The easiest, most secure way to use WireGuard and 2FA http://git.waynecole.info/tailscale/atom?h=clairew%2Fsuggest-non-mullvad-exit-node 2024-02-20T21:25:50Z 2024-02-20T21:25:50Z Claire Wang claire@tailscale.com 2024-02-13T14:11:02Z urn:sha1:343b29e9715f4d85ed5eaa583d692a8467ee9ad7 Updates tailscale/corp#17516 Signed-off-by: Claire Wang <claire@tailscale.com> 2024-01-23T17:37:32Z Jordan Whited jordan@tailscale.com 2024-01-23T17:37:32Z urn:sha1:8b47322acc2f3dabff40cbc4dcee9576f4d19bc5 This commit implements probing of UDP path lifetime on the tail end of an active direct connection. Probing configuration has two parts - Cliffs, which are various timeout cliffs of interest, and CycleCanStartEvery, which limits how often a probing cycle can start, per-endpoint. Initially a statically defined default configuration will be used. The default configuration has cliffs of 10s, 30s, and 60s, with a CycleCanStartEvery of 24h. Probing results are communicated via clientmetric counters. Probing is off by default, and can be enabled via control knob. Probing is purely informational and does not yet drive any magicsock behaviors. Updates #540 Signed-off-by: Jordan Whited <jordan@tailscale.com> 2024-01-04T17:29:04Z James 'zofrex' Sanderson jsanderson@tailscale.com 2024-01-04T17:29:04Z urn:sha1:10c595d962a43fa1c01642e1ea295b7eb98e74a6 Updates tailscale/corp#16016 Signed-off-by: James Sanderson <jsanderson@tailscale.com> Co-authored-by: Maisem Ali <maisem@tailscale.com> 2023-12-05T19:22:02Z Naman Sood mail@nsood.in 2023-12-04T17:08:56Z urn:sha1:0a59754eda9f26ce3aa01be6a610a5a92e968ee1 Updates tailscale/corp#14029. Signed-off-by: Naman Sood <mail@nsood.in> 2023-11-13T18:05:04Z Jordan Whited jordan@tailscale.com 2023-11-13T18:05:04Z urn:sha1:e84873692706002db42db5ff07179470c6aa50e6 This change exposes SilentDisco as a control knob, and plumbs it down to magicsock.endpoint. No changes are being made to magicsock.endpoint disco behavior, yet. Updates #540 Signed-off-by: Jordan Whited <jordan@tailscale.com> Co-authored-by: Brad Fitzpatrick <bradfitz@tailscale.com> 2023-09-25T20:42:07Z Andrew Dunham andrew@du.nham.ca 2023-09-07T20:27:50Z urn:sha1:530aaa52f1ff8942467768a67711e222e7911680 We weren't correctly retrying truncated requests to an upstream DNS server with TCP. Instead, we'd return a truncated request to the user, even if the user was querying us over TCP and thus able to handle a large response. Also, add an envknob and controlknob to allow users/us to disable this behaviour if it turns out to be buggy (✨ DNS ✨). Updates #9264 Signed-off-by: Andrew Dunham <andrew@du.nham.ca> Change-Id: Ifb04b563839a9614c0ba03e9c564e8924c1a2bfd 2023-09-21T11:17:12Z Val valerie@tailscale.com 2023-09-21T09:31:48Z urn:sha1:65dc711c7645a5d7de7f6b2a748fa9e4d0e5f080 Add a nodeAttr to enable/disable peer path MTU discovery. Updates #311 Signed-off-by: Val <valerie@tailscale.com> 2023-09-18T19:00:34Z Maisem Ali maisem@tailscale.com 2023-09-18T15:52:22Z urn:sha1:19a9d9037f9770adb2cc4b812aeb1f1ff02da5af Like PeerCapMap, add a field to `tailcfg.Node` which provides a map of Capability to raw JSON messages which are deferred to be parsed later by the application code which cares about the specific capabilities. This effectively allows us to prototype new behavior without having to commit to a schema in tailcfg, and it also opens up the possibilities to develop custom behavior in tsnet applications w/o having to plumb through application specific data in the MapResponse. Updates #4217 Signed-off-by: Maisem Ali <maisem@tailscale.com> 2023-09-17T20:16:29Z Maisem Ali maisem@tailscale.com 2023-09-06T17:17:25Z urn:sha1:a61caea9111b8304414be768a89063721a5ae46c Instead of untyped string, add a type to identify these. Updates #cleanup Signed-off-by: Maisem Ali <maisem@tailscale.com> 2023-09-12T19:44:35Z Brad Fitzpatrick bradfitz@tailscale.com 2023-09-12T19:36:53Z urn:sha1:9203916a4aca8efa520eb326de55491c375ab742 Updates #cleanup Change-Id: I2b8b6ac97589270f307bfb20e33674894ce873b5 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>