From a47ce618bda7829be5ee829fb762026bda8acf88 Mon Sep 17 00:00:00 2001 From: Jordan Whited Date: Tue, 30 Apr 2024 09:14:02 -0700 Subject: [PATCH] net/tstun: implement env var for disabling UDP GRO on Linux (#11924) Certain device drivers (e.g. vxlan, geneve) do not properly handle coalesced UDP packets later in the stack, resulting in packet loss. Updates #11026 Signed-off-by: Jordan Whited --- go.mod | 2 +- go.sum | 4 ++-- net/tstun/tun.go | 3 +++ net/tstun/tun_features_linux.go | 19 +++++++++++++++++++ net/tstun/tun_features_notlinux.go | 14 ++++++++++++++ 5 files changed, 39 insertions(+), 3 deletions(-) create mode 100644 net/tstun/tun_features_linux.go create mode 100644 net/tstun/tun_features_notlinux.go diff --git a/go.mod b/go.mod index c35d1057d..67b2dd8fd 100644 --- a/go.mod +++ b/go.mod @@ -76,7 +76,7 @@ require ( github.com/tailscale/peercred v0.0.0-20240214030740-b535050b2aa4 github.com/tailscale/web-client-prebuilt v0.0.0-20240226180453-5db17b287bf1 github.com/tailscale/wf v0.0.0-20240214030419-6fbb0a674ee6 - github.com/tailscale/wireguard-go v0.0.0-20240413175505-64040e66467d + github.com/tailscale/wireguard-go v0.0.0-20240429185444-03c5a0ccf754 github.com/tailscale/xnet v0.0.0-20240117122442-62b9a7c569f9 github.com/tc-hib/winres v0.2.1 github.com/tcnksm/go-httpstat v0.2.0 diff --git a/go.sum b/go.sum index 3c8428556..c6502c08d 100644 --- a/go.sum +++ b/go.sum @@ -886,8 +886,8 @@ github.com/tailscale/web-client-prebuilt v0.0.0-20240226180453-5db17b287bf1 h1:t github.com/tailscale/web-client-prebuilt v0.0.0-20240226180453-5db17b287bf1/go.mod h1:agQPE6y6ldqCOui2gkIh7ZMztTkIQKH049tv8siLuNQ= github.com/tailscale/wf v0.0.0-20240214030419-6fbb0a674ee6 h1:l10Gi6w9jxvinoiq15g8OToDdASBni4CyJOdHY1Hr8M= github.com/tailscale/wf v0.0.0-20240214030419-6fbb0a674ee6/go.mod h1:ZXRML051h7o4OcI0d3AaILDIad/Xw0IkXaHM17dic1Y= -github.com/tailscale/wireguard-go v0.0.0-20240413175505-64040e66467d h1:IREg0cn4nDyMjnqTgPacjgl66qDYmoOnt1k/vb96ius= -github.com/tailscale/wireguard-go v0.0.0-20240413175505-64040e66467d/go.mod h1:BOm5fXUBFM+m9woLNBoxI9TaBXXhGNP50LX/TGIvGb4= +github.com/tailscale/wireguard-go v0.0.0-20240429185444-03c5a0ccf754 h1:iazWjqVHE6CbNam7WXRhi33Qad5o7a8LVYgVoILpZdI= +github.com/tailscale/wireguard-go v0.0.0-20240429185444-03c5a0ccf754/go.mod h1:BOm5fXUBFM+m9woLNBoxI9TaBXXhGNP50LX/TGIvGb4= github.com/tailscale/xnet v0.0.0-20240117122442-62b9a7c569f9 h1:81P7rjnikHKTJ75EkjppvbwUfKHDHYk6LJpO5PZy8pA= github.com/tailscale/xnet v0.0.0-20240117122442-62b9a7c569f9/go.mod h1:orPd6JZXXRyuDusYilywte7k094d7dycXXU5YnWsrwg= github.com/tc-hib/winres v0.2.1 h1:YDE0FiP0VmtRaDn7+aaChp1KiF4owBiJa5l964l5ujA= diff --git a/net/tstun/tun.go b/net/tstun/tun.go index 66e209d1a..f2c034fc3 100644 --- a/net/tstun/tun.go +++ b/net/tstun/tun.go @@ -53,6 +53,9 @@ func New(logf logger.Logf, tunName string) (tun.Device, string, error) { dev.Close() return nil, "", err } + if err := setLinkFeatures(dev); err != nil { + logf("setting link features: %v", err) + } if err := setLinkAttrs(dev); err != nil { logf("setting link attributes: %v", err) } diff --git a/net/tstun/tun_features_linux.go b/net/tstun/tun_features_linux.go new file mode 100644 index 000000000..424088115 --- /dev/null +++ b/net/tstun/tun_features_linux.go @@ -0,0 +1,19 @@ +// Copyright (c) Tailscale Inc & AUTHORS +// SPDX-License-Identifier: BSD-3-Clause + +package tstun + +import ( + "github.com/tailscale/wireguard-go/tun" + "tailscale.com/envknob" +) + +func setLinkFeatures(dev tun.Device) error { + if envknob.Bool("TS_TUN_DISABLE_UDP_GRO") { + linuxDev, ok := dev.(tun.LinuxDevice) + if ok { + linuxDev.DisableUDPGRO() + } + } + return nil +} diff --git a/net/tstun/tun_features_notlinux.go b/net/tstun/tun_features_notlinux.go new file mode 100644 index 000000000..85285fd05 --- /dev/null +++ b/net/tstun/tun_features_notlinux.go @@ -0,0 +1,14 @@ +// Copyright (c) Tailscale Inc & AUTHORS +// SPDX-License-Identifier: BSD-3-Clause + +//go:build !linux + +package tstun + +import ( + "github.com/tailscale/wireguard-go/tun" +) + +func setLinkFeatures(dev tun.Device) error { + return nil +}