When creating an edge after authenticating a peer, we copy the
address used for the TCP connection, but change the port to that used
for UDP. But the way we did it discarded the scope_id for IPv6
addresses. This prevented UDP communication from working correctly when
connecting to a peer on the same LAN using an IPv6 link-local address.
Thanks to Rafał Leśniak for pointing out this issue.
This means: setup_outgoing_connection() has to prepare fake
Address = "ip port" config based on the actuall configuration file
Prefer the addresses discovered via SLDP while making outgoing connections
This function takes an "Address" config string, splits it into
address and port, then calls str2addinfo() on it returning addrinfo.
The aim is to refactor the code an allow simple translation
of addresses listed in configuration or generated on demand
in other places in the code.
On larger networks with almost the same ping interval
nodes will ping each other at the same time, of course
it doesn't makes much traffic but the main reason why
we have PING/PONG is to check if other side is still
online. So, when we got PING from the other node then
it is alive.
Make tincd recognize when it was asleep and close connections to it's
peers. This happens when e.g. RoadWarrior has been suspended for
"longer" time period. After resume, it will start to communicate
with it's peers using the contextes it had before suspend.
On the other side, the nodes closed the connections since PingTimeout
and/or TCP connection went down.
Sending data to such unaware (sptps mostly) nodes will cause
havoc in the logs. Misleading the developers to wrong assumptions
that something is wrong with sptps.
# Conflicts:
# src/net.c
Make tincd recognize when it was asleep and close connections to it's
peers. This happens when e.g. RoadWarrior has been suspended for
"longer" time period. After resume, it will start to communicate
with it's peers using the contextes it had before suspend.
On the other side, the nodes closed the connections since PingTimeout
and/or TCP connection went down.
Sending data to such unaware (sptps mostly) nodes will cause
havoc in the logs. Misleading the developers to wrong assumptions
that something is wrong with sptps.
Before this fix seconds were treated as milliseconds.
Example:
A ping of 1.001s resulted in current_rtt = 2 (ms)
where a ping of 0.999s resulted in current_rtt = 999 (ms).
After first tests it came out, that RoadWarriors with multiple
active Interfaces hat problems with receiving on/ and sending SLPD
packets to specific interfaces.
Here the solution:
- Define SLPDInterface in your tinc.conf (multiple definitions are allowed)
On those interfaces tincd will send and receive SLPD packetes
- You have to have IPv6 support on - link-local addresses configured
- tincd must listen on IPv6 on your SLPDInterfaces
- Define SLPDGroup to something like ff02::42:1
- Define SLPDPort for your group
- Define SLPDInterval to some sane number of seconds (0 is default,
meaning SLPD is disabled, 30 seconds should be enough for average
users)
SLPDGroup and SLPDPort should be unique for your network.
Fingerprinting, message signing is yet to be implemented.
Discovered address should also expire periodically.
Full functionality of tinc mesh relays on having at least one node,
accessible, with known address to which all other nodes must connect
in order to exchange information about other peers.
Sometimes, however, in smaller networks or if two or more peers are
located in the same LAN segment without access to any of the nodes with
known address, there is no way of establishing a functional mesh
without manually changing the configuration.
SLPD addresses this problem utilizing multicast groups and autoconnect.
- Node sends periodically simple message to multicast group
(default 224.0.42.23 port 1655) in this format:
"sLPD 0 1 nodename port publickey"
"0 1" is the "major minior" version of the protocol
- Node listens to the multicast group for messages on all interfaces:
- if the nodename is known and the publickey matches the
node's public key the source address of the packet
will be stored as learned ip address
- at this point setup_outgoing_connection() will be able to
choose the learned ip for connect
Configarion example:
* Roadwarriors: SLPDInterval = 30
* Router on your home network or in your hackerspace:
- It should broadcast only in the direction of the LAN thus you should
set SLPDInterface = eth0 and SLPDInterval = 10
* Defaults:
SLPDGroup = "224.0.42.23"
SLPDPort = 1655
SLPDInterval = 0 (means SLPD is disabled)
The check of the publickey is not implemented yet. IPv6 support
must be implemented. This is the first commit - highly experimental.
sptps_send_record prevented PKT_PROBE to be send in send_sptps_packet.
This occurred mostly when data was on "the wire" for some subnet.
route() would then trigger try_tx/try_udp which would be dropped by
sptps_send_record producing annoying amount of "Handshake phase
not finished yet" log messages.
