summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)AuthorFilesLines
2020-08-10net/netns, net/interfaces: move defaultRouteInterface, add Android fallbackbradfitz/linux_default_route_interfaceBrad Fitzpatrick4-56/+111
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-10derp: add basic benchmarkJosh Bleecher Snyder1-3/+64
This benchmark is far from perfect: It mixes together client and server. Still, it provides a starting point for easy profiling. Signed-off-by: Josh Bleecher Snyder <josharian@gmail.com>
2020-08-10cmd/tailscale/cli: validate advertised routes' IP address-vs-network bitsBrad Fitzpatrick4-16/+28
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-09control/controlclient: use less battery when stopped, stop map requestsBrad Fitzpatrick2-9/+71
Updates #604 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-09backoff: update to Go style, document a bit, make 30s explicitBrad Fitzpatrick4-40/+57
Also, bit of behavior change: on non-nil err but expired context, don't reset the consecutive failure count. I don't think the old behavior was intentional. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-07tailcfg, control/controlclient: support delta-encoded netmapsBrad Fitzpatrick3-7/+217
Should greatly reduce bandwidth for large networks (including our hello.ipn.dev node). Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-07derp: add server version to /debug, expvarsJosh Bleecher Snyder2-0/+6
This will make it easier for a human to tell what version is deployed, for (say) correlating line numbers in profiles or panics to corresponding source code. It'll also let us observe version changes in prometheus. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2020-08-07wgengine/router: set MTU on Windows to min(configured,possible)Brad Fitzpatrick1-0/+7
Fixes tailscale/corp#542 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-07README: update contributing sectionBrad Fitzpatrick1-4/+2
2020-08-07Update README, remove old relaynode dredgeBrad Fitzpatrick2-6/+12
2020-08-06version: new week, new dateBrad Fitzpatrick1-1/+1
2020-08-06control/controlclient: reset timeout timer on non-keepalive map updatesBrad Fitzpatrick1-9/+11
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-06go mod tidyBrad Fitzpatrick2-13/+10
2020-08-06go.mod: update to newly rebased wireguard-goJosh Bleecher Snyder2-1/+3
2020-08-06wgenginer/router: fix buildJosh Bleecher Snyder1-2/+7
Rebasing github.com/tailscale/wireguard-go to upstream wireguard-go changed the API. This commit is analogous to https://git.zx2c4.com/wireguard-windows/commit/?id=6823cc10ffe193c0cb1d61a5d1828d563d3d0e5f
2020-08-06ipn: jack up the MaxMessageSize from 1MB to 10MBBrad Fitzpatrick1-1/+1
hello.ipn.dev has a 2.5MB network map
2020-08-06wgengine: stop giving tsdns a buffer that will be reusedDmytro Shynkevych1-1/+1
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-08-06wgengine,magicsock: fix two lazy wireguard config issuesBrad Fitzpatrick4-27/+153
1) we weren't waking up a discoEndpoint that once existed and went idle for 5 minutes and then got a disco message again. 2) userspaceEngine.noteReceiveActivity had a buggy check; fixed and added a test
2020-08-06tsdns: implement reverse DNS lookups, canonicalize names everywhere. (#640)Dmytro Shynkevych5-90/+413
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-08-06control/controlclient: remove unused NetworkMap.UAPI methodBrad Fitzpatrick2-20/+13
And remove last remaining use of wgcfg.ToUAPI in a test's debug output; replace it with JSON.
2020-08-06wgengine/magicsock: fix lazy config deadlock, document more lock orderingBrad Fitzpatrick1-21/+24
This removes the atomic bool that tried to track whether we needed to acquire the lock on a future recursive call back into magicsock. Unfortunately that hack doesn't work because we also had a lock ordering issue between magicsock and userspaceEngine (see issue). This documents that too. Fixes #644
2020-08-05wgengine/monitor: log RTM_DELROUTE details, fix format stringsBrad Fitzpatrick1-2/+12
Updates #643
2020-08-05wgengine: fix deadlock between engine and magicsockBrad Fitzpatrick2-3/+8
2020-08-05logpolicy: upload early logpolicy output, log where we decide to write logsBrad Fitzpatrick1-10/+25
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-08-04ipn: put Magic DNS domains firstDmytro Shynkevych1-1/+2
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-08-04wgengine/magicsock: don't deadlock on pre-disco Endpoints w/ lazy wireguard ↵Brad Fitzpatrick1-7/+5
configs Fixes tailscale/tailscale#637
2020-08-04net/interfaces: use syscalls to find private gateway IP addressJosh Bleecher Snyder5-7/+417
iOS doesn't let you run subprocesses, which means we can't use netstat to get routing information. Instead, use syscalls and grub around in the results. We keep the old netstat version around, both for use in non-cgo builds, and for use testing the syscall-based version. Note that iOS doesn't ship route.h, so we include a copy here from the macOS 10.15 SDK (which is itself unchanged from the 10.14 SDK). I have tested manually that this yields the correct gateway IP address on my own macOS and iOS devices. More coverage would be most welcome. Signed-off-by: Josh Bleecher Snyder <josharian@gmail.com>
2020-08-04--advertise-routes option enabled in Mac tailscale CLI; it checks for IP ↵Mike Kramlich1-3/+4
forwarding enabled Signed-off-by: Mike Kramlich <groglogic@gmail.com>
2020-08-04wgengine/magicsock: when hard NAT, add stun-ipv4:static-port as candidateBrad Fitzpatrick1-0/+11
If a node is behind a hard NAT and is using an explicit local port number, assume they might've mapped a port and add their public IPv4 address with the local tailscaled's port number as a candidate endpoint.
2020-08-04wgengine/magicsock: deflake tests, Close deadlock againBrad Fitzpatrick2-15/+35
Better fix than 37903a9056d664ddbc52cce3324dc0610d81862b Fixes tailscale/corp#533
2020-08-03version: adjust to a pure semver version number, per bradfitz's proposal.David Anderson2-92/+128
Signed-off-by: David Anderson <danderson@tailscale.com>
2020-08-03control/controlclient: print disco keys NetworkMap diffs (debug change only)Brad Fitzpatrick2-2/+76
NetworkMap text diffs being empty were currently used to short-circuit calling magicsock's SetNetworkMap (via Engine.SetNetworkMap), but that went away in c7582dc2 (0.100.0-230) Prior to c7582dc2 (notably, in 0.100.0-225 and below, down to 0.100.0), a change in only disco key (as when a node restarts) but without endpoint changes (as would happen for a client not behind a NAT with random ports) could result in a "netmap diff: (none)" being printed, as well as Engine.SetNetworkMap being skipped, leading to broken discovery endpoints. c7582dc2 fixed the Engine.SetNetworkMap skippage. This change fixes the "netmap diff: (none)" print so we'll actually see when a peer restarts with identical endpoints but a new discovery key.
2020-08-01wgengine/filter: omit logging for all v6 multicast, remove debug panic :(Brad Fitzpatrick2-1/+10
2020-07-31cmd/tailscaled: ignore SIGPIPE.David Anderson1-2/+6
SIGPIPE can be generated when CLIs disconnect from tailscaled. This should not terminate the process. Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-31Revert "cmd/tailscaled: exit gracefully on SIGPIPE"David Anderson2-9/+10
tailscaled receives a SIGPIPE when CLIs disconnect from it. We shouldn't shut down in that case. This reverts commit 43b271cb26e72a94ab9ee00b19204042fea01bde. Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-31ipn: fix incorrect change tracking for packet filter.David Anderson1-17/+24
ORder of operations to trigger a problem: - Start an already authed tailscaled, verify you can ping stuff. - Run `tailscale up`. Notice you can no longer ping stuff. The problem is that `tailscale up` stops the IPN state machine before restarting it, which zeros out the packet filter but _not_ the packet filter hash. Then, upon restarting IPN, the uncleared hash incorrectly makes the code conclude that the filter doesn't need updating, and so we stay with a zero filter (reject everything) for ever. The fix is simply to update the filterHash correctly in all cases, so that running -> stopped -> running correctly changes the filter at every transition. Signed-off-by: David Anderson <danderson@tailscale.com>
2020-07-31all: dns refactor, add Proxied and PerDomain flags from control (#615)Dmytro Shynkevych31-422/+689
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-31cmd/tailscaled: exit gracefully on SIGPIPEDmytro Shynkevych1-2/+3
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-31wgengine: fix lazy wireguard config bug on sent packet minute+ laterBrad Fitzpatrick1-5/+22
A comparison operator was backwards. The bad case went: * device A send packet to B at t=1s * B gets added to A's wireguard config * B gets packet (5 minutes pass) * some other activity happens, causing B to expire to be removed from A's network map, since it's been over 5 minutes since sent or received activity * device A sends packet to B at t=5m1s * normally, B would get added back, but the old send time was not zero (we sent earlier!) and the time comparison was backwards, so we never regenerated the wireguard config. This also refactors the code for legibility and moves constants up top, with comments.
2020-07-31net/interfaces: don't try to fork on iOS in likelyHomeRouterIPDarwinBrad Fitzpatrick1-0/+8
No subprocesses allowed on iOS. Will need to do this differently later.
2020-07-31router: split off sandboxed path from router_darwin (#624)Dmytro Shynkevych4-86/+22
Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
2020-07-30wgengine/magicsock: remove TODO comment that's no longer applicableBrad Fitzpatrick1-1/+0
2020-07-31tailscaled.service: use default restart limitingDavid Crawshaw1-2/+0
It appears that systemd has sensible defaults for limiting crash loops: DefaultStartLimitIntervalSec=10s DefaultStartLimitBurst=5 Remove our insta-restart configuration so that it works. Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-07-30wgengine/magicsock: stop disco activity on IPN stopBrad Fitzpatrick2-5/+29
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-07-30wgengine/magicsock: merge errClosed and errConnClosedBrad Fitzpatrick1-3/+1
2020-07-30wgengine/filter: remove leftover debug knob that staticcheck doesn't likeBrad Fitzpatrick1-4/+0
2020-07-30wgengine/filter: fix IPv4 IGMP spam omission, also omit ff02::16 spamBrad Fitzpatrick4-9/+95
And add tests. Fixes #618 Updates #402
2020-07-30cmd/tailscaled: log on shutdown signalBrad Fitzpatrick1-1/+2
2020-07-30version: revert the filepath change from earlier commitBrad Fitzpatrick1-11/+16
f81233524fddeec450940af8dc1a0dd8841bf28c changed a use of package 'path' to 'filepath'. Restore it back to 'path', with a comment. Also, use the os.Executable-based fallback name in the case where the binary itself doesn't have Go module information. That was overlooked in the original code.
2020-07-30logpolicy: remove inaccurate comment, conditional tryFixLogStateLocation callBrad Fitzpatrick1-13/+12
What I was probably actually hitting was exe caching issues where the binary was updated on a SMB shared drive and I tried to run it with the GUI exe still open, so Windows blends the two pages together and causes all sorts of random corruption. I didn't know about that at the time. Now, just call tryFixLogStateLocation unconditionally. The func itself will bail out early on non-applicable OSes. (And rearrange it to return even a bit earlier.)
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.