mirror of
https://github.com/tailscale/tailscale.git
synced 2024-11-29 04:55:31 +00:00
01a7726cf7
cmd/containerboot,cmd/k8s-operator: enable IPv6 for fqdn egress proxies Don't skip installing egress forwarding rules for IPv6 (as long as the host supports IPv6), and set headless services `ipFamilyPolicy` to `PreferDualStack` to optionally enable both IP families when possible. Note that even with `PreferDualStack` set, testing a dual-stack GKE cluster with the default DNS setup of kube-dns did not correctly set both A and AAAA records for the headless service, and instead only did so when switching the cluster DNS to Cloud DNS. For both IPv4 and IPv6 to work simultaneously in a dual-stack cluster, we require headless services to return both A and AAAA records. If the host doesn't support IPv6 but the FQDN specified only has IPv6 addresses available, containerboot will exit with error code 1 and an error message because there is no viable egress route. Fixes #12215 Signed-off-by: Tom Proctor <tomhjp@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| linuxfwtest | ||
| detector.go | ||
| fake.go | ||
| helpers.go | ||
| iptables_runner_test.go | ||
| iptables_runner.go | ||
| iptables.go | ||
| linuxfw_unsupported.go | ||
| linuxfw.go | ||
| nftables_runner_test.go | ||
| nftables_runner.go | ||
| nftables_types.go | ||
| nftables.go | ||