From 5602f131f16a933a6c298e35bff859d0b91d1cc3 Mon Sep 17 00:00:00 2001
From: Dan McCombs <dmccombs@dyn.com>
Date: Mon, 30 Oct 2017 18:50:55 -0400
Subject: [PATCH] Add configuration option to disable IP_BIND_ADDRESS_NO_PORT.

---
 pdns/dnsdist-lua.cc                        | 4 ++++
 pdns/dnsdist-tcp.cc                        | 4 +++-
 pdns/dnsdist.hh                            | 1 +
 pdns/dnsdistdist/docs/reference/config.rst | 1 +
 4 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/pdns/dnsdist-lua.cc b/pdns/dnsdist-lua.cc
index 64f9e54a5..9ddb588e6 100644
--- a/pdns/dnsdist-lua.cc
+++ b/pdns/dnsdist-lua.cc
@@ -477,6 +477,10 @@ vector<std::function<void(void)>> setupLua(bool client, const std::string& confi
 			  ret->useECS=boost::get<bool>(vars["useClientSubnet"]);
 			}
 
+			if(vars.count("ipBindAddrNoPort")) {
+			  ret->ipBindAddrNoPort=boost::get<bool>(vars["ipBindAddrNoPort"]);
+			}
+
 			if(vars.count("maxCheckFailures")) {
 			  ret->maxCheckFailures=std::stoi(boost::get<string>(vars["maxCheckFailures"]));
 			}
diff --git a/pdns/dnsdist-tcp.cc b/pdns/dnsdist-tcp.cc
index 6c3d3e02b..e74ac4a39 100644
--- a/pdns/dnsdist-tcp.cc
+++ b/pdns/dnsdist-tcp.cc
@@ -56,7 +56,9 @@ static int setupTCPDownstream(shared_ptr<DownstreamState> ds, uint16_t& downstre
       if (!IsAnyAddress(ds->sourceAddr)) {
         SSetsockopt(sock, SOL_SOCKET, SO_REUSEADDR, 1);
 #ifdef IP_BIND_ADDRESS_NO_PORT
-        SSetsockopt(sock, SOL_IP, IP_BIND_ADDRESS_NO_PORT, 1);
+        if (ds->ipBindAddrNoPort) {
+          SSetsockopt(sock, SOL_IP, IP_BIND_ADDRESS_NO_PORT, 1);
+        }
 #endif
         SBind(sock, ds->sourceAddr);
       }
diff --git a/pdns/dnsdist.hh b/pdns/dnsdist.hh
index f745904b2..c9ff9bb5a 100644
--- a/pdns/dnsdist.hh
+++ b/pdns/dnsdist.hh
@@ -631,6 +631,7 @@ struct DownstreamState
   bool setCD{false};
   std::atomic<bool> connected{false};
   bool tcpFastOpen{false};
+  bool ipBindAddrNoPort{true};
   bool isUp() const
   {
     if(availability == Availability::Down)
diff --git a/pdns/dnsdistdist/docs/reference/config.rst b/pdns/dnsdistdist/docs/reference/config.rst
index 049788874..cb167e78c 100644
--- a/pdns/dnsdistdist/docs/reference/config.rst
+++ b/pdns/dnsdistdist/docs/reference/config.rst
@@ -224,6 +224,7 @@ Servers
       tcpSendTimeout=NUM,    -- The timeout (in seconds) of a TCP write attempt
       tcpRecvTimeout=NUM,    -- The timeout (in seconds) of a TCP read attempt
       tcpFastOpen=BOOL,      -- Whether to enable TCP Fast Open
+      ipBindAddrNoPort=BOOL, -- Whether to enable IP Bind Address No Port
       name=STRING,           -- The name associated to this backend, for display purpose
       checkName=STRING,      -- Use STRING as QNAME in the health-check query, default: "a.root-servers.net."
       checkType=STRING,      -- Use STRING as QTYPE in the health-check query, default: "A"
-- 
2.40.0