ipng/nginx-ipng-stats-plugin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Strip socket options on cross-cscf repeat listens (v0.7.2)

Browse Source 
Make the shared-listen-include pattern work with `reuseport` and the
other socket-level listen options. Nginx core enforces at-most-once
per sockaddr on options that set lsopt.set=1 (reuseport, bind,
backlog=, rcvbuf=, sndbuf=, setfib=, fastopen=, accept_filter=,
deferred, ipv6only=, so_keepalive=) and emits "duplicate listen
options for <addr>" otherwise. That rule collides with a single
listens.conf included from every vhost — each vhost's include
re-submits the same options.

The listen wrapper now detects the cross-cscf case, strips those
options from cf->args before delegating to the core handler, and
logs one notice per stripped listen. The first cscf owns the
options on the kernel socket; later cscfs merge cleanly via
ngx_http_add_server. Protocol-level flags (ssl, http2, quic,
proxy_protocol) pass through untouched since nginx OR-merges those
across cscfs.

This unblocks `reuseport` for deployments that want better
new-connection spread across workers.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Pim van Pelt
2026-04-19 16:23:58 +02:00
parent badb684431
commit 7ed77f5b22
8 changed files with 168 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
debian/changelog vendored
View File

@@ -1,3 +1,23 @@
nginx-ipng-stats-plugin (0.7.2-1) unstable; urgency=medium
* Pre-release v0.7.2.
- Listen wrapper now strips socket-level options (reuseport,
bind, backlog=, rcvbuf=, sndbuf=, setfib=, fastopen=,
accept_filter=, deferred, ipv6only=, so_keepalive=) from
cf->args when a sockaddr recurs under a different server
block. Previously this pattern — typical with a shared
`include listens.conf;` across vhosts — tripped nginx's
"duplicate listen options for <addr>" check because those
options are one-shot per kernel socket. The first cscf now
owns the options on the shared kernel socket and later
cscfs merge cleanly via ngx_http_add_server. A NOTICE is
logged each time socket options are stripped. This makes
`reuseport` usable with the shared-include deployment
pattern from docs/user-guide.md, which helps worker
load-balancing on busy hosts.
-- Pim van Pelt <pim@ipng.ch> Sun, 19 Apr 2026 16:30:00 +0200
nginx-ipng-stats-plugin (0.7.1-1) unstable; urgency=medium
* Pre-release v0.7.1.