Adam Ierymenko
|
35c4e28f31
|
Mark geo-redirected paths as suboptimal and do not report that we have a peer if all we have is one of these. Also a few other small fixes.
|
2015-11-09 14:25:28 -08:00 |
|
Adam Ierymenko
|
57b71bfff0
|
Cluster simplification and refactor work in progress...
|
2015-11-08 13:57:02 -08:00 |
|
Adam Ierymenko
|
6bc8c9d8ef
|
Clustering cleanup, still a work in progress.
|
2015-11-06 16:12:41 -08:00 |
|
Adam Ierymenko
|
5f39d5b7ea
|
Further pare down Cluster messaging and rename some stuff.
|
2015-11-06 14:37:17 -08:00 |
|
Adam Ierymenko
|
a42d714a87
|
.
|
2015-11-03 11:18:45 -08:00 |
|
Adam Ierymenko
|
a994573a43
|
Eliminate some more dead code. We may do path trust, but not like that.
|
2015-10-29 09:42:15 -07:00 |
|
Adam Ierymenko
|
cdc99bfee1
|
Add a circuit breaker for VERB_PUSH_DIRECT_PATHS.
|
2015-10-27 18:18:26 -07:00 |
|
Adam Ierymenko
|
cc1b275ad9
|
Replicate peer endpoints and forget paths if we have them -- this allows two clusters to talk to each other, whereas forgetting all paths does not.
|
2015-10-27 16:47:13 -07:00 |
|
Adam Ierymenko
|
cc6080fe38
|
(1) No need to confirm if we are a root (small optimization), (2) Refactor peer affinity tracking.
|
2015-10-27 15:57:26 -07:00 |
|
Adam Ierymenko
|
218ef07d8e
|
Build fix in TRACE mode.
|
2015-10-27 15:01:11 -07:00 |
|
Adam Ierymenko
|
16bc3e0398
|
Factor out RemotePath subclass of Path -- no longer needed, just cruft.
|
2015-10-27 15:00:16 -07:00 |
|
Adam Ierymenko
|
40976c02a4
|
Forget paths to peers if we are handing them off.
|
2015-10-27 14:37:38 -07:00 |
|
Adam Ierymenko
|
a1a0ee4edb
|
Fix infinite loop in Cluster, clean up some stuff elsewhere, and back out rate limiting in PUSH_DIRECT_PATHS for now (but we will do something else to mitigate amplification attacks)
|
2015-10-27 12:01:00 -07:00 |
|
Adam Ierymenko
|
9617208e40
|
Some cleanup, and use VERB_PUSH_DIRECT_PATHS to redirect newer peers.
|
2015-10-27 09:53:43 -07:00 |
|
Adam Ierymenko
|
69857b4ba8
|
Refactor cluster redirects to move code to push peers out of the actual Cluster function that checks for redirect, and clean up Peer::received() to be a bit more logical.
|
2015-10-27 09:36:48 -07:00 |
|
Adam Ierymenko
|
e713f7a54c
|
Can redirect in response to a few more verbs, just not these.
|
2015-10-26 18:20:40 -07:00 |
|
Adam Ierymenko
|
98d856daa2
|
Only send redirects to the sending InetAddress and only in response to a set of certain frame types to avoid potential race conditions.
|
2015-10-26 17:58:51 -07:00 |
|
Adam Ierymenko
|
8bfb02ba3c
|
Only send redirects for the same address class, and elminiate some TRACE noise.
|
2015-10-26 16:55:55 -07:00 |
|
Adam Ierymenko
|
978b056a01
|
Wire in redirectPeer(), now about ready to test clustering!
|
2015-10-20 17:36:10 -07:00 |
|
Adam Ierymenko
|
2258e36a59
|
Move replication of COMs to avoid race condition.
|
2015-10-20 16:34:21 -07:00 |
|
Adam Ierymenko
|
59e1444b27
|
Finish wiring up Cluster, fix some issues with other recent changes.
|
2015-10-20 16:31:41 -07:00 |
|
Adam Ierymenko
|
eb79d4a2f3
|
Wire up peer announcement in cluster.
|
2015-10-20 16:24:21 -07:00 |
|
Adam Ierymenko
|
57e29857cf
|
Cluster work -- integrating with the rest of the code.
|
2015-10-20 15:27:53 -07:00 |
|
Adam Ierymenko
|
cfdcce6d12
|
Fix very obscure IP scope classification logic bug.
|
2015-10-19 15:19:04 -07:00 |
|
Adam Ierymenko
|
9150778757
|
.
|
2015-10-19 15:04:26 -07:00 |
|
Adam Ierymenko
|
50f3ccd3c9
|
.
|
2015-10-19 15:03:58 -07:00 |
|
Adam Ierymenko
|
584072fa6a
|
Fix for V4/V6 stable addressing.
|
2015-10-19 14:04:36 -07:00 |
|
Adam Ierymenko
|
cc4d0199e7
|
Fix vProto init.
|
2015-10-16 10:58:59 -07:00 |
|
Adam Ierymenko
|
781f06ef82
|
Accept OK for confirm of HELLO or ECHO.
|
2015-10-16 10:48:38 -07:00 |
|
Adam Ierymenko
|
5ce3aac929
|
Add rate limit on receive of DIRECT_PATH_PUSH to prevent DOS exploitation.
|
2015-10-16 10:28:09 -07:00 |
|
Adam Ierymenko
|
2229e91b57
|
IPv6 support fixes.
|
2015-10-16 10:10:12 -07:00 |
|
Adam Ierymenko
|
5d2f523e81
|
World stuff...
|
2015-10-13 12:10:44 -07:00 |
|
Adam Ierymenko
|
7d62dbe9f7
|
Tune NAT-t keepalives so that timing is better obeyed, clean up a build warning, and fix a potential source of network recursion (though harmless).
|
2015-10-07 11:57:59 -07:00 |
|
Adam Ierymenko
|
ab0228f626
|
More cleanup and simple refactoring, consolidate InetAddres serialize/deserialize into the class.
|
2015-10-07 10:30:47 -07:00 |
|
Grant Limberg
|
6080a45c9c
|
change cert to com. no variable named cert.
|
2015-10-02 19:39:13 -07:00 |
|
Adam Ierymenko
|
2c196307ee
|
--bugs;
|
2015-10-01 13:01:18 -07:00 |
|
Adam Ierymenko
|
53e5f94b99
|
.
|
2015-10-01 12:25:43 -07:00 |
|
Adam Ierymenko
|
9405150b11
|
Restore group announcement on Peer::receive() but centralize packet composition in one place.
|
2015-10-01 11:37:02 -07:00 |
|
Adam Ierymenko
|
a3db7d0728
|
Refactor: move network COMs out of Network and into Peer in prep for tightening up multicast lookup and other things.
|
2015-10-01 11:11:52 -07:00 |
|
Adam Ierymenko
|
f69454ec98
|
(1) Make ZT_ naming convention consistent (get rid of ZT1_), (2) Make local interface a full sockaddr_storage instead of an int identifier, which turns out to be better for multi-homing and other uses.
|
2015-09-24 16:21:36 -07:00 |
|
Adam Ierymenko
|
367ffde00c
|
Plumb through localInterfaceId to track local interfaces corresponding with remote addresses.
|
2015-09-23 13:49:56 -07:00 |
|
Adam Ierymenko
|
86996d4315
|
Eliminate compiler warning.
|
2015-09-23 10:27:53 -07:00 |
|
Adam Ierymenko
|
d656e87395
|
Send a random small payload for NAT keepalives, since zero byte packets seem to fail to keep associations alive behind some NATs.
|
2015-09-22 15:58:00 -07:00 |
|
Adam Ierymenko
|
8d09c37140
|
Remove a bit of redundant logic, and also announce MULTICAST_LIKEs to controllers (for future use).
|
2015-07-31 09:37:13 -07:00 |
|
Adam Ierymenko
|
708aac1ea7
|
Remove some left over debug code, and fix attempt to send to self if we are an active bridge.
|
2015-07-28 11:43:09 -07:00 |
|
Adam Ierymenko
|
dda376c9eb
|
Nuke some abandoned code.
|
2015-07-28 11:16:43 -07:00 |
|
Adam Ierymenko
|
e99eda4a4a
|
Fix IP scoping bug, and disable remotely reported surface push... not helping. :(
|
2015-07-27 17:28:13 -07:00 |
|
Adam Ierymenko
|
f0003ea922
|
Push remote surface as reported by peers along with known interface direct paths to assist with (some) NAT traversal. (trying this, may back out if not effective)
|
2015-07-27 17:02:43 -07:00 |
|
Adam Ierymenko
|
547b1c6157
|
Add additional TRACE output in pushDirectPaths.
|
2015-07-13 10:35:33 -07:00 |
|
Adam Ierymenko
|
0b354803f3
|
Clean up some YAGNI issues with implementation of GitHub issue #180, and make best path choice aware of path rank.
|
2015-07-13 10:03:04 -07:00 |
|
Adam Ierymenko
|
4bf3bcbd55
|
Fixes to PUSH_DIRECT_PATHS.
|
2015-07-13 09:29:51 -07:00 |
|
Adam Ierymenko
|
778c7e6e70
|
More cleanup to direct path push, comment fixes, etc.
|
2015-07-07 10:00:34 -07:00 |
|
Adam Ierymenko
|
84ba365c77
|
Fix bug in direct path push send.
|
2015-07-06 17:20:41 -07:00 |
|
Adam Ierymenko
|
a87cd2d094
|
Unix side of local interface address awareness for GitHub issue #180.
|
2015-07-06 16:32:34 -07:00 |
|
Adam Ierymenko
|
79e9a8bcc2
|
Almost everything for GitHub issue #180 except direct path map setup.
|
2015-07-06 15:28:48 -07:00 |
|
Adam Ierymenko
|
255320e2a6
|
pushDirectPaths() implementation
|
2015-07-06 14:39:28 -07:00 |
|
Adam Ierymenko
|
93bb934d4e
|
Some cleanup, docs, and Path -> Path > RemotePath refactor.
|
2015-07-06 14:08:13 -07:00 |
|
Adam Ierymenko
|
7bae95836c
|
Root server terminology cleanup, and tighten up a security check by checking full identity of peers instead of just address.
|
2015-06-19 10:23:25 -07:00 |
|
Kees Bos
|
a425bbc673
|
Renamed supernode to rootserver
|
2015-05-06 12:05:20 +02:00 |
|
Adam Ierymenko
|
d9006712f6
|
Completely factor out "desperation" from the core. I thought of a significantly simpler way to move all of this logic entirely into the containing service, liberating the core from any concern over the nature of its pipe to the outside world.
|
2015-05-21 15:58:26 -07:00 |
|
Adam Ierymenko
|
9279bac385
|
Fix deadlock in SelfAwareness by deferring reconnects.
|
2015-04-30 21:09:41 -07:00 |
|
Adam Ierymenko
|
98bcc3d4b5
|
Disable a few noisy TRACEs, and limit how often we confirm new paths to avoid flooding.
|
2015-04-15 13:15:09 -07:00 |
|
Adam Ierymenko
|
1cfa67bbdd
|
Bunch more control plane work, and shelve old UI -- React FTW.
|
2015-04-14 13:56:28 -07:00 |
|
Adam Ierymenko
|
9e651b39e4
|
Add some TRACE around pinging (for now), and refactor service/One to just run in the foreground as some platforms may not require threads at all.
|
2015-04-10 11:40:45 -07:00 |
|
Adam Ierymenko
|
5e331d6733
|
Restrict unite() to desperation==0 since NAT-t only works right now with direct links.
|
2015-04-10 10:13:50 -07:00 |
|
Adam Ierymenko
|
ccc73b920e
|
Node peer list function for CAPI, and some Peer cleanup.
|
2015-04-08 18:45:21 -07:00 |
|
Adam Ierymenko
|
40bfe37a19
|
Use max of core or most recent path desperation for pings.
|
2015-04-08 14:58:23 -07:00 |
|
Adam Ierymenko
|
49f031ccb4
|
Tons of refactoring, change to desperation algorithm to use max of core or link, porting over core loop code from old Node.cpp to new CAPI version, etc.
|
2015-04-07 19:31:11 -07:00 |
|
Adam Ierymenko
|
24608d5ca3
|
Always use HELLO to contact, and we now confirm newly learned paths via a two-way handshake to prevent half-connects.
|
2015-04-07 12:22:33 -07:00 |
|
Adam Ierymenko
|
52c3b7c34e
|
Implemented empirical determination of external addressing, paritioned per scope.
|
2015-04-07 11:56:10 -07:00 |
|
Adam Ierymenko
|
4e691c8e22
|
build fixes
|
2015-04-06 18:56:08 -07:00 |
|
Adam Ierymenko
|
51f46a009a
|
Multicast group join/leave and group membership announcement.
|
2015-04-06 18:27:24 -07:00 |
|
Adam Ierymenko
|
ee0f56355b
|
Send path simplification.
|
2015-04-03 13:14:37 -07:00 |
|
Adam Ierymenko
|
a69e1876f1
|
The concept of link desperation (escalating to less desirable transports) simplifies a ton of stuff. Loads of spaghetti logic can die since we no longer have to make these decisions down in the core.
|
2015-04-02 17:54:56 -07:00 |
|
Adam Ierymenko
|
93012b0ee5
|
Re-incorporation: ZeroTier Networks -> ZeroTier, Inc. [Delaware]
|
2015-02-17 13:11:34 -08:00 |
|
Adam Ierymenko
|
4e95384ad6
|
Cleanup, add tristate to config code in Network, and happy new year!
|
2015-01-05 17:47:59 -08:00 |
|
Adam Ierymenko
|
ee9e6a3c6b
|
Change path selection logic to exclude non-fixed and non-active paths -- possible fix for "NAT traversal coma" issue. Also fix a typo.
|
2014-11-20 13:20:16 -08:00 |
|
Adam Ierymenko
|
0e47f13f14
|
Simplify locking semantics some more to address a deadlock.
|
2014-10-21 10:42:04 -07:00 |
|
Adam Ierymenko
|
2416491cbc
|
Permanently retire peers.persist, but make iddb.d always enabled instead since identities are what we really want to cache.
|
2014-10-13 14:12:51 -07:00 |
|
Adam Ierymenko
|
0d017c043f
|
Stop persisting last announcement time since Multicaster is volatile. Also some more legacy multicast fixes.
|
2014-10-11 16:26:02 -07:00 |
|
Adam Ierymenko
|
87f1b1b1e3
|
Bug fix in new multicast frame handler, handling of old "P5" multicast frames in new way.
|
2014-10-06 13:16:16 -07:00 |
|
Adam Ierymenko
|
496109fdcc
|
Announce multicast group changes on network rescanMulticastGroups()
|
2014-10-03 18:27:42 -07:00 |
|
Adam Ierymenko
|
8607aa7c3c
|
Everything in for new multicast except IncomingPacket parsing...
|
2014-09-30 08:38:03 -07:00 |
|
Adam Ierymenko
|
81b12b6826
|
Rename the ubiquitous _r pointer to RuntimeEnvironment to RR just to be a little more consistent about using _ to denote private member variables.
|
2014-09-24 13:53:03 -07:00 |
|
Adam Ierymenko
|
4e9280fc7a
|
Rip out dead "firewall opener" code, replace in pipeline with anti-symmetric-NAT tactics.
|
2014-09-05 16:23:24 -07:00 |
|
Adam Ierymenko
|
8a804b5257
|
(1) Disable firewall openers (its easy to re-enable), (2) Do some prep work for making supernode topology hot-updatable.
|
2014-08-05 14:05:50 -07:00 |
|
Adam Ierymenko
|
88bdb81791
|
Keep track of basic aliveness for peers regardless if direct or indirect connectivity and use this for multicast propagation. Also consolidate adding of active bridges via the same functor as regular multicast next hops.
|
2014-06-30 11:31:04 -07:00 |
|
Adam Ierymenko
|
c30f9832b0
|
Packet decoder work for EXT_FRAME for bridging - GitHub issue #68
|
2014-06-10 21:41:34 -07:00 |
|
Adam Ierymenko
|
aee742e767
|
More toward GitHub issue #56
|
2014-04-10 16:30:15 -07:00 |
|
Adam Ierymenko
|
c9294c1a78
|
Prevent recursive transit of ZeroTier packets, toward GitHub issue #56
|
2014-04-10 14:22:25 -07:00 |
|
Adam Ierymenko
|
b117ff5435
|
Probable fix for GitHub issue #63 - do not unite() if either path is TCP, since doing so can result in asymmetric failed NAT-t over UDP if one side has a firewall that permits outgoing UDP but not incoming.
|
2014-04-10 11:17:54 -07:00 |
|
Adam Ierymenko
|
119ef5ecbf
|
More logic cleanup and some documentation / comment improvements.
|
2014-04-10 10:00:20 -07:00 |
|
Adam Ierymenko
|
8fb442d81a
|
Yet more cleanup to TCP logic, this time adding a master switch and adding UDP preference in send().
|
2014-04-09 17:08:35 -07:00 |
|
Adam Ierymenko
|
73153b89b4
|
Some cleanup, and use best (not first) UDP addresses for NAT-t VERB_RENDEZVOUS computation.
|
2014-04-09 16:00:25 -07:00 |
|
Adam Ierymenko
|
a8c12369fd
|
More tweaks to TCP logic for GitHub issue #60
|
2014-04-09 12:10:05 -07:00 |
|
Adam Ierymenko
|
28a6d328a5
|
Some adjustments to TCP logic for GitHub issue #60
|
2014-04-09 11:55:24 -07:00 |
|
Adam Ierymenko
|
fe85426df6
|
A few more tweaks to TCP failover... seems to be switching back and forth pretty well now!
|
2014-04-03 17:12:34 -07:00 |
|
Adam Ierymenko
|
c96d3ebf8c
|
Such ping logic. So edge case.
|
2014-04-03 14:36:52 -07:00 |
|
Adam Ierymenko
|
81e5690410
|
More tweaks to TCP failover logic. Such edge case.
|
2014-04-02 17:32:47 -04:00 |
|
Adam Ierymenko
|
700a450806
|
More tweaks to algorithm for determining when to fail over to TCP, and stop supernodes from resynchronizing unless explicitly ordered.
|
2014-04-01 18:39:10 -07:00 |
|