tstest/natlab/vmtest: add test for direct conn with cached netmap (#19660)
When a peer is not able to connect to control after a restart and is using a cached netmap, that nodes should be able to connect to another peer in its tailnet (given that the home DERP of that peer has not changed in the meantime). Add test that starts two peers and connects them to a tailnet with caching enabled. Then blackhole traffic to control from one peer and restart it. Verify that the connection between the two ends up direct. Adds facilities for expecting a certain path type between nodes. Updates: #19597 Signed-off-by: Claus Lensbøl <claus@tailscale.com>
This commit is contained in:
Claus Lensbøl
GitHub
@@ -445,6 +445,12 @@ func (n *Network) PostConnectedToControl() {
|
||||
n.network.SetControlBlackholed(n.postConnectBlackholeControl)
|
||||
}
|
||||
|
||||
// BlackholeControlForAddr sets weither the network should drop all control
|
||||
// traffic for the specified addr starting immediately.
|
||||
func (n *Network) BlackholeControlForAddr(addr netip.Addr) {
|
||||
n.network.BlackholeControlForAddr(addr)
|
||||
}
|
||||
|
||||
// NetworkService is a service that can be added to a network.
|
||||
type NetworkService string
|
||||
|
||||
|
||||
@@ -606,6 +606,9 @@ type network struct {
|
||||
// writers is a map of MAC -> networkWriters to write packets to that MAC.
|
||||
// It contains entries for connected nodes only.
|
||||
writers syncs.Map[MAC, networkWriter] // MAC -> to networkWriter for that MAC
|
||||
|
||||
blackholeMu sync.Mutex
|
||||
blackholeMap map[netip.Addr]netip.Addr // blackholeMap contains address pairs for dropping traffic (in either direction)
|
||||
}
|
||||
|
||||
// registerWriter registers a client address with a MAC address.
|
||||
@@ -653,6 +656,19 @@ func (n *network) SetControlBlackholed(v bool) {
|
||||
n.blackholeControl = v
|
||||
}
|
||||
|
||||
// BlackholeControlForAddr sets up a map entry, ensuring that traffic to or from
|
||||
// control from the addr is dropped.
|
||||
func (n *network) BlackholeControlForAddr(addr netip.Addr) {
|
||||
n.blackholeMu.Lock()
|
||||
defer n.blackholeMu.Unlock()
|
||||
|
||||
if addr.Is6() {
|
||||
mak.Set(&n.blackholeMap, addr, fakeControl.v6)
|
||||
} else {
|
||||
mak.Set(&n.blackholeMap, addr, fakeControl.v4)
|
||||
}
|
||||
}
|
||||
|
||||
// nodeNIC represents a single network interface on a node.
|
||||
// For multi-homed nodes, additional NICs beyond the primary are stored in node.extraNICs.
|
||||
type nodeNIC struct {
|
||||
@@ -1621,6 +1637,17 @@ func (n *network) HandleEthernetPacketForRouter(ep EthernetPacket) {
|
||||
// Blackhole the packet.
|
||||
return
|
||||
}
|
||||
|
||||
// Drop traffic to/from address pairs in the blackholeMap.
|
||||
n.blackholeMu.Lock()
|
||||
defer n.blackholeMu.Unlock()
|
||||
if src, ok := n.blackholeMap[flow.dst]; ok && flow.src == src {
|
||||
return
|
||||
}
|
||||
if dst, ok := n.blackholeMap[flow.src]; ok && flow.dst == dst {
|
||||
return
|
||||
}
|
||||
|
||||
var base *layers.BaseLayer
|
||||
proto := header.IPv4ProtocolNumber
|
||||
if v4, ok := packet.Layer(layers.LayerTypeIPv4).(*layers.IPv4); ok {
|
||||
|
||||
Reference in New Issue
Block a user