mirrors
/
tailscale
mirror of https://github.com/tailscale/tailscale.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Mirror of tailscale/tailscale@github.com
4,449 Commits 662 Branches 152 Tags 173 MiB
Go 93.8%
C 2.6%
TypeScript 1.7%
Shell 0.8%
Swift 0.4%
Other 0.4%
Go to file
Brad Fitzpatrick 58abae1f83 net/dns/{publicdns,resolver}: add NextDNS DoH support 
NextDNS is unique in that users create accounts and then get
user-specific DNS IPs & DoH URLs.

For DoH, the customer ID is in the URL path.

For IPv6, the IP address includes the customer ID in the lower bits.

For IPv4, there's a fragile "IP linking" mechanism to associate your
public IPv4 with an assigned NextDNS IPv4 and that tuple maps to your
customer ID.

We don't use the IP linking mechanism.

Instead, NextDNS is DoH-only. Which means using NextDNS necessarily
shunts all DNS traffic through 100.100.100.100 (programming the OS to
use 100.100.100.100 as the global resolver) because operating systems
can't usually do DoH themselves.

Once it's in Tailscale's DoH client, we then connect out to the known
NextDNS IPv4/IPv6 anycast addresses.

If the control plane sends the client a NextDNS IPv6 address, we then
map it to the corresponding NextDNS DoH with the same client ID, and
we dial that DoH server using the combination of v4/v6 anycast IPs.

Updates #2452

Change-Id: I3439d798d21d5fc9df5a2701839910f5bef85463
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 		2022-09-08 12:50:32 -07:00
.bencher bencher: add config to suppress failures on benchmark regressions. 2021-10-01 16:16:02 -07:00
.github CI: add `go mod tidy` workflow 2022-08-30 06:02:34 -07:00
atomicfile atomicfile: update docs to clarify behavior of argument 2022-08-13 21:31:40 -07:00
chirp chirp: add a 10s timeout when communicating with BIRD (#5444) 2022-08-27 20:49:31 -04:00
client/tailscale client,cmd/tailscale,ipn,tka,types: implement tka initialization flow 2022-08-22 11:35:16 -07:00
cmd net/dns/{publicdns,resolver}: add NextDNS DoH support 2022-09-08 12:50:32 -07:00
control tailcfg, control/controlclient, ipn/ipnlocal: add c2n (control-to-node) system 2022-08-29 15:18:40 -07:00
derp all: use syncs.AtomicValue 2022-08-04 11:52:16 -07:00
disco all: migrate more code code to net/netip directly 2022-08-02 13:59:57 -07:00
docs docs/k8s: make run.sh handle SIGINT 2022-09-04 15:50:02 -07:00
envknob ipn/ipnlocal: reject tailscale up --ssh if disabled on tailnet 2022-04-20 11:38:27 -07:00
health cmd/tailscale: surface authentication errors in status.Health (#4748) 2022-06-03 10:52:07 -07:00
hostinfo tailcfg: add Hostinfo.GoVersion 2022-08-26 18:04:15 -07:00
internal/tooldeps .github/workflows: add gofmt (goimports) check 2022-07-26 09:46:06 -07:00
ipn net/dnsfallback: cache most recent DERP map on disk (#5545) 2022-09-05 14:36:30 -04:00
jsondb jsondb: small package to load/save JSON DBs. 2022-07-12 11:56:38 -07:00
kube all: use any instead of interface{} 2022-03-17 11:35:09 -07:00
licenses licenses: update win/apple licenses 2022-09-07 14:28:24 -07:00
log wasm: drop pprof dependency 2022-06-07 12:16:16 -07:00
logpolicy logtail,logpolicy: tweak minor cosmetic things 2022-07-27 21:13:46 -07:00
logtail logtail: do not log when backing off (#5485) 2022-08-30 06:21:03 -07:00
metrics all: use testingutil.MinAllocsPerRun 2021-10-28 12:48:37 -07:00
net net/dns/{publicdns,resolver}: add NextDNS DoH support 2022-09-08 12:50:32 -07:00
packages/deb all: use any instead of interface{} 2022-03-17 11:35:09 -07:00
paths all: use syncs.AtomicValue 2022-08-04 11:52:16 -07:00
portlist syncs, all: move to using Go's new atomic types instead of ours 2022-08-04 07:47:59 -07:00
prober syncs, all: move to using Go's new atomic types instead of ours 2022-08-04 07:47:59 -07:00
safesocket all: gofmt for Go 1.19 2022-08-02 10:08:05 -07:00
scripts scripts/installer.sh: add `-y` for unattended install 2022-08-15 10:28:55 -07:00
smallzstd smallzstd: new package that constructs zstd small encoders/decoders. 2020-07-02 16:13:06 -07:00
ssh/tailssh syncs, all: move to using Go's new atomic types instead of ours 2022-08-04 07:47:59 -07:00
syncs syncs: add generic AtomicValue 2022-08-04 11:52:16 -07:00
tailcfg net/dns/{publicdns,resolver}: add NextDNS DoH support 2022-09-08 12:50:32 -07:00
tempfork all: gofmt for Go 1.19 2022-08-02 10:08:05 -07:00
tka tka: implement credential signatures (key material delegation) 2022-08-31 10:13:13 -07:00
tool .github/workflows: add tsconnect static build to wasm GitHub action 2022-07-25 18:02:22 -07:00
tsconst net/interfaces/windows: update Tailscale interface detection logic to 2021-11-08 07:44:33 -08:00
tsnet tsnet: add Server method to listener 2022-09-02 16:29:49 -07:00
tstest tailcfg, control/controlclient, ipn/ipnlocal: add c2n (control-to-node) system 2022-08-29 15:18:40 -07:00
tstime tstime/mono: fix Before function comment 2022-03-05 15:05:57 -08:00
tsweb all: gofmt for Go 1.19 2022-08-02 10:08:05 -07:00
types logger: migrate rusage syscall use to x/sys/unix 2022-08-28 08:29:41 -07:00
util util/uniq: add ModifySliceFunc (#5504) 2022-08-30 18:51:18 -04:00
version ipn/localapi: send Tailscale version in ACME User-Agent (#5499) 2022-08-30 16:48:59 -04:00
wf all: convert more code to use net/netip directly 2022-07-25 21:53:49 -07:00
wgengine wgengine/magicsock: fix panic in http debug server 2022-09-06 15:02:07 -07:00
words words: this title should have been a pun, but I chickened out (#5506) 2022-08-31 07:02:49 -07:00
.gitattributes .: add .gitattributes entry to use Go hunk-header driver 2021-12-03 17:56:02 -08:00
.gitignore Makefile: update make spk target to use the new go spk builder 2022-01-21 12:27:00 -08:00
ALPINE.txt Docker: add ALPINE.txt to manage alpine versions 2022-06-29 11:47:09 -07:00
AUTHORS Move Linux client & common packages into a public repo. 2020-02-09 09:32:57 -08:00
CODE_OF_CONDUCT.md Add a code of conduct. 2020-02-10 22:16:30 -08:00
Dockerfile docs/k8s: use job control in run.sh 2022-07-21 15:43:40 -07:00
Dockerfile.base Dockerfile: bump alpine to 3.16 2022-06-29 10:29:37 -07:00
LICENSE LICENSE: Reformat for Github 2021-01-24 16:20:22 -08:00
Makefile Makefile: add target for wasm and make it part of check 2022-08-15 09:43:35 -07:00
PATENTS Move Linux client & common packages into a public repo. 2020-02-09 09:32:57 -08:00
README.md all: require Go 1.19 2022-08-02 11:49:01 -07:00
SECURITY.md Add a SECURITY.md for vulnerability reports. 2020-02-11 10:26:41 -08:00
VERSION.txt VERSION.txt: this is 1.31 2022-08-31 06:48:24 -07:00
api.md api.md: added missing quote to POST DNS Searchpaths request body example 2022-07-21 17:44:51 -07:00
build_dist.sh build_dist.sh: add --box and --extra-small flag to produce smaller and boxed binaries 2022-07-27 16:08:52 -07:00
build_docker.sh Dockerfile: bump alpine to 3.16 2022-06-29 10:29:37 -07:00
go.mod go.mod, wgengine/wgint: bump wireguard-go 2022-09-06 11:34:30 -07:00
go.sum go.mod, wgengine/wgint: bump wireguard-go 2022-09-06 11:34:30 -07:00
go.toolchain.branch go.toolchain.rev: switch to Go 1.19rc2+ 2022-07-28 11:28:21 -07:00
go.toolchain.rev go.toolchain.rev: bump to Go 1.19.1 2022-09-07 22:13:01 -07:00
pull-toolchain.sh go.toolchain.rev: add update script 2022-01-10 14:55:04 -08:00
shell.nix shell.nix: update Go toolchain to 1.19 2022-07-29 11:25:47 -07:00
staticcheck.conf staticcheck.conf: remove unnecessary warning 2021-06-22 12:26:13 -07:00
version-embed.go Docker: add ALPINE.txt to manage alpine versions 2022-06-29 11:47:09 -07:00

README.md

Tailscale

https://tailscale.com

Private WireGuard® networks made easy

Overview

This repository contains all the open source Tailscale client code and the tailscaled daemon and tailscale CLI tool. The tailscaled daemon runs on Linux, Windows and macOS, and to varying degrees on FreeBSD, OpenBSD, and Darwin. (The Tailscale iOS and Android apps use this repo's code, but this repo doesn't contain the mobile GUI code.)

The Android app is at https://github.com/tailscale/tailscale-android

The Synology package is at https://github.com/tailscale/tailscale-synology

Using

We serve packages for a variety of distros at https://pkgs.tailscale.com .

Other clients

The macOS, iOS, and Windows clients use the code in this repository but additionally include small GUI wrappers that are not open source.

Building

go install tailscale.com/cmd/tailscale{,d}

If you're packaging Tailscale for distribution, use build_dist.sh instead, to burn commit IDs and version info into the binaries:

./build_dist.sh tailscale.com/cmd/tailscale
./build_dist.sh tailscale.com/cmd/tailscaled

If your distro has conventions that preclude the use of build_dist.sh, please do the equivalent of what it does in your distro's way, so that bug reports contain useful version information.

We require the latest Go release, currently Go 1.19.

Bugs

Please file any issues about this code or the hosted service on the issue tracker.

Contributing

PRs welcome! But please file bugs. Commit messages should reference bugs.

We require Developer Certificate of Origin Signed-off-by lines in commits.

About Us

Tailscale is primarily developed by the people at https://github.com/orgs/tailscale/people. For other contributors, see:

Legal

WireGuard is a registered trademark of Jason A. Donenfeld.