Commit Graph

27 Commits

Author SHA1 Message Date
Brad Fitzpatrick
3485e4bf5a derp: make RunConnectionLoop funcs take Messages, support PeerPresentFlags
PeerPresentFlags was added in 5ffb2668ef but wasn't plumbed through to
the RunConnectionLoop. Rather than add yet another parameter (as
IP:port was added earlier), pass in the raw PeerPresentMessage and
PeerGoneMessage struct values, which are the same things, plus two
fields: PeerGoneReasonType for gone and the PeerPresentFlags from
5ffb2668ef.

Updates tailscale/corp#17816

Change-Id: Ib19d9f95353651ada90656071fc3656cf58b7987
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2024-06-25 09:47:25 -07:00
Brad Fitzpatrick
5ffb2668ef derp: add PeerPresentFlags bitmask to Watch messages
Updates tailscale/corp#17816

Change-Id: Ib5baf6c981a6a4c279f8bbfef02048cfbfb3323b
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2024-06-22 20:38:25 -07:00
Brad Fitzpatrick
6c791f7d60 derp: include src IPs in mesh watch messages
Updates tailscale/corp#13945

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2023-08-16 08:46:52 -07:00
Brad Fitzpatrick
be4eb6a39e derp, net/dns/recursive: use Go 1.21 min
Updates #8419

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2023-08-08 21:34:47 -07:00
valscale
74eb99aed1
derp, derphttp, magicsock: send new unknown peer frame when destination is unknown (#7552)
* wgengine/magicsock: add envknob to send CallMeMaybe to non-existent peer

For testing older client version responses to the PeerGone packet format change.

Updates #4326

Signed-off-by: Val <valerie@tailscale.com>

* derp: remove dead sclient struct member replaceLimiter

Leftover from an previous solution to the duplicate client problem.

Updates #2751

Signed-off-by: Val <valerie@tailscale.com>

* derp, derp/derphttp, wgengine/magicsock: add new PeerGone message type Not Here

Extend the PeerGone message type by adding a reason byte. Send a
PeerGone "Not Here" message when an endpoint sends a disco message to
a peer that this server has no record of.

Fixes #4326

Signed-off-by: Val <valerie@tailscale.com>

---------

Signed-off-by: Val <valerie@tailscale.com>
2023-03-24 19:11:48 -07:00
Will Norris
71029cea2d all: update copyright and license headers
This updates all source files to use a new standard header for copyright
and license declaration.  Notably, copyright no longer includes a date,
and we now use the standard SPDX-License-Identifier header.

This commit was done almost entirely mechanically with perl, and then
some minimal manual fixes.

Updates #6865

Signed-off-by: Will Norris <will@tailscale.com>
2023-01-27 15:36:29 -08:00
Eng Zer Jun
f0347e841f refactor: move from io/ioutil to io and os packages
The io/ioutil package has been deprecated as of Go 1.16 [1]. This commit
replaces the existing io/ioutil functions with their new definitions in
io and os packages.

Reference: https://golang.org/doc/go1.16#ioutil
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-09-15 21:45:53 -07:00
Mihai Parparita
027111fb5a derp: update DERP acronym expansion
Makes the package description consistent with other documentation.

Signed-off-by: Mihai Parparita <mihai@tailscale.com>
2022-09-15 16:08:12 -07:00
Brad Fitzpatrick
116f55ff66 all: gofmt for Go 1.19
Updates #5210

Change-Id: Ib02cd5e43d0a8db60c1f09755a8ac7b140b670be
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-08-02 10:08:05 -07:00
Brad Fitzpatrick
a59b389a6a derp: add new health update and server restarting frame types
Updates #2756
Updates #2746

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-08-31 13:31:51 -07:00
Brad Fitzpatrick
79d8288f0a wgengine/magicsock, derp, derp/derphttp: respond to DERP server->client pings
No server support yet, but we want Tailscale 1.6 clients to be able to respond
to them when the server can do it.

Updates #1310

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-09 13:56:13 -08:00
Brad Fitzpatrick
e415991256 derp, derp/derphttp: remove one RTT from DERP setup
* advertise server's DERP public key following its ServerHello
* have client look for that DEPR public key in the response
  PeerCertificates
* let client advertise it's going into a "fast start" mode
  if it finds it
* modify server to support that fast start mode, just not
  sending the HTTP response header

Cuts down another round trip, bringing the latency of being able to
write our first DERP frame from SF to Bangalore from ~725ms
(3 RTT) to ~481ms (2 RTT: TCP and TLS).

Fixes #693

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-20 14:00:55 -07:00
Brad Fitzpatrick
93ffc565e5 derp: remove protocol version 1 support
It hasn't existed for a long time and there are no current users.

Fixes #199
2020-08-17 16:17:56 -07:00
Brad Fitzpatrick
6b80bcf112 derp: remove a client round-trip waiting on serverInfo
It just has a version number in it and it's not really needed.
Instead just return it as a normal Recv message type for those
that care (currently only tests).

Updates #150 (in that it shares the same goal: initial DERP latency)
Updates #199 (in that it removes some DERP versioning)
2020-08-17 16:15:22 -07:00
Josh Bleecher Snyder
e577303dc7 derp: make writeUint32 and readUint32 not allocate
The allocations are small, but they're easy enough to avoid.
And it removes some clutter from the pprof output.

name                      old time/op    new time/op    delta
SendRecv/msgsize=10-8       10.1µs ± 9%     9.7µs ± 7%    -3.45%  (p=0.035 n=14+14)
SendRecv/msgsize=100-8      8.12µs ± 7%    7.38µs ± 9%    -9.02%  (p=0.000 n=15+15)
SendRecv/msgsize=1000-8     9.51µs ±25%    8.76µs ±22%      ~     (p=0.202 n=15+15)
SendRecv/msgsize=10000-8    21.1µs ±25%    19.9µs ±14%      ~     (p=0.270 n=15+14)
WriteUint32-8               25.1ns ± 4%    21.3ns ±12%   -15.01%  (p=0.000 n=14+14)
ReadUint32-8                35.4ns ± 4%    21.9ns ± 4%   -38.06%  (p=0.000 n=15+15)

name                      old alloc/op   new alloc/op   delta
SendRecv/msgsize=10-8         182B ± 2%      169B ± 1%    -7.22%  (p=0.000 n=15+13)
SendRecv/msgsize=100-8        282B ± 1%      265B ± 1%    -5.85%  (p=0.000 n=15+15)
SendRecv/msgsize=1000-8     1.19kB ± 1%    1.18kB ± 0%    -1.26%  (p=0.000 n=14+15)
SendRecv/msgsize=10000-8    19.3kB ± 4%    18.7kB ± 4%    -3.44%  (p=0.006 n=12+12)
WriteUint32-8                4.00B ± 0%     0.00B       -100.00%  (p=0.000 n=15+15)
ReadUint32-8                 4.00B ± 0%     0.00B       -100.00%  (p=0.000 n=15+15)

name                      old allocs/op  new allocs/op  delta
SendRecv/msgsize=10-8         8.00 ± 0%      4.00 ± 0%   -50.00%  (p=0.000 n=15+15)
SendRecv/msgsize=100-8        8.00 ± 0%      4.00 ± 0%   -50.00%  (p=0.000 n=15+15)
SendRecv/msgsize=1000-8       8.00 ± 0%      4.00 ± 0%   -50.00%  (p=0.000 n=15+15)
SendRecv/msgsize=10000-8      8.47 ±17%      5.00 ± 0%   -40.94%  (p=0.000 n=15+14)
WriteUint32-8                 1.00 ± 0%      0.00       -100.00%  (p=0.000 n=15+15)
ReadUint32-8                  1.00 ± 0%      0.00       -100.00%  (p=0.000 n=15+15)

Signed-off-by: Josh Bleecher Snyder <josharian@gmail.com>
2020-08-10 14:15:37 -07:00
Brad Fitzpatrick
4732722b87 derp: add frameClosePeer to move around clients within a region
For various reasons (mostly during rollouts or config changes on our
side), nodes may end up connecting to a fallback DERP node in a
region, rather than the primary one we tell them about in the DERP
map.

Connecting to the "wrong" node is fine, but it's in our best interest
for all nodes in a domain to connect to the same node, to reduce
intra-region packet forwarding.

This adds a privileged frame type used by the control system that can
kick off a client connection when they're connected to the wrong node
in a region. Then they hopefully reconnect immediately to the correct
location. (If not, we can leave them alone and stop closing them.)

Updates tailscale/corp#372
2020-06-25 09:33:10 -07:00
Brad Fitzpatrick
1cb7dab881 cmd/derper: support forwarding packets amongst set of peer DERP servers
Updates #388

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-06-05 10:14:33 -07:00
Brad Fitzpatrick
484b7fc9a3 derp, cmd/derper: add frameWatchConns, framePeerPresent for inter-DERP routing
This lets a trusted DERP client that knows a pre-shared key subscribe
to the connection list. Upon subscribing, they get the current set
of connected public keys, and then all changes over time.

This lets a set of DERP server peers within a region all stay connected to
each other and know which clients are connected to which nodes.

Updates #388

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-06-03 08:03:29 -07:00
Dmitry Adamushko
806645ea0e derp: prevent readFrame() from reading more than len(b) bytes.
Signed-off-by: Dmitry Adamushko <da@stablebits.net>
2020-04-10 08:56:23 -07:00
Brad Fitzpatrick
1ab5b31c4b derp, magicsock: send new "peer gone" frames when previous sender disconnects
Updates #150 (not yet enabled by default in magicsock)

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-22 21:00:47 -07:00
Brad Fitzpatrick
6978b93bdd derp, magicsock: track home (preferred) vs visiting connections for stats 2020-03-05 15:00:56 -08:00
Brad Fitzpatrick
bf704a5218 derp: protocol negotiation, add v2: send src pub keys to clients in packets
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-04 09:55:13 -08:00
Brad Fitzpatrick
379a3125fd derp, wgengine/magicsock: support more than just packets from Client.Recv
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-20 22:08:13 -08:00
Brad Fitzpatrick
88f1cc0c98 derp, cmd/derper: add rate limiting support, add default 5Mbps limit
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-20 15:26:30 -08:00
Brad Fitzpatrick
f029c4c82d derp: change the protocol framing to always include a length
Addresses one of crawshaw's TODOs.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-20 13:37:44 -08:00
Brad Fitzpatrick
11048b8932 derp: add docs on current protocol overview, break accept apart a bit
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-20 09:57:05 -08:00
Brad Fitzpatrick
259406e797 derp: move away from [32]byte key types
And some minor cleanup in the process.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-02-17 14:18:09 -08:00