webnet/tailscale
1
0
Fork 0
Code Issues Pull Requests 3 Packages Projects Releases Wiki Activity

feature/conn25: implement IPMapper

Browse Source 
Give the datapath hooks the lookup functions they need.

Updates tailscale/corp#37144
Updates tailscale/corp#37145

Signed-off-by: Fran Bull <fran@tailscale.com>
This commit is contained in:
Fran Bull
2026-03-18 15:12:11 -07:00
committed by franbull
parent 85bb5f84a5
commit 1e09eb0cb6
2 changed files with 188 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files
feature/conn25/conn25_test.go
+127 -1
View File
@@ -369,7 +369,8 @@ func TestHandleConnectorTransitIPRequest(t *testing.T) {
i, j, len(wantLookup))
}
pip, tip, wantDip := wantLookup[0], wantLookup[1], wantLookup[2]
gotDip := c.connector.transitIPTarget(pip, tip)
aa, _ := c.connector.lookupBySrcIPAndTransitIP(pip, tip)
gotDip := aa.addr
if gotDip != wantDip {
t.Errorf("wrong result on lookup[%d][%d] ([%v], [%v]): got [%v] expected [%v]",
i, j, pip, tip, gotDip, wantDip)
@@ -1183,3 +1184,128 @@ func TestMapDNSResponseRewritesResponses(t *testing.T) {
})
}
}
func TestClientTransitIPForMagicIP(t *testing.T) {
sn := makeSelfNode(t, appctype.Conn25Attr{
MagicIPPool: []netipx.IPRange{rangeFrom("0", "10")}, // 100.64.0.0 - 100.64.0.10
}, []string{})
mappedMip := netip.MustParseAddr("100.64.0.0")
mappedTip := netip.MustParseAddr("169.0.0.0")
unmappedMip := netip.MustParseAddr("100.64.0.1")
nonMip := netip.MustParseAddr("100.64.0.11")
for _, tt := range []struct {
name string
mip netip.Addr
wantTip netip.Addr
wantErr error
}{
{
name: "not-a-magic-ip",
mip: nonMip,
wantTip: netip.Addr{},
wantErr: nil,
},
{
name: "unmapped-magic-ip",
mip: unmappedMip,
wantTip: netip.Addr{},
wantErr: ErrUnmappedMagicIP,
},
{
name: "mapped-magic-ip",
mip: mappedMip,
wantTip: mappedTip,
wantErr: nil,
},
} {
t.Run(tt.name, func(t *testing.T) {
c := newConn25(t.Logf)
if err := c.reconfig(sn); err != nil {
t.Fatal(err)
}
c.client.assignments.insert(addrs{
magic: mappedMip,
transit: mappedTip,
})
tip, err := c.client.ClientTransitIPForMagicIP(tt.mip)
if tip != tt.wantTip {
t.Fatalf("checking transit ip: want %v, got %v", tt.wantTip, tip)
}
if err != tt.wantErr {
t.Fatalf("checking error: want %v, got %v", tt.wantErr, err)
}
})
}
}
func TestConnectorRealIPForTransitIPConnection(t *testing.T) {
sn := makeSelfNode(t, appctype.Conn25Attr{
TransitIPPool: []netipx.IPRange{rangeFrom("40", "50")}, // 100.64.0.40 - 100.64.0.50
}, []string{})
mappedSrc := netip.MustParseAddr("100.0.0.1")
unmappedSrc := netip.MustParseAddr("100.0.0.2")
mappedTip := netip.MustParseAddr("100.64.0.41")
unmappedTip := netip.MustParseAddr("100.64.0.42")
nonTip := netip.MustParseAddr("100.0.0.3")
mappedMip := netip.MustParseAddr("100.64.0.1")
for _, tt := range []struct {
name string
src netip.Addr
tip netip.Addr
wantMip netip.Addr
wantErr error
}{
{
name: "not-a-transit-ip-unmapped-src",
src: unmappedSrc,
tip: nonTip,
wantMip: netip.Addr{},
wantErr: nil,
},
{
name: "not-a-transit-ip-mapped-src",
src: mappedSrc,
tip: nonTip,
wantMip: netip.Addr{},
wantErr: nil,
},
{
name: "unmapped-src-transit-ip",
src: unmappedSrc,
tip: unmappedTip,
wantMip: netip.Addr{},
wantErr: ErrUnmappedSrcAndTransitIP,
},
{
name: "unmapped-tip-transit-ip",
src: mappedSrc,
tip: unmappedTip,
wantMip: netip.Addr{},
wantErr: ErrUnmappedSrcAndTransitIP,
},
{
name: "mapped-src-and-transit-ip",
src: mappedSrc,
tip: mappedTip,
wantMip: mappedMip,
wantErr: nil,
},
} {
t.Run(tt.name, func(t *testing.T) {
c := newConn25(t.Logf)
if err := c.reconfig(sn); err != nil {
t.Fatal(err)
}
c.connector.transitIPs = map[netip.Addr]map[netip.Addr]appAddr{}
c.connector.transitIPs[mappedSrc] = map[netip.Addr]appAddr{}
c.connector.transitIPs[mappedSrc][mappedTip] = appAddr{addr: mappedMip}
mip, err := c.connector.ConnectorRealIPForTransitIPConnection(tt.src, tt.tip)
if mip != tt.wantMip {
t.Fatalf("checking magic ip: want %v, got %v", tt.wantMip, mip)
}
if err != tt.wantErr {
t.Fatalf("checking error: want %v, got %v", tt.wantErr, err)
}
})
}
}