val InetSocketAddress.socketHost: String get() {
      // The InetSocketAddress was specified with a string (either a numeric IP or a host name). If
      // it is a name, all IPs for that name should be tried. If it is an IP address, only that IP
      // address should be tried.
      val address = address ?: return hostName

            IpAttempts ip = entry.getValue();
            return !ip.isBlocked() && ip.getLastAttempt().plus(cleanupInterval).isBefore(now);
        });

        log.debug("Cleaned up rate limiter entries. Accounts: {}, IPs: {}", accountAttempts.size(), ipAttempts.size());
    }

    /**
     * Manually unlock an account
     *
     * @param username the username to unlock

    @Test
    public void testDifferentIpsIndependent() throws Exception {
        // Different IPs should have independent limits
        for (int i = 1; i <= 3; i++) {
            assertTrue(rateLimiter.checkAttempt("user1", "192.168.1." + i));
            rateLimiter.recordFailure("user1", "192.168.1." + i);
        }

        // All different IPs should still be allowed
        for (int i = 1; i <= 3; i++) {

- The `CloudDualStackNodeIPs` feature is now `beta`, meaning that when using
  an external cloud provider that has been updated to support the feature,
  you can pass comma-separated dual-stack `--node-ips` to `kubelet` and have
  the cloud provider take both IPs into account. ([#120275](https://github.com/kubernetes/kubernetes/pull/120275), [@danwinship](https://github.com/danwinship))

- Kube-proxy, when using a Service with External or LoadBalancer IPs on UDP services , was consuming a large amount of CPU because it was not filtering by the Service destination port and trying to delete all the UDP entries associated to the service. ([#130505](https://github.com/kubernetes/kubernetes/pull/130505),...

Distributions or administrators of Kubernetes may want to control that new Service CIDRs added to the cluster do not overlap with other networks on the cluster, that only belong to a specific range of IPs. Administrators may also prefer to retain the existing behavior of only having one ServiceCIDR per cluster. You can use `ValidatingAdmissionPolicy` to achieve this. ([#128971](https://github.com/kubernetes/kubernetes/pull/128971), [@aojea](https://github.com/aojea))...

        for (;;) {
            try {
                doConnect();
                return;
            } catch (final SmbAuthException sae) {
                throw sae; // Prevents account lockout on servers with multiple IPs
            } catch (final SmbException se) {
                if (getNextAddress() == null) {
                    throw se;
                }
                if (LogStream.level >= 3) {

   ([#123599](https://github.com/kubernetes/kubernetes/pull/123599), [@bobbypage](https://github.com/bobbypage))
- Changed `--nodeport-addresses` behavior to default to "primary node IP(s) only" rather than "all node IPs".
   ([#122724](https://github.com/kubernetes/kubernetes/pull/122724), [@nayihz](https://github.com/nayihz))

- KEP-1880: Users of the new feature to add multiple service CIDR will use by default a dual-write strategy on the new ClusterIP allocators to avoid the problem of possible duplicate IPs allocated to Services when running skewed kube-apiservers using different allocators. They can opt-out of this behavior by enabled the feature gate DisableAllocatorDualWrite. ([#122047](https://github.com/kubernetes/kubernetes/pull/122047), [@aojea...

- Fixed a regression in kube-proxy where it might refuse to start if given
  single-stack IPv6 configuration options on a node that has both IPv4 and
  IPv6 IPs. ([#121008](https://github.com/kubernetes/kubernetes/pull/121008), [@danwinship](https://github.com/danwinship)) [SIG Network]