When using Istio on an IPv6 Amazon EKS cluster (with the associated host-only private IPv4 addressing, that is not advertised to the k8s control plane), we have noticed that envoy is only listening on IPv6 addresses.
When trying to access an IPv4 endpoint from within the container, we get connection refused, as iptables is redirecting to a localhost IPv4 address, but envoy is not listening. As a workaround, we can annotate the pod with "traffic.sidecar.istio.io/excludeOutboundIPRanges": "0.0.0.0/0", but that traffic is not intercepted by istio.
We have tried to enable dual-stack support by following the instructions at Istio / Support for Dual Stack Kubernetes Clusters, but envoy still only listens on the IPv4 address.
How can we force envoy to listen on both [::] and 0.0.0.0, so that both IPv6 and IPv4 interception works on EKS?