Adam Ierymenko
5b6d27e659
Implement relay policy, and setting multicast limit to 0 now disables multicast on the network as would be expected.
2016-09-13 14:27:18 -07:00
Adam Ierymenko
cba37c6107
Add a few more rate limit gates for anti-DOS hardening.
2016-09-13 10:13:23 -07:00
Adam Ierymenko
ab9afbc749
(1) Public networks now get COMs even though they do not gate with them since they will need them to push auth for multicast stuff, (2) added a bunch of rate limit circuit breakers for anti-DOS, (3) cleanup.
2016-09-09 11:36:10 -07:00
Adam Ierymenko
1908aa55f5
Refactor MULTICAST_LIKE pushing to eliminate redundant and unnecessary pushes and simplify code.
2016-09-07 15:15:52 -07:00
Adam Ierymenko
b5c86b6ba4
Bunch more path refactoring. Peers no longer forget paths, but do not normally use expired paths. Expired paths might still be tried if nothing else is reachable.
2016-09-07 11:13:17 -07:00
Adam Ierymenko
eebcf08084
Tweaks to new Path code for dual-stack operation, and other fixes.
2016-09-03 15:39:05 -07:00
Adam Ierymenko
d1101441b3
Tweak some timings.
2016-09-02 11:54:59 -07:00
Adam Ierymenko
e8f6b4b5d3
Rest of big Path canonicalization refactor.
2016-09-02 11:51:33 -07:00
Adam Ierymenko
a3bdae9735
Work in progress: Path canonicalization refactor.
2016-09-01 15:43:07 -07:00
Adam Ierymenko
77f7dcf40a
Obsolete "test network" removal.
2016-08-23 09:39:38 -07:00
Adam Ierymenko
404a0bbddd
...
2016-08-04 09:51:15 -07:00
Adam Ierymenko
d736074301
Refactor rules table in-memory structure in new NetworkConfig to permit far more rules with better space efficiency.
2016-04-22 15:40:53 -07:00
Adam Ierymenko
2f18a92e20
Cleanup in numerous places, reduce network chattiness around MULTICAST_LIKE, and fix a "how was that working" latent bug causing some control traffic to take the scenic route.
2016-04-19 12:09:35 -07:00
Adam Ierymenko
6f854c8391
NetworkConfig refactor part 1
2016-04-12 12:11:34 -07:00
Adam Ierymenko
56096be8b6
Tweak new RX queue algorithm to "expire" old entries to prevent always needing to traverse the whole queue array.
2016-04-06 16:28:40 -07:00
Adam Ierymenko
4a109658ab
More refactoring and prep for explicit interface bindings (for default route support).
2016-04-05 11:59:46 -07:00
Adam Ierymenko
1a5e7cb0cb
More tweaks to OS determination stuff.
2016-03-28 12:26:49 -07:00
Adam Ierymenko
8035afae87
Try to define ZT_NO_TYPE_PUNNING on iOS in case it wasn't.
2016-03-28 12:22:05 -07:00
Adam Ierymenko
d6a1868d0a
Refactor incoming packet (rxQueue/fragmentQueue) to eliminate variable length queues and merge queues. This is both faster and saves memory.
2016-03-18 14:16:07 -07:00
Adam Ierymenko
2aa7138373
Reduce direct ping delay back to 1m and make SelfAwareness aware of local received-on address to eliminate false symmetric classification.
2016-02-22 09:47:50 -08:00
Adam Ierymenko
63ec7e58d4
Make activity no longer a function of ping frequency, since this causes compatibility bugs when the latter was modified due to timer interactions with other versions.
2016-02-08 10:03:01 -08:00
Adam Ierymenko
4e4fd51117
boring doc stuff
2016-01-12 14:04:55 -08:00
Adam Ierymenko
05b2c0743f
Tighten up dead path detection. Should now auto-detect dead paths in less than 10 seconds at a very small cost in ECHO requests (or HELLOs for older peers). GitHib issue #272
2016-01-06 10:00:03 -08:00
Adam Ierymenko
d8143a5e18
Implement first pass on rapid dead path detection, and increment version to 1.1.3 (dev)
2016-01-05 16:41:54 -08:00
Adam Ierymenko
436c1fac1d
Selectively move over changes from "edge" to "dev" excluding netcon.
2015-12-21 16:15:39 -08:00
Janjaap Bos
e6808c69f8
Increase maximum number of paths per IP scope to 4
...
Otherwise, local discovered routes are ignored.
Don't know what the best value would be. Taking 4 for now.
2015-11-30 19:48:38 +01:00
Adam Ierymenko
b94335f115
Increase WHOIS retry delay slightly to allow for global cluster latency (e.g. 300+ms from New York to Johhannesburg)
2015-11-11 11:07:08 -08:00
Adam Ierymenko
7fbe2f7adf
Tweak some more timings for better reliability.
2015-11-02 15:38:53 -08:00
Adam Ierymenko
60ce886605
Tweak some timings for better reliability.
2015-11-02 15:15:20 -08:00
Adam Ierymenko
b6725c4415
Optimize AntiRecursion.
2015-10-30 11:48:33 -07:00
Adam Ierymenko
da93712846
Clean up PUSH_DIRECT_PATH limits a bit more and make them a bit smarter.
2015-10-28 09:11:30 -07:00
Adam Ierymenko
cdc99bfee1
Add a circuit breaker for VERB_PUSH_DIRECT_PATHS.
2015-10-27 18:18:26 -07:00
Adam Ierymenko
cc1b275ad9
Replicate peer endpoints and forget paths if we have them -- this allows two clusters to talk to each other, whereas forgetting all paths does not.
2015-10-27 16:47:13 -07:00
Adam Ierymenko
a1a0ee4edb
Fix infinite loop in Cluster, clean up some stuff elsewhere, and back out rate limiting in PUSH_DIRECT_PATHS for now (but we will do something else to mitigate amplification attacks)
2015-10-27 12:01:00 -07:00
Adam Ierymenko
62db18b6dd
Lessen this limit just a bit to make cluster settle faster.
2015-10-27 11:01:58 -07:00
Adam Ierymenko
5ce3aac929
Add rate limit on receive of DIRECT_PATH_PUSH to prevent DOS exploitation.
2015-10-16 10:28:09 -07:00
Adam Ierymenko
2debde3451
GitHub issue #235 , and I also see no reason not to communicate with people from other Worlds.
2015-10-15 07:22:17 -07:00
Adam Ierymenko
619e113748
Work in progress on Cluster for new root infrastructure, multi-homing.
2015-10-14 14:12:12 -07:00
Adam Ierymenko
7d62dbe9f7
Tune NAT-t keepalives so that timing is better obeyed, clean up a build warning, and fix a potential source of network recursion (though harmless).
2015-10-07 11:57:59 -07:00
Adam Ierymenko
a3db7d0728
Refactor: move network COMs out of Network and into Peer in prep for tightening up multicast lookup and other things.
2015-10-01 11:11:52 -07:00
Adam Ierymenko
f69454ec98
(1) Make ZT_ naming convention consistent (get rid of ZT1_), (2) Make local interface a full sockaddr_storage instead of an int identifier, which turns out to be better for multi-homing and other uses.
2015-09-24 16:21:36 -07:00
Adam Ierymenko
5986d83738
Kill more kittens.
2015-07-28 12:04:14 -07:00
Adam Ierymenko
b69afa010e
Disable type punning on ARM by ifdef.
2015-07-28 11:50:01 -07:00
Adam Ierymenko
b31071463c
Try another NAT traversal improvement.
2015-07-28 11:28:47 -07:00
Adam Ierymenko
d647a587a1
(1) Fix updating of network revision counter on member change.
...
(2) Go back to timestamp as certificate revision number. This is simpler
and more robust than using the network revision number for this and
forcing network revision fast-forward, which could cause some peers
to fall off the horizon when you don't want them to.
2015-07-23 17:18:20 -07:00
Adam Ierymenko
79e9a8bcc2
Almost everything for GitHub issue #180 except direct path map setup.
2015-07-06 15:28:48 -07:00
Adam Ierymenko
255320e2a6
pushDirectPaths() implementation
2015-07-06 14:39:28 -07:00
Adam Ierymenko
7bae95836c
Root server terminology cleanup, and tighten up a security check by checking full identity of peers instead of just address.
2015-06-19 10:23:25 -07:00
Kees Bos
a425bbc673
Renamed supernode to rootserver
2015-05-06 12:05:20 +02:00
Adam Ierymenko
cdec05af24
One second delay between NAT-t events.
2015-05-22 13:12:14 -07:00
Adam Ierymenko
d9006712f6
Completely factor out "desperation" from the core. I thought of a significantly simpler way to move all of this logic entirely into the containing service, liberating the core from any concern over the nature of its pipe to the outside world.
2015-05-21 15:58:26 -07:00
Adam Ierymenko
d0e0f5dd12
Basic OpenBSD compile fixes -- still need to update BSDEthernetTap, will do that later. Should be able to re-use FreeBSD port for OpenBSD, but we will see.
2015-05-15 08:48:53 -07:00
Adam Ierymenko
54954f5b88
First pass of Windows cleanup and build fixes...
2015-04-24 13:35:17 -07:00
Adam Ierymenko
98bcc3d4b5
Disable a few noisy TRACEs, and limit how often we confirm new paths to avoid flooding.
2015-04-15 13:15:09 -07:00
Adam Ierymenko
67f1f1892f
Bunch of tap stuff, IP address assignment hookups, etc.
2015-04-14 17:57:51 -07:00
Adam Ierymenko
e34bc961db
Add awareness of online status, and put old OS-dep utils in OSUtils.
2015-04-08 17:10:21 -07:00
Adam Ierymenko
49f031ccb4
Tons of refactoring, change to desperation algorithm to use max of core or link, porting over core loop code from old Node.cpp to new CAPI version, etc.
2015-04-07 19:31:11 -07:00
Adam Ierymenko
52c3b7c34e
Implemented empirical determination of external addressing, paritioned per scope.
2015-04-07 11:56:10 -07:00
Adam Ierymenko
6eb9289367
Bunch more cleanup, improvements to NAT traversal logic, finished updating Switch.
2015-04-03 16:52:53 -07:00
Adam Ierymenko
a69e1876f1
The concept of link desperation (escalating to less desirable transports) simplifies a ton of stuff. Loads of spaghetti logic can die since we no longer have to make these decisions down in the core.
2015-04-02 17:54:56 -07:00
Adam Ierymenko
8130848020
More refactoring... and update the API a bit... turns out my strategy for reducing indirect function calls also increased memcpy()s which are more expensive. This is simpler and faster.
2015-04-01 14:59:44 -07:00
Adam Ierymenko
36eab4f1a9
Whole heap more cleanup and refactoring...
2015-03-31 17:53:34 -07:00
Adam Ierymenko
93012b0ee5
Re-incorporation: ZeroTier Networks -> ZeroTier, Inc. [Delaware]
2015-02-17 13:11:34 -08:00
Adam Ierymenko
b7148c107d
Rip out network environment fingerprint. This will be replaced by constant monitoring of actual external address surface.
2015-02-02 16:40:57 -08:00
Adam Ierymenko
b1bf3f68c3
Drop support for legacy P5 multicast, as there are fewer than 1% of these remaining on the network.
2015-02-02 16:34:01 -08:00
Adam Ierymenko
60fb28a90a
Cleanup, new C++ netconf code is almost ready to test!
2015-01-06 17:16:54 -08:00
Adam Ierymenko
4e95384ad6
Cleanup, add tristate to config code in Network, and happy new year!
2015-01-05 17:47:59 -08:00
Adam Ierymenko
0f505411cf
Enable legacy multicast in Constants.
2014-11-25 14:12:33 -08:00
Adam Ierymenko
1bd5a1ebcd
Make selftest build and run on FreeBSD 10 with gmake
2014-11-04 11:20:38 -08:00
Adam Ierymenko
0e84eb3852
Back off default multicast limit just a little.
2014-10-29 18:25:24 -07:00
Adam Ierymenko
4dec598fb8
Make multicast gather slightly more aggressive, and add total to list command in testnet.
2014-10-28 15:33:10 -07:00
Adam Ierymenko
03dc823ad7
(1) Back off a little on default max multicast limit since 128 is pretty bandwidth heavy, (2) add a little to default multicast rate limit since new MC algo is fairerererer, (3) decided not to involve netconf masters in multicast so take that out of list of who gets LIKEs.
2014-10-10 12:55:06 -07:00
Adam Ierymenko
62da7e67b6
Add some rate limiting to implicit gathers, and always send multicasts to at least one supernode so they can broadcast to old peers (temporary).
2014-10-03 22:30:10 -07:00
Adam Ierymenko
96fa3f7550
Work on in-place testnet support.
2014-10-02 16:33:08 -07:00
Adam Ierymenko
49dc47ff38
Make multicast gathering a bit smarter.
2014-10-02 11:35:37 -07:00
Adam Ierymenko
0778332747
.
2014-09-25 22:08:52 -07:00
Adam Ierymenko
9e186bbd89
.
2014-09-25 15:57:43 -07:00
Adam Ierymenko
050a0ce85d
.
2014-09-25 15:08:29 -07:00
Adam Ierymenko
954f9cbc13
Yet more WIP on mulitcast algo...
2014-09-22 13:18:24 -07:00
Adam Ierymenko
d9abd4d9be
Work on defining new direct broadcast multicast algorithm.
2014-09-18 18:28:14 -07:00
Adam Ierymenko
4708231046
Fix for GitHub issue #122 and other fixes
2014-09-18 10:01:30 -07:00
Adam Ierymenko
4e9280fc7a
Rip out dead "firewall opener" code, replace in pipeline with anti-symmetric-NAT tactics.
2014-09-05 16:23:24 -07:00
Adam Ierymenko
7d4b6767eb
Old-school GCC build fix -- make sure __GCC__ is defined
2014-09-05 17:48:59 +00:00
Adam Ierymenko
f5cbb45ab9
Increase sleep/wake detection threshold... might want to switch to using native interfaces to really detect this in the future since this is not 100% reliable.
2014-08-18 10:13:25 -04:00
Adam Ierymenko
aa59cfd545
Web request part of supernode resync (not quite done, needs test)
2014-08-15 23:37:35 -04:00
Adam Ierymenko
f8d4611d15
(1) Tweak LAN locator beacon frequencies, (2) Windows virtual networks
...
now show up as *real* networks and prompt the user to set their
location and firewall status (public, private, home/work, etc.).
The hack used to achieve #2 should not be examined by children or those
suffering from epilepsy or heart conditions.
2014-08-12 17:20:34 -07:00
Adam Ierymenko
8a804b5257
(1) Disable firewall openers (its easy to re-enable), (2) Do some prep work for making supernode topology hot-updatable.
2014-08-05 14:05:50 -07:00
Adam Ierymenko
b80c229d87
Tons of code cleanup, refactor Network to use EthernetTapFactory, probably also fix GitHub issue #90
2014-07-31 14:09:32 -07:00
Adam Ierymenko
4c4675e3ac
Cleanup, add __BSD__
2014-07-15 20:49:13 -07:00
Adam Ierymenko
88bdb81791
Keep track of basic aliveness for peers regardless if direct or indirect connectivity and use this for multicast propagation. Also consolidate adding of active bridges via the same functor as regular multicast next hops.
2014-06-30 11:31:04 -07:00
Adam Ierymenko
5d467f0f45
Some TRACE improvements and comment revs.
2014-06-18 08:25:30 -07:00
Adam Ierymenko
6802da457e
Bridging pretty much ready to test! Got Switch all wired up. Also fix a latent probably-never-triggered bug in MULTICAST_FRAME handling. GitHub issue #68
2014-06-13 21:06:34 -07:00
Adam Ierymenko
5682f0b772
Some more bridging work... wiring up in Switch - GitHub issue #68
2014-06-13 17:49:33 -07:00
Adam Ierymenko
d44e1349d8
Bridge routing table - GitHub issue #68
2014-06-10 17:18:59 -07:00
Adam Ierymenko
4e1f49258b
Bridging in NetworkConfig - GitHub Issue #68
2014-06-10 15:47:20 -07:00
Adam Ierymenko
beb7b5bbe5
GitHub Issue #69 - make MAC assignment schema differ between virtual networks.
2014-05-23 14:32:31 -07:00
Adam Ierymenko
99c5fae9da
Make Service communicate via empty-line-delimited Dictionary objects instead of the old size prefix way.
2014-05-08 21:27:59 +00:00
Adam Ierymenko
aee742e767
More toward GitHub issue #56
2014-04-10 16:30:15 -07:00
Adam Ierymenko
c9294c1a78
Prevent recursive transit of ZeroTier packets, toward GitHub issue #56
2014-04-10 14:22:25 -07:00
Adam Ierymenko
119ef5ecbf
More logic cleanup and some documentation / comment improvements.
2014-04-10 10:00:20 -07:00