feature/conn25: keep addrAssignments through pool reconfig

Fixes tailscale/corp#40250

Signed-off-by: Fran Bull <fran@tailscale.com>
This commit is contained in:
Fran Bull
2026-05-11 14:58:08 -07:00
committed by franbull
parent e4e59a2af0
commit 3a6261b79b
4 changed files with 193 additions and 38 deletions
+67
View File
@@ -5,6 +5,7 @@ package conn25
import (
"encoding/json"
"errors"
"net/http"
"net/http/httptest"
"net/netip"
@@ -2368,3 +2369,69 @@ func TestGetMagicRange(t *testing.T) {
}
}
}
func TestReconfigDoesNotReissueInUseAddresses(t *testing.T) {
appName := "app1"
mustRange := func(from, to string) netipx.IPRange {
return netipx.IPRangeFrom(netip.MustParseAddr(from), netip.MustParseAddr(to))
}
beforeRangeV4 := mustRange("0.0.0.1", "0.0.0.3")
beforeRangeV6 := mustRange("::1", "::3")
afterRangeV4 := mustRange("0.0.0.4", "0.0.0.7")
afterRangeV6 := mustRange("::4", "::7")
makeNodeFromMagicRange := func(v4, v6 netipx.IPRange) tailcfg.NodeView {
return makeSelfNode(t, []appctype.Conn25Attr{{
Name: appName,
Connectors: []string{"tag:woo"},
Domains: []string{"example.com"},
V4MagicIPPool: []netipx.IPRange{v4},
V6MagicIPPool: []netipx.IPRange{v6},
V4TransitIPPool: []netipx.IPRange{mustRange("169.254.0.0", "169.254.0.10")},
V6TransitIPPool: []netipx.IPRange{mustRange("fd7a:115c:a1e0:a99c:0200::", "fd7a:115c:a1e0:a99c:0200::10")},
}}, []string{})
}
domain := must.Get(dnsname.ToFQDN("example.com."))
for _, tt := range []struct {
name string
dstOne netip.Addr
dstTwo netip.Addr
}{
{
name: "v4",
dstOne: netip.MustParseAddr("0.0.0.100"),
dstTwo: netip.MustParseAddr("0.0.0.101"),
},
{
name: "v6",
dstOne: netip.MustParseAddr("::100"),
dstTwo: netip.MustParseAddr("::101"),
},
} {
t.Run(tt.name, func(t *testing.T) {
c := newConn25(t.Logf)
ext := &extension{
conn25: c,
}
_, err := c.client.reserveAddresses(appName, domain, tt.dstOne)
if !errors.Is(err, errUninitializedIPPool) {
t.Fatalf("want %v, got %v", errUninitializedIPPool, err)
}
ext.onSelfChange(makeNodeFromMagicRange(beforeRangeV4, beforeRangeV6))
beforeAddrs, err := c.client.reserveAddresses(appName, domain, tt.dstOne)
if err != nil {
t.Fatal(err)
}
ext.onSelfChange(makeNodeFromMagicRange(afterRangeV4, afterRangeV6))
afterAddrs, err := c.client.reserveAddresses(appName, domain, tt.dstTwo)
if err != nil {
t.Fatal(err)
}
if afterAddrs.magic == beforeAddrs.magic {
t.Errorf("pool reissued magic: %v that was already assigned", beforeAddrs.magic)
}
})
}
}