# socket_server

> For the complete documentation index, see [llms.txt](https://docs.redpanda.com/llms.txt). Component-specific: [connect-full.txt](https://docs.redpanda.com/connect-full.txt)

---
title: socket_server
latest-connect-version: 4.93.0
latest-operator-version: v26.1.4
latest-console-tag: v3.7.3
latest-redpanda-tag: v26.1.9
docname: inputs/socket_server
page-component-name: connect
page-version: master
page-component-version: master
page-component-title: Connect
page-relative-src-path: inputs/socket_server.adoc
page-edit-url: https://github.com/redpanda-data/rp-connect-docs/edit/main/modules/components/pages/inputs/socket_server.adoc
page-git-created-date: "2024-05-24"
page-git-modified-date: "2026-05-26"
---

<!-- Source: https://docs.redpanda.com/connect/components/inputs/socket_server.md -->

**Available in:** Self-Managed

Creates a server that receives a stream of messages over a TCP, UDP or Unix socket.

```yml
inputs:
  label: ""
  socket_server:
    network: "" # No default (required)
    address: "" # No default (required)
    address_cache: "" # No default (optional)
    tls:
      cert_file: "" # No default (optional)
      key_file: "" # No default (optional)
      self_signed: false
      client_auth: no
    auto_replay_nacks: true
    scanner:
      lines: {}
```

## [](#fields)Fields

### [](#address)`address`

The address to listen from.

**Type**: `string`

```yaml
# Examples:
address: /tmp/benthos.sock

# ---

address: 0.0.0.0:6000
```

### [](#address_cache)`address_cache`

An optional [`cache`](https://docs.redpanda.com/connect/components/caches/about/) within which this input should write it’s bound address once known. The key of the cache item containing the address will be the label of the component suffixed with `_address` (e.g. `foo_address`), or `socket_server_address` when a label has not been provided. This is useful in situations where the address is dynamically allocated by the server (`127.0.0.1:0`) and you want to store the allocated address somewhere for reference by other systems and components.

Requires version 4.25.0 or later.

**Type**: `string`

### [](#auto_replay_nacks)`auto_replay_nacks`

Whether messages that are rejected (nacked) at the output level should be automatically replayed indefinitely, eventually resulting in back pressure if the cause of the rejections is persistent. If set to `false` these messages will instead be deleted. Disabling auto replays can greatly improve memory efficiency of high throughput streams as the original shape of the data can be discarded immediately upon consumption and mutation.

**Type**: `bool`

**Default**: `true`

### [](#network)`network`

A network type to accept.

**Type**: `string`

**Options**: `unix`, `tcp`, `udp`, `tls`, `unixgram`

### [](#scanner)`scanner`

The [scanner](https://docs.redpanda.com/connect/components/scanners/about/) by which the stream of bytes consumed will be broken out into individual messages. Scanners are useful for processing large sources of data without holding the entirety of it within memory. For example, the `csv` scanner allows you to process individual CSV rows without loading the entire CSV file in memory at once.

Requires version 4.25.0 or later.

**Type**: `scanner`

**Default**:

```yaml
lines: {}
```

### [](#tcp)`tcp`

TCP listener socket configuration.

**Type**: `object`

### [](#tcp-reuse_addr)`tcp.reuse_addr`

Enable SO\_REUSEADDR, allowing binding to ports in TIME\_WAIT state. Useful for graceful restarts and config reloads where the server needs to rebind to the same port immediately after shutdown.

**Type**: `bool`

**Default**: `false`

### [](#tcp-reuse_port)`tcp.reuse_port`

Enable SO\_REUSEPORT, allowing multiple sockets to bind to the same port for load balancing across multiple processes/threads.

**Type**: `bool`

**Default**: `false`

### [](#tls)`tls`

TLS specific configuration, valid when the `network` is set to `tls`.

**Type**: `object`

### [](#tls-cert_file)`tls.cert_file`

PEM encoded certificate for use with TLS.

**Type**: `string`

### [](#tls-client_auth)`tls.client_auth`

Specifies how client authentication is handled when using TLS.

Requires version 4.44.1 or later.

**Type**: `string`

**Default**: `no`

| Option | Summary |
| --- | --- |
| no | client certificate is not requested nor required. |
| request | will request client certificate, not require it. |
| require_any | will accept any client certificate, even if not valid. |
| require_valid | requires a valid client certificate. |
| verify_if_given | will verify a certificate, if one is sent by the client. |

### [](#tls-key_file)`tls.key_file`

PEM encoded private key for use with TLS.

**Type**: `string`

### [](#tls-self_signed)`tls.self_signed`

Whether to generate self signed certificates.

**Type**: `bool`

**Default**: `false`