Commit Graph

204 Commits

Author SHA1 Message Date
Adam Ierymenko
5b6d27e659 Implement relay policy, and setting multicast limit to 0 now disables multicast on the network as would be expected. 2016-09-13 14:27:18 -07:00
Adam Ierymenko
cba37c6107 Add a few more rate limit gates for anti-DOS hardening. 2016-09-13 10:13:23 -07:00
Adam Ierymenko
ab9afbc749 (1) Public networks now get COMs even though they do not gate with them since they will need them to push auth for multicast stuff, (2) added a bunch of rate limit circuit breakers for anti-DOS, (3) cleanup. 2016-09-09 11:36:10 -07:00
Adam Ierymenko
1908aa55f5 Refactor MULTICAST_LIKE pushing to eliminate redundant and unnecessary pushes and simplify code. 2016-09-07 15:15:52 -07:00
Adam Ierymenko
b5c86b6ba4 Bunch more path refactoring. Peers no longer forget paths, but do not normally use expired paths. Expired paths might still be tried if nothing else is reachable. 2016-09-07 11:13:17 -07:00
Adam Ierymenko
eebcf08084 Tweaks to new Path code for dual-stack operation, and other fixes. 2016-09-03 15:39:05 -07:00
Adam Ierymenko
d1101441b3 Tweak some timings. 2016-09-02 11:54:59 -07:00
Adam Ierymenko
e8f6b4b5d3 Rest of big Path canonicalization refactor. 2016-09-02 11:51:33 -07:00
Adam Ierymenko
a3bdae9735 Work in progress: Path canonicalization refactor. 2016-09-01 15:43:07 -07:00
Adam Ierymenko
77f7dcf40a Obsolete "test network" removal. 2016-08-23 09:39:38 -07:00
Adam Ierymenko
404a0bbddd ... 2016-08-04 09:51:15 -07:00
Adam Ierymenko
d736074301 Refactor rules table in-memory structure in new NetworkConfig to permit far more rules with better space efficiency. 2016-04-22 15:40:53 -07:00
Adam Ierymenko
2f18a92e20 Cleanup in numerous places, reduce network chattiness around MULTICAST_LIKE, and fix a "how was that working" latent bug causing some control traffic to take the scenic route. 2016-04-19 12:09:35 -07:00
Adam Ierymenko
6f854c8391 NetworkConfig refactor part 1 2016-04-12 12:11:34 -07:00
Adam Ierymenko
56096be8b6 Tweak new RX queue algorithm to "expire" old entries to prevent always needing to traverse the whole queue array. 2016-04-06 16:28:40 -07:00
Adam Ierymenko
4a109658ab More refactoring and prep for explicit interface bindings (for default route support). 2016-04-05 11:59:46 -07:00
Adam Ierymenko
1a5e7cb0cb More tweaks to OS determination stuff. 2016-03-28 12:26:49 -07:00
Adam Ierymenko
8035afae87 Try to define ZT_NO_TYPE_PUNNING on iOS in case it wasn't. 2016-03-28 12:22:05 -07:00
Adam Ierymenko
d6a1868d0a Refactor incoming packet (rxQueue/fragmentQueue) to eliminate variable length queues and merge queues. This is both faster and saves memory. 2016-03-18 14:16:07 -07:00
Adam Ierymenko
2aa7138373 Reduce direct ping delay back to 1m and make SelfAwareness aware of local received-on address to eliminate false symmetric classification. 2016-02-22 09:47:50 -08:00
Adam Ierymenko
63ec7e58d4 Make activity no longer a function of ping frequency, since this causes compatibility bugs when the latter was modified due to timer interactions with other versions. 2016-02-08 10:03:01 -08:00
Adam Ierymenko
4e4fd51117 boring doc stuff 2016-01-12 14:04:55 -08:00
Adam Ierymenko
05b2c0743f Tighten up dead path detection. Should now auto-detect dead paths in less than 10 seconds at a very small cost in ECHO requests (or HELLOs for older peers). GitHib issue #272 2016-01-06 10:00:03 -08:00
Adam Ierymenko
d8143a5e18 Implement first pass on rapid dead path detection, and increment version to 1.1.3 (dev) 2016-01-05 16:41:54 -08:00
Adam Ierymenko
436c1fac1d Selectively move over changes from "edge" to "dev" excluding netcon. 2015-12-21 16:15:39 -08:00
Janjaap Bos
e6808c69f8 Increase maximum number of paths per IP scope to 4
Otherwise, local discovered routes are ignored.
Don't know what the best value would be. Taking 4 for now.
2015-11-30 19:48:38 +01:00
Adam Ierymenko
b94335f115 Increase WHOIS retry delay slightly to allow for global cluster latency (e.g. 300+ms from New York to Johhannesburg) 2015-11-11 11:07:08 -08:00
Adam Ierymenko
7fbe2f7adf Tweak some more timings for better reliability. 2015-11-02 15:38:53 -08:00
Adam Ierymenko
60ce886605 Tweak some timings for better reliability. 2015-11-02 15:15:20 -08:00
Adam Ierymenko
b6725c4415 Optimize AntiRecursion. 2015-10-30 11:48:33 -07:00
Adam Ierymenko
da93712846 Clean up PUSH_DIRECT_PATH limits a bit more and make them a bit smarter. 2015-10-28 09:11:30 -07:00
Adam Ierymenko
cdc99bfee1 Add a circuit breaker for VERB_PUSH_DIRECT_PATHS. 2015-10-27 18:18:26 -07:00
Adam Ierymenko
cc1b275ad9 Replicate peer endpoints and forget paths if we have them -- this allows two clusters to talk to each other, whereas forgetting all paths does not. 2015-10-27 16:47:13 -07:00
Adam Ierymenko
a1a0ee4edb Fix infinite loop in Cluster, clean up some stuff elsewhere, and back out rate limiting in PUSH_DIRECT_PATHS for now (but we will do something else to mitigate amplification attacks) 2015-10-27 12:01:00 -07:00
Adam Ierymenko
62db18b6dd Lessen this limit just a bit to make cluster settle faster. 2015-10-27 11:01:58 -07:00
Adam Ierymenko
5ce3aac929 Add rate limit on receive of DIRECT_PATH_PUSH to prevent DOS exploitation. 2015-10-16 10:28:09 -07:00
Adam Ierymenko
2debde3451 GitHub issue #235, and I also see no reason not to communicate with people from other Worlds. 2015-10-15 07:22:17 -07:00
Adam Ierymenko
619e113748 Work in progress on Cluster for new root infrastructure, multi-homing. 2015-10-14 14:12:12 -07:00
Adam Ierymenko
7d62dbe9f7 Tune NAT-t keepalives so that timing is better obeyed, clean up a build warning, and fix a potential source of network recursion (though harmless). 2015-10-07 11:57:59 -07:00
Adam Ierymenko
a3db7d0728 Refactor: move network COMs out of Network and into Peer in prep for tightening up multicast lookup and other things. 2015-10-01 11:11:52 -07:00
Adam Ierymenko
f69454ec98 (1) Make ZT_ naming convention consistent (get rid of ZT1_), (2) Make local interface a full sockaddr_storage instead of an int identifier, which turns out to be better for multi-homing and other uses. 2015-09-24 16:21:36 -07:00
Adam Ierymenko
5986d83738 Kill more kittens. 2015-07-28 12:04:14 -07:00
Adam Ierymenko
b69afa010e Disable type punning on ARM by ifdef. 2015-07-28 11:50:01 -07:00
Adam Ierymenko
b31071463c Try another NAT traversal improvement. 2015-07-28 11:28:47 -07:00
Adam Ierymenko
d647a587a1 (1) Fix updating of network revision counter on member change.
(2) Go back to timestamp as certificate revision number. This is simpler
    and more robust than using the network revision number for this and
    forcing network revision fast-forward, which could cause some peers
    to fall off the horizon when you don't want them to.
2015-07-23 17:18:20 -07:00
Adam Ierymenko
79e9a8bcc2 Almost everything for GitHub issue #180 except direct path map setup. 2015-07-06 15:28:48 -07:00
Adam Ierymenko
255320e2a6 pushDirectPaths() implementation 2015-07-06 14:39:28 -07:00
Adam Ierymenko
7bae95836c Root server terminology cleanup, and tighten up a security check by checking full identity of peers instead of just address. 2015-06-19 10:23:25 -07:00
Kees Bos
a425bbc673 Renamed supernode to rootserver 2015-05-06 12:05:20 +02:00
Adam Ierymenko
cdec05af24 One second delay between NAT-t events. 2015-05-22 13:12:14 -07:00
Adam Ierymenko
d9006712f6 Completely factor out "desperation" from the core. I thought of a significantly simpler way to move all of this logic entirely into the containing service, liberating the core from any concern over the nature of its pipe to the outside world. 2015-05-21 15:58:26 -07:00
Adam Ierymenko
d0e0f5dd12 Basic OpenBSD compile fixes -- still need to update BSDEthernetTap, will do that later. Should be able to re-use FreeBSD port for OpenBSD, but we will see. 2015-05-15 08:48:53 -07:00
Adam Ierymenko
54954f5b88 First pass of Windows cleanup and build fixes... 2015-04-24 13:35:17 -07:00
Adam Ierymenko
98bcc3d4b5 Disable a few noisy TRACEs, and limit how often we confirm new paths to avoid flooding. 2015-04-15 13:15:09 -07:00
Adam Ierymenko
67f1f1892f Bunch of tap stuff, IP address assignment hookups, etc. 2015-04-14 17:57:51 -07:00
Adam Ierymenko
e34bc961db Add awareness of online status, and put old OS-dep utils in OSUtils. 2015-04-08 17:10:21 -07:00
Adam Ierymenko
49f031ccb4 Tons of refactoring, change to desperation algorithm to use max of core or link, porting over core loop code from old Node.cpp to new CAPI version, etc. 2015-04-07 19:31:11 -07:00
Adam Ierymenko
52c3b7c34e Implemented empirical determination of external addressing, paritioned per scope. 2015-04-07 11:56:10 -07:00
Adam Ierymenko
6eb9289367 Bunch more cleanup, improvements to NAT traversal logic, finished updating Switch. 2015-04-03 16:52:53 -07:00
Adam Ierymenko
a69e1876f1 The concept of link desperation (escalating to less desirable transports) simplifies a ton of stuff. Loads of spaghetti logic can die since we no longer have to make these decisions down in the core. 2015-04-02 17:54:56 -07:00
Adam Ierymenko
8130848020 More refactoring... and update the API a bit... turns out my strategy for reducing indirect function calls also increased memcpy()s which are more expensive. This is simpler and faster. 2015-04-01 14:59:44 -07:00
Adam Ierymenko
36eab4f1a9 Whole heap more cleanup and refactoring... 2015-03-31 17:53:34 -07:00
Adam Ierymenko
93012b0ee5 Re-incorporation: ZeroTier Networks -> ZeroTier, Inc. [Delaware] 2015-02-17 13:11:34 -08:00
Adam Ierymenko
b7148c107d Rip out network environment fingerprint. This will be replaced by constant monitoring of actual external address surface. 2015-02-02 16:40:57 -08:00
Adam Ierymenko
b1bf3f68c3 Drop support for legacy P5 multicast, as there are fewer than 1% of these remaining on the network. 2015-02-02 16:34:01 -08:00
Adam Ierymenko
60fb28a90a Cleanup, new C++ netconf code is almost ready to test! 2015-01-06 17:16:54 -08:00
Adam Ierymenko
4e95384ad6 Cleanup, add tristate to config code in Network, and happy new year! 2015-01-05 17:47:59 -08:00
Adam Ierymenko
0f505411cf Enable legacy multicast in Constants. 2014-11-25 14:12:33 -08:00
Adam Ierymenko
1bd5a1ebcd Make selftest build and run on FreeBSD 10 with gmake 2014-11-04 11:20:38 -08:00
Adam Ierymenko
0e84eb3852 Back off default multicast limit just a little. 2014-10-29 18:25:24 -07:00
Adam Ierymenko
4dec598fb8 Make multicast gather slightly more aggressive, and add total to list command in testnet. 2014-10-28 15:33:10 -07:00
Adam Ierymenko
03dc823ad7 (1) Back off a little on default max multicast limit since 128 is pretty bandwidth heavy, (2) add a little to default multicast rate limit since new MC algo is fairerererer, (3) decided not to involve netconf masters in multicast so take that out of list of who gets LIKEs. 2014-10-10 12:55:06 -07:00
Adam Ierymenko
62da7e67b6 Add some rate limiting to implicit gathers, and always send multicasts to at least one supernode so they can broadcast to old peers (temporary). 2014-10-03 22:30:10 -07:00
Adam Ierymenko
96fa3f7550 Work on in-place testnet support. 2014-10-02 16:33:08 -07:00
Adam Ierymenko
49dc47ff38 Make multicast gathering a bit smarter. 2014-10-02 11:35:37 -07:00
Adam Ierymenko
0778332747 . 2014-09-25 22:08:52 -07:00
Adam Ierymenko
9e186bbd89 . 2014-09-25 15:57:43 -07:00
Adam Ierymenko
050a0ce85d . 2014-09-25 15:08:29 -07:00
Adam Ierymenko
954f9cbc13 Yet more WIP on mulitcast algo... 2014-09-22 13:18:24 -07:00
Adam Ierymenko
d9abd4d9be Work on defining new direct broadcast multicast algorithm. 2014-09-18 18:28:14 -07:00
Adam Ierymenko
4708231046 Fix for GitHub issue #122 and other fixes 2014-09-18 10:01:30 -07:00
Adam Ierymenko
4e9280fc7a Rip out dead "firewall opener" code, replace in pipeline with anti-symmetric-NAT tactics. 2014-09-05 16:23:24 -07:00
Adam Ierymenko
7d4b6767eb Old-school GCC build fix -- make sure __GCC__ is defined 2014-09-05 17:48:59 +00:00
Adam Ierymenko
f5cbb45ab9 Increase sleep/wake detection threshold... might want to switch to using native interfaces to really detect this in the future since this is not 100% reliable. 2014-08-18 10:13:25 -04:00
Adam Ierymenko
aa59cfd545 Web request part of supernode resync (not quite done, needs test) 2014-08-15 23:37:35 -04:00
Adam Ierymenko
f8d4611d15 (1) Tweak LAN locator beacon frequencies, (2) Windows virtual networks
now show up as *real* networks and prompt the user to set their
location and firewall status (public, private, home/work, etc.).

The hack used to achieve #2 should not be examined by children or those
suffering from epilepsy or heart conditions.
2014-08-12 17:20:34 -07:00
Adam Ierymenko
8a804b5257 (1) Disable firewall openers (its easy to re-enable), (2) Do some prep work for making supernode topology hot-updatable. 2014-08-05 14:05:50 -07:00
Adam Ierymenko
b80c229d87 Tons of code cleanup, refactor Network to use EthernetTapFactory, probably also fix GitHub issue #90 2014-07-31 14:09:32 -07:00
Adam Ierymenko
4c4675e3ac Cleanup, add __BSD__ 2014-07-15 20:49:13 -07:00
Adam Ierymenko
88bdb81791 Keep track of basic aliveness for peers regardless if direct or indirect connectivity and use this for multicast propagation. Also consolidate adding of active bridges via the same functor as regular multicast next hops. 2014-06-30 11:31:04 -07:00
Adam Ierymenko
5d467f0f45 Some TRACE improvements and comment revs. 2014-06-18 08:25:30 -07:00
Adam Ierymenko
6802da457e Bridging pretty much ready to test! Got Switch all wired up. Also fix a latent probably-never-triggered bug in MULTICAST_FRAME handling. GitHub issue #68 2014-06-13 21:06:34 -07:00
Adam Ierymenko
5682f0b772 Some more bridging work... wiring up in Switch - GitHub issue #68 2014-06-13 17:49:33 -07:00
Adam Ierymenko
d44e1349d8 Bridge routing table - GitHub issue #68 2014-06-10 17:18:59 -07:00
Adam Ierymenko
4e1f49258b Bridging in NetworkConfig - GitHub Issue #68 2014-06-10 15:47:20 -07:00
Adam Ierymenko
beb7b5bbe5 GitHub Issue #69 - make MAC assignment schema differ between virtual networks. 2014-05-23 14:32:31 -07:00
Adam Ierymenko
99c5fae9da Make Service communicate via empty-line-delimited Dictionary objects instead of the old size prefix way. 2014-05-08 21:27:59 +00:00
Adam Ierymenko
aee742e767 More toward GitHub issue #56 2014-04-10 16:30:15 -07:00
Adam Ierymenko
c9294c1a78 Prevent recursive transit of ZeroTier packets, toward GitHub issue #56 2014-04-10 14:22:25 -07:00
Adam Ierymenko
119ef5ecbf More logic cleanup and some documentation / comment improvements. 2014-04-10 10:00:20 -07:00