From ff1b35ec6c088f9bdca24b8b958a65e34f708ef5 Mon Sep 17 00:00:00 2001 From: Joe Tsai Date: Mon, 17 Apr 2023 14:24:29 -0700 Subject: [PATCH] net/connstats: exclude traffic with internal Tailscale service (#7904) Exclude traffic with 100.100.100.100 (for IPv4) and with fd7a:115c:a1e0::53 (for IPv6) since this traffic with the Tailscale service running locally on the node. This traffic never left the node. It also happens to be a high volume amount of traffic since DNS requests occur over UDP with each request coming from a unique port, thus resulting in many discrete traffic flows. Fixes tailscale/corp#10554 Signed-off-by: Joe Tsai --- net/connstats/stats.go | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/net/connstats/stats.go b/net/connstats/stats.go index 94d75212a..dbcd946b8 100644 --- a/net/connstats/stats.go +++ b/net/connstats/stats.go @@ -13,6 +13,7 @@ import ( "golang.org/x/sync/errgroup" "tailscale.com/net/packet" + "tailscale.com/net/tsaddr" "tailscale.com/types/netlogtype" ) @@ -92,6 +93,11 @@ func (s *Statistics) UpdateRxVirtual(b []byte) { s.updateVirtual(b, true) } +var ( + tailscaleServiceIPv4 = tsaddr.TailscaleServiceIP() + tailscaleServiceIPv6 = tsaddr.TailscaleServiceIPv6() +) + func (s *Statistics) updateVirtual(b []byte, receive bool) { var p packet.Parsed p.Decode(b) @@ -100,6 +106,15 @@ func (s *Statistics) updateVirtual(b []byte, receive bool) { conn.Src, conn.Dst = conn.Dst, conn.Src } + // Network logging is defined as traffic between two Tailscale nodes. + // Traffic with the internal Tailscale service is not with another node + // and should not be logged. It also happens to be a high volume + // amount of discrete traffic flows (e.g., DNS lookups). + switch conn.Dst.Addr() { + case tailscaleServiceIPv4, tailscaleServiceIPv6: + return + } + s.mu.Lock() defer s.mu.Unlock() cnts, found := s.virtual[conn]