mirror of
https://github.com/slackhq/nebula.git
synced 2025-12-05 18:20:48 -08:00
feat: support via gateway for v6 multihop for v4 routes (#1521)
Some checks are pending
gofmt / Run gofmt (push) Waiting to run
smoke-extra / Run extra smoke tests (push) Waiting to run
smoke / Run multi node smoke test (push) Waiting to run
Build and test / Build all and test on ubuntu-linux (push) Waiting to run
Build and test / Build and test on linux with boringcrypto (push) Waiting to run
Build and test / Build and test on linux with pkcs11 (push) Waiting to run
Build and test / Build and test on macos-latest (push) Waiting to run
Build and test / Build and test on windows-latest (push) Waiting to run
Some checks are pending
gofmt / Run gofmt (push) Waiting to run
smoke-extra / Run extra smoke tests (push) Waiting to run
smoke / Run multi node smoke test (push) Waiting to run
Build and test / Build all and test on ubuntu-linux (push) Waiting to run
Build and test / Build and test on linux with boringcrypto (push) Waiting to run
Build and test / Build and test on linux with pkcs11 (push) Waiting to run
Build and test / Build and test on macos-latest (push) Waiting to run
Build and test / Build and test on windows-latest (push) Waiting to run
Co-authored-by: Nate Brown <nbrown.us@gmail.com>
This commit is contained in:
Bryan Lee
GitHub
parent
a5ee928990
commit
12cf348c80
1 changed files with 38 additions and 27 deletions
|
|
@ -586,48 +586,42 @@ func (t *tun) isGatewayInVpnNetworks(gwAddr netip.Addr) bool {
|
|||
}
|
||||
|
||||
func (t *tun) getGatewaysFromRoute(r *netlink.Route) routing.Gateways {
|
||||
|
||||
var gateways routing.Gateways
|
||||
|
||||
link, err := netlink.LinkByName(t.Device)
|
||||
if err != nil {
|
||||
t.l.WithField("Devicename", t.Device).Error("Ignoring route update: failed to get link by name")
|
||||
t.l.WithField("deviceName", t.Device).Error("Ignoring route update: failed to get link by name")
|
||||
return gateways
|
||||
}
|
||||
|
||||
// If this route is relevant to our interface and there is a gateway then add it
|
||||
if r.LinkIndex == link.Attrs().Index && len(r.Gw) > 0 {
|
||||
gwAddr, ok := netip.AddrFromSlice(r.Gw)
|
||||
if !ok {
|
||||
t.l.WithField("route", r).Debug("Ignoring route update, invalid gateway address")
|
||||
} else {
|
||||
gwAddr = gwAddr.Unmap()
|
||||
|
||||
if !t.isGatewayInVpnNetworks(gwAddr) {
|
||||
// Gateway isn't in our overlay network, ignore
|
||||
t.l.WithField("route", r).Debug("Ignoring route update, not in our network")
|
||||
} else {
|
||||
if r.LinkIndex == link.Attrs().Index {
|
||||
gwAddr, ok := getGatewayAddr(r.Gw, r.Via)
|
||||
if ok {
|
||||
if t.isGatewayInVpnNetworks(gwAddr) {
|
||||
gateways = append(gateways, routing.NewGateway(gwAddr, 1))
|
||||
} else {
|
||||
// Gateway isn't in our overlay network, ignore
|
||||
t.l.WithField("route", r).Debug("Ignoring route update, gateway is not in our network")
|
||||
}
|
||||
} else {
|
||||
t.l.WithField("route", r).Debug("Ignoring route update, invalid gateway or via address")
|
||||
}
|
||||
}
|
||||
|
||||
for _, p := range r.MultiPath {
|
||||
// If this route is relevant to our interface and there is a gateway then add it
|
||||
if p.LinkIndex == link.Attrs().Index && len(p.Gw) > 0 {
|
||||
gwAddr, ok := netip.AddrFromSlice(p.Gw)
|
||||
if !ok {
|
||||
t.l.WithField("route", r).Debug("Ignoring multipath route update, invalid gateway address")
|
||||
} else {
|
||||
gwAddr = gwAddr.Unmap()
|
||||
|
||||
if !t.isGatewayInVpnNetworks(gwAddr) {
|
||||
// Gateway isn't in our overlay network, ignore
|
||||
t.l.WithField("route", r).Debug("Ignoring route update, not in our network")
|
||||
} else {
|
||||
// p.Hops+1 = weight of the route
|
||||
if p.LinkIndex == link.Attrs().Index {
|
||||
gwAddr, ok := getGatewayAddr(p.Gw, p.Via)
|
||||
if ok {
|
||||
if t.isGatewayInVpnNetworks(gwAddr) {
|
||||
gateways = append(gateways, routing.NewGateway(gwAddr, p.Hops+1))
|
||||
} else {
|
||||
// Gateway isn't in our overlay network, ignore
|
||||
t.l.WithField("route", r).Debug("Ignoring route update, gateway is not in our network")
|
||||
}
|
||||
} else {
|
||||
t.l.WithField("route", r).Debug("Ignoring route update, invalid gateway or via address")
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -636,10 +630,27 @@ func (t *tun) getGatewaysFromRoute(r *netlink.Route) routing.Gateways {
|
|||
return gateways
|
||||
}
|
||||
|
||||
func getGatewayAddr(gw net.IP, via netlink.Destination) (netip.Addr, bool) {
|
||||
// Try to use the old RTA_GATEWAY first
|
||||
gwAddr, ok := netip.AddrFromSlice(gw)
|
||||
if !ok {
|
||||
// Fallback to the new RTA_VIA
|
||||
rVia, ok := via.(*netlink.Via)
|
||||
if ok {
|
||||
gwAddr, ok = netip.AddrFromSlice(rVia.Addr)
|
||||
}
|
||||
}
|
||||
|
||||
if gwAddr.IsValid() {
|
||||
gwAddr = gwAddr.Unmap()
|
||||
return gwAddr, true
|
||||
}
|
||||
|
||||
return netip.Addr{}, false
|
||||
}
|
||||
|
||||
func (t *tun) updateRoutes(r netlink.RouteUpdate) {
|
||||
|
||||
gateways := t.getGatewaysFromRoute(&r.Route)
|
||||
|
||||
if len(gateways) == 0 {
|
||||
// No gateways relevant to our network, no routing changes required.
|
||||
t.l.WithField("route", r).Debug("Ignoring route update, no gateways")
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue