: dynamic_forward_proxy_cluster
    connect_timeout: 1s
    lb_policy: CLUSTER_PROVIDED
    cluster_type:
      name: envoy.clusters.dynamic_forward_proxy
      typed_config:
        "@type": type.googleapis.com/envoy.extensions.clusters.dynamic_forward_proxy.v3.ClusterConfig
        dns_cache_config:
          name: dynamic_forward_proxy_cache_config
          dns_lookup_family: V4_ONLY
+       upstream_filters:
+         - upstream_filter_match:
+           prefix_ranges:
+           - address_prefix: 10.0.0.0
+             prefix_len: 8
+           filters:
+             - direct_response:
+               status: 403
+               body:
+                 inline_string: |
+                   Forbidden
+         - upstream_filter_match:
+           prefix_ranges:
+           - address_prefix: 0.0.0.0
+             prefix_len: 0
+           filters:
+             - proxy_pass: {}

mattklein123 · 2021-03-11T17:28:19Z

Would a more general solution for ^ be upstream HTTP filters? #10455 cc @snowp

snowp · 2021-03-11T18:28:07Z

Yeah I think it would be a good fit, we'd be able to couple this with the unified matching and composite filters to provide per match filter application

aSapien · 2021-03-12T11:18:02Z

@mattklein123 Of course, I would always prefer the general solution as long as it provides the building blocks to compose for a specific use-case :)

@snowp I see that there hadn't been much activity in #10455 recently. What can be done to push it forward?

snowp · 2021-03-12T12:05:22Z

I haven't had the time to work on it in a bit, though if someone wants to pick it up I would happily review. There is still quite a bit of work left, I had #13095 open as a POC of integrating the filter manager with the router, which opens up for making upstream HTTP filters configurable via the API.

aSapien · 2021-03-22T11:20:53Z

I would pick it up but I'm afraid I need to catch up on my cpp first 😅

github-actions · 2021-04-21T12:01:24Z

This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or "no stalebot" or other activity occurs. Thank you for your contributions.

github-actions · 2021-04-28T12:01:44Z

This issue has been automatically closed because it has not had activity in the last 37 days. If this issue is still valid, please ping a maintainer and ask them to label it as "help wanted" or "no stalebot". Thank you for your contributions.

aSapien added bug triage Issue requires triage labels Mar 6, 2021

dio removed the triage Issue requires triage label Mar 7, 2021

aSapien changed the title ~~unable to use filter_chain_match with prefix_ranges~~ filter_chain_match does not apply to dynamic_forward_proxy HTTP targets Mar 8, 2021

mattklein123 added area/http question Questions that are neither investigations, bugs, nor enhancements and removed bug labels Mar 8, 2021

github-actions bot added the stale stalebot believes this issue/PR has not been touched recently label Apr 21, 2021

github-actions bot closed this as completed Apr 28, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

filter_chain_match does not apply to dynamic_forward_proxy HTTP targets #15348

filter_chain_match does not apply to dynamic_forward_proxy HTTP targets #15348

aSapien commented Mar 6, 2021

dio commented Mar 7, 2021

lambdai commented Mar 7, 2021

aSapien commented Mar 7, 2021

aSapien commented Mar 7, 2021

lambdai commented Mar 8, 2021 •

edited

Loading

aSapien commented Mar 8, 2021

aSapien commented Mar 8, 2021

lambdai commented Mar 8, 2021

lambdai commented Mar 8, 2021

aSapien commented Mar 8, 2021 •

edited

Loading

lambdai commented Mar 8, 2021

aSapien commented Mar 9, 2021

lambdai commented Mar 9, 2021

lambdai commented Mar 9, 2021

aSapien commented Mar 10, 2021

mattklein123 commented Mar 10, 2021

aSapien commented Mar 11, 2021 •

edited

Loading

mattklein123 commented Mar 11, 2021

snowp commented Mar 11, 2021

aSapien commented Mar 12, 2021

snowp commented Mar 12, 2021

aSapien commented Mar 22, 2021

github-actions bot commented Apr 21, 2021

github-actions bot commented Apr 28, 2021

filter_chain_match does not apply to dynamic_forward_proxy HTTP targets #15348

filter_chain_match does not apply to dynamic_forward_proxy HTTP targets #15348

Comments

aSapien commented Mar 6, 2021

dio commented Mar 7, 2021

lambdai commented Mar 7, 2021

aSapien commented Mar 7, 2021

aSapien commented Mar 7, 2021

lambdai commented Mar 8, 2021 • edited Loading

aSapien commented Mar 8, 2021

aSapien commented Mar 8, 2021

lambdai commented Mar 8, 2021

lambdai commented Mar 8, 2021

aSapien commented Mar 8, 2021 • edited Loading

lambdai commented Mar 8, 2021

aSapien commented Mar 9, 2021

lambdai commented Mar 9, 2021

lambdai commented Mar 9, 2021

aSapien commented Mar 10, 2021

mattklein123 commented Mar 10, 2021

aSapien commented Mar 11, 2021 • edited Loading

mattklein123 commented Mar 11, 2021

snowp commented Mar 11, 2021

aSapien commented Mar 12, 2021

snowp commented Mar 12, 2021

aSapien commented Mar 22, 2021

github-actions bot commented Apr 21, 2021

github-actions bot commented Apr 28, 2021

lambdai commented Mar 8, 2021 •

edited

Loading

aSapien commented Mar 8, 2021 •

edited

Loading

aSapien commented Mar 11, 2021 •

edited

Loading