Commit Graph

206 Commits

Author SHA1 Message Date
Adam Ierymenko
ef87069957 Fix gating of multicast GATHER replies since these can come from upstream, etc., and fix an issue with sending ECHO to recheck marginal paths. 2016-09-09 09:32:00 -07:00
Adam Ierymenko
0d4109a9f1 More refactoring to clean up code, and add a gate function to make sure we do not handle OK packets we did not expect. This hardens up a few potential edge cases around security, since such messages might be used to e.g. pollute a cache and DOS under certain conditions. 2016-09-09 08:43:58 -07:00
Adam Ierymenko
b5c86b6ba4 Bunch more path refactoring. Peers no longer forget paths, but do not normally use expired paths. Expired paths might still be tried if nothing else is reachable. 2016-09-07 11:13:17 -07:00
Adam Ierymenko
01aa469591 Remove debug line. 2016-09-02 14:26:04 -07:00
Adam Ierymenko
412979ba8f Attempt to reactivate dead paths. 2016-09-02 13:55:33 -07:00
Adam Ierymenko
4f8253dcdb Tweaks to path handling... 2016-09-02 13:33:56 -07:00
Adam Ierymenko
e8f6b4b5d3 Rest of big Path canonicalization refactor. 2016-09-02 11:51:33 -07:00
Adam Ierymenko
a3bdae9735 Work in progress: Path canonicalization refactor. 2016-09-01 15:43:07 -07:00
Adam Ierymenko
d5e6f59004 . 2016-09-01 13:45:32 -07:00
Adam Ierymenko
74afef8eb1 Think through and refine a few things in rules, especially edge case TEE and REDIRECT behavior and semantics. 2016-08-31 16:50:22 -07:00
Adam Ierymenko
c476285bd6 Harden PUSH_DIRECT_PATHS and simplify things by only doing it on receive when hops>0 and trust has been established. 2016-08-24 16:16:39 -07:00
Adam Ierymenko
2cdda38dc4 It basically works... at least on current controllers. 2016-08-24 15:26:18 -07:00
Adam Ierymenko
e1310a764a More cleanup and removal of cruft due to obsolete network-specific relays (will be replaced with federation stuff). 2016-08-09 15:45:26 -07:00
Adam Ierymenko
00fd9c3a15 It builds... almost ready to test some rules engine stuff. 2016-08-08 17:33:26 -07:00
Adam Ierymenko
98152d974a More cleanup and removal of DeferredPackets, will do the latter in a more elegant way. 2016-08-04 11:40:38 -07:00
Adam Ierymenko
91940cbcf5 Kill network preferred relays -- this feature is gone (and was seldom used anyway) in favor of federation. 2016-08-02 14:40:26 -07:00
Adam Ierymenko
7404eb46c4 Integration of Filter into inbound and outbound packet path. 2016-07-25 16:51:10 -07:00
Adam Ierymenko
765082fdb6 Trusted path support, and version bump to 1.1.9 2016-07-12 08:29:50 -07:00
Adam Ierymenko
20d155e630 . 2016-06-24 05:21:25 -07:00
Adam Ierymenko
be5996daca Cleanup of 6plane stuff. 2016-06-24 04:54:05 -07:00
Adam Ierymenko
38dfebad8c IPv6 NDP emulation flag in NetworkConfig, and implement Docker-friendly
(and other host friendly) IPv6 /80 magic subnetting to allow massive
multicast-free NDP emulated IPv6 networks where each host can have a
/48 worth of IPv6 IPs for internal containers, VMs, etc.

Alan Kay, thou art avenged.

https://ivanovivan.wordpress.com/2010/09/13/alan-kay-quotes/
2016-06-23 22:41:14 -07:00
Adam Ierymenko
8b9519f0af Simplify a bunch of NetworkConfig stuff by eliminating accessors, also makes network controller easier to refactor. 2016-05-06 16:13:11 -07:00
Adam Ierymenko
b9dba97fdb Bunch more refactoring for an even more compact NetworkConfig representation, especially rules. 2016-04-26 17:11:25 -07:00
Adam Ierymenko
2f18a92e20 Cleanup in numerous places, reduce network chattiness around MULTICAST_LIKE, and fix a "how was that working" latent bug causing some control traffic to take the scenic route. 2016-04-19 12:09:35 -07:00
Adam Ierymenko
e28838805f Brace fix... 2016-04-12 13:17:16 -07:00
Adam Ierymenko
31db6f8f36 NetworkConfig refactor almost done. 2016-04-12 12:49:46 -07:00
Adam Ierymenko
56096be8b6 Tweak new RX queue algorithm to "expire" old entries to prevent always needing to traverse the whole queue array. 2016-04-06 16:28:40 -07:00
Adam Ierymenko
76f9b4c582 A few other little formatting things. 2016-03-18 15:06:45 -07:00
Adam Ierymenko
c589bc4c57 Indentation 2016-03-18 14:32:48 -07:00
Adam Ierymenko
d6a1868d0a Refactor incoming packet (rxQueue/fragmentQueue) to eliminate variable length queues and merge queues. This is both faster and saves memory. 2016-03-18 14:16:07 -07:00
Adam Ierymenko
0c951b6e56 More tweaks to new symmetric NAT buster, and stop using old iterative method since this supersedes it. 2016-02-10 18:41:39 -08:00
Adam Ierymenko
eadafd8de7 Little fix to NAT-t alg 2016-02-10 17:51:42 -08:00
Adam Ierymenko
4e4fd51117 boring doc stuff 2016-01-12 14:04:55 -08:00
Adam Ierymenko
83ef98a9dc Add a network-associated user ptr in API. 2016-01-12 11:04:35 -08:00
Adam Ierymenko
704205c5f7 Dead code removal. 2016-01-12 09:33:14 -08:00
Adam Ierymenko
bbcc3304a0 Check shouldUsePathForZeroTierTraffic in legacy beacon responder. 2016-01-11 15:57:58 -08:00
Adam Ierymenko
1023ef23b7 Remove somewhat ugly and costly anti-recursion hack -- we will switch to more explicit methods. 2016-01-11 09:06:10 -08:00
Adam Ierymenko
a56fbc1929 Close another potential anti-recursion loophole. 2016-01-06 15:35:27 -08:00
Adam Ierymenko
d8143a5e18 Implement first pass on rapid dead path detection, and increment version to 1.1.3 (dev) 2016-01-05 16:41:54 -08:00
Adam Ierymenko
436c1fac1d Selectively move over changes from "edge" to "dev" excluding netcon. 2015-12-21 16:15:39 -08:00
Adam Ierymenko
ceaef19fb7 Fix for GitHub issue #260 -- fix for (non-exploitable) crash in network preferred relay code 2015-11-30 17:20:12 -08:00
Adam Ierymenko
2cc50bdb10 Try bringing back TTL escalation -- may help with Docker (IP-MASQ) type NAT 2015-11-09 15:44:13 -08:00
Adam Ierymenko
47424df417 Fix (1) a deadlock bug and (2) a bug that prevented distributed rendezvous messages from being sent. 2015-11-09 13:39:06 -08:00
Adam Ierymenko
f4d12603e0 Tweak how Switch passes off to Cluster on relay to fit new paradigm. 2015-11-09 09:19:03 -08:00
Adam Ierymenko
6bc8c9d8ef Clustering cleanup, still a work in progress. 2015-11-06 16:12:41 -08:00
Adam Ierymenko
5f39d5b7ea Further pare down Cluster messaging and rename some stuff. 2015-11-06 14:37:17 -08:00
Adam Ierymenko
9490b1f136 Try prioritizing cluster-send over direct send in cluster mode -- may improve cluster relaying reliability. 2015-11-06 13:38:56 -08:00
Adam Ierymenko
8ef4edebbf Deferred decode for HELLO to prevent HELLOcalypse under high load of new peers. 2015-11-05 12:22:58 -08:00
Adam Ierymenko
c9e6e60c09 Handle ZeroTier-RFC4193 IPv6 address NDP queries inline by spoofing responses if the addressing scheme matches -- this allows multicast-free instant lookup of local IPv6 for better performance and reliability. 2015-11-03 10:46:41 -08:00
Adam Ierymenko
4e9d430476 Make root and relay selection somewhat more robust. 2015-11-02 16:03:28 -08:00