Brad Fitzpatrick
7eaf5e509f
net/netaddr: start migrating to net/netip via new netaddr adapter package
...
Updates #5162
Change-Id: Id7bdec303b25471f69d542f8ce43805328d56c12
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-07-25 16:20:43 -07:00
Brad Fitzpatrick
01b90df2fa
net/packet, wgengine/filter: support SCTP
...
Add proto to flowtrack.Tuple.
Add types/ipproto leaf package to break a cycle.
Server-side ACL work remains.
Updates #1516
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-20 21:34:13 -07:00
David Anderson
cb96b14bf4
net/packet: remove the custom IP4/IP6 types in favor of netaddr.IP.
...
Upstream netaddr has a change that makes it alloc-free, so it's safe to
use in hot codepaths. This gets rid of one of the many IP types in our
codebase.
Performance is currently worse across the board. This is likely due in
part to netaddr.IP being a larger value type (4b -> 24b for IPv4,
16b -> 24b for IPv6), and in other part due to missing low-hanging fruit
optimizations in netaddr. However, the regression is less bad than
it looks at first glance, because we'd micro-optimized packet.IP* in
the past few weeks. This change drops us back to roughly where we
were at the 1.2 release, but with the benefit of a significant
code and architectural simplification.
name old time/op new time/op delta
pkg:tailscale.com/net/packet goos:linux goarch:amd64
Decode/tcp4-8 12.2ns ± 5% 29.7ns ± 2% +142.32% (p=0.008 n=5+5)
Decode/tcp6-8 12.6ns ± 3% 65.1ns ± 2% +418.47% (p=0.008 n=5+5)
Decode/udp4-8 11.8ns ± 3% 30.5ns ± 2% +157.94% (p=0.008 n=5+5)
Decode/udp6-8 27.1ns ± 1% 65.7ns ± 2% +142.36% (p=0.016 n=4+5)
Decode/icmp4-8 24.6ns ± 2% 30.5ns ± 2% +23.65% (p=0.016 n=4+5)
Decode/icmp6-8 22.9ns ±51% 65.5ns ± 2% +186.19% (p=0.008 n=5+5)
Decode/igmp-8 18.1ns ±44% 30.2ns ± 1% +66.89% (p=0.008 n=5+5)
Decode/unknown-8 20.8ns ± 1% 10.6ns ± 9% -49.11% (p=0.016 n=4+5)
pkg:tailscale.com/wgengine/filter goos:linux goarch:amd64
Filter/icmp4-8 30.5ns ± 1% 77.9ns ± 3% +155.01% (p=0.008 n=5+5)
Filter/tcp4_syn_in-8 43.7ns ± 3% 123.0ns ± 3% +181.72% (p=0.008 n=5+5)
Filter/tcp4_syn_out-8 24.5ns ± 2% 45.7ns ± 6% +86.22% (p=0.008 n=5+5)
Filter/udp4_in-8 64.8ns ± 1% 210.0ns ± 2% +223.87% (p=0.008 n=5+5)
Filter/udp4_out-8 119ns ± 0% 278ns ± 0% +133.78% (p=0.016 n=4+5)
Filter/icmp6-8 40.3ns ± 2% 204.4ns ± 4% +407.70% (p=0.008 n=5+5)
Filter/tcp6_syn_in-8 35.3ns ± 3% 199.2ns ± 2% +464.95% (p=0.008 n=5+5)
Filter/tcp6_syn_out-8 32.8ns ± 2% 81.0ns ± 2% +147.10% (p=0.008 n=5+5)
Filter/udp6_in-8 106ns ± 2% 290ns ± 2% +174.48% (p=0.008 n=5+5)
Filter/udp6_out-8 184ns ± 2% 314ns ± 3% +70.43% (p=0.016 n=4+5)
pkg:tailscale.com/wgengine/tstun goos:linux goarch:amd64
Write-8 9.02ns ± 3% 8.92ns ± 1% ~ (p=0.421 n=5+5)
name old alloc/op new alloc/op delta
pkg:tailscale.com/net/packet goos:linux goarch:amd64
Decode/tcp4-8 0.00B 0.00B ~ (all equal)
Decode/tcp6-8 0.00B 0.00B ~ (all equal)
Decode/udp4-8 0.00B 0.00B ~ (all equal)
Decode/udp6-8 0.00B 0.00B ~ (all equal)
Decode/icmp4-8 0.00B 0.00B ~ (all equal)
Decode/icmp6-8 0.00B 0.00B ~ (all equal)
Decode/igmp-8 0.00B 0.00B ~ (all equal)
Decode/unknown-8 0.00B 0.00B ~ (all equal)
pkg:tailscale.com/wgengine/filter goos:linux goarch:amd64
Filter/icmp4-8 0.00B 0.00B ~ (all equal)
Filter/tcp4_syn_in-8 0.00B 0.00B ~ (all equal)
Filter/tcp4_syn_out-8 0.00B 0.00B ~ (all equal)
Filter/udp4_in-8 0.00B 0.00B ~ (all equal)
Filter/udp4_out-8 16.0B ± 0% 64.0B ± 0% +300.00% (p=0.008 n=5+5)
Filter/icmp6-8 0.00B 0.00B ~ (all equal)
Filter/tcp6_syn_in-8 0.00B 0.00B ~ (all equal)
Filter/tcp6_syn_out-8 0.00B 0.00B ~ (all equal)
Filter/udp6_in-8 0.00B 0.00B ~ (all equal)
Filter/udp6_out-8 48.0B ± 0% 64.0B ± 0% +33.33% (p=0.008 n=5+5)
name old allocs/op new allocs/op delta
pkg:tailscale.com/net/packet goos:linux goarch:amd64
Decode/tcp4-8 0.00 0.00 ~ (all equal)
Decode/tcp6-8 0.00 0.00 ~ (all equal)
Decode/udp4-8 0.00 0.00 ~ (all equal)
Decode/udp6-8 0.00 0.00 ~ (all equal)
Decode/icmp4-8 0.00 0.00 ~ (all equal)
Decode/icmp6-8 0.00 0.00 ~ (all equal)
Decode/igmp-8 0.00 0.00 ~ (all equal)
Decode/unknown-8 0.00 0.00 ~ (all equal)
pkg:tailscale.com/wgengine/filter goos:linux goarch:amd64
Filter/icmp4-8 0.00 0.00 ~ (all equal)
Filter/tcp4_syn_in-8 0.00 0.00 ~ (all equal)
Filter/tcp4_syn_out-8 0.00 0.00 ~ (all equal)
Filter/udp4_in-8 0.00 0.00 ~ (all equal)
Filter/udp4_out-8 1.00 ± 0% 1.00 ± 0% ~ (all equal)
Filter/icmp6-8 0.00 0.00 ~ (all equal)
Filter/tcp6_syn_in-8 0.00 0.00 ~ (all equal)
Filter/tcp6_syn_out-8 0.00 0.00 ~ (all equal)
Filter/udp6_in-8 0.00 0.00 ~ (all equal)
Filter/udp6_out-8 1.00 ± 0% 1.00 ± 0% ~ (all equal)
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-12-22 14:44:36 -08:00
David Anderson
3c508a58cc
wgengine/filter: don't filter GCP DNS.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-11-16 14:08:27 -08:00
David Anderson
a38e28da07
net/packet: documentation pass.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-11-10 22:29:00 -08:00
David Anderson
c2cc3acbaf
net/packet: remove NewIP, offer only a netaddr constructor.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-11-10 22:03:47 -08:00
David Anderson
22bf48f37c
net/packet: remove {get,put}{16,32} indirection to encoding/binary.
...
name old time/op new time/op delta
Decode/tcp4-8 28.8ns ± 2% 13.1ns ± 4% -54.44% (p=0.008 n=5+5)
Decode/tcp6-8 20.6ns ± 1% 12.6ns ± 2% -38.72% (p=0.008 n=5+5)
Decode/udp4-8 28.2ns ± 1% 12.1ns ± 4% -57.01% (p=0.008 n=5+5)
Decode/udp6-8 20.0ns ± 6% 12.1ns ± 2% -39.38% (p=0.008 n=5+5)
Decode/icmp4-8 21.7ns ± 2% 11.5ns ± 1% -47.01% (p=0.008 n=5+5)
Decode/icmp6-8 14.1ns ± 2% 11.8ns ± 4% -16.60% (p=0.008 n=5+5)
Decode/unknown-8 9.43ns ± 2% 9.30ns ± 3% ~ (p=0.222 n=5+5)
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-11-10 20:23:54 -08:00
David Anderson
55b1221db2
net/packet: support full IPv6 decoding.
...
The packet filter still rejects all IPv6, but decodes enough from v6
packets to do something smarter in a followup.
name time/op
Decode/tcp4-8 28.8ns ± 2%
Decode/tcp6-8 20.6ns ± 1%
Decode/udp4-8 28.2ns ± 1%
Decode/udp6-8 20.0ns ± 6%
Decode/icmp4-8 21.7ns ± 2%
Decode/icmp6-8 14.1ns ± 2%
Decode/unknown-8 9.43ns ± 2%
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-11-10 20:23:54 -08:00
David Anderson
427bf2134f
net/packet: rename from wgengine/packet.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-11-09 16:25:24 -08:00