mirrors
/
tailscale
mirror of https://github.com/tailscale/tailscale.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

wgengine: only launch pingers for peers predating the discovery protocol 

Peers advertising a discovery key know how to speak the discovery
protocol and do their own heartbeats to get through NATs and keep NATs
open. No need for the pinger except for with legacy peers.
This commit is contained in:
Brad Fitzpatrick 2020-07-15 21:08:25 -07:00
parent cdfea347d0
commit a2267aae99
2 changed files with 23 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
wgengine/magicsock/magicsock.go
View File

@ -528,6 +528,14 @@ func (c *Conn) DiscoPublicKey() tailcfg.DiscoKey {
return c.discoPublic return c.discoPublic
} }
// PeerHasDiscoKey reports whether peer k supports discovery keys (client version 0.100.0+).
func (c *Conn) PeerHasDiscoKey(k tailcfg.NodeKey) bool {
c.mu.Lock()
defer c.mu.Unlock()
_, ok := c.discoOfNode[k]
return ok
}
// c.mu must NOT be held. // c.mu must NOT be held.
func (c *Conn) setNearestDERP(derpNum int) (wantDERP bool) { func (c *Conn) setNearestDERP(derpNum int) (wantDERP bool) {
c.mu.Lock() c.mu.Lock()

16
wgengine/userspace.go
View File

@ -86,7 +86,7 @@ type userspaceEngine struct {
statusCallback StatusCallback statusCallback StatusCallback
peerSequence []wgcfg.Key peerSequence []wgcfg.Key
endpoints []string endpoints []string
pingers map[wgcfg.Key]*pinger pingers map[wgcfg.Key]*pinger // legacy pingers for pre-discovery peers
linkState *interfaces.State linkState *interfaces.State
// Lock ordering: wgLock, then mu. // Lock ordering: wgLock, then mu.
@ -243,6 +243,14 @@ func newUserspaceEngineAdvanced(conf EngineConfig) (_ Engine, reterr error) {
// here. // here.
go e.RequestStatus() go e.RequestStatus()
if e.magicConn.PeerHasDiscoKey(tailcfg.NodeKey(peerKey)) {
e.logf("wireguard handshake complete for %v", peerKey.ShortString())
// This is a modern peer with discovery support. No need to send pings.
return
}
e.logf("wireguard handshake complete for %v; sending legacy pings", peerKey.ShortString())
// Ping every single-IP that peer routes. // Ping every single-IP that peer routes.
// These synthetic packets are used to traverse NATs. // These synthetic packets are used to traverse NATs.
var ips []wgcfg.IP var ips []wgcfg.IP
@ -422,6 +430,9 @@ func (e *userspaceEngine) pollResolver() {
// //
// These generated packets are used to ensure we trigger the spray logic in // These generated packets are used to ensure we trigger the spray logic in
// the magicsock package for NAT traversal. // the magicsock package for NAT traversal.
//
// These are only used with legacy peers (before 0.100.0) that don't
// have advertised discovery keys.
type pinger struct { type pinger struct {
e *userspaceEngine e *userspaceEngine
done chan struct{} // closed after shutdown (not the ctx.Done() chan) done chan struct{} // closed after shutdown (not the ctx.Done() chan)
@ -494,6 +505,9 @@ func (p *pinger) run(ctx context.Context, peerKey wgcfg.Key, ips []wgcfg.IP, src
// //
// These generated packets are used to ensure we trigger the spray logic in // These generated packets are used to ensure we trigger the spray logic in
// the magicsock package for NAT traversal. // the magicsock package for NAT traversal.
//
// This is only used with legacy peers (before 0.100.0) that don't
// have advertised discovery keys.
func (e *userspaceEngine) pinger(peerKey wgcfg.Key, ips []wgcfg.IP) { func (e *userspaceEngine) pinger(peerKey wgcfg.Key, ips []wgcfg.IP) {
e.logf("generating initial ping traffic to %s (%v)", peerKey.ShortString(), ips) e.logf("generating initial ping traffic to %s (%v)", peerKey.ShortString(), ips)
var srcIP packet.IP var srcIP packet.IP