wgengine/magicsock: when hard NAT, add stun-ipv4:static-port as candidate

If a node is behind a hard NAT and is using an explicit local port
number, assume they might've mapped a port and add their public IPv4
address with the local tailscaled's port number as a candidate endpoint.
pull/632/head
Brad Fitzpatrick 4 years ago
parent bfcb0aa0be
commit 4987a7d46c

@ -666,6 +666,17 @@ func (c *Conn) determineEndpoints(ctx context.Context) (ipPorts []string, reason
if nr.GlobalV4 != "" { if nr.GlobalV4 != "" {
addAddr(nr.GlobalV4, "stun") addAddr(nr.GlobalV4, "stun")
// If they're behind a hard NAT and are using a fixed
// port locally, assume they might've added a static
// port mapping on their router to the same explicit
// port that tailscaled is running with. Worst case
// it's an invalid candidate mapping.
if nr.MappingVariesByDestIP.EqualBool(true) && c.pconnPort != 0 {
if ip, _, err := net.SplitHostPort(nr.GlobalV4); err == nil {
addAddr(net.JoinHostPort(ip, strconv.Itoa(int(c.pconnPort))), "port_in")
}
}
} }
if nr.GlobalV6 != "" { if nr.GlobalV6 != "" {
addAddr(nr.GlobalV6, "stun") addAddr(nr.GlobalV6, "stun")

Loading…
Cancel
Save