Commit Graph

30 Commits

Author SHA1 Message Date
Josh Bleecher Snyder
3fa863e6d9 cmd/derper: add missing html.EscapeString calls in /debug page
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2020-09-15 15:00:19 -07:00
Brad Fitzpatrick
e415991256 derp, derp/derphttp: remove one RTT from DERP setup
* advertise server's DERP public key following its ServerHello
* have client look for that DEPR public key in the response
  PeerCertificates
* let client advertise it's going into a "fast start" mode
  if it finds it
* modify server to support that fast start mode, just not
  sending the HTTP response header

Cuts down another round trip, bringing the latency of being able to
write our first DERP frame from SF to Bangalore from ~725ms
(3 RTT) to ~481ms (2 RTT: TCP and TLS).

Fixes #693

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-20 14:00:55 -07:00
Josh Bleecher Snyder
b23f2263c1 derp: add server version to /debug, expvars
This will make it easier for a human to tell what
version is deployed, for (say) correlating line numbers
in profiles or panics to corresponding source code.

It'll also let us observe version changes in prometheus.

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2020-08-07 12:46:02 -07:00
Brad Fitzpatrick
10ac066013 all: fix vet warnings 2020-07-16 08:39:38 -07:00
Brad Fitzpatrick
3553512a71 cmd/derper: fix embarassing bug introduced in earlier refactor
The remove hook implementation was copy/pasted from the line above and
I didn't change the body, resulting in packet forwarding routes never
being removed.

Fortunately we weren't using this path yet, but it led to stats being
off, and (very) slow memory growth.
2020-06-24 19:45:27 -07:00
Brad Fitzpatrick
b87396b5d9 cmd/derper, derp: add some more varz and consistency check handler
I'm trying to hunt down a slow drift in numbers not agreeing.
2020-06-23 14:01:51 -07:00
Brad Fitzpatrick
c8cf3169ba cmd/derper, derp/derphttp: move bulk of derp mesh code into derphttp
To be reused in various other tools.
2020-06-15 11:58:10 -07:00
Brad Fitzpatrick
7cbf6ab771 cmd/derper: remove unused parameter in runMeshClient 2020-06-15 11:35:50 -07:00
Brad Fitzpatrick
abd79ea368 derp: reduce DERP memory use; don't require callers to pass in memory to use
The magicsock derpReader was holding onto 65KB for each DERP
connection forever, just in case.

Make the derp{,http}.Client be in charge of memory instead. It can
reuse its bufio.Reader buffer space.
2020-06-15 10:26:50 -07:00
Brad Fitzpatrick
1cb7dab881 cmd/derper: support forwarding packets amongst set of peer DERP servers
Updates #388

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-06-05 10:14:33 -07:00
Brad Fitzpatrick
b663ab4685 cmd/derper: treat self-connection connection watch as no-op
Updates #388
2020-06-04 08:26:05 -07:00
Brad Fitzpatrick
5798826990 cmd/derper: add /home/bradfitz/keys to default mesh key search list 2020-06-04 08:19:44 -07:00
Brad Fitzpatrick
484b7fc9a3 derp, cmd/derper: add frameWatchConns, framePeerPresent for inter-DERP routing
This lets a trusted DERP client that knows a pre-shared key subscribe
to the connection list. Upon subscribing, they get the current set
of connected public keys, and then all changes over time.

This lets a set of DERP server peers within a region all stay connected to
each other and know which clients are connected to which nodes.

Updates #388

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-06-03 08:03:29 -07:00
Brad Fitzpatrick
b0c10fa610 stun, netcheck: move under net 2020-05-25 09:18:24 -07:00
David Anderson
1e031001db derp: move write timeout to package constant.
Signed-off-by: David Anderson <dave@natulte.net>
2020-03-20 15:14:01 -07:00
David Anderson
dbfc916273 derp: add short queues between reader and writer, drop on overload.
This avoids the server blocking on misbehaving or heavily contended
clients. We attempt to drop from the head of the queue to keep
overall queueing time lower.

Also:
 - fixes server->client keepalives, which weren't happening.
 - removes read rate-limiter, deferring instead to kernel-level
   global limiter/fair queuer.

Signed-off-by: David Anderson <dave@natulte.net>
2020-03-20 15:14:01 -07:00
David Crawshaw
5ad947c761 cmd/derper: set a write timeout
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-03-12 14:42:48 -04:00
Brad Fitzpatrick
8abdbbdd1f cmd/derper: also link to /debug/varz 2020-03-06 13:02:01 -08:00
David Anderson
f192c05413 metrics: add a LabelMap type for variables with 1 label dimension.
This lets us publish sets of vars that are breakdowns along one
dimension in a format that Prometheus and Grafana natively know
how to do useful things with.

Signed-off-by: David Anderson <dave@natulte.net>
2020-03-04 13:22:50 -08:00
Brad Fitzpatrick
e371520cc5 tsweb, derp: add expvar http.Handler for Prometheus's format
And add some opinions.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-03 13:59:16 -08:00
Brad Fitzpatrick
dd68debd64 cmd/derper: set autocert Email
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-03 13:30:50 -08:00
Brad Fitzpatrick
a399ef3dc7 cmd/derper: appease staticcheck 2020-03-02 08:59:50 -08:00
Brad Fitzpatrick
051b6ef141 cmd/derper: accept more LetsEncrypt hostnames without explicit config 2020-03-02 08:55:44 -08:00
Brad Fitzpatrick
00ad93ec25 cmd/derper: add a STUN server
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-26 19:11:14 -08:00
Brad Fitzpatrick
824f825552 tsweb, cmd/derper: move common web/debug stuff from derper to new tsweb
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-25 10:06:56 -08:00
Brad Fitzpatrick
c763901b1a cmd/derper: provide debug access over port 80 to trusted (tailscale) IPs
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-21 11:52:27 -08:00
Brad Fitzpatrick
2612e54ad1 derp, cmd/derper: add debug handlers, stats
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-21 09:35:53 -08:00
Brad Fitzpatrick
37e115834e cmd/derper: support logging to logtail
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-21 07:53:22 -08:00
Brad Fitzpatrick
88f1cc0c98 derp, cmd/derper: add rate limiting support, add default 5Mbps limit
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-20 15:26:30 -08:00
Brad Fitzpatrick
b72e6446e2 cmd/derper: add a basic DERP server
Mostly Crawshaw's earlier code, refactored a bit.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-18 11:25:11 -08:00