specify target service hostname instead of address for waypoint destination

garrettheel · garrettheel · commit 0d226cb817fb · 2026-03-10T11:55:50.000-04:00
diff --git a/src/proxy/outbound.rs b/src/proxy/outbound.rs
@@ -475,8 +475,8 @@ impl OutboundConnection {
     // bytes without trying to interpret it.
     //
     // NOTE: when connecting through an E/W gateway, regardless of whether there is
-    // a waypoint or not, we always use service hostname and the service port. It's
-    // somewhat different from how regular HBONE works, so I'm calling it out here.
+    // a waypoint or not, we always use service hostname and the service port.
+    // This is also the case for service-addressed waypoint traffic (see build_request).
     async fn build_request_through_gateway(
         &self,
         source: Arc<Workload>,
@@ -578,7 +578,10 @@ impl OutboundConnection {
                 return Ok(Request {
                     protocol: OutboundProtocol::HBONE,
                     source: source_workload,
-                    hbone_target_destination: Some(HboneAddress::SocketAddr(target)),
+                    hbone_target_destination: Some(HboneAddress::SvcHostname(
+                        target_service.hostname.clone(),
+                        target.port(),
+                    )),
                     actual_destination_workload: Some(waypoint.workload),
                     intended_destination_service: Some(ServiceDescription::from(&*target_service)),
                     actual_destination,
@@ -1515,6 +1518,7 @@ mod tests {
             "127.0.0.1",
             "127.0.0.3:80",
             XdsAddressType::Service(XdsService {
+                hostname: "example.com".to_string(),
                 addresses: vec![XdsNetworkAddress {
                     network: "".to_string(),
                     address: vec![127, 0, 0, 3],
@@ -1534,10 +1538,10 @@ mod tests {
                 }),
                 ..Default::default()
             }),
-            // Should use the waypoint
+            // Should use the waypoint with service hostname as authority
             Some(ExpectedRequest {
                 protocol: OutboundProtocol::HBONE,
-                hbone_destination: "127.0.0.3:80",
+                hbone_destination: "example.com:80",
                 destination: "127.0.0.10:15008",
             }),
         )
@@ -1912,7 +1916,7 @@ mod tests {
             Some(ExpectedRequest {
                 protocol: OutboundProtocol::HBONE,
                 destination: "127.0.0.10:15008",
-                hbone_destination: "1.2.3.4:80",
+                hbone_destination: "example.com:80",
             }),
         )
         .await;
diff --git a/tests/namespaced.rs b/tests/namespaced.rs
@@ -447,13 +447,13 @@ mod namespaced {
 
         let sent = format!("{REQ_SIZE}");
         let recv = format!("{HBONE_REQ_SIZE}");
-        let hbone_addr = format!("{TEST_VIP}:80");
+        let hbone_addr = "service.default.svc.cluster.local:80";
         let dst_addr = format!("{waypoint_ip}:15008");
         let want = HashMap::from([
             ("scope", "access"),
             ("src.workload", "client"),
             ("dst.workload", "waypoint"),
-            ("dst.hbone_addr", &hbone_addr),
+            ("dst.hbone_addr", hbone_addr),
             ("dst.addr", &dst_addr),
             ("bytes_sent", &sent),
             ("bytes_recv", &recv),
