all: disable TCP keep-alives on iOS/Android

Updates #2442 Updates tailscale/corp#2750 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-09-28 07:55:22 -07:00 · 2021-09-28 07:55:22 -07:00 · 173bbaa1a1
parent a7cb241db1
commit 173bbaa1a1
6 changed files with 40 additions and 3 deletions
--- a/cmd/tailscale/depaware.txt
+++ b/cmd/tailscale/depaware.txt
@ -37,6 +37,7 @@ tailscale.com/cmd/tailscale dependencies: (generated by github.com/tailscale/dep
        tailscale.com/net/flowtrack                                  from tailscale.com/wgengine/filter+
     💣 tailscale.com/net/interfaces                                 from tailscale.com/cmd/tailscale/cli+
        tailscale.com/net/netcheck                                   from tailscale.com/cmd/tailscale/cli
+        tailscale.com/net/netknob                                    from tailscale.com/net/netns
        tailscale.com/net/netns                                      from tailscale.com/derp/derphttp+
        tailscale.com/net/packet                                     from tailscale.com/wgengine/filter
        tailscale.com/net/portmapper                                 from tailscale.com/net/netcheck+
--- a/cmd/tailscaled/depaware.txt
+++ b/cmd/tailscaled/depaware.txt
@ -121,6 +121,7 @@ tailscale.com/cmd/tailscaled dependencies: (generated by github.com/tailscale/de
        tailscale.com/net/flowtrack                                  from tailscale.com/wgengine/filter+
     💣 tailscale.com/net/interfaces                                 from tailscale.com/cmd/tailscaled+
        tailscale.com/net/netcheck                                   from tailscale.com/wgengine/magicsock
+        tailscale.com/net/netknob                                    from tailscale.com/ipn/localapi+
        tailscale.com/net/netns                                      from tailscale.com/control/controlclient+
     💣 tailscale.com/net/netstat                                    from tailscale.com/ipn/ipnserver
        tailscale.com/net/packet                                     from tailscale.com/wgengine+
--- a/ipn/localapi/localapi.go
+++ b/ipn/localapi/localapi.go
@ -28,6 +28,7 @@ import (
 	"tailscale.com/ipn"
 	"tailscale.com/ipn/ipnlocal"
 	"tailscale.com/ipn/ipnstate"
+	"tailscale.com/net/netknob"
 	"tailscale.com/tailcfg"
 	"tailscale.com/types/logger"
 	"tailscale.com/version"
@ -453,7 +454,7 @@ func getDialPeerTransport(b *ipnlocal.LocalBackend) *http.Transport {
 		t.Dial = nil
 		dialer := net.Dialer{
 			Timeout:   30 * time.Second,
-			KeepAlive: 30 * time.Second,
+			KeepAlive: netknob.PlatformTCPKeepAlive(),
 			Control:   b.PeerDialControlFunc(),
 		}
 		t.DialContext = dialer.DialContext
--- a/logpolicy/logpolicy.go
+++ b/logpolicy/logpolicy.go
@ -31,6 +31,7 @@ import (
 	"tailscale.com/atomicfile"
 	"tailscale.com/logtail"
 	"tailscale.com/logtail/filch"
+	"tailscale.com/net/netknob"
 	"tailscale.com/net/netns"
 	"tailscale.com/net/tlsdial"
 	"tailscale.com/net/tshttpproxy"
@ -582,7 +583,7 @@ func newLogtailTransport(host string) *http.Transport {
 	tr.DialContext = func(ctx context.Context, netw, addr string) (net.Conn, error) {
 		nd := netns.FromDialer(&net.Dialer{
 			Timeout:   30 * time.Second,
-			KeepAlive: 30 * time.Second,
+			KeepAlive: netknob.PlatformTCPKeepAlive(),
 		})
 		t0 := time.Now()
 		c, err := nd.DialContext(ctx, netw, addr)
--- a/net/netknob/netknob.go
+++ b/net/netknob/netknob.go
@ -0,0 +1,30 @@
+// Copyright (c) 2021 Tailscale Inc & AUTHORS All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package netknob has Tailscale network knobs.
+package netknob
+
+import (
+	"runtime"
+	"time"
+)
+
+// PlatformTCPKeepAlive returns the default net.Dialer.KeepAlive
+// value for the current runtime.GOOS.
+func PlatformTCPKeepAlive() time.Duration {
+	switch runtime.GOOS {
+	case "ios", "android":
+		// Disable TCP keep-alives on mobile platforms.
+		// See https://github.com/golang/go/issues/48622.
+		//
+		// TODO(bradfitz): in 1.17.x, try disabling TCP
+		// keep-alives on for all platforms.
+		return -1
+	}
+
+	// Otherwise, default to 30 seconds, which is mostly what we
+	// used to do. In some places we used the zero value, which Go
+	// defaults to 15 seconds. But 30 seconds is fine.
+	return 30 * time.Second
+}
--- a/net/netns/netns.go
+++ b/net/netns/netns.go
@ -19,6 +19,7 @@ import (
 	"net"

 	"inet.af/netaddr"
+	"tailscale.com/net/netknob"
 	"tailscale.com/syncs"
 )

@ -45,7 +46,9 @@ func Listener() *net.ListenConfig {
 // namespace that doesn't route back into Tailscale. It also handles
 // using a SOCKS if configured in the environment with ALL_PROXY.
 func NewDialer() Dialer {
-	return FromDialer(new(net.Dialer))
+	return FromDialer(&net.Dialer{
+		KeepAlive: netknob.PlatformTCPKeepAlive(),
+	})
 }

 // FromDialer returns sets d.Control as necessary to run in a logical