From b2b4b66b08e6386a4e4251dc974da5fef73c6d54 Mon Sep 17 00:00:00 2001
From: Romain <rtribotte@users.noreply.github.com>
Date: Tue, 22 Jul 2025 11:10:05 +0200
Subject: [PATCH] Disable MPTCP by default

Co-authored-by: Kevin Pollet <pollet.kevin@gmail.com>
---
 docs/content/migration/v2.md        | 11 +++++++++++
 pkg/server/server_entrypoint_tcp.go | 10 +++++++++-
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/docs/content/migration/v2.md b/docs/content/migration/v2.md
index a2106a5cd..70261ead3 100644
--- a/docs/content/migration/v2.md
+++ b/docs/content/migration/v2.md
@@ -703,3 +703,14 @@ and Traefik now keeps them encoded to avoid any ambiguity.
 | `/foo/../bar`     | PathPrefix(`/bar`)     | Match            | Match            |
 | `/foo/%2E%2E/bar` | PathPrefix(`/foo`)     | Match            | No match         |
 | `/foo/%2E%2E/bar` | PathPrefix(`/bar`)     | No match         | Match            |
+
+## v2.11.28
+
+### MultiPath TCP
+
+Since `v2.11.28`, the MultiPath TCP support introduced with `v2.11.26` has been removed.
+It appears that enabling MPTCP on some platforms can cause Traefik to stop with the following error logs message:
+
+- `set tcp X.X.X.X:X->X.X.X.X:X: setsockopt: operation not supported`
+
+However, it can be re-enabled by setting the `multipathtcp` variable in the GODEBUG environment variable, see the related [go documentation](https://go.dev/doc/godebug#go-124).
diff --git a/pkg/server/server_entrypoint_tcp.go b/pkg/server/server_entrypoint_tcp.go
index 3257d6720..1036240cf 100644
--- a/pkg/server/server_entrypoint_tcp.go
+++ b/pkg/server/server_entrypoint_tcp.go
@@ -457,7 +457,15 @@ func buildProxyProtocolListener(ctx context.Context, entryPoint *static.EntryPoi
 }
 
 func buildListener(ctx context.Context, entryPoint *static.EntryPoint) (net.Listener, error) {
-	listener, err := net.Listen("tcp", entryPoint.GetAddress())
+	config := net.ListenConfig{}
+
+	// TODO: Look into configuring keepAlive period through listenConfig instead of our custom tcpKeepAliveListener, to reactivate MultipathTCP?
+	// MultipathTCP is not supported on all platforms, and is notably unsupported in combination with TCP keep-alive.
+	if !strings.Contains(os.Getenv("GODEBUG"), "multipathtcp") {
+		config.SetMultipathTCP(false)
+	}
+
+	listener, err := config.Listen(ctx, "tcp", entryPoint.GetAddress())
 	if err != nil {
 		return nil, fmt.Errorf("error opening listener: %w", err)
 	}