From ca5cb41b434eb07be4f181c593ffdeed3f479fe5 Mon Sep 17 00:00:00 2001
From: Adrian Dewhurst <adrian@tailscale.com>
Date: Tue, 16 Apr 2024 10:51:40 -0400
Subject: [PATCH] tailcfg: document use of CapMap for peers

Updates tailscale/corp#17516
Updates #11508

Change-Id: Iad2dafb38ffb9948bc2f3dfaf9c268f7d772cf56
Signed-off-by: Adrian Dewhurst <adrian@tailscale.com>
---
 tailcfg/tailcfg.go | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/tailcfg/tailcfg.go b/tailcfg/tailcfg.go
index 0c521ce05..f30f50f18 100644
--- a/tailcfg/tailcfg.go
+++ b/tailcfg/tailcfg.go
@@ -340,6 +340,16 @@ type Node struct {
 	// CapMap with an empty value.
 	//
 	// See NodeCapability for more information on keys.
+	//
+	// Metadata about nodes can be transmitted in 3 ways:
+	// 1. MapResponse.Node.CapMap describes attributes that affect behavior for
+	//    this node, such as which features have been enabled through the admin
+	//    panel and any associated configuration details.
+	// 2. MapResponse.PacketFilter(s) describes access (both IP and application
+	//    based) that should be granted to peers.
+	// 3. MapResponse.Peers[].CapMap describes attributes regarding a peer node,
+	//    such as which features the peer supports or if that peer is preferred
+	//    for a particular task vs other peers that could also be chosen.
 	CapMap NodeCapMap `json:",omitempty"`
 
 	// UnsignedPeerAPIOnly means that this node is not signed nor subject to TKA