David Anderson
dbca186a64
stunner: fix data race.
...
In very low-latency conditions, a STUN request can complete before
the startup loop has finished firing off goroutines, leading to
a concurrent map mutation.
2020-03-25 23:11:22 -07:00
Brad Fitzpatrick
7fb8d873ac
logpolicy: don't log timestamp when running under systemd
...
It'll do it anyway.
Makes journalctl -fu cleaner.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2020-03-25 21:03:06 -07:00
Brad Fitzpatrick
2d48f92a82
wgengine/magicsock: re-stun every [20,27] sec, not 28
...
28 is cutting it close, and we think jitter will help some spikes
we're seeing.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2020-03-25 14:25:33 -07:00
Brad Fitzpatrick
2c7ddd0828
go.mod, go.sum: tidy
2020-03-25 14:05:33 -07:00
Brad Fitzpatrick
577f321c38
wgengine/magicsock: revise derp fallback logic
...
Revision to earlier 6284454ae5
Don't be sticky if we have no peers.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2020-03-25 13:09:18 -07:00
David Anderson
cbd8aceb95
go.mod: bump wireguard-go version.
...
Fixes #219 .
Signed-off-by: David Anderson <dave@natulte.net >
2020-03-25 12:20:46 -07:00
Brad Fitzpatrick
2e420ad8b6
wgengine, wgengine/filter: minor doc, style, performance, locking changes
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2020-03-25 08:41:01 -07:00
Brad Fitzpatrick
6284454ae5
wgengine/magicsock: if UDP blocked, pick DERP where most peers are
...
Updates #207
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2020-03-25 08:00:44 -07:00
Avery Pennarun
f53e78e0d5
wgengine: don't lose filter state on filter reconfig.
...
We were abandoning the UDP port LRU every time we got a new packet
filter from tailcontrol, which caused return packets to suddenly stop
arriving.
2020-03-25 04:52:41 -04:00
Avery Pennarun
4336de0d98
ipn/local: don't print packet filter every single time.
...
It's extremely noisy right now for domains with complex ACLs.
2020-03-25 04:52:41 -04:00
Avery Pennarun
a56e853b72
cmd/relaynode: delete it!
...
tailscale+tailscaled now completely obsoletes relaynode, so let's let
it finally go away.
2020-03-25 04:48:15 -04:00
David Anderson
73fccd8b06
control/controlclient: remove old compat PacketFilter initialization.
...
Signed-off-by: David Anderson <dave@natulte.net >
2020-03-24 16:00:41 -07:00
Brad Fitzpatrick
d321190578
wgengine/magicsock: stringify [IPv6]:port normally in AddrSet.String
2020-03-24 13:40:43 -07:00
Brad Fitzpatrick
3c3ea8bc8a
wgengine/magicsock: finish IPv6 transport support
...
DEBUG_INCLUDE_IPV6=1 is still required, but works now.
Updates #18 (fixes it, once env var gate is removed)
2020-03-24 10:56:22 -07:00
Brad Fitzpatrick
82ed7e527e
wgengine/magicsock: remove log allocation
...
This was the whole point but I goofed at the last line.
2020-03-24 08:14:47 -07:00
Brad Fitzpatrick
8454bbbda5
wgengine/magicsock: more logging improvements
...
* remove endpoint discovery noise when results unchanged
* consistently spell derp nodes as "derp-N"
* replace "127.3.3.40:" with "derp-" in CreateEndpoint log output
* stop early DERP setup before SetPrivateKey is called;
it just generates log nosie
* fix stringification of peer ShortStrings (it had an old %x on it,
rendering it garbage)
* describe why derp routes are changing, with one of:
shared home, their home, our home, alt
2020-03-24 08:12:55 -07:00
Brad Fitzpatrick
64aff0db7b
control/controlclient: add TODO to delete the UAPI method
2020-03-24 07:25:14 -07:00
Brad Fitzpatrick
7740cbd8d9
ipn: call SetNetInfoCallback later, in Start
...
It was being called back into ultimately from magicsock before there
was a control client.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2020-03-23 22:19:40 -07:00
Brad Fitzpatrick
680311b3df
wgengine/magicsock: fix few remaining logs without package prefix
2020-03-23 22:11:49 -07:00
Brad Fitzpatrick
c473927558
wgengine/magicsock: clean up, add, improve DERP logs
2020-03-23 21:57:58 -07:00
Brad Fitzpatrick
e749377a56
derp/derphttp: remove a redundant log message
2020-03-23 21:23:36 -07:00
Brad Fitzpatrick
1d3f45f9be
derp/derphttp: ignore PeerGoneMessage in test
2020-03-23 14:13:49 -07:00
Brad Fitzpatrick
ea9310403d
wgengine/magicsock: re-STUN on DERP connection death
...
Fixes #201
2020-03-23 13:19:33 -07:00
Brad Fitzpatrick
1ab5b31c4b
derp, magicsock: send new "peer gone" frames when previous sender disconnects
...
Updates #150 (not yet enabled by default in magicsock)
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2020-03-22 21:00:47 -07:00
David Crawshaw
e60b433831
tailcfg: NetInfo.String: handle nil object without panicing
...
Signed-off-by: David Crawshaw <crawshaw@tailscale.com >
2020-03-23 13:34:33 +11:00
Brad Fitzpatrick
b6f77cc48d
wgengine/magicsock: return early, outdent in derpWriteChanOfAddr
2020-03-22 14:08:59 -07:00
Brad Fitzpatrick
8c4cef60f8
derp: wait for send goroutine to finish before returning from run
...
I saw a test flake due to the sender goroutine logging (ultimately to
t.Logf) after the server was closed.
This makes sure the all goroutines are cleaned up before Server.Close
returns.
2020-03-22 13:10:07 -07:00
Brad Fitzpatrick
521ad7b0fc
derp: only flush writes to clients when we're out of things to write
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2020-03-22 08:01:25 -07:00
Brad Fitzpatrick
0a25abcdaa
derp: remove TODO comment
...
It was done in bf704a5218
2020-03-22 07:54:50 -07:00
Brad Fitzpatrick
8519a1b29f
derp: revert rename of pkt to sendMsg
...
New plan, sorry.
Most reverts 77921a31b1
, except some doc changes.
2020-03-21 22:17:22 -07:00
Brad Fitzpatrick
c34b350efa
derp: remove the mutex around and closing of send channel
...
Makes it less complicated.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2020-03-21 22:00:04 -07:00
Brad Fitzpatrick
77921a31b1
derp: rename pkt to sendMsg, in prep for other types of writes
...
Updates #150
2020-03-21 20:34:49 -07:00
Brad Fitzpatrick
1453aecb44
derp: add sclient.done channel, simplify some context passing
...
This is mostly prep for a few future CLs, making sure we always have a
close-on-dead done channel available to select on when doing other
channel operations.
2020-03-21 18:28:34 -07:00
David Anderson
ea90780066
derp: specify type of the by-reason drop varz.
...
Signed-off-by: David Anderson <dave@natulte.net >
2020-03-20 15:53:04 -07:00
Brad Fitzpatrick
fd824df1fa
derp: export metric for server's initial MemStats.Sys reading
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2020-03-20 15:37:36 -07:00
David Anderson
64b5248929
derp: sprinkle comments and docstrings.
...
Signed-off-by: David Anderson <dave@natulte.net >
2020-03-20 15:14:01 -07:00
David Anderson
58b8ebd290
derp: add per-reason packet drop counter.
...
In parallel with the summed counter for now, for dashboard migration.
Signed-off-by: David Anderson <dave@natulte.net >
2020-03-20 15:14:01 -07:00
David Anderson
1e031001db
derp: move write timeout to package constant.
...
Signed-off-by: David Anderson <dave@natulte.net >
2020-03-20 15:14:01 -07:00
David Anderson
dbfc916273
derp: add short queues between reader and writer, drop on overload.
...
This avoids the server blocking on misbehaving or heavily contended
clients. We attempt to drop from the head of the queue to keep
overall queueing time lower.
Also:
- fixes server->client keepalives, which weren't happening.
- removes read rate-limiter, deferring instead to kernel-level
global limiter/fair queuer.
Signed-off-by: David Anderson <dave@natulte.net >
2020-03-20 15:14:01 -07:00
Brad Fitzpatrick
dd31285ad4
wgengine/magicsock: send IPv6 using pconn6, if available
...
In prep for IPv6 support. Nothing should make it this far yet.
2020-03-20 14:30:12 -07:00
Brad Fitzpatrick
af277a6762
controlclient, magicsock: add debug knob to request IPv6 endpoints
...
Add opt-in method to request IPv6 endpoints from the control plane.
For now they should just be skipped. A previous version of this CL was
unconditional and reportedly had problems that I can't reproduce. So
make it a knob until the mystery is solved.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2020-03-20 14:27:24 -07:00
Brad Fitzpatrick
221e7d7767
wgengine/magicsock: make log message include DERP port (node)
2020-03-20 13:51:20 -07:00
Brad Fitzpatrick
33bdcabf03
wgengine/magicsock: call stun callback w/ only valid part of STUN packet
2020-03-20 13:44:27 -07:00
David Crawshaw
13eed1e88b
controlclient: remove common log on very quiet nodes
...
Signed-off-by: David Crawshaw <crawshaw@tailscale.com >
2020-03-21 07:11:10 +11:00
Brad Fitzpatrick
f9cc4e8f53
tailcfg: restore MapRequest.IncludeIPv6 bool
...
Partially restores 0be475ba46
2020-03-20 08:13:47 -07:00
David Anderson
0be475ba46
Revert "tailcfg, controlclient, magicsock: request IPv6 endpoints, but ignore them"
...
Breaks something deep in wireguard or magicsock's brainstem, no packets at all
can flow. All received packets fail decryption with "invalid mac1".
This reverts commit 94024355ed
.
Signed-off-by: David Anderson <dave@natulte.net >
2020-03-20 03:26:17 -07:00
Brad Fitzpatrick
f9184ad12b
go.mod: update wireguard-go for https://github.com/tailscale/wireguard-go/pull/13
2020-03-19 22:46:36 -07:00
Brad Fitzpatrick
94024355ed
tailcfg, controlclient, magicsock: request IPv6 endpoints, but ignore them
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com >
2020-03-19 21:01:52 -07:00
David Anderson
12a6626a94
tsweb: use a ResponseWriter wrapper to log more accurately.
...
Also adds tests, because the logging handler is acquiring a fair
number of branches.
Signed-off-by: David Anderson <dave@natulte.net >
2020-03-19 20:11:07 -07:00
David Anderson
2e43cd3f95
testy: add a virtual clock helper for tests.
...
Signed-off-by: David Anderson <dave@natulte.net >
2020-03-19 20:11:07 -07:00