Skip to content

WASM Networking

WASM sandboxes do not receive a routable container NIC. HTTP ingress is host-mediated: Caddy dials a loopback mediator on the worker, and sandboxd forwards requests into the guest wasip1 listener. The port you pass to expose_port is a routing key for public URLs, not the TCP port the guest binds inside WASI.

For sandbox creation and durability, see WASM Sandbox. For operator-owned hostnames and TLS, see Custom Domains.

Call exposePort with protocol http (the default). The preview URL shape is {sandbox-id}-{port}.{domain}.

const exposure = await sandbox.exposePort(8080, { protocol: 'http' })
console.log(exposure.url)

expose_port is idempotent: retries return the same public URL without walking the port pool again.

Attach a hostname with target_port selecting which logical service receives traffic:

target_portRoutes to
0Toolbox (same dial shape as the default {id}.{domain} sandbox URL)
Exposed HTTP port (e.g. 8080)Guest HTTP through the host mediator (same upstream as the preview URL)
await sandbox.customDomains.add('api.acme.com', { port: 8080 })

You may attach a custom domain before expose_port; once the port is exposed, Caddy routes refresh automatically. If the sandbox already exposes HTTP ports, target_port must match one of them (or 0 for toolbox).

  • Ingress: wasip1 HTTP server using the pre-open TCP listener (WASIListenPort: 0 binds an ephemeral host port). TinyGo and production guests discover the listener via WASI socket APIs.
  • Egress: outbound TCP/UDP goes through the aerol/vm/net host hook (see WASM Architecture).
  • Filesystem: guests that serve files from /work while listening should use WASI socket discovery (listener fd may be greater than 3 when /work is pre-opened). Reference wazero test modules that hardcode fd 3 are for engine tests only.
  • TCP and TLS expose_port are not supported on WASM (runtime not implemented).
  • Native WASI Preview 2 / Component Model ingress is not available on the default wazero engine.
  • Custom domains cannot coexist with TCP/TLS exposed ports on the same sandbox (the same rule as Docker sandboxes).