Why consul can only listen on one interface

The mesh gateway needs 8300 to listen on the internal network and external network at the same time, but the Docker Swarm network can only bridge the publish port of the network to the external network, so either wan cannot be used for intercommunication, or there can only be one server in the internal network, such a design hope to improve

Hi @pengln,

Mesh gateways can be configured to listen on multiple addresses by providing the -bind-address flag multiple times when starting the gateway. For example:

$ consul connect envoy -register -gateway=mesh \
    -bind-address="lan=192.0.2.10:8443" \
    -bind-address="wan=203.0.113.200:8443"

Since it sounds like you are having trouble configuring this, do you mind providing a bit more information on your specific deployment environment so that we can help you identify a configuration that works for your needs?

First of all thanks for your help.

I use Docker Swarm’s Service to deploy Consul. The best workaround is to use the Overlay network, which is causing me a huge annoyance.

Consul’s 8300 port can only listen on the Bind interface, and can only listen on one interface. This leads to the fact that if I let him listen on the overlay’s network card, other servers in the data center can form a server cluster, but I can’t publish port 8300 to the public network, because even if you configure such port mapping, The data of the public network cannot be forwarded to the interface of the overlay. If I bind to the bridge network card, then the 8300 port can be forwarded to the public network, so the mesh gateway can work normally (it has been tested), but the problem is that the servers on other machines in the data center cannot access this 8300 port, which makes it impossible to Join the cluster.

If there is a parameter to specify that port 8300 can be bound to 0.0.0.0, then this problem can be solved perfectly.