Why are ports so limited?

I added a services.ports section with port = 5222 and validate says:

Port must be one of: [25, 53, 80, 443, 5000, 25565, 8443, 10000..10100]

Why so limited?

There isn’t a great reason. It’s an artifact an older version of our architecture, in which haproxy ran in front of fly-proxy, our Anycast CDN layer. It’s easy to get haproxy to listen on a specific set of ports and trickier to get it to listen on every port.

We evicted haproxy from the Anycast front-end several months ago and now own that layer completely with our own code, so it’s possible for us to accept Anycast traffic on any port. But how exactly we implement that is a question with multiple answers, and the “best” answer (the one we like most right now) is waiting on a fleet-wide OS update.

A shorter way to say the same thing: it’s high on our priority list to change this, but not so high that it’s already done. :slight_smile:

In the meantime: if there’s a port you want, let us know!

I’m trying to deploy some XMPP based services on fly. While they can in principle use any port, the defaults are 5222 and 5269, so it would be nice to use those.

My app also is used to using 3478, 3479, 5349 and 5350

That’s all for TCP. For UDP it’s my understanding from other threads that I can just write any one port but in practise get traffic on any port I listen on, right?

Yep, our Anycast UDP is implemented entirely in BPF and doesn’t care what ports you use.

Ok. so any chance 5222, 5269, 3478, 5349, and 5350 could get added? Thanks :slight_smile: