feature/routecheck: add ts_omit_routecheck feature flag (#19638)
RouteCheck, which checks that overlapping routers are reachable, is enabled by default for both tailscaled and tsnet. Updates #17366 Updates tailscale/corp#33033 Signed-off-by: Simon Law <sfllaw@tailscale.com>
This commit is contained in:
Simon Law
GitHub
@@ -303,6 +303,7 @@ tailscale.com/cmd/tailscaled dependencies: (generated by github.com/tailscale/de
|
|||||||
tailscale.com/feature/portmapper from tailscale.com/feature/condregister/portmapper
|
tailscale.com/feature/portmapper from tailscale.com/feature/condregister/portmapper
|
||||||
tailscale.com/feature/posture from tailscale.com/feature/condregister
|
tailscale.com/feature/posture from tailscale.com/feature/condregister
|
||||||
tailscale.com/feature/relayserver from tailscale.com/feature/condregister
|
tailscale.com/feature/relayserver from tailscale.com/feature/condregister
|
||||||
|
tailscale.com/feature/routecheck from tailscale.com/feature/condregister
|
||||||
L tailscale.com/feature/sdnotify from tailscale.com/feature/condregister
|
L tailscale.com/feature/sdnotify from tailscale.com/feature/condregister
|
||||||
LD tailscale.com/feature/ssh from tailscale.com/cmd/tailscaled
|
LD tailscale.com/feature/ssh from tailscale.com/cmd/tailscaled
|
||||||
tailscale.com/feature/syspolicy from tailscale.com/feature/condregister+
|
tailscale.com/feature/syspolicy from tailscale.com/feature/condregister+
|
||||||
|
|||||||
@@ -202,6 +202,19 @@ func TestOmitPortlist(t *testing.T) {
|
|||||||
}.Check(t)
|
}.Check(t)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestOmitRouteCheck(t *testing.T) {
|
||||||
|
deptest.DepChecker{
|
||||||
|
GOOS: "linux",
|
||||||
|
GOARCH: "amd64",
|
||||||
|
Tags: "ts_omit_routecheck,ts_include_cli",
|
||||||
|
OnDep: func(dep string) {
|
||||||
|
if strings.Contains(dep, "routecheck") {
|
||||||
|
t.Errorf("unexpected dep: %q", dep)
|
||||||
|
}
|
||||||
|
},
|
||||||
|
}.Check(t)
|
||||||
|
}
|
||||||
|
|
||||||
func TestOmitGRO(t *testing.T) {
|
func TestOmitGRO(t *testing.T) {
|
||||||
deptest.DepChecker{
|
deptest.DepChecker{
|
||||||
GOOS: "linux",
|
GOOS: "linux",
|
||||||
|
|||||||
@@ -0,0 +1,13 @@
|
|||||||
|
// Copyright (c) Tailscale Inc & contributors
|
||||||
|
// SPDX-License-Identifier: BSD-3-Clause
|
||||||
|
|
||||||
|
// Code generated by gen.go; DO NOT EDIT.
|
||||||
|
|
||||||
|
//go:build ts_omit_routecheck
|
||||||
|
|
||||||
|
package buildfeatures
|
||||||
|
|
||||||
|
// HasRouteCheck is whether the binary was built with support for modular feature "Support checking the reachability of overlapping routers, for choosing between multiple network paths to the same IP address".
|
||||||
|
// Specifically, it's whether the binary was NOT built with the "ts_omit_routecheck" build tag.
|
||||||
|
// It's a const so it can be used for dead code elimination.
|
||||||
|
const HasRouteCheck = false
|
||||||
@@ -0,0 +1,13 @@
|
|||||||
|
// Copyright (c) Tailscale Inc & contributors
|
||||||
|
// SPDX-License-Identifier: BSD-3-Clause
|
||||||
|
|
||||||
|
// Code generated by gen.go; DO NOT EDIT.
|
||||||
|
|
||||||
|
//go:build !ts_omit_routecheck
|
||||||
|
|
||||||
|
package buildfeatures
|
||||||
|
|
||||||
|
// HasRouteCheck is whether the binary was built with support for modular feature "Support checking the reachability of overlapping routers, for choosing between multiple network paths to the same IP address".
|
||||||
|
// Specifically, it's whether the binary was NOT built with the "ts_omit_routecheck" build tag.
|
||||||
|
// It's a const so it can be used for dead code elimination.
|
||||||
|
const HasRouteCheck = true
|
||||||
@@ -0,0 +1,8 @@
|
|||||||
|
// Copyright (c) Tailscale Inc & contributors
|
||||||
|
// SPDX-License-Identifier: BSD-3-Clause
|
||||||
|
|
||||||
|
//go:build !ts_omit_routecheck
|
||||||
|
|
||||||
|
package condregister
|
||||||
|
|
||||||
|
import _ "tailscale.com/feature/routecheck"
|
||||||
@@ -235,6 +235,10 @@ var Features = map[FeatureTag]FeatureMeta{
|
|||||||
Desc: "Linux systemd-resolved integration",
|
Desc: "Linux systemd-resolved integration",
|
||||||
Deps: []FeatureTag{"dbus"},
|
Deps: []FeatureTag{"dbus"},
|
||||||
},
|
},
|
||||||
|
"routecheck": {
|
||||||
|
Sym: "RouteCheck",
|
||||||
|
Desc: "Support checking the reachability of overlapping routers, for choosing between multiple network paths to the same IP address",
|
||||||
|
},
|
||||||
"sdnotify": {
|
"sdnotify": {
|
||||||
Sym: "SDNotify",
|
Sym: "SDNotify",
|
||||||
Desc: "systemd notification support",
|
Desc: "systemd notification support",
|
||||||
|
|||||||
@@ -0,0 +1,17 @@
|
|||||||
|
// Copyright (c) Tailscale Inc & contributors
|
||||||
|
// SPDX-License-Identifier: BSD-3-Clause
|
||||||
|
|
||||||
|
// Package routecheck registers support for RouteCheck,
|
||||||
|
// which checks the reachability of overlapping routers.
|
||||||
|
//
|
||||||
|
// When there are multiple network paths to an IP address, it is being routed by
|
||||||
|
// overlapping routers. The client uses reachability to pick between those
|
||||||
|
// paths: either sticking with an active WireGuard session or choosing from the
|
||||||
|
// peers that it has determined it can reach. It doesn’t need reachability for
|
||||||
|
// IP addresses that have only one network path, since it can naively attempt to
|
||||||
|
// establish a WireGuard session.
|
||||||
|
package routecheck
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
// TODO(sfllaw): Initialize the new routecheck package.
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user