An application running on a server, e.g., within a virtual machine, may use a socket to define the protocol for expected communications and bind the socket and service (commonly referred to as a port or by a port number) to a single or to all of the network interfaces available on the server. For example, each network interface may be assigned an Internet Protocol (IP) address. Communications received that are directed to the IP address and port number are placed in a buffer for or otherwise passed to the corresponding application.
Using Berkeley Software Distribution (BSD) sockets, an administrator or management software can use the bind system call to associate a port number and a socket for an application to a single interface IP address or to all interface IP addresses. The BSD sockets bind system call, however, does support binding to a subset of two or more, but less than all, interfaces. The bind system call also does not support binding to a dynamic subset of interfaces. Binding to all interfaces requires little management but is inefficient and insecure. For example, a service unrelated to management of a server may bind to an interface dedicated to management traffic. With the growing scale of interfaces in devices (e.g., in a host server providing a virtualized computing environment), the dynamic nature of interfaces (e.g., IP addresses being added, removed, or otherwise changing), and the separation of resources within a server for different services and/or tenants, binding to individual interfaces requires significant management. In particular, when an IP address is changed, added, or removed and the application is not bound to “all,” the application may need to be restarted to update the binding to one or more new IP addresses.