Brad Fitzpatrick
85c3d17b3c
wgengine/magicsock: use disco ping src as a candidate endpoint
...
Consider:
Hard NAT (A) <---> Hard NAT w/ mapped port (B)
If A sends a packet to B's mapped port, A can disco ping B directly,
with low latency, without DERP.
But B couldn't establish a path back to A and needed to use DERP,
despite already logging about A's endpoint and adding a mapping to it
for other purposes (the wireguard conn.Endpoint lookup also needed
it).
This adds the tracking to discoEndpoint too so it'll be used for
finding a path back.
Fixes tailscale/corp#556
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-12 21:33:43 -07:00
Brad Fitzpatrick
0512fd89a1
wgengine/magicsock: simplify handlePingLocked
...
It's no longer true that 'de may be nil'
2020-08-12 19:25:38 -07:00
David Anderson
37c19970b3
derp: add a debug option to verbosely log drops to a destination.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-08-12 15:27:01 -07:00
Josh Bleecher Snyder
909c165382
derp: remove two key.Public allocations
...
Reading and writing a [32]byte key to a bufio.Reader/bufio.Writer
can easily by done without allocating. Do so.
It is slower; on my machine, it adds about 100ns per read/write.
However, the overall request takes a minimum of several µs,
and it cuts allocations meaningfully, so it is probably worth it.
name old time/op new time/op delta
SendRecv/msgsize=10-8 9.21µs ± 9% 9.08µs ± 8% ~ (p=0.250 n=15+15)
SendRecv/msgsize=100-8 6.51µs ± 9% 6.60µs ± 7% ~ (p=0.259 n=15+13)
SendRecv/msgsize=1000-8 7.24µs ±13% 7.61µs ±36% ~ (p=1.000 n=11+15)
SendRecv/msgsize=10000-8 19.5µs ±15% 19.9µs ±25% ~ (p=0.890 n=14+15)
name old speed new speed delta
SendRecv/msgsize=10-8 1.09MB/s ± 8% 1.10MB/s ± 8% ~ (p=0.286 n=15+15)
SendRecv/msgsize=100-8 15.4MB/s ± 8% 15.1MB/s ± 6% ~ (p=0.129 n=15+12)
SendRecv/msgsize=1000-8 139MB/s ±15% 135MB/s ±28% ~ (p=1.000 n=11+15)
SendRecv/msgsize=10000-8 516MB/s ±17% 506MB/s ±21% ~ (p=0.880 n=14+15)
name old alloc/op new alloc/op delta
SendRecv/msgsize=10-8 170B ± 1% 108B ± 1% -36.63% (p=0.000 n=15+15)
SendRecv/msgsize=100-8 265B ± 1% 203B ± 1% -23.34% (p=0.000 n=15+15)
SendRecv/msgsize=1000-8 1.18kB ± 1% 1.12kB ± 0% -5.31% (p=0.000 n=14+14)
SendRecv/msgsize=10000-8 18.8kB ± 2% 18.8kB ± 2% ~ (p=0.443 n=12+12)
name old allocs/op new allocs/op delta
SendRecv/msgsize=10-8 4.00 ± 0% 2.00 ± 0% -50.00% (p=0.000 n=15+15)
SendRecv/msgsize=100-8 4.00 ± 0% 2.00 ± 0% -50.00% (p=0.000 n=15+15)
SendRecv/msgsize=1000-8 4.00 ± 0% 2.00 ± 0% -50.00% (p=0.000 n=15+15)
SendRecv/msgsize=10000-8 5.00 ± 0% 3.00 ± 0% -40.00% (p=0.000 n=13+14)
Signed-off-by: Josh Bleecher Snyder <josharian@gmail.com>
2020-08-12 15:15:58 -07:00
Brad Fitzpatrick
b983e5340f
wgengine/monitor: add, clean up netlink logging on route changes
...
Updates #643
2020-08-12 13:27:14 -07:00
Mike Kramlich
6fa7a9a055
wgengine/router/router_userspace_bsd: on Mac the route program syntax expects delete not del -- this had caused router reconfig to fail in some cases. Fixes #673
...
Signed-off-by: Mike Kramlich <groglogic@gmail.com>
2020-08-12 13:22:19 -07:00
Dmytro Shynkevych
95a18f815c
router/dns: detect host endianness for NetworkManager.
...
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-08-12 16:13:05 -04:00
Brad Fitzpatrick
b97aac1718
net/interfaces: include DefaultRouteInterface in interfaces.State
...
And log it in wgengine on change. Changing bug in #643 .
Updates #643
2020-08-12 12:48:34 -07:00
Brad Fitzpatrick
75225368a4
derp: fix 32-bit struct field alignment
2020-08-11 13:50:16 -07:00
David Anderson
15949ad77d
derp: export the new expvar.
2020-08-11 19:59:08 +00:00
David Anderson
13661e195a
derp: rename "wireguard" packet type to "other".
...
Strictly speaking, we don't know that it's a wireguard packet, just that
it doesn't look like a disco packet.
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-08-11 19:30:39 +00:00
David Anderson
1b5b59231b
derp: break down received packets by kind (disco vs. wireguard).
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-08-11 19:16:28 +00:00
David Anderson
c2b63ba363
cmd/microproxy: add a quick hack for some malformed variables.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-08-11 17:22:45 +00:00
Brad Fitzpatrick
5a0c37aafd
logpolicy: consider /var/lib/tailscale when no STATE_DIRECTORY
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-10 20:44:32 -07:00
Brad Fitzpatrick
1f7a7a4ffe
tailcfg: add missing Node.DERP check in Node.Equals
...
Updates tailscale/corp#549
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-10 19:46:22 -07:00
Brad Fitzpatrick
4e63a4fda3
cmd/tailscale/cli: remove already done TODO
2020-08-10 19:41:39 -07:00
Josh Bleecher Snyder
a9b1e3f9e8
net/interfaces: remove old debug old
...
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2020-08-10 14:28:16 -07:00
Josh Bleecher Snyder
e577303dc7
derp: make writeUint32 and readUint32 not allocate
...
The allocations are small, but they're easy enough to avoid.
And it removes some clutter from the pprof output.
name old time/op new time/op delta
SendRecv/msgsize=10-8 10.1µs ± 9% 9.7µs ± 7% -3.45% (p=0.035 n=14+14)
SendRecv/msgsize=100-8 8.12µs ± 7% 7.38µs ± 9% -9.02% (p=0.000 n=15+15)
SendRecv/msgsize=1000-8 9.51µs ±25% 8.76µs ±22% ~ (p=0.202 n=15+15)
SendRecv/msgsize=10000-8 21.1µs ±25% 19.9µs ±14% ~ (p=0.270 n=15+14)
WriteUint32-8 25.1ns ± 4% 21.3ns ±12% -15.01% (p=0.000 n=14+14)
ReadUint32-8 35.4ns ± 4% 21.9ns ± 4% -38.06% (p=0.000 n=15+15)
name old alloc/op new alloc/op delta
SendRecv/msgsize=10-8 182B ± 2% 169B ± 1% -7.22% (p=0.000 n=15+13)
SendRecv/msgsize=100-8 282B ± 1% 265B ± 1% -5.85% (p=0.000 n=15+15)
SendRecv/msgsize=1000-8 1.19kB ± 1% 1.18kB ± 0% -1.26% (p=0.000 n=14+15)
SendRecv/msgsize=10000-8 19.3kB ± 4% 18.7kB ± 4% -3.44% (p=0.006 n=12+12)
WriteUint32-8 4.00B ± 0% 0.00B -100.00% (p=0.000 n=15+15)
ReadUint32-8 4.00B ± 0% 0.00B -100.00% (p=0.000 n=15+15)
name old allocs/op new allocs/op delta
SendRecv/msgsize=10-8 8.00 ± 0% 4.00 ± 0% -50.00% (p=0.000 n=15+15)
SendRecv/msgsize=100-8 8.00 ± 0% 4.00 ± 0% -50.00% (p=0.000 n=15+15)
SendRecv/msgsize=1000-8 8.00 ± 0% 4.00 ± 0% -50.00% (p=0.000 n=15+15)
SendRecv/msgsize=10000-8 8.47 ±17% 5.00 ± 0% -40.94% (p=0.000 n=15+14)
WriteUint32-8 1.00 ± 0% 0.00 -100.00% (p=0.000 n=15+15)
ReadUint32-8 1.00 ± 0% 0.00 -100.00% (p=0.000 n=15+15)
Signed-off-by: Josh Bleecher Snyder <josharian@gmail.com>
2020-08-10 14:15:37 -07:00
Josh Bleecher Snyder
355c6296f0
derp: add readUint32 and writeUint32 benchmarks
...
These aren't particularly performance critical,
but since I have an optimization pending for them,
it's worth having a corresponding benchmark.
Signed-off-by: Josh Bleecher Snyder <josharian@gmail.com>
2020-08-10 14:15:37 -07:00
Brad Fitzpatrick
25b021388b
net/netns, net/interfaces: move defaultRouteInterface, add Android fallback
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-10 13:02:47 -07:00
Brad Fitzpatrick
84dc891843
cmd/tailscale/cli: add ping subcommand
...
For example:
$ tailscale ping -h
USAGE
ping <hostname-or-IP>
FLAGS
-c 10 max number of pings to send
-stop-once-direct true stop once a direct path is established
-verbose false verbose output
$ tailscale ping mon.ts.tailscale.com
pong from monitoring (100.88.178.64) via DERP(sfo) in 65ms
pong from monitoring (100.88.178.64) via DERP(sfo) in 252ms
pong from monitoring (100.88.178.64) via [2604:a880:2:d1::36:d001]:41641 in 33ms
Fixes #661
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-10 12:50:56 -07:00
Josh Bleecher Snyder
d65e2632ab
derp: add basic benchmark
...
This benchmark is far from perfect: It mixes together
client and server. Still, it provides a starting point
for easy profiling.
Signed-off-by: Josh Bleecher Snyder <josharian@gmail.com>
2020-08-10 09:58:34 -07:00
Brad Fitzpatrick
87cbc067c2
cmd/tailscale/cli: validate advertised routes' IP address-vs-network bits
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-10 09:16:49 -07:00
Brad Fitzpatrick
a275b9d7aa
control/controlclient: use less battery when stopped, stop map requests
...
Updates #604
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-09 09:36:35 -07:00
Brad Fitzpatrick
dd97111d06
backoff: update to Go style, document a bit, make 30s explicit
...
Also, bit of behavior change: on non-nil err but expired context,
don't reset the consecutive failure count. I don't think the old
behavior was intentional.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-09 09:36:26 -07:00
Brad Fitzpatrick
696020227c
tailcfg, control/controlclient: support delta-encoded netmaps
...
Should greatly reduce bandwidth for large networks (including our
hello.ipn.dev node).
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-07 21:49:49 -07:00
Josh Bleecher Snyder
b23f2263c1
derp: add server version to /debug, expvars
...
This will make it easier for a human to tell what
version is deployed, for (say) correlating line numbers
in profiles or panics to corresponding source code.
It'll also let us observe version changes in prometheus.
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2020-08-07 12:46:02 -07:00
Brad Fitzpatrick
c64a43a734
wgengine/router: set MTU on Windows to min(configured,possible)
...
Fixes tailscale/corp#542
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-07 12:16:12 -07:00
Brad Fitzpatrick
9318b4758c
README: update contributing section
2020-08-07 08:28:56 -07:00
Brad Fitzpatrick
6818bb843d
Update README, remove old relaynode dredge
2020-08-07 08:25:25 -07:00
Brad Fitzpatrick
24f78eff62
version: new week, new date
2020-08-06 21:30:59 -07:00
Brad Fitzpatrick
5590daa97d
control/controlclient: reset timeout timer on non-keepalive map updates
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-06 21:30:17 -07:00
Brad Fitzpatrick
b840e7dd5b
go mod tidy
2020-08-06 21:24:09 -07:00
Josh Bleecher Snyder
1b27eb431a
go.mod: update to newly rebased wireguard-go
2020-08-06 17:50:31 -07:00
Josh Bleecher Snyder
2622e8e082
wgenginer/router: fix build
...
Rebasing github.com/tailscale/wireguard-go to upstream
wireguard-go changed the API.
This commit is analogous to
https://git.zx2c4.com/wireguard-windows/commit/?id=6823cc10ffe193c0cb1d61a5d1828d563d3d0e5f
2020-08-06 17:37:05 -07:00
Brad Fitzpatrick
b62b07bc2d
ipn: jack up the MaxMessageSize from 1MB to 10MB
...
hello.ipn.dev has a 2.5MB network map
2020-08-06 15:42:23 -07:00
Dmytro Shynkevych
cb01058a53
wgengine: stop giving tsdns a buffer that will be reused
...
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-08-06 18:11:50 -04:00
Brad Fitzpatrick
9a346fd8b4
wgengine,magicsock: fix two lazy wireguard config issues
...
1) we weren't waking up a discoEndpoint that once existed and
went idle for 5 minutes and then got a disco message again.
2) userspaceEngine.noteReceiveActivity had a buggy check; fixed
and added a test
2020-08-06 15:02:29 -07:00
Dmytro Shynkevych
78c2e1ff83
tsdns: implement reverse DNS lookups, canonicalize names everywhere. ( #640 )
...
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-08-06 14:25:28 -04:00
Brad Fitzpatrick
41c4560592
control/controlclient: remove unused NetworkMap.UAPI method
...
And remove last remaining use of wgcfg.ToUAPI in a test's debug
output; replace it with JSON.
2020-08-06 10:30:18 -07:00
Brad Fitzpatrick
cff737786e
wgengine/magicsock: fix lazy config deadlock, document more lock ordering
...
This removes the atomic bool that tried to track whether we needed to acquire
the lock on a future recursive call back into magicsock. Unfortunately that
hack doesn't work because we also had a lock ordering issue between magicsock
and userspaceEngine (see issue). This documents that too.
Fixes #644
2020-08-06 08:43:48 -07:00
Brad Fitzpatrick
43bc86588e
wgengine/monitor: log RTM_DELROUTE details, fix format strings
...
Updates #643
2020-08-05 20:44:05 -07:00
Brad Fitzpatrick
2bd9ad4b40
wgengine: fix deadlock between engine and magicsock
2020-08-05 16:37:15 -07:00
Brad Fitzpatrick
5db529a655
logpolicy: upload early logpolicy output, log where we decide to write logs
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-05 15:04:28 -07:00
Dmytro Shynkevych
934c63115e
ipn: put Magic DNS domains first
...
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-08-04 20:13:30 -04:00
Brad Fitzpatrick
7c38db0c97
wgengine/magicsock: don't deadlock on pre-disco Endpoints w/ lazy wireguard configs
...
Fixes tailscale/tailscale#637
2020-08-04 17:06:05 -07:00
Josh Bleecher Snyder
a16a793605
net/interfaces: use syscalls to find private gateway IP address
...
iOS doesn't let you run subprocesses,
which means we can't use netstat to get routing information.
Instead, use syscalls and grub around in the results.
We keep the old netstat version around,
both for use in non-cgo builds,
and for use testing the syscall-based version.
Note that iOS doesn't ship route.h,
so we include a copy here from the macOS 10.15 SDK
(which is itself unchanged from the 10.14 SDK).
I have tested manually that this yields the correct
gateway IP address on my own macOS and iOS devices.
More coverage would be most welcome.
Signed-off-by: Josh Bleecher Snyder <josharian@gmail.com>
2020-08-04 15:45:56 -07:00
Mike Kramlich
08949d4ef1
--advertise-routes option enabled in Mac tailscale CLI; it checks for IP forwarding enabled
...
Signed-off-by: Mike Kramlich <groglogic@gmail.com>
2020-08-04 10:49:34 -07:00
Brad Fitzpatrick
4987a7d46c
wgengine/magicsock: when hard NAT, add stun-ipv4:static-port as candidate
...
If a node is behind a hard NAT and is using an explicit local port
number, assume they might've mapped a port and add their public IPv4
address with the local tailscaled's port number as a candidate endpoint.
2020-08-04 09:48:34 -07:00
Brad Fitzpatrick
bfcb0aa0be
wgengine/magicsock: deflake tests, Close deadlock again
...
Better fix than 37903a9056d664ddbc52cce3324dc0610d81862b
Fixes tailscale/corp#533
2020-08-04 09:36:38 -07:00