mirror of
https://github.com/tailscale/tailscale.git
synced 2025-01-07 08:07:42 +00:00
tstest/natlab: drop packets that can't be routed in a LAN.
LANs are authoritative for their prefixes, so we should not bounce packets back and forth to the default gateway in that case. Signed-off-by: David Anderson <danderson@tailscale.com>
This commit is contained in:
parent
37903a9056
commit
5a370d545a
@ -184,6 +184,17 @@ func (n *Network) write(p *Packet) (num int, err error) {
|
||||
defer n.mu.Unlock()
|
||||
iface, ok := n.machine[p.Dst.IP]
|
||||
if !ok {
|
||||
// If the destination is within the network's authoritative
|
||||
// range, no route to host.
|
||||
if p.Dst.IP.Is4() && n.Prefix4.Contains(p.Dst.IP) {
|
||||
p.Trace("no route to %v", p.Dst.IP)
|
||||
return len(p.Payload), nil
|
||||
}
|
||||
if p.Dst.IP.Is6() && n.Prefix6.Contains(p.Dst.IP) {
|
||||
p.Trace("no route to %v", p.Dst.IP)
|
||||
return len(p.Payload), nil
|
||||
}
|
||||
|
||||
if n.defaultGW == nil {
|
||||
p.Trace("no route to %v", p.Dst.IP)
|
||||
return len(p.Payload), nil
|
||||
|
Loading…
x
Reference in New Issue
Block a user