mirror of
https://github.com/tailscale/tailscale.git
synced 2025-08-13 06:07:34 +00:00
cmd/tailscaled, wgengine{,/netstack}: add netstack hybrid mode, add to Windows
For #707 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This commit is contained in:
Brad Fitzpatrick
committed by
Brad Fitzpatrick
Brad Fitzpatrick
parent
1f99f889e1
commit
d488678fdc
@@ -47,12 +47,13 @@ const debugNetstack = false
|
||||
// and implements wgengine.FakeImpl to act as a userspace network
|
||||
// stack when Tailscale is running in fake mode.
|
||||
type Impl struct {
|
||||
ipstack *stack.Stack
|
||||
linkEP *channel.Endpoint
|
||||
tundev *tstun.Wrapper
|
||||
e wgengine.Engine
|
||||
mc *magicsock.Conn
|
||||
logf logger.Logf
|
||||
ipstack *stack.Stack
|
||||
linkEP *channel.Endpoint
|
||||
tundev *tstun.Wrapper
|
||||
e wgengine.Engine
|
||||
mc *magicsock.Conn
|
||||
logf logger.Logf
|
||||
onlySubnets bool // whether we only want to handle subnet relaying
|
||||
|
||||
mu sync.Mutex
|
||||
dns DNSMap
|
||||
@@ -67,7 +68,7 @@ const nicID = 1
|
||||
const mtu = 1500
|
||||
|
||||
// Create creates and populates a new Impl.
|
||||
func Create(logf logger.Logf, tundev *tstun.Wrapper, e wgengine.Engine, mc *magicsock.Conn) (*Impl, error) {
|
||||
func Create(logf logger.Logf, tundev *tstun.Wrapper, e wgengine.Engine, mc *magicsock.Conn, onlySubnets bool) (*Impl, error) {
|
||||
if mc == nil {
|
||||
return nil, errors.New("nil magicsock.Conn")
|
||||
}
|
||||
@@ -116,11 +117,13 @@ func Create(logf logger.Logf, tundev *tstun.Wrapper, e wgengine.Engine, mc *magi
|
||||
e: e,
|
||||
mc: mc,
|
||||
connsOpenBySubnetIP: make(map[netaddr.IP]int),
|
||||
onlySubnets: onlySubnets,
|
||||
}
|
||||
return ns, nil
|
||||
}
|
||||
|
||||
// Start sets up all the handlers so netstack can start working. Implements
|
||||
|
||||
// wgengine.FakeImpl.
|
||||
func (ns *Impl) Start() error {
|
||||
ns.e.AddNetworkMapCallback(ns.updateIPs)
|
||||
@@ -223,7 +226,15 @@ func (ns *Impl) updateIPs(nm *netmap.NetworkMap) {
|
||||
oldIPs[protocolAddr.AddressWithPrefix] = true
|
||||
}
|
||||
newIPs := make(map[tcpip.AddressWithPrefix]bool)
|
||||
|
||||
isAddr := map[netaddr.IPPrefix]bool{}
|
||||
for _, ipp := range nm.SelfNode.Addresses {
|
||||
isAddr[ipp] = true
|
||||
}
|
||||
for _, ipp := range nm.SelfNode.AllowedIPs {
|
||||
if ns.onlySubnets && isAddr[ipp] {
|
||||
continue
|
||||
}
|
||||
newIPs[ipPrefixToAddressWithPrefix(ipp)] = true
|
||||
}
|
||||
|
||||
|
||||
36
wgengine/netstack/subnet_router_wrapper.go
Normal file
36
wgengine/netstack/subnet_router_wrapper.go
Normal file
@@ -0,0 +1,36 @@
|
||||
// Copyright (c) 2021 Tailscale Inc & AUTHORS All rights reserved.
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
package netstack
|
||||
|
||||
import (
|
||||
"reflect"
|
||||
|
||||
"tailscale.com/wgengine"
|
||||
"tailscale.com/wgengine/router"
|
||||
)
|
||||
|
||||
func init() {
|
||||
wgengine.NetstackRouterType = reflect.TypeOf(&subnetRouter{})
|
||||
}
|
||||
|
||||
type subnetRouter struct {
|
||||
router.Router
|
||||
}
|
||||
|
||||
// NewSubnetRouterWrapper returns a Router wrapper that prevents the
|
||||
// underlying Router r from seeing any advertised subnet routes, as
|
||||
// netstack will handle them instead.
|
||||
func NewSubnetRouterWrapper(r router.Router) router.Router {
|
||||
return &subnetRouter{
|
||||
Router: r,
|
||||
}
|
||||
}
|
||||
|
||||
func (r *subnetRouter) Set(c *router.Config) error {
|
||||
if c != nil {
|
||||
c.SubnetRoutes = nil // netstack will handle
|
||||
}
|
||||
return r.Router.Set(c)
|
||||
}
|
||||
@@ -14,6 +14,7 @@ import (
|
||||
"io"
|
||||
"net"
|
||||
"os"
|
||||
"reflect"
|
||||
"runtime"
|
||||
"strconv"
|
||||
"strings"
|
||||
@@ -169,6 +170,25 @@ func NewFakeUserspaceEngine(logf logger.Logf, listenPort uint16) (Engine, error)
|
||||
})
|
||||
}
|
||||
|
||||
// NetstackRouterType is a gross cross-package init-time registration
|
||||
// from netstack to here, informing this package of netstack's router
|
||||
// type.
|
||||
var NetstackRouterType reflect.Type
|
||||
|
||||
// IsNetstackRouter reports whether e is either fully netstack based
|
||||
// (without TUN) or is at least using netstack for routing.
|
||||
func IsNetstackRouter(e Engine) bool {
|
||||
switch e := e.(type) {
|
||||
case *userspaceEngine:
|
||||
if reflect.TypeOf(e.router) == NetstackRouterType {
|
||||
return true
|
||||
}
|
||||
case *watchdogEngine:
|
||||
return IsNetstackRouter(e.wrap)
|
||||
}
|
||||
return IsNetstack(e)
|
||||
}
|
||||
|
||||
// IsNetstack reports whether e is a netstack-based TUN-free engine.
|
||||
func IsNetstack(e Engine) bool {
|
||||
ig, ok := e.(InternalsGetter)
|
||||
|
||||
92
wgengine/userspace_ext_test.go
Normal file
92
wgengine/userspace_ext_test.go
Normal file
@@ -0,0 +1,92 @@
|
||||
// Copyright (c) 2021 Tailscale Inc & AUTHORS All rights reserved.
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
package wgengine_test
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/tailscale/wireguard-go/tun"
|
||||
"tailscale.com/net/tstun"
|
||||
"tailscale.com/types/logger"
|
||||
"tailscale.com/wgengine"
|
||||
"tailscale.com/wgengine/netstack"
|
||||
"tailscale.com/wgengine/router"
|
||||
)
|
||||
|
||||
func TestIsNetstack(t *testing.T) {
|
||||
e, err := wgengine.NewUserspaceEngine(t.Logf, wgengine.Config{})
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
defer e.Close()
|
||||
if !wgengine.IsNetstack(e) {
|
||||
t.Errorf("IsNetstack = false; want true")
|
||||
}
|
||||
}
|
||||
|
||||
func TestIsNetstackRouter(t *testing.T) {
|
||||
tests := []struct {
|
||||
name string
|
||||
conf wgengine.Config
|
||||
want bool
|
||||
}{
|
||||
{
|
||||
name: "no_netstack",
|
||||
conf: wgengine.Config{
|
||||
Tun: newFakeOSTUN(),
|
||||
Router: newFakeOSRouter(),
|
||||
},
|
||||
want: false,
|
||||
},
|
||||
{
|
||||
name: "netstack",
|
||||
conf: wgengine.Config{},
|
||||
want: true,
|
||||
},
|
||||
{
|
||||
name: "hybrid_netstack",
|
||||
conf: wgengine.Config{
|
||||
Tun: newFakeOSTUN(),
|
||||
Router: netstack.NewSubnetRouterWrapper(newFakeOSRouter()),
|
||||
},
|
||||
want: true,
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
e, err := wgengine.NewUserspaceEngine(logger.Discard, tt.conf)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
defer e.Close()
|
||||
if got := wgengine.IsNetstackRouter(e); got != tt.want {
|
||||
t.Errorf("IsNetstackRouter = %v; want %v", got, tt.want)
|
||||
}
|
||||
|
||||
if got := wgengine.IsNetstackRouter(wgengine.NewWatchdog(e)); got != tt.want {
|
||||
t.Errorf("IsNetstackRouter(watchdog-wrapped) = %v; want %v", got, tt.want)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func newFakeOSRouter() router.Router {
|
||||
return someRandoOSRouter{router.NewFake(logger.Discard)}
|
||||
}
|
||||
|
||||
type someRandoOSRouter struct {
|
||||
router.Router
|
||||
}
|
||||
|
||||
func newFakeOSTUN() tun.Device {
|
||||
return someRandoOSTUN{tstun.NewFake()}
|
||||
}
|
||||
|
||||
type someRandoOSTUN struct {
|
||||
tun.Device
|
||||
}
|
||||
|
||||
// Name returns something that is not FakeTUN.
|
||||
func (t someRandoOSTUN) Name() (string, error) { return "some_os_tun0", nil }
|
||||
@@ -187,14 +187,3 @@ func BenchmarkGenLocalAddrFunc(b *testing.B) {
|
||||
})
|
||||
b.Logf("x = %v", x)
|
||||
}
|
||||
|
||||
func TestIsNetstack(t *testing.T) {
|
||||
e, err := NewUserspaceEngine(t.Logf, Config{})
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
defer e.Close()
|
||||
if !IsNetstack(e) {
|
||||
t.Errorf("IsNetstack = false; want true")
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user