Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						8b3f6be008 
					 
					
						
						
							
							control/controlclient: flip IPv6 to be on by default  
						
						... 
						
						
						
						The DEBUG_INCLUDE_IPV6 environment variable is now an opt-out.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2020-03-26 22:02:56 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						322499473e 
					 
					
						
						
							
							cmd/tailscaled, wgengine, ipn: add /debug/ipn handler with world state  
						
						... 
						
						
						
						Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2020-03-26 14:26:24 -07:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						dbca186a64 
					 
					
						
						
							
							stunner: fix data race.  
						
						... 
						
						
						
						In very low-latency conditions, a STUN request can complete before
the startup loop has finished firing off goroutines, leading to
a concurrent map mutation. 
						
						
					 
					
						2020-03-25 23:11:22 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						7fb8d873ac 
					 
					
						
						
							
							logpolicy: don't log timestamp when running under systemd  
						
						... 
						
						
						
						It'll do it anyway.
Makes journalctl -fu cleaner.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2020-03-25 21:03:06 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						2d48f92a82 
					 
					
						
						
							
							wgengine/magicsock: re-stun every [20,27] sec, not 28  
						
						... 
						
						
						
						28 is cutting it close, and we think jitter will help some spikes
we're seeing.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2020-03-25 14:25:33 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						2c7ddd0828 
					 
					
						
						
							
							go.mod, go.sum: tidy  
						
						
						
						
					 
					
						2020-03-25 14:05:33 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						577f321c38 
					 
					
						
						
							
							wgengine/magicsock: revise derp fallback logic  
						
						... 
						
						
						
						Revision to earlier 6284454ae5bradfitz@tailscale.com > 
						
						
					 
					
						2020-03-25 13:09:18 -07:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						cbd8aceb95 
					 
					
						
						
							
							go.mod: bump wireguard-go version.  
						
						... 
						
						
						
						Fixes  #219 .
Signed-off-by: David Anderson <dave@natulte.net > 
					
						2020-03-25 12:20:46 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						2e420ad8b6 
					 
					
						
						
							
							wgengine, wgengine/filter: minor doc, style, performance, locking changes  
						
						... 
						
						
						
						Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2020-03-25 08:41:01 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						6284454ae5 
					 
					
						
						
							
							wgengine/magicsock: if UDP blocked, pick DERP where most peers are  
						
						... 
						
						
						
						Updates #207 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2020-03-25 08:00:44 -07:00 
						 
				 
			
				
					
						
							
							
								Avery Pennarun 
							
						 
					 
					
						
						
							
						
						f53e78e0d5 
					 
					
						
						
							
							wgengine: don't lose filter state on filter reconfig.  
						
						... 
						
						
						
						We were abandoning the UDP port LRU every time we got a new packet
filter from tailcontrol, which caused return packets to suddenly stop
arriving. 
						
						
					 
					
						2020-03-25 04:52:41 -04:00 
						 
				 
			
				
					
						
							
							
								Avery Pennarun 
							
						 
					 
					
						
						
							
						
						4336de0d98 
					 
					
						
						
							
							ipn/local: don't print packet filter every single time.  
						
						... 
						
						
						
						It's extremely noisy right now for domains with complex ACLs. 
						
						
					 
					
						2020-03-25 04:52:41 -04:00 
						 
				 
			
				
					
						
							
							
								Avery Pennarun 
							
						 
					 
					
						
						
							
						
						a56e853b72 
					 
					
						
						
							
							cmd/relaynode: delete it!  
						
						... 
						
						
						
						tailscale+tailscaled now completely obsoletes relaynode, so let's let
it finally go away. 
						
						
					 
					
						2020-03-25 04:48:15 -04:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						73fccd8b06 
					 
					
						
						
							
							control/controlclient: remove old compat PacketFilter initialization.  
						
						... 
						
						
						
						Signed-off-by: David Anderson <dave@natulte.net > 
						
						
					 
					
						2020-03-24 16:00:41 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						d321190578 
					 
					
						
						
							
							wgengine/magicsock: stringify [IPv6]:port normally in AddrSet.String  
						
						
						
						
					 
					
						2020-03-24 13:40:43 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						3c3ea8bc8a 
					 
					
						
						
							
							wgengine/magicsock: finish IPv6 transport support  
						
						... 
						
						
						
						DEBUG_INCLUDE_IPV6=1 is still required, but works now.
Updates #18  (fixes it, once env var gate is removed) 
						
						
					 
					
						2020-03-24 10:56:22 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						82ed7e527e 
					 
					
						
						
							
							wgengine/magicsock: remove log allocation  
						
						... 
						
						
						
						This was the whole point but I goofed at the last line. 
						
						
					 
					
						2020-03-24 08:14:47 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						8454bbbda5 
					 
					
						
						
							
							wgengine/magicsock: more logging improvements  
						
						... 
						
						
						
						* remove endpoint discovery noise when results unchanged
* consistently spell derp nodes as "derp-N"
* replace "127.3.3.40:" with "derp-" in CreateEndpoint log output
* stop early DERP setup before SetPrivateKey is called;
  it just generates log nosie
* fix stringification of peer ShortStrings (it had an old %x on it,
  rendering it garbage)
* describe why derp routes are changing, with one of:
  shared home, their home, our home, alt 
						
						
					 
					
						2020-03-24 08:12:55 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						64aff0db7b 
					 
					
						
						
							
							control/controlclient: add TODO to delete the UAPI method  
						
						
						
						
					 
					
						2020-03-24 07:25:14 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						7740cbd8d9 
					 
					
						
						
							
							ipn: call SetNetInfoCallback later, in Start  
						
						... 
						
						
						
						It was being called back into ultimately from magicsock before there
was a control client.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2020-03-23 22:19:40 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						680311b3df 
					 
					
						
						
							
							wgengine/magicsock: fix few remaining logs without package prefix  
						
						
						
						
					 
					
						2020-03-23 22:11:49 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						c473927558 
					 
					
						
						
							
							wgengine/magicsock: clean up, add, improve DERP logs  
						
						
						
						
					 
					
						2020-03-23 21:57:58 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						e749377a56 
					 
					
						
						
							
							derp/derphttp: remove a redundant log message  
						
						
						
						
					 
					
						2020-03-23 21:23:36 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						1d3f45f9be 
					 
					
						
						
							
							derp/derphttp: ignore PeerGoneMessage in test  
						
						
						
						
					 
					
						2020-03-23 14:13:49 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						ea9310403d 
					 
					
						
						
							
							wgengine/magicsock: re-STUN on DERP connection death  
						
						... 
						
						
						
						Fixes  #201  
					
						2020-03-23 13:19:33 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						1ab5b31c4b 
					 
					
						
						
							
							derp, magicsock: send new "peer gone" frames when previous sender disconnects  
						
						... 
						
						
						
						Updates #150  (not yet enabled by default in magicsock)
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2020-03-22 21:00:47 -07:00 
						 
				 
			
				
					
						
							
							
								David Crawshaw 
							
						 
					 
					
						
						
							
						
						e60b433831 
					 
					
						
						
							
							tailcfg: NetInfo.String: handle nil object without panicing  
						
						... 
						
						
						
						Signed-off-by: David Crawshaw <crawshaw@tailscale.com > 
						
						
					 
					
						2020-03-23 13:34:33 +11:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						b6f77cc48d 
					 
					
						
						
							
							wgengine/magicsock: return early, outdent in derpWriteChanOfAddr  
						
						
						
						
					 
					
						2020-03-22 14:08:59 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						8c4cef60f8 
					 
					
						
						
							
							derp: wait for send goroutine to finish before returning from run  
						
						... 
						
						
						
						I saw a test flake due to the sender goroutine logging (ultimately to
t.Logf) after the server was closed.
This makes sure the all goroutines are cleaned up before Server.Close
returns. 
						
						
					 
					
						2020-03-22 13:10:07 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						521ad7b0fc 
					 
					
						
						
							
							derp: only flush writes to clients when we're out of things to write  
						
						... 
						
						
						
						Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2020-03-22 08:01:25 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						0a25abcdaa 
					 
					
						
						
							
							derp: remove TODO comment  
						
						... 
						
						
						
						It was done in bf704a5218 
						
						
					 
					
						2020-03-22 07:54:50 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						8519a1b29f 
					 
					
						
						
							
							derp: revert rename of pkt to sendMsg  
						
						... 
						
						
						
						New plan, sorry.
Most reverts 77921a31b1 
						
						
					 
					
						2020-03-21 22:17:22 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						c34b350efa 
					 
					
						
						
							
							derp: remove the mutex around and closing of send channel  
						
						... 
						
						
						
						Makes it less complicated.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2020-03-21 22:00:04 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						77921a31b1 
					 
					
						
						
							
							derp: rename pkt to sendMsg, in prep for other types of writes  
						
						... 
						
						
						
						Updates #150  
						
						
					 
					
						2020-03-21 20:34:49 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						1453aecb44 
					 
					
						
						
							
							derp: add sclient.done channel, simplify some context passing  
						
						... 
						
						
						
						This is mostly prep for a few future CLs, making sure we always have a
close-on-dead done channel available to select on when doing other
channel operations. 
						
						
					 
					
						2020-03-21 18:28:34 -07:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						ea90780066 
					 
					
						
						
							
							derp: specify type of the by-reason drop varz.  
						
						... 
						
						
						
						Signed-off-by: David Anderson <dave@natulte.net > 
						
						
					 
					
						2020-03-20 15:53:04 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						fd824df1fa 
					 
					
						
						
							
							derp: export metric for server's initial MemStats.Sys reading  
						
						... 
						
						
						
						Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2020-03-20 15:37:36 -07:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						64b5248929 
					 
					
						
						
							
							derp: sprinkle comments and docstrings.  
						
						... 
						
						
						
						Signed-off-by: David Anderson <dave@natulte.net > 
						
						
					 
					
						2020-03-20 15:14:01 -07:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						58b8ebd290 
					 
					
						
						
							
							derp: add per-reason packet drop counter.  
						
						... 
						
						
						
						In parallel with the summed counter for now, for dashboard migration.
Signed-off-by: David Anderson <dave@natulte.net > 
						
						
					 
					
						2020-03-20 15:14:01 -07:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						1e031001db 
					 
					
						
						
							
							derp: move write timeout to package constant.  
						
						... 
						
						
						
						Signed-off-by: David Anderson <dave@natulte.net > 
						
						
					 
					
						2020-03-20 15:14:01 -07:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						dbfc916273 
					 
					
						
						
							
							derp: add short queues between reader and writer, drop on overload.  
						
						... 
						
						
						
						This avoids the server blocking on misbehaving or heavily contended
clients. We attempt to drop from the head of the queue to keep
overall queueing time lower.
Also:
 - fixes server->client keepalives, which weren't happening.
 - removes read rate-limiter, deferring instead to kernel-level
   global limiter/fair queuer.
Signed-off-by: David Anderson <dave@natulte.net > 
						
						
					 
					
						2020-03-20 15:14:01 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						dd31285ad4 
					 
					
						
						
							
							wgengine/magicsock: send IPv6 using pconn6, if available  
						
						... 
						
						
						
						In prep for IPv6 support. Nothing should make it this far yet. 
						
						
					 
					
						2020-03-20 14:30:12 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						af277a6762 
					 
					
						
						
							
							controlclient, magicsock: add debug knob to request IPv6 endpoints  
						
						... 
						
						
						
						Add opt-in method to request IPv6 endpoints from the control plane.
For now they should just be skipped. A previous version of this CL was
unconditional and reportedly had problems that I can't reproduce. So
make it a knob until the mystery is solved.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2020-03-20 14:27:24 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						221e7d7767 
					 
					
						
						
							
							wgengine/magicsock: make log message include DERP port (node)  
						
						
						
						
					 
					
						2020-03-20 13:51:20 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						33bdcabf03 
					 
					
						
						
							
							wgengine/magicsock: call stun callback w/ only valid part of STUN packet  
						
						
						
						
					 
					
						2020-03-20 13:44:27 -07:00 
						 
				 
			
				
					
						
							
							
								David Crawshaw 
							
						 
					 
					
						
						
							
						
						13eed1e88b 
					 
					
						
						
							
							controlclient: remove common log on very quiet nodes  
						
						... 
						
						
						
						Signed-off-by: David Crawshaw <crawshaw@tailscale.com > 
						
						
					 
					
						2020-03-21 07:11:10 +11:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						f9cc4e8f53 
					 
					
						
						
							
							tailcfg: restore MapRequest.IncludeIPv6 bool  
						
						... 
						
						
						
						Partially restores 0be475ba46 
						
						
					 
					
						2020-03-20 08:13:47 -07:00 
						 
				 
			
				
					
						
							
							
								David Anderson 
							
						 
					 
					
						
						
							
						
						0be475ba46 
					 
					
						
						
							
							Revert "tailcfg, controlclient, magicsock: request IPv6 endpoints, but ignore them"  
						
						... 
						
						
						
						Breaks something deep in wireguard or magicsock's brainstem, no packets at all
can flow. All received packets fail decryption with "invalid mac1".
This reverts commit 94024355eddave@natulte.net > 
						
						
					 
					
						2020-03-20 03:26:17 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						f9184ad12b 
					 
					
						
						
							
							go.mod: update wireguard-go for  https://github.com/tailscale/wireguard-go/pull/13  
						
						
						
						
					 
					
						2020-03-19 22:46:36 -07:00 
						 
				 
			
				
					
						
							
							
								Brad Fitzpatrick 
							
						 
					 
					
						
						
							
						
						94024355ed 
					 
					
						
						
							
							tailcfg, controlclient, magicsock: request IPv6 endpoints, but ignore them  
						
						... 
						
						
						
						Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com > 
						
						
					 
					
						2020-03-19 21:01:52 -07:00