-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
conn,device: enable cryptorouting via PeerAwareEndpoint #27
base: tailscale
Are you sure you want to change the base?
Conversation
Introduce an optional extension point for Endpoint that enables a path for WireGuard to inform an integration about the peer public key that is associated with an Endpoint. The API is expected to return either the same or a new Endpoint in response to this function. A future version of this patch could potentially remove the returned Endpoint, but would require larger integrator changes downstream. This adds a small per-packet cost that could later be removed with a larger refactor of the wireguard-go interface and Tailscale magicsock code, as well as introducing a generic bound for Endpoint in a device & bind instance. Updates tailscale/corp#20732
// | ||
// If GetPeerEndpoint returns nil, WireGuard will be unable to respond to the peer | ||
// until a new endpoint is written by a later packet. | ||
type PeerAwareEndpoint interface { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not going to make this a struct type instead to make the type check cheaper?
The struct can embed a conn.Endpoint and then make GetPeerEndpoint be a func field.
Or did you measure it and find it not worth it?
@@ -84,6 +84,18 @@ type Endpoint interface { | |||
SrcIP() netip.Addr | |||
} | |||
|
|||
// PeerAwareEndpoint is an optional Endpoint specialization for integratons that want to |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
integrations
Do we have an associated Tailscale commit where the interface is implemented? Any idea around impact to performance? |
Introduce an optional extension point for Endpoint that enables a path for WireGuard to inform an integration about the peer public key that is associated with an Endpoint.
The API is expected to return either the same or a new Endpoint in response to this function. A future version of this patch could potentially remove the returned Endpoint, but would require larger integrator changes downstream.
This adds a small per-packet cost that could later be removed with a larger refactor of the wireguard-go interface and Tailscale magicsock code, as well as introducing a generic bound for Endpoint in a device & bind instance.
Updates tailscale/corp#20732