Add TCP route matching functionality to the V3 API

[Arthur-Befumo]

This functionality is relevant for the following example use case:

• Envoy is deployed as a forward tcp-proxy
• I want to only proxy connections for specific combinations of destination ports / IPs
• I may have a very large number of these combinations, e.g. I want to proxy any request to 1.1.1.1 in the port range 20_000 - 50_000)

Based on my understanding of the V3 API, in order to achieve the specific example above I need 30_000 Filter Chains, where the Nth FilterChainMatch looks something like

{
    destination_port: 20_000 + N
    prefix_ranges: ["1.1.1.1/32"]
}

This seems like overkill from a configuration perspective, since each Filter Chain is otherwise identical (terminates with a tcp_proxy filter pointed at a single cluster).

While searching for better solutions to this specific use case, I found #345 for adding functionality to specify multiple Routes within the tcp_proxy filter. It appears that this was implemented in V2 but abandoned for the V3 API.

Is there a reason this functionality does not exist for V3? Is it something that could potentially be added?

A separate alternative that would also address my use case would be to expand FilterChainMatches to handle port ranges instead of just individual ports, but I'm not sure what the scope / impact of that change would be.

[kyessenov]

Have you considered using the matching API for filter chains (https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/matching/matching_listener)?
I think you could accomplish this with a list matcher, each with AND predicate for the IP and the port range.
If you want sub-linear matching, then you could use a trie matcher on IP first, then the port predicate next.
The new API avoids repetition of filter chains using indirection with a filter chain name.

[Arthur-Befumo]

Thank you for the reply @kyessenov! That API looks like an exact "match" for my use case.

Closing as answered.