Description
We are using shadowsocks to proxy both TCP and UDP traffic. We want to use the outbound_bind_addr to send outbound traffic from ssserver from a different IP address. We are only using IPv4 in our environment.
We are seeing an issue where outbound UDP traffic from ssserver does not use the outbound_bind_addr when outbound_bind_addr is an IPv4 address. Instead, outbound UDP traffic uses the ssserver server IP. Outbound TCP traffic does use the outbound_bind_addr correctly.
It looks like this is happening because when a UDP socket is created, it expects the AddrFamily and the SocketAddr to be the same type for the bind_addr to be applied. But for UDP it looks like the AddrFamily is always IPv6, even though the outbound_bind_addr is IPv4. This causes the match statement for bind_addr assignment to not apply the configured outbound_bind_addr and it defaults to the ssserver server IP instead.
In our testing, if we use an IPv4-mapped IPv6 address for the outbound_bind_addr, UDP traffic successfully originates from the IPv6 outbound_bind_addr but TCP traffic is unsuccessful.
How can we enable an IPv4 outbound_bind_addr for TCP and UDP traffic?
An idea could be to make dual stack configuration configurable as a ssserver config option, so using only IPv4 or only IPv6 are options. Alternatively, maybe we could default to using IPv4 for outbound UDP connections if the outbound_bind_addr is an IPv4. If you can suggest a solution, we’re happy to push up a patch.