diff --git a/BUILD b/BUILD
index 5f5acd1e..1ba6e68a 100644
--- a/BUILD
+++ b/BUILD
@@ -171,6 +171,7 @@ proto_library(
         "//envoy/extensions/filters/http/rbac/v3:pkg",
         "//envoy/extensions/filters/http/router/v3:pkg",
         "//envoy/extensions/filters/http/set_metadata/v3:pkg",
+        "//envoy/extensions/filters/http/stateful_session/v3:pkg",
         "//envoy/extensions/filters/http/tap/v3:pkg",
         "//envoy/extensions/filters/http/wasm/v3:pkg",
         "//envoy/extensions/filters/listener/http_inspector/v3:pkg",
@@ -211,6 +212,7 @@ proto_library(
         "//envoy/extensions/http/header_formatters/preserve_case/v3:pkg",
         "//envoy/extensions/http/original_ip_detection/custom_header/v3:pkg",
         "//envoy/extensions/http/original_ip_detection/xff/v3:pkg",
+        "//envoy/extensions/http/stateful_session/cookie/v3:pkg",
         "//envoy/extensions/internal_redirect/allow_listed_routes/v3:pkg",
         "//envoy/extensions/internal_redirect/previous_routes/v3:pkg",
         "//envoy/extensions/internal_redirect/safe_cross_scheme/v3:pkg",
diff --git a/envoy/extensions/filters/http/stateful_session/v3/BUILD b/envoy/extensions/filters/http/stateful_session/v3/BUILD
new file mode 100644
index 00000000..1c1a6f6b
--- /dev/null
+++ b/envoy/extensions/filters/http/stateful_session/v3/BUILD
@@ -0,0 +1,12 @@
+# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py.
+
+load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package")
+
+licenses(["notice"])  # Apache 2
+
+api_proto_package(
+    deps = [
+        "//envoy/config/core/v3:pkg",
+        "@com_github_cncf_udpa//udpa/annotations:pkg",
+    ],
+)
diff --git a/envoy/extensions/filters/http/stateful_session/v3/stateful_session.proto b/envoy/extensions/filters/http/stateful_session/v3/stateful_session.proto
new file mode 100644
index 00000000..54efd713
--- /dev/null
+++ b/envoy/extensions/filters/http/stateful_session/v3/stateful_session.proto
@@ -0,0 +1,40 @@
+syntax = "proto3";
+
+package envoy.extensions.filters.http.stateful_session.v3;
+
+import "envoy/config/core/v3/extension.proto";
+
+import "udpa/annotations/status.proto";
+import "validate/validate.proto";
+
+option java_package = "io.envoyproxy.envoy.extensions.filters.http.stateful_session.v3";
+option java_outer_classname = "StatefulSessionProto";
+option java_multiple_files = true;
+option go_package = "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/stateful_session/v3;stateful_sessionv3";
+option (udpa.annotations.file_status).package_version_status = ACTIVE;
+
+// [#protodoc-title: Stateful session filter]
+// Stateful session :ref:`configuration overview <config_http_filters_stateful_session>`.
+// [#extension: envoy.filters.http.stateful_session]
+
+message StatefulSession {
+  // Specific implementation of session state. This session state will be used to store and
+  // get address of the upstream host to which the session is assigned.
+  //
+  // [#extension-category: envoy.http.stateful_session]
+  config.core.v3.TypedExtensionConfig session_state = 1
+      [(validate.rules).message = {required: true}];
+}
+
+message StatefulSessionPerRoute {
+  oneof override {
+    option (validate.required) = true;
+
+    // Disable the stateful session filter for this particular vhost or route. If disabled is
+    // specified in multiple per-filter-configs, the most specific one will be used.
+    bool disabled = 1 [(validate.rules).bool = {const: true}];
+
+    // Per-route stateful session configuration that can be served by RDS or static route table.
+    StatefulSession stateful_session = 2;
+  }
+}
diff --git a/envoy/extensions/http/stateful_session/cookie/v3/BUILD b/envoy/extensions/http/stateful_session/cookie/v3/BUILD
new file mode 100644
index 00000000..7a3fc432
--- /dev/null
+++ b/envoy/extensions/http/stateful_session/cookie/v3/BUILD
@@ -0,0 +1,12 @@
+# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py.
+
+load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package")
+
+licenses(["notice"])  # Apache 2
+
+api_proto_package(
+    deps = [
+        "//envoy/type/http/v3:pkg",
+        "@com_github_cncf_udpa//udpa/annotations:pkg",
+    ],
+)
diff --git a/envoy/extensions/http/stateful_session/cookie/v3/cookie.proto b/envoy/extensions/http/stateful_session/cookie/v3/cookie.proto
new file mode 100644
index 00000000..403370e7
--- /dev/null
+++ b/envoy/extensions/http/stateful_session/cookie/v3/cookie.proto
@@ -0,0 +1,43 @@
+syntax = "proto3";
+
+package envoy.extensions.http.stateful_session.cookie.v3;
+
+import "envoy/type/http/v3/cookie.proto";
+
+import "udpa/annotations/status.proto";
+import "validate/validate.proto";
+
+option java_package = "io.envoyproxy.envoy.extensions.http.stateful_session.cookie.v3";
+option java_outer_classname = "CookieProto";
+option java_multiple_files = true;
+option go_package = "github.com/envoyproxy/go-control-plane/envoy/extensions/http/stateful_session/cookie/v3;cookiev3";
+option (udpa.annotations.file_status).package_version_status = ACTIVE;
+
+// [#protodoc-title: Cookie based stateful session extension]
+
+// This extension allows the session state to be tracked via cookies.
+//
+// This extension first encodes the address of the upstream host selected by the load balancer
+// into a `set-cookie` response header with the :ref:`cookie configuration
+// <envoy_v3_api_field_extensions.http.stateful_session.cookie.v3.CookieBasedSessionState.cookie>`.
+// when new requests are incoming, this extension will try to parse the specific upstream host
+// address by the cookie name. If the address parsed from the cookie corresponds to a valid
+// upstream host, this upstream host will be selected first. See :ref:`stateful session filter
+// <envoy_v3_api_msg_extensions.filters.http.stateful_session.v3.StatefulSession>`.
+//
+// For example, if the cookie name is set to `sticky-host`, envoy will prefer `1.2.3.4:80`
+// as the upstream host when the request contains the following header:
+//
+// .. code-block:: none
+//
+//     cookie: sticky-host="MS4yLjMuNDo4MA=="
+//
+// When processing the upstream response, if `1.2.3.4:80` is indeed the final choice the extension
+// does nothing. If `1.2.3.4:80` is not the final choice, the new selected host will be used to
+// update the cookie (via the `set-cookie` response header).
+//
+// [#extension: envoy.http.stateful_session.cookie]
+message CookieBasedSessionState {
+  // The cookie configuration used to track session state.
+  type.http.v3.Cookie cookie = 1 [(validate.rules).message = {required: true}];
+}
diff --git a/envoy/type/http/v3/cookie.proto b/envoy/type/http/v3/cookie.proto
new file mode 100644
index 00000000..fba35eb8
--- /dev/null
+++ b/envoy/type/http/v3/cookie.proto
@@ -0,0 +1,31 @@
+syntax = "proto3";
+
+package envoy.type.http.v3;
+
+import "google/protobuf/duration.proto";
+
+import "udpa/annotations/status.proto";
+import "validate/validate.proto";
+
+option java_package = "io.envoyproxy.envoy.type.http.v3";
+option java_outer_classname = "CookieProto";
+option java_multiple_files = true;
+option go_package = "github.com/envoyproxy/go-control-plane/envoy/type/http/v3;httpv3";
+option (udpa.annotations.file_status).package_version_status = ACTIVE;
+
+// [#protodoc-title: Http cookie API]
+
+// Cookie defines an API for obtaining or generating HTTP cookie.
+message Cookie {
+  // The name that will be used to obtain cookie value from downstream HTTP request or generate
+  // new cookie for downstream.
+  string name = 1 [(validate.rules).string = {min_len: 1}];
+
+  // Duration of cookie. This will be used to set the expiry time of a new cookie when it is
+  // generated. Set this to 0 to use a session cookie.
+  google.protobuf.Duration ttl = 2 [(validate.rules).duration = {gte {}}];
+
+  // Path of cookie. This will be used to set the path of a new cookie when it is generated.
+  // If no path is specified here, no path will be set for the cookie.
+  string path = 3;
+}
diff --git a/versioning/BUILD b/versioning/BUILD
index acfd91b6..fb7451e0 100644
--- a/versioning/BUILD
+++ b/versioning/BUILD
@@ -109,6 +109,7 @@ proto_library(
         "//envoy/extensions/filters/http/rbac/v3:pkg",
         "//envoy/extensions/filters/http/router/v3:pkg",
         "//envoy/extensions/filters/http/set_metadata/v3:pkg",
+        "//envoy/extensions/filters/http/stateful_session/v3:pkg",
         "//envoy/extensions/filters/http/tap/v3:pkg",
         "//envoy/extensions/filters/http/wasm/v3:pkg",
         "//envoy/extensions/filters/listener/http_inspector/v3:pkg",
@@ -149,6 +150,7 @@ proto_library(
         "//envoy/extensions/http/header_formatters/preserve_case/v3:pkg",
         "//envoy/extensions/http/original_ip_detection/custom_header/v3:pkg",
         "//envoy/extensions/http/original_ip_detection/xff/v3:pkg",
+        "//envoy/extensions/http/stateful_session/cookie/v3:pkg",
         "//envoy/extensions/internal_redirect/allow_listed_routes/v3:pkg",
         "//envoy/extensions/internal_redirect/previous_routes/v3:pkg",
         "//envoy/extensions/internal_redirect/safe_cross_scheme/v3:pkg",