You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
tailscale/cmd
Tom Proctor 01a7726cf7
cmd/containerboot,cmd/k8s-operator: enable IPv6 for fqdn egress proxies (#12577)
cmd/containerboot,cmd/k8s-operator: enable IPv6 for fqdn egress proxies

Don't skip installing egress forwarding rules for IPv6 (as long as the host
supports IPv6), and set headless services `ipFamilyPolicy` to
`PreferDualStack` to optionally enable both IP families when possible. Note
that even with `PreferDualStack` set, testing a dual-stack GKE cluster with
the default DNS setup of kube-dns did not correctly set both A and
AAAA records for the headless service, and instead only did so when
switching the cluster DNS to Cloud DNS. For both IPv4 and IPv6 to work
simultaneously in a dual-stack cluster, we require headless services to
return both A and AAAA records.

If the host doesn't support IPv6 but the FQDN specified only has IPv6
addresses available, containerboot will exit with error code 1 and an
error message because there is no viable egress route.

Fixes #12215

Signed-off-by: Tom Proctor <tomhjp@users.noreply.github.com>
4 months ago
..
addlicense
build-webclient client/web: precompress assets 11 months ago
cloner all: use Go 1.22 range-over-int 7 months ago
connector-gen cmd/connector-gen: add helper tool for wide app connector configurations 11 months ago
containerboot cmd/containerboot,cmd/k8s-operator: enable IPv6 for fqdn egress proxies (#12577) 4 months ago
derper cmd/derper: clarify that derper and tailscaled need to be in sync 5 months ago
derpprobe cmd/derpprobe: support 'local' derpmap to get derp map via LocalAPI 5 months ago
dist release/dist/qnap: add qnap target builder 7 months ago
get-authkey util/cmpx: delete now that we're using Go 1.22 9 months ago
gitops-pusher cmd/gitops-pusher: only use OAuth creds if non-empty string 9 months ago
hello cmd/hello: link to the Hello KB article (#11022) 9 months ago
k8s-nameserver cmd/k8s-nameserver: fix AAAA record query response (#12412) 5 months ago
k8s-operator cmd/containerboot,cmd/k8s-operator: enable IPv6 for fqdn egress proxies (#12577) 4 months ago
mkmanifest
mkpkg
mkversion
nardump
natc cmd/natc: add --wg-port flag 5 months ago
netlogfmt all: use Go 1.22 range-over-int 7 months ago
nginx-auth tailcfg,all: add and use Node.IsTagged() 2 years ago
pgproxy tsnet: split user facing and backend logging 6 months ago
printdep
proxy-to-grafana cmd/proxy-to-grafana: add flag for alternative control server 5 months ago
sniproxy all: use math/rand/v2 more 5 months ago
speedtest
ssh-auth-none-demo all: replace deprecated ioutil references 1 year ago
stunc cmd/stunc: support user-specified port (#12469) 5 months ago
stund types/lazy: add Peek method to SyncValue 5 months ago
stunstamp cmd/stunstamp: fix handling of invalid DERP map resp (#12679) 4 months ago
sync-containers all: adjust some build tags for plan9 1 year ago
tailscale cmd/tailscale/cli: exit node filter should display all exit node options (#12699) 4 months ago
tailscaled net/netns: add Windows support for bind-to-interface-by-route 5 months ago
testcontrol all: use Go 1.22 range-over-int 7 months ago
testwrapper cmd/testwrapper: apply results of all unit tests to coverage for all packages 9 months ago
tsconnect all: use math/rand/v2 more 5 months ago
tsidp tsnet: split user facing and backend logging 6 months ago
tsshd
viewer cmd/viewer,type/views: add MapSlice for maps of slices 5 months ago
xdpderper cmd/xdpderper: add autodetection for default interface name 5 months ago