interfaces: allow IPv6 ULA as a valid address.

IPv6 Unique Local Addresses are sometimes used with Network Prefix Translation to reach the Internet. In that respect their use is similar to the private IPv4 address ranges 10/8, 172.16/12, and 192.168/16. Treat them as sufficient for AnyInterfaceUp(), but specifically exclude Tailscale's own IPv6 ULA prefix to avoid mistakenly trying to bootstrap Tailscale using Tailscale. This helps in supporting Google Cloud Run, where the addresses are 169.254.8.1/32 and fddf:3978:feb1:d745::c001/128 on eth1. Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2024-11-29 04:55:31 +00:00 · 2021-03-26 18:38:05 -07:00 · 2021-03-26 18:38:05 -07:00 · 54ba6194f7
commit 54ba6194f7
parent ecf310be3c
2 changed files with 25 additions and 1 deletions
--- a/net/interfaces/interfaces.go
+++ b/net/interfaces/interfaces.go
@ -500,7 +500,8 @@ func isPrivateIP(ip netaddr.IP) bool {
 }

 func isGlobalV6(ip netaddr.IP) bool {
-	return v6Global1.Contains(ip)
+	return v6Global1.Contains(ip) ||
+		(tsaddr.IsULA(ip) && !tsaddr.TailscaleULARange().Contains(ip))
 }

 func mustCIDR(s string) netaddr.IPPrefix {
--- a/net/interfaces/interfaces_test.go
+++ b/net/interfaces/interfaces_test.go
@ -7,6 +7,8 @@
 import (
 	"encoding/json"
 	"testing"
+
+	"inet.af/netaddr"
 )

 func TestGetState(t *testing.T) {
@ -43,3 +45,24 @@ func TestLikelyHomeRouterIP(t *testing.T) {
 	}
 	t.Logf("myIP = %v; gw = %v", my, gw)
 }
+
+func TestIsGlobalV6(t *testing.T) {
+	tests := []struct {
+		name string
+		ip   string
+		want bool
+	}{
+		{"first ULA", "fc00::1", true},
+		{"Tailscale", "fd7a:115c:a1e0::1", false},
+		{"Cloud Run", "fddf:3978:feb1:d745::1", true},
+		{"zeros", "0000:0000:0000:0000:0000:0000:0000:0000", false},
+		{"Link Local", "fe80::1", false},
+		{"Global", "2602::1", true},
+	}
+
+	for _, test := range tests {
+		if got := isGlobalV6(netaddr.MustParseIP(test.ip)); got != test.want {
+			t.Errorf("isGlobalV6(%s) = %v, want %v", test.name, got, test.want)
+		}
+	}
+}