wgengine/monitor: ignore adding/removing uninteresting IPs

One of the most common "unexpected" log lines is:

"network state changed, but stringification didn't"

One way that this can occur is if an interesting interface
(non-Tailscale, has interesting IP address)
gains or loses an uninteresting IP address (link local or loopback).

The fact that the interface is interesting is enough for EqualFiltered
to inspect it. The fact that an IP address changed is enough for
EqualFiltered to declare that the interfaces are not equal.

But the State.String method reasonably declines to print any
uninteresting IP addresses. As a result, the network state appears
to have changed, but the stringification did not.

The String method is correct; nothing interesting happened.

This change fixes this by adding an IP address filter to EqualFiltered
in addition to the interface filter. This lets the network monitor
ignore the addition/removal of uninteresting IP addresses.

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
pull/3390/head
Josh Bleecher Snyder 3 years ago committed by Josh Bleecher Snyder
parent 60510a6ae7
commit ad5e04249b

@ -345,9 +345,18 @@ func (s *State) String() string {
return sb.String() return sb.String()
} }
// An InterfaceFilter indicates whether EqualFiltered should use i when deciding whether two States are equal.
// ips are all the IPPrefixes associated with i.
type InterfaceFilter func(i Interface, ips []netaddr.IPPrefix) bool
// An IPFilter indicates whether EqualFiltered should use ip when deciding whether two States are equal.
// ip is an ip address associated with some interface under consideration.
type IPFilter func(ip netaddr.IP) bool
// EqualFiltered reports whether s and s2 are equal, // EqualFiltered reports whether s and s2 are equal,
// considering only interfaces in s for which filter returns true. // considering only interfaces in s for which filter returns true,
func (s *State) EqualFiltered(s2 *State, filter func(i Interface, ips []netaddr.IPPrefix) bool) bool { // and considering only IPs for those interfaces for which filterIP returns true.
func (s *State) EqualFiltered(s2 *State, useInterface InterfaceFilter, useIP IPFilter) bool {
if s == nil && s2 == nil { if s == nil && s2 == nil {
return true return true
} }
@ -364,7 +373,7 @@ func (s *State) EqualFiltered(s2 *State, filter func(i Interface, ips []netaddr.
} }
for iname, i := range s.Interface { for iname, i := range s.Interface {
ips := s.InterfaceIPs[iname] ips := s.InterfaceIPs[iname]
if !filter(i, ips) { if !useInterface(i, ips) {
continue continue
} }
i2, ok := s2.Interface[iname] i2, ok := s2.Interface[iname]
@ -375,7 +384,7 @@ func (s *State) EqualFiltered(s2 *State, filter func(i Interface, ips []netaddr.
if !ok { if !ok {
return false return false
} }
if !interfacesEqual(i, i2) || !prefixesEqual(ips, ips2) { if !interfacesEqual(i, i2) || !prefixesEqualFiltered(ips, ips2, useIP) {
return false return false
} }
} }
@ -390,6 +399,21 @@ func interfacesEqual(a, b Interface) bool {
bytes.Equal([]byte(a.HardwareAddr), []byte(b.HardwareAddr)) bytes.Equal([]byte(a.HardwareAddr), []byte(b.HardwareAddr))
} }
func filteredIPPs(ipps []netaddr.IPPrefix, useIP IPFilter) []netaddr.IPPrefix {
// TODO: rewrite prefixesEqualFiltered to avoid making copies
x := make([]netaddr.IPPrefix, 0, len(ipps))
for _, ipp := range ipps {
if useIP(ipp.IP()) {
x = append(x, ipp)
}
}
return x
}
func prefixesEqualFiltered(a, b []netaddr.IPPrefix, useIP IPFilter) bool {
return prefixesEqual(filteredIPPs(a, useIP), filteredIPPs(b, useIP))
}
func prefixesEqual(a, b []netaddr.IPPrefix) bool { func prefixesEqual(a, b []netaddr.IPPrefix) bool {
if len(a) != len(b) { if len(a) != len(b) {
return false return false
@ -402,13 +426,24 @@ func prefixesEqual(a, b []netaddr.IPPrefix) bool {
return true return true
} }
// FilterInteresting reports whether i is an interesting non-Tailscale interface. // UseInterestingInterfaces is an InterfaceFilter that reports whether i is an interesting interface.
func FilterInteresting(i Interface, ips []netaddr.IPPrefix) bool { // An interesting interface if it is (a) not owned by Tailscale and (b) routes interesting IP addresses.
// See UseInterestingIPs for the defition of an interesting IP address.
func UseInterestingInterfaces(i Interface, ips []netaddr.IPPrefix) bool {
return !isTailscaleInterface(i.Name, ips) && anyInterestingIP(ips) return !isTailscaleInterface(i.Name, ips) && anyInterestingIP(ips)
} }
// FilterAll always returns true, to use EqualFiltered against all interfaces. // UseInterestingIPs is an IPFilter that reports whether ip is an interesting IP address.
func FilterAll(i Interface, ips []netaddr.IPPrefix) bool { return true } // An IP address is interesting if it is neither a lopback not a link local unicast IP address.
func UseInterestingIPs(ip netaddr.IP) bool {
return isInterestingIP(ip)
}
// UseAllInterfaces is an InterfaceFilter that includes all interfaces.
func UseAllInterfaces(i Interface, ips []netaddr.IPPrefix) bool { return true }
// UseAllIPs is an IPFilter that includes all all IPs.
func UseAllIPs(ips netaddr.IP) bool { return true }
func (s *State) HasPAC() bool { return s != nil && s.PAC != "" } func (s *State) HasPAC() bool { return s != nil && s.PAC != "" }
@ -594,10 +629,7 @@ func anyInterestingIP(pfxs []netaddr.IPPrefix) bool {
// should log in interfaces.State logging. We don't need to show // should log in interfaces.State logging. We don't need to show
// localhost or link-local addresses. // localhost or link-local addresses.
func isInterestingIP(ip netaddr.IP) bool { func isInterestingIP(ip netaddr.IP) bool {
if ip.IsLoopback() || ip.IsLinkLocalUnicast() { return !ip.IsLoopback() && !ip.IsLinkLocalUnicast()
return false
}
return true
} }
var altNetInterfaces func() ([]Interface, error) var altNetInterfaces func() ([]Interface, error)

@ -6,6 +6,7 @@ package interfaces
import ( import (
"encoding/json" "encoding/json"
"net"
"testing" "testing"
"inet.af/netaddr" "inet.af/netaddr"
@ -28,7 +29,7 @@ func TestGetState(t *testing.T) {
t.Fatal(err) t.Fatal(err)
} }
if !st.EqualFiltered(st2, FilterAll) { if !st.EqualFiltered(st2, UseAllInterfaces, UseAllIPs) {
// let's assume nobody was changing the system network interfaces between // let's assume nobody was changing the system network interfaces between
// the two GetState calls. // the two GetState calls.
t.Fatal("two States back-to-back were not equal") t.Fatal("two States back-to-back were not equal")
@ -68,3 +69,38 @@ func TestIsUsableV6(t *testing.T) {
} }
} }
} }
func TestStateEqualFilteredIPFilter(t *testing.T) {
// s1 and s2 are identical, except that an "interesting" interface
// has gained an "uninteresting" IP address.
s1 := &State{
InterfaceIPs: map[string][]netaddr.IPPrefix{"x": {
netaddr.MustParseIPPrefix("42.0.0.0/8"),
netaddr.MustParseIPPrefix("169.254.0.0/16"), // link local unicast
}},
Interface: map[string]Interface{"x": {Interface: &net.Interface{Name: "x"}}},
}
s2 := &State{
InterfaceIPs: map[string][]netaddr.IPPrefix{"x": {
netaddr.MustParseIPPrefix("42.0.0.0/8"),
netaddr.MustParseIPPrefix("169.254.0.0/16"), // link local unicast
netaddr.MustParseIPPrefix("127.0.0.0/8"), // loopback (added)
}},
Interface: map[string]Interface{"x": {Interface: &net.Interface{Name: "x"}}},
}
// s1 and s2 are different...
if s1.EqualFiltered(s2, UseAllInterfaces, UseAllIPs) {
t.Errorf("%+v != %+v", s1, s2)
}
// ...and they look different if you only restrict to interesting interfaces...
if s1.EqualFiltered(s2, UseInterestingInterfaces, UseAllIPs) {
t.Errorf("%+v != %+v when restricting to interesting interfaces _but not_ IPs", s1, s2)
}
// ...but because the additional IP address is uninteresting, we should treat them as the same.
if !s1.EqualFiltered(s2, UseInterestingInterfaces, UseInterestingIPs) {
t.Errorf("%+v == %+v when restricting to interesting interfaces and IPs", s1, s2)
}
}

@ -310,7 +310,7 @@ func (m *Mon) debounce() {
} }
oldState := m.ifState oldState := m.ifState
ifChanged := !curState.EqualFiltered(oldState, interfaces.FilterInteresting) ifChanged := !curState.EqualFiltered(oldState, interfaces.UseInterestingInterfaces, interfaces.UseInterestingIPs)
if ifChanged { if ifChanged {
m.gwValid = false m.gwValid = false
m.ifState = curState m.ifState = curState

@ -77,7 +77,7 @@ func (pm *pollingMon) Receive() (message, error) {
defer ticker.Stop() defer ticker.Stop()
base := pm.m.InterfaceState() base := pm.m.InterfaceState()
for { for {
if cur, err := pm.m.interfaceStateUncached(); err == nil && !cur.EqualFiltered(base, interfaces.FilterInteresting) { if cur, err := pm.m.interfaceStateUncached(); err == nil && !cur.EqualFiltered(base, interfaces.UseInterestingInterfaces, interfaces.UseInterestingIPs) {
return unspecifiedMessage{}, nil return unspecifiedMessage{}, nil
} }
select { select {

Loading…
Cancel
Save