Commit Graph

417 Commits

Author SHA1 Message Date
Brad Fitzpatrick
41c4560592 control/controlclient: remove unused NetworkMap.UAPI method
And remove last remaining use of wgcfg.ToUAPI in a test's debug
output; replace it with JSON.
2020-08-06 10:30:18 -07:00
Brad Fitzpatrick
cff737786e wgengine/magicsock: fix lazy config deadlock, document more lock ordering
This removes the atomic bool that tried to track whether we needed to acquire
the lock on a future recursive call back into magicsock. Unfortunately that
hack doesn't work because we also had a lock ordering issue between magicsock
and userspaceEngine (see issue). This documents that too.

Fixes #644
2020-08-06 08:43:48 -07:00
Brad Fitzpatrick
43bc86588e wgengine/monitor: log RTM_DELROUTE details, fix format strings
Updates #643
2020-08-05 20:44:05 -07:00
Brad Fitzpatrick
2bd9ad4b40 wgengine: fix deadlock between engine and magicsock 2020-08-05 16:37:15 -07:00
Brad Fitzpatrick
7c38db0c97 wgengine/magicsock: don't deadlock on pre-disco Endpoints w/ lazy wireguard configs
Fixes tailscale/tailscale#637
2020-08-04 17:06:05 -07:00
Brad Fitzpatrick
4987a7d46c wgengine/magicsock: when hard NAT, add stun-ipv4:static-port as candidate
If a node is behind a hard NAT and is using an explicit local port
number, assume they might've mapped a port and add their public IPv4
address with the local tailscaled's port number as a candidate endpoint.
2020-08-04 09:48:34 -07:00
Brad Fitzpatrick
bfcb0aa0be wgengine/magicsock: deflake tests, Close deadlock again
Better fix than 37903a9056

Fixes tailscale/corp#533
2020-08-04 09:36:38 -07:00
Brad Fitzpatrick
da3b50ad88 wgengine/filter: omit logging for all v6 multicast, remove debug panic :( 2020-08-01 12:40:32 -07:00
Dmytro Shynkevych
28e52a0492
all: dns refactor, add Proxied and PerDomain flags from control (#615)
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-31 16:27:09 -04:00
Brad Fitzpatrick
3e493e0417 wgengine: fix lazy wireguard config bug on sent packet minute+ later
A comparison operator was backwards.

The bad case went:

* device A send packet to B at t=1s
* B gets added to A's wireguard config
* B gets packet

(5 minutes pass)

* some other activity happens, causing B to expire
  to be removed from A's network map, since it's
  been over 5 minutes since sent or received activity
* device A sends packet to B at t=5m1s
* normally, B would get added back, but the old send
  time was not zero (we sent earlier!) and the time
  comparison was backwards, so we never regenerated
  the wireguard config.

This also refactors the code for legibility and moves constants up
top, with comments.
2020-07-31 12:56:37 -07:00
Dmytro Shynkevych
8c850947db
router: split off sandboxed path from router_darwin (#624)
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-31 01:10:14 -04:00
Brad Fitzpatrick
cb970539a6 wgengine/magicsock: remove TODO comment that's no longer applicable 2020-07-30 21:33:37 -07:00
Brad Fitzpatrick
915f65ddae wgengine/magicsock: stop disco activity on IPN stop
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-07-30 14:01:33 -07:00
Brad Fitzpatrick
c180abd7cf wgengine/magicsock: merge errClosed and errConnClosed 2020-07-30 13:59:30 -07:00
Brad Fitzpatrick
7cc8fcb784 wgengine/filter: remove leftover debug knob that staticcheck doesn't like 2020-07-30 11:21:37 -07:00
Brad Fitzpatrick
b4d97d2532 wgengine/filter: fix IPv4 IGMP spam omission, also omit ff02::16 spam
And add tests.

Fixes #618
Updates #402
2020-07-30 11:00:20 -07:00
Dmytro Shynkevych
2ce2b63239
router: stop iOS subprocess sandbox violations (#617)
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-29 21:09:18 -04:00
Dmytro Shynkevych
154d1cde05
router: reload systemd-resolved after changing /etc/resolv.conf (#619)
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-29 20:57:25 -04:00
Brad Fitzpatrick
b3fc61b132 wgengine: disable wireguard config trimming for now except iOS w/ many peers
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-07-29 16:29:30 -07:00
Brad Fitzpatrick
d55fdd4669 wgengine/magicsock: update, flesh out a TODO 2020-07-29 12:59:25 -07:00
Brad Fitzpatrick
d96d26c22a wgengine/filter: don't spam logs on dropped outgoing IPv6 ICMP or IPv4 IGMP
The OS (tries) to send these but we drop them. No need to worry the
user with spam that we're dropping it.

Fixes #402

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-07-29 08:32:55 -07:00
Dmytro Shynkevych
c7582dc234
ipn: fix netmap change tracking and dns map generation (#609)
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-28 21:47:23 -04:00
Brad Fitzpatrick
3e3c24b8f6 wgengine/packet: add IPVersion field, don't use IPProto to note version
As prep for IPv6 log spam fixes in a future change.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-07-28 16:29:28 -07:00
David Anderson
f8e4c75f6b wgengine/magicsock: check slightly less aggressively for connectivity.
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-28 17:04:48 +00:00
Brad Fitzpatrick
58b721f374 wgengine/magicsock: deflake some tests with an ugly hack
Starting with fe68841dc7, some e2e tests
got flaky. Rather than debug them (they're gnarly), just revert to the old
behavior as far as those tests are concerned. The tests were somehow
using magicsock without a private key and expecting it to do ... something.

My goal with fe68841dc7 was to stop log spam
and unnecessary work I saw on the iOS app when when stopping the app.

Instead, only stop doing that work on any transition from
once-had-a-private-key to no-longer-have-a-private-key. That fixes
what I wanted to fix while still making the mysterious e2e tests
happy.
2020-07-27 16:32:35 -07:00
David Anderson
41d0c81859 wgengine/magicsock: make disco subtest name more precise.
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-27 14:09:54 -07:00
David Anderson
9beea8b314 wgengine/magicsock: remove unnecessary use of context.
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-27 14:09:54 -07:00
David Anderson
b62341d308 wgengine/magicsock: add docstring.
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-27 14:09:54 -07:00
David Anderson
9265296b33 wgengine/magicsock: don't deadlock on shutdown if sending blocks.
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-27 14:09:54 -07:00
David Anderson
0249236cc0 ipn/ipnstate: record assigned Tailscale IPs.
wgengine/magicsock: use ipnstate to find assigned Tailscale IPs.

Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-27 14:09:54 -07:00
David Anderson
c3958898f1 tstest/natlab: be a bit more lenient during test shutdown.
There is a race in natlab where we might start shutdown while natlab is still running
a goroutine or two to deliver packets. This adds a small grace period to try and receive
it before continuing shutdown.

Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-27 14:09:54 -07:00
David Anderson
7578c815be wgengine/magicsock: give pinger a more generous packet timeout.
The first packet to transit may take several seconds to do so, because
setup rates in wgengine may result in the initial WireGuard handshake
init to get dropped. So, we have to wait at least long enough for a
retransmit to correct the fault.

Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-27 14:09:54 -07:00
David Anderson
c3994fd77c derp: remove OnlyDisco option.
Active discovery lets us introspect the state of the network stack precisely
enough that it's unnecessary, and dropping the initial DERP packets greatly
slows down tests. Additionally, it's unrealistic since our production network
will never deliver _only_ discovery packets, it'll be all or nothing.

Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-27 14:09:54 -07:00
David Anderson
5455c64f1d wgengine/magicsock: add a test for two facing endpoint-independent NATs.
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-27 14:09:54 -07:00
David Anderson
f794493b4f wgengine/magicsock: explicitly check path discovery, add a firewall test.
The test proves that active discovery can traverse two facing firewalls.

Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-27 14:09:54 -07:00
David Anderson
f582eeabd1 wgengine/magicsock: add a test for active path discovery.
Uses natlab only, because the point of this active discovery test is going to be
that it should get through a lot of obstacles.

Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-27 14:09:54 -07:00
Brad Fitzpatrick
37903a9056 wgengine/magicsock: fix occasional deadlock on Conn.Close on c.derpStarted
The deadlock was:

* Conn.Close was called, which acquired c.mu
* Then this goroutine scheduled:

    if firstDerp {
        startGate = c.derpStarted
        go func() {
            dc.Connect(ctx)
            close(c.derpStarted)
        }()
    }

* The getRegion hook for that derphttp.Client then ran, which also
  tries to acquire c.mu.

This change makes that hook first see if we're already in a closing
state and then it can pretend that region doesn't exist.
2020-07-27 12:27:10 -07:00
Brad Fitzpatrick
fe68841dc7 wgengine/magicsock: log better with less spam on transition to stopped state
Required a minor test update too, which now needs a private key to get far
enough to test the thing being tested.
2020-07-27 10:19:17 -07:00
Brad Fitzpatrick
e298327ba8 wgengine/magicsock: remove overkill, slow reflect.DeepEqual of NetworkMap
No need to allocate or compare all the fields we don't care about.
2020-07-25 19:37:08 -07:00
Brad Fitzpatrick
4970e771ab wgengine: add debug knob to disable the watchdog during debugging
It launches goroutines and interferes with panic-based debugging,
obscuring stacks.
2020-07-25 12:59:53 -07:00
David Anderson
3669296cef wgengine/magicsock: refactor twoDevicePing to make stack construction cleaner.
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-24 15:12:15 -07:00
Brad Fitzpatrick
16a9cfe2f4 wgengine: configure wireguard peers lazily, as needed
wireguard-go uses 3 goroutines per peer (with reasonably large stacks
& buffers).

Rather than tell wireguard-go about all our peers, only tell it about
peers we're actively communicating with. That means we need hooks into
magicsock's packet receiving path and tstun's packet sending path to
lazily create a wireguard peer on demand from the network map.

This frees up lots of memory for iOS (where we have almost nothing
left for larger domains with many users).

We should ideally do this in wireguard-go itself one day, but that'd
be a pretty big change.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-07-24 12:50:15 -07:00
Brad Fitzpatrick
5066b824a6 wgengine/magicsock: don't log about disco ping timeouts if we have a working address
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-07-24 11:21:50 -07:00
Brad Fitzpatrick
a89d610a3d wgengine/tstun: move sync.Pool to package global
sync.Pools should almost always be packate globals, even though in this
case we only have exactly 1 TUN device anyway, so it matters less.
Still, it's unusual to see a Pool that's not a package global, so move it.
2020-07-24 08:29:36 -07:00
Dmytro Shynkevych
c53ab3111d wgengine/router: support legacy resolvconf
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-23 15:01:46 -04:00
David Anderson
189d86cce5 wgengine/router: don't use 88 or 8888 as table/rule numbers.
We originally picked those numbers somewhat at random, but with the idea
that 8 is a traditionally lucky number in Chinese culture. Unfortunately,
"88" is also neo-nazi shorthand language.

Use 52 instead, because those are the digits above the letters
"TS" (tailscale) on a qwerty keyboard, so we're unlikely to collide with
other users. 5, 2 and 52 are also pleasantly culturally meaningless.

Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-22 11:59:54 -07:00
David Anderson
972a42cb33 wgengine/router: fix router_test to match the new marks.
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-22 01:31:49 +00:00
David Anderson
d60917c0f1 wgengine/router: switch packet marks to avoid conflict with Weave Net.
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-22 01:24:46 +00:00
Brad Fitzpatrick
c06d2a8513 wgengine/magicsock: fix typo in comment 2020-07-18 13:57:26 -07:00
Brad Fitzpatrick
bf195cd3d8 wgengine/magicsock: reduce log verbosity of discovery messages
Don't log heartbeat pings & pongs. Track the reason for pings and then
only log the ping/pong traffic if it was for initial path discovery.
2020-07-18 13:54:00 -07:00
Dmytro Shynkevych
a3e7252ce6 wgengine/router: use better NetworkManager API
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-18 04:03:45 -04:00
Eduardo Kienetz
5df6be9d38 Use LittleEndian for correct byte order on DNS IPs
Nameserver IP 10.11.12.13 would otherwise get written to resolv.conf as 13.12.11.10, as was happening on my client.

Signed-off-by: Eduardo Kienetz <eduardo@kienetz.com>
2020-07-17 23:34:28 -07:00
Brad Fitzpatrick
a6559a8924 wgengine/magicsock: run test DERP in mode where only disco packets allowed
So we don't accidentally pass a NAT traversal test by having DERP pick up our slack
when we really just wanted DERP as an OOB messaging channel.
2020-07-16 12:58:35 -07:00
Brad Fitzpatrick
10ac066013 all: fix vet warnings 2020-07-16 08:39:38 -07:00
Brad Fitzpatrick
d74c9aa95b wgengine/magicsock: update comment, fix earlier commit
891898525c had a continue that meant the didCopy synchronization never ran.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-07-16 08:29:38 -07:00
Brad Fitzpatrick
c976264bd1 wgengine/magicsock: gofmt 2020-07-16 08:15:27 -07:00
Dmytro Shynkevych
f3e2b65637
wgengine/magicsock: time.Sleep -> time.After
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-16 11:04:53 -04:00
Dmytro Shynkevych
380ee76d00
wgengine/magicsock: make time.Sleep in runDerpReader respect cancellation.
Before this patch, the 250ms sleep would not be interrupted by context cancellation,
which would result in the goroutine sometimes lingering in tests (100ms grace period).

Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-16 10:45:48 -04:00
Dmytro Shynkevych
891898525c
wgengine/magicsock: make receive from didCopy respect cancellation.
Very rarely, cancellation occurs between a successful send on derpRecvCh
and a call to copyBuf on the receiving side.
Without this patch, this situation results in <-copyBuf blocking indefinitely.

Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-16 10:34:49 -04:00
Brad Fitzpatrick
a2267aae99 wgengine: only launch pingers for peers predating the discovery protocol
Peers advertising a discovery key know how to speak the discovery
protocol and do their own heartbeats to get through NATs and keep NATs
open. No need for the pinger except for with legacy peers.
2020-07-15 21:08:26 -07:00
Brad Fitzpatrick
cdfea347d0 wgengine: update for tailscale/wireguard-go API changes
* update to new HandshakeDone signature
* use new Device.IpcGetOperationFiltered call to avoid sending allowed_ips

See dd6c1c8fe1
2020-07-15 20:30:45 -07:00
David Anderson
45578b47f3 tstest/natlab: refactor PacketHandler into a larger interface.
The new interface lets implementors more precisely distinguish
local traffic from forwarded traffic, and applies different
forwarding logic within Machines for each type. This allows
Machines to be packet forwarders, which didn't quite work
with the implementation of Inject.

Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-15 14:38:33 -07:00
Dmytro Shynkevych
19867b2b6d
tstun: remove buggy-looking log line.
This log line looks buggy, even though lacking a filter is expected during bringup.
We already know if we forget to SetFilter: it breaks the magicsock test,
so no useful information is lost.

Resolves #559.

Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-15 11:48:33 -04:00
Wendi Yu
c3736250a4
wgengine: fix macos staticcheck errors (#557)
Signed-off-by: Wendi <wendi.yu@yahoo.ca>
2020-07-14 17:28:02 -06:00
Dmytro Shynkevych
3b36400e35
tsdns: response to type ANY queries
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-14 18:50:07 -04:00
Dmytro Shynkevych
2f15894a10 wgengine/magicsock: wait for derphttp client goroutine to exit
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-14 14:20:35 -04:00
Dmytro Shynkevych
30bbbe9467
wgengine/router: dns: unify on *BSD, multimode on Linux, Magic DNS (#536)
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-14 09:12:00 -04:00
Dmytro Shynkevych
61abab999e
cmd/tailscaled: graceful shutdown (#534)
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-13 06:17:58 -04:00
David Anderson
88e8456e9b wgengine/magicsock: add a connectivity test for facing firewalls.
The test demonstrates that magicsock can traverse two stateful
firewalls facing each other, that each require localhost to
initiate connections.

Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-11 07:04:08 +00:00
David Anderson
1f7b1a4c6c wgengine/magicsock: rearrange TwoDevicePing test for future natlab tests.
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-11 06:48:08 +00:00
David Anderson
977381f9cc wgengine/magicsock: make trivial natlab test pass.
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-11 01:53:21 +00:00
Brad Fitzpatrick
6c74065053 wgengine/magicsock, tstest/natlab: start hooking up natlab to magicsock
Also adds ephemeral port support to natlab.

Work in progress.

Pairing with @danderson.
2020-07-10 14:32:58 -07:00
Dmytro Shynkevych
21d1dbfce0 wgengine/tsdns: local DNS server for testing
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-10 14:56:59 -04:00
Dmytro Shynkevych
248d28671b
tsdns: fix race in delegate
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-08 20:07:14 -04:00
Brad Fitzpatrick
bd59bba8e6 wgengine/magicsock: stop discoEndpoint timers on Close
And add some defensive early returns on c.closed.
2020-07-08 16:51:17 -07:00
Brad Fitzpatrick
de875a4d87 wgengine/magicsock: remove DisableSTUNForTesting 2020-07-08 15:50:41 -07:00
Dmytro Shynkevych
67ebba90e1
tsdns: dual resolution mode, IPv6 support (#526)
This change adds to tsdns the ability to delegate lookups to upstream nameservers.
This is crucial for setting Magic DNS as the system resolver.

Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-07 15:25:32 -04:00
Brad Fitzpatrick
ce1b52bb71 wgengine/monitor: fix other potential crashes on Linux
Never return "nil, nil" anymore. The caller expected a usable
interface now. I missed some of these earlier.

Also, handle address deletion now.

Updates #532
2020-07-07 11:08:16 -07:00
Brad Fitzpatrick
4b75a27969 wgengine/monitor: fix crash on Linux on type 21 messages
Fixes #532
2020-07-07 10:45:25 -07:00
Brad Fitzpatrick
724ad13fe1 wgengine/tstun: fix alignment of 64-bit atomic field
We had a test for it, but no 32-bit builder apparently. :(

Fixes #529
2020-07-07 08:28:40 -07:00
Brad Fitzpatrick
4db60a8436 wgengine/monitor: parse Linux netlink messages, ignore our own events
Fixes tailscale/corp#412 ("flood of link change events at start-up")

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-07-06 22:42:01 -07:00
Brad Fitzpatrick
742b8b44a8 net/tsaddr: new package to hold Tailscale-specific IPs/ranges
And update existing callers with (near) duplicated cases.
2020-07-06 22:33:29 -07:00
Brad Fitzpatrick
5c6d8e3053 netcheck, tailcfg, interfaces, magicsock: survey UPnP, NAT-PMP, PCP
Don't do anything with UPnP, NAT-PMP, PCP yet, but see how common they
are in the wild.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-07-06 15:25:35 -07:00
Brad Fitzpatrick
6196b7e658 wgengine/magicsock: change API to not permit disco key changes
Generate the disco key ourselves and give out the public half instead.

Fixes #525
2020-07-06 12:10:39 -07:00
Brad Fitzpatrick
5132edacf7 wgengine/magicsock: fix data race from undocumented wireguard-go requirement
Endpoints need to be Stringers apparently.

Fixes tailscale/corp#422
2020-07-03 22:27:52 -07:00
Brad Fitzpatrick
630379a1d0 cmd/tailscale: add tailscale status region name, last write, consistently star
There's a lot of confusion around what tailscale status shows, so make it better:
show region names, last write time, and put stars around DERP too if active.

Now stars are always present if activity, and always somewhere.
2020-07-03 13:44:22 -07:00
Brad Fitzpatrick
9a8700b02a wgengine/magicsock: add discoEndpoint heartbeat
Updates #483
2020-07-03 12:43:39 -07:00
Brad Fitzpatrick
9f930ef2bf wgengine/magicsock: remove the discoEndpoint.timers map
It ended up being more complicated than it was worth.
2020-07-03 11:45:41 -07:00
Brad Fitzpatrick
f5f3885b5b wgengine/magicsock: bunch of misc discovery path cleanups
* fix tailscale status for peers using discovery
* as part of that, pull out disco address selection into reusable
  and testable discoEndpoint.addrForSendLocked
* truncate ping/pong logged hex txids in half to eliminate noise
* move a bunch of random time constants into named constants
  with docs
* track a history of per-endpoint pong replies for future use &
  status display
* add "send" and " got" prefix to discovery message logging
  immediately before the frame type so it's easier to read than
  searching for the "<-" or "->" arrows earlier in the line; but keep
  those as the more reasily machine readable part for later.

Updates #483
2020-07-03 11:26:22 -07:00
Dmytro Shynkevych
e9643ae724 wgengine: prevent log after exit in watchdog test
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-03 10:52:39 -07:00
Dmytro Shynkevych
16b2bbbbbb wgengine: close in reverse order of bringup
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-03 10:52:39 -07:00
Brad Fitzpatrick
6c70cf7222 wgengine/magicsock: stop ping timeout timer on pong receipt, misc log cleanup
Updates #483
2020-07-02 22:54:57 -07:00
Brad Fitzpatrick
c52905abaa wgengine/magicsock: log less on no-op disco route switches
Also, renew trustBestAddrUntil even if latency isn't better.
2020-07-02 11:39:05 -07:00
Brad Fitzpatrick
0f0ed3dca0 wgengine/magicsock: clean up discovery logging
Updates #483
2020-07-02 10:48:13 -07:00
Brad Fitzpatrick
056fbee4ef wgengine/magicsock: add TS_DEBUG_OMIT_LOCAL_ADDRS knob to force STUN use only
For debugging.
2020-07-02 09:53:10 -07:00
Brad Fitzpatrick
e03cc2ef57 wgengine/magicsock: populate discoOfAddr upon receiving ping frames
Updates #483
2020-07-02 08:37:46 -07:00
Brad Fitzpatrick
275a20f817 wgengine/magicsock: keep discoOfAddr populated, use it for findEndpoint
Update the mapping from ip:port to discokey, so when we retrieve a
packet from the network, we can find the same conn.Endpoint that we
gave to wireguard-go previously, without making it think we've
roamed. (We did, but we're not using its roaming.)

Updates #483
2020-07-01 22:15:41 -07:00
Brad Fitzpatrick
77e89c4a72 wgengine/magicsock: handle CallMeMaybe discovery mesages
Roughly feature complete now. Testing and polish remains.

Updates #483
2020-07-01 15:30:25 -07:00
Brad Fitzpatrick
710ee88e94 wgengine/magicsock: add timeout on discovery pings, clean up state
Updates #483
2020-07-01 14:39:21 -07:00
Brad Fitzpatrick
77d3ef36f4 wgengine/magicsock: hook up discovery messages, upgrade to LAN works
Ping messages now go out somewhat regularly, pong replies are sent,
and pong replies are now partially handled enough to upgrade off DERP
to LAN.

CallMeMaybe packets are sent & received over DERP, but aren't yet
handled. That's next (and regular maintenance timers), and then WAN
should work.

Updates #483
2020-07-01 13:00:50 -07:00