tailscale

Commit Graph

Author	SHA1	Message	Date
Brad Fitzpatrick	475ab1fb67	cmd/vnet: omit log spam when backend status hasn't changed Updates #13038 Change-Id: I9cc67cf18ba44ff66ba03cda486d5e111e395ce7	4 weeks ago
Nick Khyl	03acab2639	cmd/cloner, cmd/viewer, util/codegen: add support for aliases of cloneable types We have several checked type assertions to types.Named in both cmd/cloner and cmd/viewer. As Go 1.23 updates the go/types package to produce Alias type nodes for type aliases, these type assertions no longer work as expected unless the new behavior is disabled with gotypesalias=0. In this PR, we add codegen.NamedTypeOf(t types.Type), which functions like t.(types.Named) but also unrolls type aliases. We then use it in place of type assertions in the cmd/cloner and cmd/viewer packages where appropriate. We also update type switches to include types.Alias alongside types.Named in relevant cases, remove *types.Struct cases when switching on types.Type.Underlying and update the tests with more cases where type aliases can be used. Updates #13224 Updates #12912 Signed-off-by: Nick Khyl <nickk@tailscale.com>	4 weeks ago
Nick Khyl	a9dc6e07ad	util/codegen, cmd/cloner, cmd/viewer: update codegen.LookupMethod to support alias type nodes Go 1.23 updates the go/types package to produce Alias type nodes for type aliases, unless disabled with gotypesalias=0. This new default behavior breaks codegen.LookupMethod, which uses checked type assertions to types.Named and types.Interface, as only named types and interfaces have methods. In this PR, we update codegen.LookupMethod to perform method lookup on the right-hand side of the alias declaration and clearly switch on the supported type nodes types. We also improve support for various edge cases, such as when an alias is used as a type parameter constraint, and add tests for the LookupMethod function. Additionally, we update cmd/viewer/tests to include types with aliases used in type fields and generic type constraints. Updates #13224 Updates #12912 Signed-off-by: Nick Khyl <nickk@tailscale.com>	4 weeks ago
Brad Fitzpatrick	3b70968c25	cmd/vnet: add --blend and --pcap flags Updates #13038 Change-Id: Id16ea9eb94447a3d9651215f04b2525daf10b3eb Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 weeks ago
Brad Fitzpatrick	3904e4d175	cmd/tta, tstest/natlab/vnet: remove unneeded port 124 log hack, add log buffer The natlab Test Agent (tta) still had its old log streaming hack in place where it dialed out to anything on TCP port 124 and those logs were streamed to the host running the tests. But we'd since added gokrazy syslog streaming support, which made that redundant. So remove all the port 124 stuff. And then make sure we log to stderr so gokrazy logs it to syslog. Also, keep the first 1MB of logs in memory in tta too, exported via localhost:8034/logs for interactive debugging. That was very useful during debugging when I added IPv6 support. (which is coming in future PRs) Updates #13038 Change-Id: Ieed904a704410b9031d5fd5f014a73412348fa7f Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 weeks ago
Brad Fitzpatrick	b091264c0a	cmd/systray: set ipn.NotifyNoPrivateKeys, permit non-operator use Otherwise you get "Access denied: watch IPN bus access denied, must set ipn.NotifyNoPrivateKeys when not running as admin/root or operator". This lets a non-operator at least start the app and see the status, even if they can't change everything. (the web UI is unaffected by operator) A future change can add a LocalAPI call to check permissions and guide people through adding a user as an operator (perhaps the web client can do that?) Updates #1708 Change-Id: I699e035a251b4ebe14385102d5e7a2993424c4b7 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 weeks ago
Will Norris	3c66ee3f57	cmd/systray: add a basic linux systray app This adds a systray app for linux, similar to the apps for macOS and windows. There are already a number of community-developed systray apps, but most of them are either long abandoned, are built for a specific desktop environment, or simply wrap the tailscale CLI. This uses fyne.io/systray (a fork of github.com/getlantern/systray) which uses newer D-Bus specifications to render the tray icon and menu. This results in a pretty broad support for modern desktop environments. This initial commit lacks a number of features like profile switching, device listing, and exit node selection. This is really focused on the application structure, the interaction with LocalAPI, and some system integration pieces like the app icon, notifications, and the clipboard. Updates #1708 Signed-off-by: Will Norris <will@tailscale.com>	4 weeks ago
Percy Wegmann	d00d6d6dc2	go.mod: update to github.com/tailscale/netlink library that doesn't require vishvananda/netlink After the upstream PR is merged, we can point directly at github.com/vishvananda/netlink and retire github.com/tailscale/netlink. See https://github.com/vishvananda/netlink/pull/1006 Updates #12298 Signed-off-by: Percy Wegmann <percy@tailscale.com>	4 weeks ago
Ilarion Kovalchuk	0cb7eb9b75	net/dns: updated gonotify dependency to v2 that supports closable context Signed-off-by: Ilarion Kovalchuk <illarion.kovalchuk@gmail.com>	4 weeks ago
Brad Fitzpatrick	696711cc17	all: switch to and require Go 1.23 Updates #12912 Change-Id: Ib4ae26eb5fb68ad2216cab4913811b94f7eed5b6 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 weeks ago
Brad Fitzpatrick	0ff474ff37	all: fix new lint warnings from bumping staticcheck In prep for updating to new staticcheck required for Go 1.23. Updates #12912 Change-Id: If77892a023b79c6fa798f936fc80428fd4ce0673 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	4 weeks ago
Brad Fitzpatrick	690d3bfafe	cmd/tailscale/cli: add debug command to do DNS lookups portably To avoid dig vs nslookup vs $X availability issues between OSes/distros. And to be in Go, to match the resolver we use. Updates #13038 Change-Id: Ib7e5c351ed36b5470a42cbc230b8f27eed9a1bf8 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 month ago
Anton Tolchanov	151b77f9d6	cmd/tl-longchain: tool to re-sign nodes with long rotation signatures In Tailnet Lock, there is an implicit limit on the number of rotation signatures that can be chained before the signature becomes too long. This program helps tailnet admins to identify nodes that have signatures with long chains and prints commands to re-sign those node keys with a fresh direct signature. It's a temporary mitigation measure, and we will remove this tool as we design and implement a long-term approach for rotation signatures. Example output: ``` 2024/08/20 18:25:03 Self: does not need re-signing 2024/08/20 18:25:03 Visible peers with valid signatures: 2024/08/20 18:25:03 Peer xxx2.yy.ts.net. (100.77.192.34) nodeid=nyDmhiZiGA11KTM59, current signature kind=direct: does not need re-signing 2024/08/20 18:25:03 Peer xxx3.yy.ts.net. (100.84.248.22) nodeid=ndQ64mDnaB11KTM59, current signature kind=direct: does not need re-signing 2024/08/20 18:25:03 Peer xxx4.yy.ts.net. (100.85.253.53) nodeid=nmZfVygzkB21KTM59, current signature kind=rotation: chain length 4, printing command to re-sign tailscale lock sign nodekey:530bddbfbe69e91fe15758a1d6ead5337aa6307e55ac92dafad3794f8b3fc661 tlpub:4bf07597336703395f2149dce88e7c50dd8694ab5bbde3d7c2a1c7b3e231a3c2 ``` To support this, the NetworkLockStatus localapi response now includes information about signatures of all peers rather than just the invalid ones. This is not displayed by default in `tailscale lock status`, but will be surfaced in `tailscale lock status --json`. Updates #13185 Signed-off-by: Anton Tolchanov <anton@tailscale.com>	1 month ago
Jordan Whited	df6014f1d7	net/tstun,wgengine{/netstack/gro}: refactor and re-enable gVisor GRO for Linux (#13172 ) In `2f27319baf` we disabled GRO due to a data race around concurrent calls to tstun.Wrapper.Write(). This commit refactors GRO to be thread-safe, and re-enables it on Linux. This refactor now carries a GRO type across tstun and netstack APIs with a lifetime that is scoped to a single tstun.Wrapper.Write() call. In `25f0a3fc8f` we used build tags to prevent importation of gVisor's GRO package on iOS as at the time we believed it was contributing to additional memory usage on that platform. It wasn't, so this commit simplifies and removes those build tags. Updates tailscale/corp#22353 Updates tailscale/corp#22125 Updates #6816 Signed-off-by: Jordan Whited <jordan@tailscale.com>	1 month ago
ChandonPierre	93dc2ded6e	cmd/k8s-operator: support default proxy class in k8s-operator (#12711 ) Signed-off-by: ChandonPierre <cpierre@coreweave.com> Closes #12421	1 month ago
pierig-n3xtio	2105773874	cmd/k8s-operator/deploy: replace wildcards in Kubernetes Operator RBAC role definitions with verbs cmd/k8s-operator/deploy: replace wildcards in Kubernetes Operator RBAC role definitions with verbs fixes: #13168 Signed-off-by: Pierig Le Saux <pierig@n3xt.io>	1 month ago
tomholford	16bb541adb	wgengine/magicsock: replace deprecated poly1305 (#13184 ) Signed-off-by: tomholford <tomholford@users.noreply.github.com>	1 month ago
Kyle Carberry	6c852fa817	go.{mod,sum}: migrate from nhooyr.io/websocket to github.com/coder/websocket Coder has just adopted nhooyr/websocket which unfortunately changes the import path. `github.com/coder/coder` imports `tailscale.com/net/wsconn` which was still pointing to `nhooyr.io/websocket`, but this change updates it. See https://coder.com/blog/websocket Updates #13154 Change-Id: I3dec6512472b14eae337ae22c5bcc1e3758888d5 Signed-off-by: Kyle Carberry <kyle@carberry.com>	1 month ago
Nick Khyl	f8f9f05ffe	cmd/viewer: add support for map-like container types This PR modifies viewTypeForContainerType to use the last type parameter of a container type as the value type, enabling the implementation of map-like container types where the second-to-last (usually first) type parameter serves as the key type. It also adds a MapContainer type to test the code generation. Updates #12736 Signed-off-by: Nick Khyl <nickk@tailscale.com>	1 month ago
Irbe Krumina	a15ff1bade	cmd/k8s-operator,k8s-operator/sessionrecording: support recording kubectl exec sessions over WebSockets (#12947 ) cmd/k8s-operator,k8s-operator/sessionrecording: support recording WebSocket sessions Kubernetes currently supports two streaming protocols, SPDY and WebSockets. WebSockets are replacing SPDY, see https://github.com/kubernetes/enhancements/issues/4006. We were currently only supporting SPDY, erroring out if session was not SPDY and relying on the kube's built-in SPDY fallback. This PR: - adds support for parsing contents of 'kubectl exec' sessions streamed over WebSockets - adds logic to distinguish 'kubectl exec' requests for a SPDY/WebSockets sessions and call the relevant handler Updates tailscale/corp#19821 Signed-off-by: Irbe Krumina <irbe@tailscale.com> Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>	1 month ago
Brad Fitzpatrick	4c2e978f1e	cmd/tailscale/cli: support passing network lock keys via files Fixes tailscale/corp#22356 Change-Id: I959efae716a22bcf582c20d261fb1b57bacf6dd9 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 month ago
Irbe Krumina	b9f42814b5	cmd/containerboot: optionally serve health check endpoint (#12899 ) Add functionality to optionally serve a health check endpoint (off by default). Users can enable health check endpoint by setting TS_HEALTHCHECK_ADDR_PORT to [<addr>]:<port>. Containerboot will then serve an unauthenticatd HTTP health check at /healthz at that address. The health check returns 200 OK if the node has at least one tailnet IP address, else returns 503. Updates tailscale/tailscale#12898 Signed-off-by: Irbe Krumina <irbe@tailscale.com>	1 month ago
Brad Fitzpatrick	02581b1603	gokrazy,tstest/integration/nat: add Gokrazy appliance just for natlab ... rather than abusing the generic tsapp. Per discussion in https://github.com/gokrazy/gokrazy/pull/275 It also means we can remove stuff we don't need, like ntp or randomd. Updates #13038 Change-Id: Iccf579c354bd3b5025d05fa1128e32f1d5bde4e4 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 month ago
Brad Fitzpatrick	f79e688e0d	cmd/tailscale/cli: fix gokrazy CLI-as-a-service detection The change in `b7e48058c8` was too loose; it also captured the CLI being run as a child process under cmd/tta. Updates #13038 Updates #1866 Change-Id: Id410b87132938dd38ed4dd3959473c5d0d242ff5 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 month ago
Irbe Krumina	adbab25bac	cmd/k8s-operator: fix DNS reconciler for dual-stack clusters (#13057 ) * cmd/k8s-operator: fix DNS reconciler for dual-stack clusters This fixes a bug where DNS reconciler logic was always assuming that no more than one EndpointSlice exists for a Service. In fact, there can be multiple, for example, in dual-stack clusters, but also in other cases this is valid (as per kube docs). This PR: - allows for multiple EndpointSlices - picks out the ones for IPv4 family - deduplicates addresses Updates tailscale/tailscale#13056 Signed-off-by: Irbe Krumina <irbe@tailscale.com> Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>	1 month ago
Brad Fitzpatrick	b7e48058c8	cmd/tailscale/cli: don't run CLI as a service on gokrazy Updates #13038 Updates #1866 Change-Id: Ie3223573044a92f5715a827fb66cc6705b38004f Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 month ago
Nick Khyl	67df9abdc6	util/syspolicy/setting: add package that contains types for the next syspolicy PRs Package setting contains types for defining and representing policy settings. It facilitates the registration of setting definitions using Register and RegisterDefinition, and the retrieval of registered setting definitions via Definitions and DefinitionOf. This package is intended for use primarily within the syspolicy package hierarchy, and added in a preparation for the next PRs. Updates #12687 Signed-off-by: Nick Khyl <nickk@tailscale.com>	1 month ago
Brad Fitzpatrick	a61825c7b8	cmd/tta, vnet: add host firewall, env var support, more tests In particular, tests showing that #3824 works. But that test doesn't actually work yet; it only gets a DERP connection. (why?) Updates #13038 Change-Id: Ie1fd1b6a38d4e90fae7e72a0b9a142a95f0b2e8f Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 month ago
Brad Fitzpatrick	0686bc8b19	cmd/tailscaled: add env knob to control default verbosity Updates #13038 Change-Id: Ic0e6dfc7a8d127ab5ce0ae9aab9119c56e19b636 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 month ago
Jordan Whited	7aec8d4e6b	cmd/stunstamp: refactor connection construction (#13110 ) getConns() is now responsible for returning both stable and unstable conns. conn and measureFn are now passed together via connAndMeasureFn. newConnAndMeasureFn() is responsible for constructing them. TCP measurement timeouts are adjusted to more closely match netcheck. Updates tailscale/corp#22114 Signed-off-by: Jordan Whited <jordan@tailscale.com>	1 month ago
Jordan Whited	218110963d	cmd/stunstamp: implement HTTPS & TCP latency measurements (#13082 ) HTTPS mirrors current netcheck behavior and TCP uses tcp_info->rtt. Updates tailscale/corp#22114 Signed-off-by: Jordan Whited <jordan@tailscale.com>	1 month ago
Brad Fitzpatrick	2e32abc3e2	cmd/tailscaled: allow setting env via linux cmdline for integration tests Updates #13038 Change-Id: I51e016d0eb7c14647159706c08f017fdedd68e2a Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 month ago
Maisem Ali	d0e8375b53	cmd/{tta,vnet}: proxy to gokrazy UI Updates #13038 Change-Id: I1cacb1b0f8c3d0e4c36b7890155f7b1ad0d23575 Signed-off-by: Maisem Ali <maisem@tailscale.com>	1 month ago
Brad Fitzpatrick	f47a5fe52b	vnet: reduce some log spam Updates #13038 Change-Id: I76038a90dfde10a82063988a5b54190074d4b5c5 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 month ago
Maisem Ali	f8d23b3582	tstest/integration/nat: stream daemon logs directly Updates #13038 Signed-off-by: Maisem Ali <maisem@tailscale.com> Change-Id: I5da5706149c082c27d74c8b894bf53dd9b259e84	1 month ago
Brad Fitzpatrick	6798f8ea88	tstest/natlab/vnet: add port mapping Updates #13038 Change-Id: Iaf274d250398973790873534b236d5cbb34fbe0e Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 month ago
Maisem Ali	12764e9db4	natlab: add NodeAgentClient This adds a new NodeAgentClient type that can be used to invoke the LocalAPI using the LocalClient instead of handcrafted URLs. However, there are certain cases where it does make sense for the node agent to provide more functionality than whats possible with just the LocalClient, as such it also exposes a http.Client to make requests directly. Signed-off-by: Maisem Ali <maisem@tailscale.com>	1 month ago
Brad Fitzpatrick	1016aa045f	hostinfo: add hostinfo.IsNATLabGuestVM And don't make guests under vnet/natlab upload to logcatcher, as there won't be a valid cert anyway. Updates #13038 Change-Id: Ie1ce0139788036b8ecc1804549a9b5d326c5fef5 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 month ago
Brad Fitzpatrick	8594292aa4	vnet: add control/derps to test, stateful firewall Updates #13038 Change-Id: Icd65b34c5f03498b5a7109785bb44692bce8911a Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 month ago
Jordan Whited	20691894f5	cmd/stunstamp: refactor to support multiple protocols (#13063 ) 'stun' has been removed from metric names and replaced with a protocol label. This refactor is preparation work for HTTPS & ICMP support. Updates tailscale/corp#22114 Signed-off-by: Jordan Whited <jordan@tailscale.com>	1 month ago
Andrew Lytvynov	c0c4791ce7	cmd/gitops-pusher: ignore previous etag if local acls match control (#13068 ) In a situation when manual edits are made on the admin panel, around the GitOps process, the pusher will be stuck if `--fail-on-manual-edits` is set, as expected. To recover from this, there are 2 options: 1. revert the admin panel changes to get back in sync with the code 2. check in the manual edits to code The former will work well, since previous and local ETags will match control ETag again. The latter will still fail, since local and control ETags match, but previous does not. For this situation, check the local ETag against control first and ignore previous when things are already in sync. Updates https://github.com/tailscale/corp/issues/22177 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	1 month ago
Andrew Lytvynov	ad038f4046	cmd/gitops-pusher: add --fail-on-manual-edits flag (#13066 ) For cases where users want to be extra careful about not overwriting manual changes, add a flag to hard-fail. This is only useful if the etag cache is persistent or otherwise reliable. This flag should not be used in ephemeral CI workers that won't persist the cache. Updates https://github.com/tailscale/corp/issues/22177 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	1 month ago
Naman Sood	f79183dac7	cmd/tsidp: add funnel support (#12591 ) * cmd/tsidp: add funnel support Updates #10263. Signed-off-by: Naman Sood <mail@nsood.in> * look past funnel-ingress-node to see who we're authenticating Signed-off-by: Naman Sood <mail@nsood.in> * fix comment typo Signed-off-by: Naman Sood <mail@nsood.in> * address review feedback, support Basic auth for /token Turns out you need to support Basic auth if you do client ID/secret according to OAuth. Signed-off-by: Naman Sood <mail@nsood.in> * fix typos Signed-off-by: Naman Sood <mail@nsood.in> * review fixes Signed-off-by: Naman Sood <mail@nsood.in> * remove debugging log Signed-off-by: Naman Sood <mail@nsood.in> * add comments, fix header Signed-off-by: Naman Sood <mail@nsood.in> --------- Signed-off-by: Naman Sood <mail@nsood.in>	1 month ago
Brad Fitzpatrick	1ed958fe23	tstest/natlab/vnet: add start of virtual network-based NAT Lab Updates #13038 Change-Id: I3c74120d73149c1329288621f6474bbbcaa7e1a6 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	1 month ago
Brad Fitzpatrick	6ca078c46e	cmd/derper: move 204 handler from package main to derphttp Updates #13038 Change-Id: I28a8284dbe49371cae0e9098205c7c5f17225b40 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	2 months ago
Anton Tolchanov	b3fc345aba	cmd/derpprobe: use a status page from the prober library Updates tailscale/corp#20583 Signed-off-by: Anton Tolchanov <anton@tailscale.com>	2 months ago
Anton Tolchanov	0fd73746dd	cmd/tailscale/cli: fix `revoke-keys` command name in CLI output During review of #8644 the `recover-compromised-key` command was renamed to `revoke-key`, but the old name remained in some messages printed by the command. Fixes tailscale/corp#19446 Signed-off-by: Anton Tolchanov <anton@tailscale.com>	2 months ago
Jordan Whited	f0230ce0b5	go.mod,net/tstun,wgengine/netstack: implement gVisor TCP GRO for Linux (#12921 ) This commit implements TCP GRO for packets being written to gVisor on Linux. Windows support will follow later. The wireguard-go dependency is updated in order to make use of newly exported IP checksum functions. gVisor is updated in order to make use of newly exported stack.PacketBuffer GRO logic. TCP throughput towards gVisor, i.e. TUN write direction, is dramatically improved as a result of this commit. Benchmarks show substantial improvement, sometimes as high as 2x. High bandwidth-delay product paths remain receive window limited, bottlenecked by gVisor's default TCP receive socket buffer size. This will be addressed in a follow-on commit. The iperf3 results below demonstrate the effect of this commit between two Linux computers with i5-12400 CPUs. There is roughly ~13us of round trip latency between them. The first result is from commit `57856fc` without TCP GRO. Starting Test: protocol: TCP, 1 streams, 131072 byte blocks - - - - - - - - - - - - - - - - - - - - - - - - - Test Complete. Summary Results: [ ID] Interval Transfer Bitrate Retr [ 5] 0.00-10.00 sec 4.77 GBytes 4.10 Gbits/sec 20 sender [ 5] 0.00-10.00 sec 4.77 GBytes 4.10 Gbits/sec receiver The second result is from this commit with TCP GRO. Starting Test: protocol: TCP, 1 streams, 131072 byte blocks - - - - - - - - - - - - - - - - - - - - - - - - - Test Complete. Summary Results: [ ID] Interval Transfer Bitrate Retr [ 5] 0.00-10.00 sec 10.6 GBytes 9.14 Gbits/sec 20 sender [ 5] 0.00-10.00 sec 10.6 GBytes 9.14 Gbits/sec receiver Updates #6816 Signed-off-by: Jordan Whited <jordan@tailscale.com>	2 months ago
Jordan Whited	7bc2ddaedc	go.mod,net/tstun,wgengine/netstack: implement gVisor TCP GSO for Linux (#12869 ) This commit implements TCP GSO for packets being read from gVisor on Linux. Windows support will follow later. The wireguard-go dependency is updated in order to make use of newly exported GSO logic from its tun package. A new gVisor stack.LinkEndpoint implementation has been established (linkEndpoint) that is loosely modeled after its predecessor (channel.Endpoint). This new implementation supports GSO of monster TCP segments up to 64K in size, whereas channel.Endpoint only supports up to 32K. linkEndpoint will also be required for GRO, which will be implemented in a follow-on commit. TCP throughput from gVisor, i.e. TUN read direction, is dramatically improved as a result of this commit. Benchmarks show substantial improvement through a wide range of RTT and loss conditions, sometimes as high as 5x. The iperf3 results below demonstrate the effect of this commit between two Linux computers with i5-12400 CPUs. There is roughly ~13us of round trip latency between them. The first result is from commit `57856fc` without TCP GSO. Starting Test: protocol: TCP, 1 streams, 131072 byte blocks - - - - - - - - - - - - - - - - - - - - - - - - - Test Complete. Summary Results: [ ID] Interval Transfer Bitrate Retr [ 5] 0.00-10.00 sec 2.51 GBytes 2.15 Gbits/sec 154 sender [ 5] 0.00-10.00 sec 2.49 GBytes 2.14 Gbits/sec receiver The second result is from this commit with TCP GSO. Starting Test: protocol: TCP, 1 streams, 131072 byte blocks - - - - - - - - - - - - - - - - - - - - - - - - - Test Complete. Summary Results: [ ID] Interval Transfer Bitrate Retr [ 5] 0.00-10.00 sec 12.6 GBytes 10.8 Gbits/sec 6 sender [ 5] 0.00-10.00 sec 12.6 GBytes 10.8 Gbits/sec receiver Updates #6816 Signed-off-by: Jordan Whited <jordan@tailscale.com>	2 months ago
Jonathan Nobels	8a8ecac6a7	net/dns, cmd/tailscaled: plumb system health tracker into dns cleanup (#12969 ) fixes tailscale#12968 The dns manager cleanup func was getting passed a nil health tracker, which will panic. Fixed to pass it the system health tracker. Signed-off-by: Jonathan Nobels <jonathan@tailscale.com>	2 months ago

1 2 3 4 5 ...

1931 Commits (978306565d0e9e9f1e5347969ddaeffe0f989cfe)