tailscale/derp
Brad Fitzpatrick 73280595a8 derp: accept dup clients without closing prior's connection
A public key should only have max one connection to a given
DERP node (or really: one connection to a node in a region).

But if people clone their machine keys (e.g. clone their VM, Raspbery
Pi SD card, etc), then we can get into a situation where a public key
is connected multiple times.

Originally, the DERP server handled this by just kicking out a prior
connections whenever a new one came. But this led to reconnect fights
where 2+ nodes were in hard loops trying to reconnect and kicking out
their peer.

Then a909d37a59 tried to add rate
limiting to how often that dup-kicking can happen, but empirically it
just doesn't work and ~leaks a bunch of goroutines and TCP
connections, tying them up for hour+ while more and more accumulate
and waste memory. Mostly because we were doing a time.Sleep forever
while not reading from their TCP connections.

Instead, just accept multiple connections per public key but track
which is the most recent. And if two both are writing back & forth,
then optionally disable them both. That last part is only enabled in
tests for now. The current default policy is just last-sender-wins
while we gather the next round of stats.

Updates #2751

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-08-31 08:21:21 -07:00
..
derphttp cmd/derper: mesh over VPC network 2021-07-29 14:08:16 -07:00
testdata derp: add debug traffic handler 2021-06-18 15:47:55 -07:00
derp.go wgengine/magicsock, derp, derp/derphttp: respond to DERP server->client pings 2021-03-09 13:56:13 -08:00
derp_client.go cmd/derper/derpprobe: add derp prober 2021-07-13 08:30:15 -07:00
derp_server.go derp: accept dup clients without closing prior's connection 2021-08-31 08:21:21 -07:00
derp_test.go derp: accept dup clients without closing prior's connection 2021-08-31 08:21:21 -07:00
dropreason_string.go derp: accept dup clients without closing prior's connection 2021-08-31 08:21:21 -07:00