Commit Graph

3162 Commits

Author SHA1 Message Date
Adam Ierymenko
6e08e1ae97 A few controller changes: (1) assign managed IPs that are assigned regardless of "assign mode" which now only controls auto-assignment or special addressing, (2) support proper issuing of managed IPv6 IPs, (3) support IPv6 auto-assign ranges 2016-07-07 15:42:10 -07:00
Adam Ierymenko
dd1d2b4d00 GitHub issue #343 -- fix authorizedMemberCount 2016-07-07 14:49:54 -07:00
Adam Ierymenko
f6d53cc568 . 2016-07-06 18:12:31 -07:00
Adam Ierymenko
b6cc815447 . 2016-07-06 18:07:42 -07:00
Adam Ierymenko
ddbbb8afec Wheezy stuff 2016-07-06 18:04:13 -07:00
Adam Ierymenko
a8a497c621 Debian wheezy work. 2016-07-06 17:59:08 -07:00
Michael Aldridge
1a89694980 Remove explicit sys/sysctl.h includes
Explicitly including sys/sysctl.h breaks the ability to build
against muslc.
2016-07-06 02:38:23 -05:00
Adam Ierymenko
5c03416e84 Actually remove http-parser-devel 2016-07-05 14:28:58 -07:00
Adam Ierymenko
b732c445b8 Xenial fix (clang broken) and bundle http-parser even in Fedora because it is so version sensitive. 2016-07-05 14:09:33 -07:00
Adam Ierymenko
97ec88e346 . 2016-07-05 12:30:58 -07:00
Adam Ierymenko
192bc4fcf0 More repo work. 2016-07-05 10:54:07 -07:00
Adam Ierymenko
fc4ea57a9c debian-stretch 2016-06-30 18:03:06 -07:00
Adam Ierymenko
751497a748 aptly script 2016-06-30 16:44:22 -07:00
Adam Ierymenko
c714e8baa6 Get rid of broken test code for controller so selftest build works with controller enabled. 2016-06-30 08:30:45 -07:00
Adam Ierymenko
2331a00555 Fedora-22 32-bit fix. 2016-06-29 18:53:31 -07:00
Adam Ierymenko
4218cd13d5 VERSION 1.1.6: route management, default route override, new IPv6 mode for Docker, and more!
(Retagged due to silly one-line bug and left over debug line... doh!)

Version 1.1.6 contains several significant improvements for use in complex network
environments along with some minor bug fixes and improvements to path stability and
dead path detection.

ROUTE MANAGEMENT AND FULL TUNNEL SUPPORT

1.1.6 is the first version of ZeroTier One to permit "full tunnel" (default route
override) operation on Linux, Mac, and Windows. This allows all Internet traffic
to be tunneled through ZeroTier while allowing ZeroTier peer-to-peer traffic to
continue to use the physical interface. 1.1.6 also brings route management support
and permissions settings for local networks to control whether networks are allowed
to modify the routing table or override default routing.

This is currently considered a beta/experimental feature and must be enabled via
the command line interface.

Route management and default route override requires support at the network controller.
When my.zerotier.com is updated and ready, we will post more information and testing
instructions at: https://www.zerotier.com/community

HIGHLY SCALABLE CONTAINER NETWORKING

1.1.6 also brings a new multicast-free (NDP emulated) IPv6 private addressing scheme
called "6plane." 6plane provides each host with a private IPv6 /80 and routes *all*
IPv6 traffic for this subnet to the host via transparent NDP emulation. This /80 can
then be assigned to Docker or other container/VM managers to assign a network-wide
IPv6 /128 to every container. Since NDP is emulated and multicast isn't needed, this
system can scale to millions of containers or more on a single backplane network with
a high degree of efficiency and reliability.

6plane also requires controller support. Look for it at my.zerotier.com once we have
upgraded our core infrastructure and web UIs.

(All hosts must be running 1.1.6 for 6plane to work properly. Other IPv6 addresses
or addressing modes are not affected and normal IPv6 NDP will continue to work
alongside 6plane in the same network.)

OTHER CHANGES

 * Upgraded bundled miniupnpc, libnatpmp, and http-parser.
 * New Debian and RPM packaging that is closer to compliance with distribution
   guidelines, and a new Dockerized Linux package build system in linux-build-farm/
   that can build every package on actual images of the correct distribution.
 * Improvements to dead path detection.
 * IPv6 now uses keepalive because a significant number of stateful IPv6 edge
   routers have very short timeouts (30 seconds or less!).
 * Significant performance improvements to network controllers under high load.
 * Enable -fstack-protector-strong for better stack canary (security) support
   in binaries. Note that this may require newer gcc/g++ or clang.

COMING SOON

The next version of ZeroTier One should have a new Mac UI. It's a system tray app
that looks and behaves a lot like the Mac WiFi pulldown menu. We'll also be adding
GUI support for default route and route management options and other new features.

Shortly after that we plan on adding full OpenFlow-like SDN rules engine support
to the ZeroTier core, making our planetary Ethernet switch a fully manageable smart
switch and enabling sophisticated security and flow rule management.
2016-06-29 18:16:58 -07:00
Adam Ierymenko
030dfde38e Unused printf removal while we are at it. 2016-06-29 18:14:49 -07:00
Adam Ierymenko
901e2fd692 Fix silly one-liner bug... retag time. 2016-06-29 18:12:35 -07:00
Adam Ierymenko
c03ca3c278 VERSION 1.1.6: route management, default route override, new IPv6 mode for Docker, and more!
Version 1.1.6 contains several significant improvements for use in complex network
environments along with some minor bug fixes and improvements to path stability and
dead path detection.

ROUTE MANAGEMENT AND FULL TUNNEL SUPPORT

1.1.6 is the first version of ZeroTier One to permit "full tunnel" (default route
override) operation on Linux, Mac, and Windows. This allows all Internet traffic
to be tunneled through ZeroTier while allowing ZeroTier peer-to-peer traffic to
continue to use the physical interface. 1.1.6 also brings route management support
and permissions settings for local networks to control whether networks are allowed
to modify the routing table or override default routing.

This is currently considered a beta/experimental feature and must be enabled via
the command line interface.

Route management and default route override requires support at the network controller.
When my.zerotier.com is updated and ready, we will post more information and testing
instructions at: https://www.zerotier.com/community

HIGHLY SCALABLE CONTAINER NETWORKING

1.1.6 also brings a new multicast-free (NDP emulated) IPv6 private addressing scheme
called "6plane." 6plane provides each host with a private IPv6 /80 and routes *all*
IPv6 traffic for this subnet to the host via transparent NDP emulation. This /80 can
then be assigned to Docker or other container/VM managers to assign a network-wide
IPv6 /128 to every container. Since NDP is emulated and multicast isn't needed, this
system can scale to millions of containers or more on a single backplane network with
a high degree of efficiency and reliability.

6plane also requires controller support. Look for it at my.zerotier.com once we have
upgraded our core infrastructure and web UIs.

(All hosts must be running 1.1.6 for 6plane to work properly. Other IPv6 addresses
or addressing modes are not affected and normal IPv6 NDP will continue to work
alongside 6plane in the same network.)

OTHER CHANGES

 * Upgraded bundled miniupnpc, libnatpmp, and http-parser.
 * New Debian and RPM packaging that is closer to compliance with distribution
   guidelines, and a new Dockerized Linux package build system in linux-build-farm/
   that can build every package on actual images of the correct distribution.
 * Improvements to dead path detection.
 * IPv6 now uses keepalive because a significant number of stateful IPv6 edge
   routers have very short timeouts (30 seconds or less!).
 * Significant performance improvements to network controllers under high load.
 * Enable -fstack-protector-strong for better stack canary (security) support
   in binaries. Note that this may require newer gcc/g++ or clang.

COMING SOON

The next version of ZeroTier One should have a new Mac UI. It's a system tray app
that looks and behaves a lot like the Mac WiFi pulldown menu. We'll also be adding
GUI support for default route and route management options and other new features.

Shortly after that we plan on adding full OpenFlow-like SDN rules engine support
to the ZeroTier core, making our planetary Ethernet switch a fully manageable smart
switch and enabling sophisticated security and flow rule management.
2016-06-29 15:53:46 -07:00
Adam Ierymenko
af2268ebd7 docs 2016-06-29 15:33:18 -07:00
Adam Ierymenko
b9876d1809 docs 2016-06-29 15:30:49 -07:00
Adam Ierymenko
e64909cdcd docs 2016-06-29 15:24:45 -07:00
Adam Ierymenko
ce2ad69e5f Get rid of aptly script. 2016-06-29 14:44:29 -07:00
Adam Ierymenko
56fb08621e amazon-2016.03 docker image 2016-06-29 14:35:53 -07:00
Adam Ierymenko
4457c8218d Auto-detect miniupnpc 2.0 and use it on Linux if present. 2016-06-29 13:27:10 -07:00
Adam Ierymenko
c862f199e3 Windows: ship it! 2016-06-29 13:22:04 -07:00
Adam Ierymenko
7918b26f65 Hack settings into old CLI. 2016-06-29 12:22:37 -07:00
Adam Ierymenko
df00d3b046 Going to have to continue to use the old MAC web-container-based UI on Macs prior to 10.10 even when the new UI comes out, and the new UI is not ready yet anyway, so resurrect this. 2016-06-29 12:00:16 -07:00
Adam Ierymenko
19735e7050 Revert backgrounding of controller requests hack. Controller code is not really parallel anyway and we fixed the perf problem. 2016-06-29 11:43:22 -07:00
Adam Ierymenko
bb63646682 Fix broken SQL in controller. 2016-06-29 11:37:28 -07:00
Adam Ierymenko
b4fcf2ee60 Fix a valgrind warning. 2016-06-29 11:11:16 -07:00
Adam Ierymenko
d9eacd1616 Controller fixes... 2016-06-29 17:02:03 +00:00
Adam Ierymenko
5309c7e082 Merge branch 'dev' of https://github.com/zerotier/ZeroTierOne into dev 2016-06-29 16:47:57 +00:00
Adam Ierymenko
dbe57742e6 Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2016-06-29 09:45:05 -07:00
Adam Ierymenko
928c625e2c docs 2016-06-29 09:45:02 -07:00
Adam Ierymenko
1e00603241 Merge branch 'dev' of http://10.6.6.2/zerotier/ZeroTierOne into dev 2016-06-28 16:09:41 -07:00
Adam Ierymenko
f6442f2752 fedora-22 2016-06-28 16:09:36 -07:00
Adam Ierymenko
7b7ab823b0 Fix getPeer(self) bug if I am the controller. 2016-06-28 22:49:01 +00:00
Adam Ierymenko
0410fd4824 Refactor recent member request history to fix performance problem in controller. 2016-06-28 12:44:47 -07:00
Adam Ierymenko
02fa32422a Dockerfile ordering 2016-06-27 20:07:35 -07:00
Adam Ierymenko
12037961ff small perf improvement in sqlite db. 2016-06-27 18:48:02 -07:00
Adam Ierymenko
8c572dead1 Query optimization. 2016-06-27 18:28:18 -07:00
Adam Ierymenko
3ddfebe742 dead code removal 2016-06-27 17:15:39 -07:00
Adam Ierymenko
972bbb7e06 Allow further concurrency on network controller. 2016-06-27 17:14:47 -07:00
Adam Ierymenko
45f315e603 Defer NETWORK_CONFIG_REQUEST packets and allow multithreaded processing. 2016-06-27 17:09:04 -07:00
Adam Ierymenko
b9e86103cf Docker build farm seems to work! 2016-06-27 16:38:08 -07:00
Adam Ierymenko
0588589d57 . 2016-06-27 16:21:55 -07:00
Adam Ierymenko
4d30f60bbe . 2016-06-27 16:12:17 -07:00
Adam Ierymenko
d58dcf29cc For now go back to bundling http-parser etc. in our official RPM builds since this introduces an EPEL dependency for CentOS which would only make sense if we are actually in EPEL. Probably will eventually have two spec files: one for official and one for our own. 2016-06-27 15:46:54 -07:00
Adam Ierymenko
809457599a CentOS7 fixes. 2016-06-27 15:21:24 -07:00