Adam Ierymenko
ef87069957
Fix gating of multicast GATHER replies since these can come from upstream, etc., and fix an issue with sending ECHO to recheck marginal paths.
2016-09-09 09:32:00 -07:00
Adam Ierymenko
0d4109a9f1
More refactoring to clean up code, and add a gate function to make sure we do not handle OK packets we did not expect. This hardens up a few potential edge cases around security, since such messages might be used to e.g. pollute a cache and DOS under certain conditions.
2016-09-09 08:43:58 -07:00
Adam Ierymenko
b5c86b6ba4
Bunch more path refactoring. Peers no longer forget paths, but do not normally use expired paths. Expired paths might still be tried if nothing else is reachable.
2016-09-07 11:13:17 -07:00
Adam Ierymenko
01aa469591
Remove debug line.
2016-09-02 14:26:04 -07:00
Adam Ierymenko
412979ba8f
Attempt to reactivate dead paths.
2016-09-02 13:55:33 -07:00
Adam Ierymenko
4f8253dcdb
Tweaks to path handling...
2016-09-02 13:33:56 -07:00
Adam Ierymenko
e8f6b4b5d3
Rest of big Path canonicalization refactor.
2016-09-02 11:51:33 -07:00
Adam Ierymenko
a3bdae9735
Work in progress: Path canonicalization refactor.
2016-09-01 15:43:07 -07:00
Adam Ierymenko
d5e6f59004
.
2016-09-01 13:45:32 -07:00
Adam Ierymenko
74afef8eb1
Think through and refine a few things in rules, especially edge case TEE and REDIRECT behavior and semantics.
2016-08-31 16:50:22 -07:00
Adam Ierymenko
c476285bd6
Harden PUSH_DIRECT_PATHS and simplify things by only doing it on receive when hops>0 and trust has been established.
2016-08-24 16:16:39 -07:00
Adam Ierymenko
2cdda38dc4
It basically works... at least on current controllers.
2016-08-24 15:26:18 -07:00
Adam Ierymenko
e1310a764a
More cleanup and removal of cruft due to obsolete network-specific relays (will be replaced with federation stuff).
2016-08-09 15:45:26 -07:00
Adam Ierymenko
00fd9c3a15
It builds... almost ready to test some rules engine stuff.
2016-08-08 17:33:26 -07:00
Adam Ierymenko
98152d974a
More cleanup and removal of DeferredPackets, will do the latter in a more elegant way.
2016-08-04 11:40:38 -07:00
Adam Ierymenko
91940cbcf5
Kill network preferred relays -- this feature is gone (and was seldom used anyway) in favor of federation.
2016-08-02 14:40:26 -07:00
Adam Ierymenko
7404eb46c4
Integration of Filter into inbound and outbound packet path.
2016-07-25 16:51:10 -07:00
Adam Ierymenko
765082fdb6
Trusted path support, and version bump to 1.1.9
2016-07-12 08:29:50 -07:00
Adam Ierymenko
20d155e630
.
2016-06-24 05:21:25 -07:00
Adam Ierymenko
be5996daca
Cleanup of 6plane stuff.
2016-06-24 04:54:05 -07:00
Adam Ierymenko
38dfebad8c
IPv6 NDP emulation flag in NetworkConfig, and implement Docker-friendly
...
(and other host friendly) IPv6 /80 magic subnetting to allow massive
multicast-free NDP emulated IPv6 networks where each host can have a
/48 worth of IPv6 IPs for internal containers, VMs, etc.
Alan Kay, thou art avenged.
https://ivanovivan.wordpress.com/2010/09/13/alan-kay-quotes/
2016-06-23 22:41:14 -07:00
Adam Ierymenko
8b9519f0af
Simplify a bunch of NetworkConfig stuff by eliminating accessors, also makes network controller easier to refactor.
2016-05-06 16:13:11 -07:00
Adam Ierymenko
b9dba97fdb
Bunch more refactoring for an even more compact NetworkConfig representation, especially rules.
2016-04-26 17:11:25 -07:00
Adam Ierymenko
2f18a92e20
Cleanup in numerous places, reduce network chattiness around MULTICAST_LIKE, and fix a "how was that working" latent bug causing some control traffic to take the scenic route.
2016-04-19 12:09:35 -07:00
Adam Ierymenko
e28838805f
Brace fix...
2016-04-12 13:17:16 -07:00
Adam Ierymenko
31db6f8f36
NetworkConfig refactor almost done.
2016-04-12 12:49:46 -07:00
Adam Ierymenko
56096be8b6
Tweak new RX queue algorithm to "expire" old entries to prevent always needing to traverse the whole queue array.
2016-04-06 16:28:40 -07:00
Adam Ierymenko
76f9b4c582
A few other little formatting things.
2016-03-18 15:06:45 -07:00
Adam Ierymenko
c589bc4c57
Indentation
2016-03-18 14:32:48 -07:00
Adam Ierymenko
d6a1868d0a
Refactor incoming packet (rxQueue/fragmentQueue) to eliminate variable length queues and merge queues. This is both faster and saves memory.
2016-03-18 14:16:07 -07:00
Adam Ierymenko
0c951b6e56
More tweaks to new symmetric NAT buster, and stop using old iterative method since this supersedes it.
2016-02-10 18:41:39 -08:00
Adam Ierymenko
eadafd8de7
Little fix to NAT-t alg
2016-02-10 17:51:42 -08:00
Adam Ierymenko
4e4fd51117
boring doc stuff
2016-01-12 14:04:55 -08:00
Adam Ierymenko
83ef98a9dc
Add a network-associated user ptr in API.
2016-01-12 11:04:35 -08:00
Adam Ierymenko
704205c5f7
Dead code removal.
2016-01-12 09:33:14 -08:00
Adam Ierymenko
bbcc3304a0
Check shouldUsePathForZeroTierTraffic in legacy beacon responder.
2016-01-11 15:57:58 -08:00
Adam Ierymenko
1023ef23b7
Remove somewhat ugly and costly anti-recursion hack -- we will switch to more explicit methods.
2016-01-11 09:06:10 -08:00
Adam Ierymenko
a56fbc1929
Close another potential anti-recursion loophole.
2016-01-06 15:35:27 -08:00
Adam Ierymenko
d8143a5e18
Implement first pass on rapid dead path detection, and increment version to 1.1.3 (dev)
2016-01-05 16:41:54 -08:00
Adam Ierymenko
436c1fac1d
Selectively move over changes from "edge" to "dev" excluding netcon.
2015-12-21 16:15:39 -08:00
Adam Ierymenko
ceaef19fb7
Fix for GitHub issue #260 -- fix for (non-exploitable) crash in network preferred relay code
2015-11-30 17:20:12 -08:00
Adam Ierymenko
2cc50bdb10
Try bringing back TTL escalation -- may help with Docker (IP-MASQ) type NAT
2015-11-09 15:44:13 -08:00
Adam Ierymenko
47424df417
Fix (1) a deadlock bug and (2) a bug that prevented distributed rendezvous messages from being sent.
2015-11-09 13:39:06 -08:00
Adam Ierymenko
f4d12603e0
Tweak how Switch passes off to Cluster on relay to fit new paradigm.
2015-11-09 09:19:03 -08:00
Adam Ierymenko
6bc8c9d8ef
Clustering cleanup, still a work in progress.
2015-11-06 16:12:41 -08:00
Adam Ierymenko
5f39d5b7ea
Further pare down Cluster messaging and rename some stuff.
2015-11-06 14:37:17 -08:00
Adam Ierymenko
9490b1f136
Try prioritizing cluster-send over direct send in cluster mode -- may improve cluster relaying reliability.
2015-11-06 13:38:56 -08:00
Adam Ierymenko
8ef4edebbf
Deferred decode for HELLO to prevent HELLOcalypse under high load of new peers.
2015-11-05 12:22:58 -08:00
Adam Ierymenko
c9e6e60c09
Handle ZeroTier-RFC4193 IPv6 address NDP queries inline by spoofing responses if the addressing scheme matches -- this allows multicast-free instant lookup of local IPv6 for better performance and reliability.
2015-11-03 10:46:41 -08:00
Adam Ierymenko
4e9d430476
Make root and relay selection somewhat more robust.
2015-11-02 16:03:28 -08:00