From 173bbaa1a11d49adb370c1c9e02b20e7cf6c598b Mon Sep 17 00:00:00 2001 From: Brad Fitzpatrick Date: Tue, 28 Sep 2021 07:55:22 -0700 Subject: [PATCH] all: disable TCP keep-alives on iOS/Android Updates #2442 Updates tailscale/corp#2750 Signed-off-by: Brad Fitzpatrick --- cmd/tailscale/depaware.txt | 1 + cmd/tailscaled/depaware.txt | 1 + ipn/localapi/localapi.go | 3 ++- logpolicy/logpolicy.go | 3 ++- net/netknob/netknob.go | 30 ++++++++++++++++++++++++++++++ net/netns/netns.go | 5 ++++- 6 files changed, 40 insertions(+), 3 deletions(-) create mode 100644 net/netknob/netknob.go diff --git a/cmd/tailscale/depaware.txt b/cmd/tailscale/depaware.txt index fc2a1d061..74ff370c5 100644 --- a/cmd/tailscale/depaware.txt +++ b/cmd/tailscale/depaware.txt @@ -37,6 +37,7 @@ tailscale.com/cmd/tailscale dependencies: (generated by github.com/tailscale/dep tailscale.com/net/flowtrack from tailscale.com/wgengine/filter+ 💣 tailscale.com/net/interfaces from tailscale.com/cmd/tailscale/cli+ tailscale.com/net/netcheck from tailscale.com/cmd/tailscale/cli + tailscale.com/net/netknob from tailscale.com/net/netns tailscale.com/net/netns from tailscale.com/derp/derphttp+ tailscale.com/net/packet from tailscale.com/wgengine/filter tailscale.com/net/portmapper from tailscale.com/net/netcheck+ diff --git a/cmd/tailscaled/depaware.txt b/cmd/tailscaled/depaware.txt index b9606c7a3..1f8172320 100644 --- a/cmd/tailscaled/depaware.txt +++ b/cmd/tailscaled/depaware.txt @@ -121,6 +121,7 @@ tailscale.com/cmd/tailscaled dependencies: (generated by github.com/tailscale/de tailscale.com/net/flowtrack from tailscale.com/wgengine/filter+ 💣 tailscale.com/net/interfaces from tailscale.com/cmd/tailscaled+ tailscale.com/net/netcheck from tailscale.com/wgengine/magicsock + tailscale.com/net/netknob from tailscale.com/ipn/localapi+ tailscale.com/net/netns from tailscale.com/control/controlclient+ 💣 tailscale.com/net/netstat from tailscale.com/ipn/ipnserver tailscale.com/net/packet from tailscale.com/wgengine+ diff --git a/ipn/localapi/localapi.go b/ipn/localapi/localapi.go index e00dd3a00..9d6c3d442 100644 --- a/ipn/localapi/localapi.go +++ b/ipn/localapi/localapi.go @@ -28,6 +28,7 @@ import ( "tailscale.com/ipn" "tailscale.com/ipn/ipnlocal" "tailscale.com/ipn/ipnstate" + "tailscale.com/net/netknob" "tailscale.com/tailcfg" "tailscale.com/types/logger" "tailscale.com/version" @@ -453,7 +454,7 @@ func getDialPeerTransport(b *ipnlocal.LocalBackend) *http.Transport { t.Dial = nil dialer := net.Dialer{ Timeout: 30 * time.Second, - KeepAlive: 30 * time.Second, + KeepAlive: netknob.PlatformTCPKeepAlive(), Control: b.PeerDialControlFunc(), } t.DialContext = dialer.DialContext diff --git a/logpolicy/logpolicy.go b/logpolicy/logpolicy.go index bc61e47f4..7b0bf6bf7 100644 --- a/logpolicy/logpolicy.go +++ b/logpolicy/logpolicy.go @@ -31,6 +31,7 @@ import ( "tailscale.com/atomicfile" "tailscale.com/logtail" "tailscale.com/logtail/filch" + "tailscale.com/net/netknob" "tailscale.com/net/netns" "tailscale.com/net/tlsdial" "tailscale.com/net/tshttpproxy" @@ -582,7 +583,7 @@ func newLogtailTransport(host string) *http.Transport { tr.DialContext = func(ctx context.Context, netw, addr string) (net.Conn, error) { nd := netns.FromDialer(&net.Dialer{ Timeout: 30 * time.Second, - KeepAlive: 30 * time.Second, + KeepAlive: netknob.PlatformTCPKeepAlive(), }) t0 := time.Now() c, err := nd.DialContext(ctx, netw, addr) diff --git a/net/netknob/netknob.go b/net/netknob/netknob.go new file mode 100644 index 000000000..9479ee898 --- /dev/null +++ b/net/netknob/netknob.go @@ -0,0 +1,30 @@ +// Copyright (c) 2021 Tailscale Inc & AUTHORS All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Package netknob has Tailscale network knobs. +package netknob + +import ( + "runtime" + "time" +) + +// PlatformTCPKeepAlive returns the default net.Dialer.KeepAlive +// value for the current runtime.GOOS. +func PlatformTCPKeepAlive() time.Duration { + switch runtime.GOOS { + case "ios", "android": + // Disable TCP keep-alives on mobile platforms. + // See https://github.com/golang/go/issues/48622. + // + // TODO(bradfitz): in 1.17.x, try disabling TCP + // keep-alives on for all platforms. + return -1 + } + + // Otherwise, default to 30 seconds, which is mostly what we + // used to do. In some places we used the zero value, which Go + // defaults to 15 seconds. But 30 seconds is fine. + return 30 * time.Second +} diff --git a/net/netns/netns.go b/net/netns/netns.go index 994fb8fac..f3f7e0291 100644 --- a/net/netns/netns.go +++ b/net/netns/netns.go @@ -19,6 +19,7 @@ import ( "net" "inet.af/netaddr" + "tailscale.com/net/netknob" "tailscale.com/syncs" ) @@ -45,7 +46,9 @@ func Listener() *net.ListenConfig { // namespace that doesn't route back into Tailscale. It also handles // using a SOCKS if configured in the environment with ALL_PROXY. func NewDialer() Dialer { - return FromDialer(new(net.Dialer)) + return FromDialer(&net.Dialer{ + KeepAlive: netknob.PlatformTCPKeepAlive(), + }) } // FromDialer returns sets d.Control as necessary to run in a logical