We depend on DERP for NAT traversal now[0] so disabling it entirely can't
work.
What we'll do instead in the future is let people specify
alternate/additional DERP servers. And perhaps in the future we could
also add a pref for nodes to say when they expect to never need/want
to use DERP for data (but allow it for NAT traversal communication).
But this isn't the right pref and it doesn't work, so delete it.
Fixes#318
[0] https://tailscale.com/blog/how-nat-traversal-works/
This change is to restore /etc/resolv.conf after tailscale down is called. This is done by setting the dns.Manager before errors occur. Error collection is also added.
Fixes#723
DebugForceDisco was a development & safety knob during the the transition
to discovery. It's no longer needed.
Add MapRequest.ReadOnly to prevent clients needing to do two
peer-spamming MapRequest at start-up.
This only adds the field, not the use of the field. (The control server
needs to support it first.)
Updates tailscale/corp#557
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
There's often some useful piece of information in there not already
repeated in the internal error.
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
It's properly handled later in tsdns.NewMap anyway, but there's work
done in the meantime that can be skipped when a peer lacks a DNS name.
It's also more clear that it's okay for it to be blank.
* wgengine/router/router_linux.go: Switched `cidrDiff("addr")` and `cidrDiff("route")` order
Signed-off-by: Christina Wen <christina@tailscale.com>
Co-authored-by: Christina Wen <christina@tailscale.com>
Also remove rebinding logic from the windows router. Magicsock will
instead rebind based on link change signals.
Signed-off-by: David Anderson <danderson@tailscale.com>
I had to use
go get -u github.com/tailscale/depaware@e09ee10c18249e4bf198e66bbd47babcd502637a
to force it to the correct version; it kept selecting head~1.
Maybe because the branch is called main instead of master?
Maybe because of some delay?
Updates #654. See that issue for a discussion of why
this timeout reduces flakiness, and what next steps are.
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
For now. Get it working again so it's not stuck on 0.98.
Subnet relay can come later.
Updates #451
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This will be used in a future change to do localhost connection
authentication. This lets us quickly map a localhost TCP connection to
a PID. (A future change will then map a pid to a user)
TODO: pull portlist's netstat code into this package. Then portlist
will be fast on Windows without requiring shelling out to netstat.exe.
