ipn/ipnlocal: introduce the concept of client-side-reachability (#17367)

The control plane will sometimes determine that a node is not online, while the node is still able to connect to its peers. This patch doesn’t solve this problem, but it does mitigate it. This PR introduces the `client-side-reachability` node attribute that switches the node to completely ignore the online signal from control. In the future, the client itself should collect reachability data from active Wireguard flows and Tailscale pings. Updates #17366 Updates tailscale/corp#30379 Updates tailscale/corp#32686 Signed-off-by: Simon Law <sfllaw@tailscale.com>
2025-10-28 23:05:09 +00:00 · 2025-10-02 16:01:55 -07:00
parent 24e38eb729
commit cd523eae52
4 changed files with 118 additions and 2 deletions
--- a/tailcfg/tailcfg.go
+++ b/tailcfg/tailcfg.go
@@ -2692,6 +2692,12 @@ const (
 	// numbers, apostrophe, spaces, and hyphens. This may not be true for the default.
 	// Values can look like "foo.com" or "Foo's Test Tailnet - Staging".
 	NodeAttrTailnetDisplayName NodeCapability = "tailnet-display-name"
+
+	// NodeAttrClientSideReachability configures the node to determine
+	// reachability itself when choosing connectors. When absent, the
+	// default behavior is to trust the control plane when it claims that a
+	// node is no longer online, but that is not a reliable signal.
+	NodeAttrClientSideReachability = "client-side-reachability"
 )

 // SetDNSRequest is a request to add a DNS record.