tailscale / tailscale Goto Github PK
View Code? Open in Web Editor NEWThe easiest, most secure way to use WireGuard and 2FA.
Home Page: https://tailscale.com
License: BSD 3-Clause "New" or "Revised" License
The easiest, most secure way to use WireGuard and 2FA.
Home Page: https://tailscale.com
License: BSD 3-Clause "New" or "Revised" License
Installed the linux client on the latest linux mint but it won't get past waiting for URL visit:
AuthURL is https://login2.tails...
sendStatus: authRoutine3: state:url-visit-required
To authenticate, visit:
https://login2.tailscale.io/a/...
authRoutine: state:url-visit-required
direct.WaitLoginURL
doLogin(regen=false, hasUrl=true)
RegisterReq: onode=[empty] node=[wJVU…+tjE] fup=true
Tried in both Firefox and Chromium but same result.
Hello,
During the recent months I've seen similar projects (Mesh VPN in particular) are coming up and as you guys probably know, around November, nebula from slack became open sourced which solve the similar problem domain.
So my main question is, What makes tailscale stand out?
Cheers,
https://tailscale.com/ should have a link to this GitHub repo somewhere.
Header? Footer? Get Started?
I have no strong opinions.
Anybody? @dfcarney @apenwarr @danderson @crawshaw
┆Issue is synchronized with this Asana task by Unito
A clear and concise description of what the problem is. Ex.
There are specific times when traveling that I need all my traffic on the client to be routed over the gateway node even thought most of the time I'd rather split routing.
Describe the solution you'd like
I'd love to be able to have the option much like other vpns settings to check the "route all" and have all traffic go over the gateway node that allows 0.0.0.0 traffic.
Describe alternatives you've considered
Looking at possibly writing a script to update the client config for wireguard (although I'm not sure where it's located on the client side, might need to also "add" the config somehow in the gateway side, but it would be nice if it was a built in feature)
On a Debian stretch box, Tailscale failed to start after installing following the .deb instructions.
Specifically, it failed after running the systemctl start
step (which silently succeeds), when relaynode
doesn't appear in the process list per ps
.
Looking at log output, saw:
CreateTUN: invalid argument
Error starting wireguard engine: invalid argument
On this machine, there is already a wg0
interface from a previous Wireguard non-Tailscale installation.
Upon manually running relaynode
(i.e., not through systemctl) with --tun=wg1
(picked arbitrary unused name), Tailscale starts up successfully.
It appears that the systemd service file hard-codes wg0
in the invocation; I edited the file but am conscious that a future update will clobber it.
Describe the bug
Following @danderson's instructions on getting tailscale working on FreeNAS, I built relaynode
and taillogin
with e.g. GOOS=freebsd go build ./cmd/relaynode
. I then copied it over to my FreeNAS machine. I then ran:
> ./taillogin -f ./relay.conf
2020/02/16 00:41:07 logpolicy.Read ./relay.conf.log.conf: open ./relay.conf.log.
conf: no such file or directory
logtail started
Program starting: vLONGVER-TODO: []string{"./taillogin", "-f", "./relay.conf"}
...
AuthURL is https://login2.tails...
To authenticate, visit:
https://login2.tailscale.io/a/8d4bd10b056
direct.WaitLoginURL
doLogin(regen=false, hasUrl=true)
RegisterReq: onode=[empty] node=[pub:…skWv] fup=true
RegisterReq: returned.
No AuthURL
PollNetMap: stream=-1 :0 []
Success.
flushing log.
logger closing down
To Reproduce
Steps to reproduce the behavior:
sudo ./relaynode --config=./relay.conf
:logtail started
Program starting: vLONGVER-TODO: []string{"./relaynode", "--config=./relay.conf"}
LogID: f256ef7e33aa2d5fea1fd91146fef184d5541ce13249eee32e0038294f0d37a8
20.2M/10.1M Starting userspace wireguard engine.
20.3M/10.1M external packet routing via --tun=wg0 enabled
20.6M/10.1M CreateTUN ok.
magicsock: bind: trying :0
21.1M/10.1M Routine: event worker - started
21.5M/10.1M UDP bind has been updated
21.3M/10.1M Interface set up
21.3M/10.1M wgengine: nil filter provided; no access restrictions.
Hostinfo: {LONGVER-TODO f256ef7e33aa2d5fea1fd91146fef184d5541ce13249eee32e003829
4f0d37a8 f256ef7e33aa2d5fea1fd91146fef184d5541ce13249eee32e0038294f0d37a8 freebs
d frednas.local [] []}
direct.TryLogin(false, 0)
doLogin(regen=false, hasUrl=false)
STUN server stun.l.google.com:19302 reports public endpoint 73.222.29.208:17361
magicsock: found local 73.222.29.208:17361 (stun)
STUN server stun3.l.google.com:19302 reports public endpoint 73.222.29.208:17361
magicsock: found local 73.222.29.208:17361 (stun)
stunner: slow STUN response from stun3.l.google.com:19302: 1 retries
magicsock: found local 10.0.0.3:17361 (localAddresses)
27.5M/20.1M vLONGVER-TODO peers:
client.newEndpoints(0, [73.222.29.208:17361 10.0.0.3:17361])
RegisterReq: onode=[empty] node=[pub:…skWv] fup=false
RegisterReq: returned.
No AuthURL
PollNetMap: stream=-1 :0 [73.222.29.208:17361 10.0.0.3:17361]
51.9M/23.8M Reconfig(): configuring userspace wireguard engine.
52.0M/23.8M [tz/c…5Ugk] - Starting...
...
52.3M/23.8M Reconfiguring router. la=100.122.239.32/10 dns=[] dom=[]
52.3M/23.8M New routes: 100.122.239.32/10 [] [] [[100.121.82.10/32] [100.77.135.
88/32] [100.99.30.120/32] [100.78.184.30/32]]
52.3M/23.8M addr add failed: [ifconfig wg0 inet 100.122.239.32/10 alias]: exit s
tatus 1
ifconfig: ioctl (SIOCAIFADDR): Destination address required
52.3M/23.8M route add failed: [route -q -n add -inet 100.122.239.32/10 -iface 10
0.122.239.32]: exit status 65
route: interface '100.122.239.32' does not exist
52.3M/23.8M addr add failed: [route -q -n add -inet 100.77.135.88/32 -iface 100.
122.239.32]: exit status 65
route: interface '100.122.239.32' does not exist
52.3M/23.9M addr add failed: [route -q -n add -inet 100.99.30.120/32 -iface 100.
122.239.32]: exit status 65
route: interface '100.122.239.32' does not exist
52.3M/23.9M addr add failed: [route -q -n add -inet 100.78.184.30/32 -iface 100.
122.239.32]: exit status 65
route: interface '100.122.239.32' does not exist
52.3M/23.9M addr add failed: [route -q -n add -inet 100.121.82.10/32 -iface 100.
122.239.32]: exit status 65
route: interface '100.122.239.32' does not exist
52.3M/23.9M Reconfig() done.
Error reconfiguring engine: exit status 1
Expected behavior
relaynode
sets up the routes on wg0
successfully.
Version information:
> uname -a
FreeBSD frednas.local 11.2-STABLE FreeBSD 11.2-STABLE #0 r325575+c9231c7d6bd(HEAD): Mon Nov 18 22:46:47 UTC 2019 root@nemesis:/freenas-releng/freenas/_BE/objs/freenas-releng/freenas/_BE/os/sys/FreeNAS.amd64 amd64
Cross-compiled from Linux at 9dbc52bb5bd4284706a86f13e3774efdd6af56a1
This gets called too frequently on hello.ipn.dev, eating CPU time.
┆Issue is synchronized with this Asana task by Unito
We're going to require DCO sign-offs with Signed-off-by lines in PRs.
Document that, and automate checking with https://github.com/probot/dco or similar
We've had a few requests for a Tailscale Synology package.
From Perkeep: see https://github.com/perkeep/perkeep/blob/master/doc/synology.md and https://github.com/perkeep/perkeep/tree/master/misc/docker/synology and its build_syno.go which spits out the *.spk file
Running go mod tidy
or GOOS=windows go install ./...
report:
go: finding module for package tailscale.io/control
tailscale.com/wgengine imports
golang.zx2c4.com/winipcfg: cannot find module providing package golang.zx2c4.com/winipcfg: unrecognized import path "golang.zx2c4.com/winipcfg": reading https://golang.zx2c4.com/winipcfg?go-get=1: 404 Not Found
tailscale.com/control/controlclient tested by
tailscale.com/control/controlclient.test imports
tailscale.io/control: cannot find module providing package tailscale.io/control: unrecognized import path "tailscale.io/control": parse https://tailscale.io/control?go-get=1: no go-import meta tags (meta tag tailscale.com did not match import path tailscale.io/control)
Clean that up.
enrai ~ $ go install tailscale.com/cmd/tailscale
can't load package: package tailscale.com/cmd/tailscale: cannot find package "tailscale.com/cmd/tailscale" in any of:
/usr/lib/go/src/tailscale.com/cmd/tailscale (from $GOROOT)
/home/djc/go/src/tailscale.com/cmd/tailscale (from $GOPATH)
enrai ~ $ go install tailscale.com/cmd/tailscaled
can't load package: package tailscale.com/cmd/tailscaled: cannot find package "tailscale.com/cmd/tailscaled" in any of:
/usr/lib/go/src/tailscale.com/cmd/tailscaled (from $GOROOT)
/home/djc/go/src/tailscale.com/cmd/tailscaled (from $GOPATH)
What are the magic incantations required to make this work (this is a Gentoo Linux box)?
We don't support IPv6 on the virtual network. We should.
(This bug is unrelated to supporting IPv6 addresses for the peer-to-peer connections - see #18 for that.)
I tried following instructions to install on Ubuntu linux from here https://tailscale.com/kb/1026/install-deb
It seemed to fail for two reasons:
Appears things are under heavy flux so sorry if this is premature or not needed ticket.
$ sudo dpkg -i tailscale-relay_0.94-236_amd64.deb
[sudo] password for aaron:
Selecting previously unselected package tailscale-relay.
(Reading database ... 285724 files and directories currently installed.)
Preparing to unpack tailscale-relay_0.94-236_amd64.deb ...
Unpacking tailscale-relay (0.94-236) ...
Setting up tailscale-relay (0.94-236) ...
Created symlink /etc/systemd/system/multi-user.target.wants/tailscale-relay.service → /lib/systemd/system/tailscale-relay.service.
Note: Run tailscale-login to configure /var/lib/tailscale/relay.conf.
$ tailscale-login
2020/02/12 13:54:23 logpolicy.Read /var/lib/tailscale/relay.conf.log.conf: open /var/lib/tailscale/relay.conf.log.conf: no such file or directory
2020/02/12 13:54:23 logpolicy.Config write: "/var/lib/tailscale/relay.conf.log.conf.new.tmp": open /var/lib/tailscale/relay.conf.log.conf.new.tmp: no such file or directory
logtail started
Program starting: v0.94-236-gb2bf51d7: []string{"/usr/sbin/taillogin", "--config=/var/lib/tailscale/relay.conf"}
LogID: df6cea2d056c046bdfb5129c6eb0fe1e4abd086f4f6f7e9942d1821475d37fb6
filch failed: <nil>
config /var/lib/tailscale/relay.conf does not exist
Hostinfo: {<snip>}
client.Login(false, 0)
authRoutine: state:new
mapRoutine: state:new
authRoutine: context done.
authRoutine: state:new
direct.TryLogin(false, 0)
Generating a new machinekey.
doLogin(regen=false, hasUrl=false)
Generating a new nodekey.
RegisterReq: onode=[empty] node=[CSDQ…mdx4] fup=false
RegisterReq: returned.
AuthURL is https://login2.tails...
sendStatus: authRoutine3: state:url-visit-required
To authenticate, visit:
https://login2.tailscale.io/a/<snip>
authRoutine: state:url-visit-required
direct.WaitLoginURL
doLogin(regen=false, hasUrl=true)
RegisterReq: onode=[empty] node=[CSDQ…mdx4] fup=true
RegisterReq: returned.
No AuthURL
sendStatus: authRoutine4: state:authenticated
cancelMapSafely: synced=false
cancelMapSafely: wrote to channel
authRoutine: state:authenticated
mapRoutine: new map needed while idle.
mapRoutine: state:authenticated
PollNetMap: stream=-1 :0 []
new network map[0]:
NetworkMap: self: [CSDQ…mdx4] auth=machine-authorized :<snip>
mapRoutine: netmap received: state:synchronized
sendStatus: mapRoutine2: state:synchronized
save config: "/var/lib/tailscale/relay.conf.new.tmp": open /var/lib/tailscale/relay.conf.new.tmp: no such file or directory
Success.
flushing log.
logger closing down
About 1 in 3 runs of go test -count=1000 -timeout=30s
deadlocks and times out. Other runs complete the 1000 passes in ~3s.
panic: test timed out after 30s
goroutine 782 [running]:
testing.(*M).startAlarm.func1()
/usr/lib/go/src/testing/testing.go:1377 +0xdf
created by time.goFunc
/usr/lib/go/src/time/sleep.go:168 +0x44
goroutine 1 [chan receive]:
testing.(*T).Run(0xc0001aa700, 0x5f7c9a, 0xc, 0x602468, 0x47df06)
/usr/lib/go/src/testing/testing.go:961 +0x377
testing.runTests.func1(0xc0001aa600)
/usr/lib/go/src/testing/testing.go:1202 +0x78
testing.tRunner(0xc0001aa600, 0xc000058dc0)
/usr/lib/go/src/testing/testing.go:909 +0xc9
testing.runTests(0xc0000b00a0, 0x750f70, 0x1, 0x1, 0x0)
/usr/lib/go/src/testing/testing.go:1200 +0x2a7
testing.(*M).Run(0xc0000cc000, 0x0)
/usr/lib/go/src/testing/testing.go:1117 +0x176
main.main()
_testmain.go:44 +0x135
goroutine 753 [IO wait]:
internal/poll.runtime_pollWait(0x7f08f459f438, 0x72, 0xffffffffffffffff)
/usr/lib/go/src/runtime/netpoll.go:184 +0x55
internal/poll.(*pollDesc).wait(0xc0004ccf18, 0x72, 0x1000, 0x1000, 0xffffffffffffffff)
/usr/lib/go/src/internal/poll/fd_poll_runtime.go:87 +0x45
internal/poll.(*pollDesc).waitRead(...)
/usr/lib/go/src/internal/poll/fd_poll_runtime.go:92
internal/poll.(*FD).Read(0xc0004ccf00, 0xc00039c000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
/usr/lib/go/src/internal/poll/fd_unix.go:169 +0x1cf
net.(*netFD).Read(0xc0004ccf00, 0xc00039c000, 0x1000, 0x1000, 0x77314b86295c5, 0x31de88a8f7a83, 0x825decee2a01)
/usr/lib/go/src/net/fd_unix.go:202 +0x4f
net.(*conn).Read(0xc000306088, 0xc00039c000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
/usr/lib/go/src/net/net.go:184 +0x68
bufio.(*Reader).Read(0xc000354e40, 0xc00001e870, 0x4, 0x4, 0xc0000ed998, 0x445d8c, 0x10)
/usr/lib/go/src/bufio/bufio.go:226 +0x26a
io.ReadAtLeast(0x62ef20, 0xc000354e40, 0xc00001e870, 0x4, 0x4, 0x4, 0xa0, 0x98, 0x5e0b40)
/usr/lib/go/src/io/io.go:310 +0x87
io.ReadFull(...)
/usr/lib/go/src/io/io.go:329
tailscale.com/derp.readUint32(0x62ef20, 0xc000354e40, 0xffffffff, 0x44261b530dd35, 0xc0000eda90, 0x582dfa)
/home/dave/tail/corp/oss/derp/derp.go:92 +0x8b
tailscale.com/derp.(*Client).recvServerKey(0xc0000ca460, 0xc0000ca460, 0x47cd4edbb5cfdde4)
/home/dave/tail/corp/oss/derp/derp_client.go:57 +0x47
tailscale.com/derp.NewClient(0xf351173c4620dba1, 0xb6fd75af9c2a49e4, 0x47cd4edbb5cfdde4, 0xc79436433359349, 0x6329a0, 0xc000306088, 0xc0000ede50, 0xc0000604a0, 0xc0002225a0, 0x0, ...)
/home/dave/tail/corp/oss/derp/derp_client.go:42 +0x112
tailscale.com/derp.TestSendRecv(0xc0001aa700)
/home/dave/tail/corp/oss/derp/derp_test.go:67 +0xef5
testing.tRunner(0xc0001aa700, 0x602468)
/usr/lib/go/src/testing/testing.go:909 +0xc9
created by testing.(*T).Run
/usr/lib/go/src/testing/testing.go:960 +0x350
goroutine 778 [IO wait]:
internal/poll.runtime_pollWait(0x7f08f459f5d8, 0x72, 0xffffffffffffffff)
/usr/lib/go/src/runtime/netpoll.go:184 +0x55
internal/poll.(*pollDesc).wait(0xc0004cd098, 0x72, 0x1000, 0x1000, 0xffffffffffffffff)
/usr/lib/go/src/internal/poll/fd_poll_runtime.go:87 +0x45
internal/poll.(*pollDesc).waitRead(...)
/usr/lib/go/src/internal/poll/fd_poll_runtime.go:92
internal/poll.(*FD).Read(0xc0004cd080, 0xc000360000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
/usr/lib/go/src/internal/poll/fd_unix.go:169 +0x1cf
net.(*netFD).Read(0xc0004cd080, 0xc000360000, 0x1000, 0x1000, 0x8, 0xc00034e188, 0xc000029750)
/usr/lib/go/src/net/fd_unix.go:202 +0x4f
net.(*conn).Read(0xc0003060a0, 0xc000360000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
/usr/lib/go/src/net/net.go:184 +0x68
bufio.(*Reader).fill(0xc000029500)
/usr/lib/go/src/bufio/bufio.go:100 +0x103
bufio.(*Reader).ReadByte(0xc000029500, 0x10, 0xc00012a850, 0xc000029428)
/usr/lib/go/src/bufio/bufio.go:252 +0x39
tailscale.com/derp.readType(0xc000029500, 0xc0000ff403, 0x5c19a0, 0x1c6834c46b8cb701)
/home/dave/tail/corp/oss/derp/derp.go:73 +0x2f
tailscale.com/derp.(*Server).recvPacket(0xc0000293e0, 0xc000029500, 0xc0000293e0, 0x631700, 0xc000012a40, 0xc000029740, 0x0, 0x0, 0x0, 0x76, ...)
/home/dave/tail/corp/oss/derp/derp_server.go:285 +0x4e
tailscale.com/derp.(*Server).accept(0xc0000293e0, 0x6329a0, 0xc0003060a0, 0xc00012a7d0, 0x0, 0x0)
/home/dave/tail/corp/oss/derp/derp_server.go:161 +0x564
tailscale.com/derp.(*Server).Accept(0xc0000293e0, 0x6329a0, 0xc0003060a0, 0xc00012a7d0)
/home/dave/tail/corp/oss/derp/derp_server.go:90 +0x18b
created by tailscale.com/derp.TestSendRecv
/home/dave/tail/corp/oss/derp/derp_test.go:57 +0x7c9
goroutine 776 [IO wait]:
internal/poll.runtime_pollWait(0x7f08f459fab8, 0x72, 0xffffffffffffffff)
/usr/lib/go/src/runtime/netpoll.go:184 +0x55
internal/poll.(*pollDesc).wait(0xc0004ccf98, 0x72, 0x1000, 0x1000, 0xffffffffffffffff)
/usr/lib/go/src/internal/poll/fd_poll_runtime.go:87 +0x45
internal/poll.(*pollDesc).waitRead(...)
/usr/lib/go/src/internal/poll/fd_poll_runtime.go:92
internal/poll.(*FD).Read(0xc0004ccf80, 0xc00035c000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
/usr/lib/go/src/internal/poll/fd_unix.go:169 +0x1cf
net.(*netFD).Read(0xc0004ccf80, 0xc00035c000, 0x1000, 0x1000, 0x8, 0xc00034e168, 0xc000029630)
/usr/lib/go/src/net/fd_unix.go:202 +0x4f
net.(*conn).Read(0xc000306090, 0xc00035c000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
/usr/lib/go/src/net/net.go:184 +0x68
bufio.(*Reader).fill(0xc000029440)
/usr/lib/go/src/bufio/bufio.go:100 +0x103
bufio.(*Reader).ReadByte(0xc000029440, 0x10, 0xc00012a810, 0xc000029428)
/usr/lib/go/src/bufio/bufio.go:252 +0x39
tailscale.com/derp.readType(0xc000029440, 0xc0000ff203, 0x5c19a0, 0x1c6834c46b8cb701)
/home/dave/tail/corp/oss/derp/derp.go:73 +0x2f
tailscale.com/derp.(*Server).recvPacket(0xc0000293e0, 0xc000029440, 0xc0000293e0, 0x631700, 0xc0000129c0, 0xc000029620, 0x0, 0x0, 0x0, 0x0, ...)
/home/dave/tail/corp/oss/derp/derp_server.go:285 +0x4e
tailscale.com/derp.(*Server).accept(0xc0000293e0, 0x6329a0, 0xc000306090, 0xc00012a7b0, 0x0, 0x0)
/home/dave/tail/corp/oss/derp/derp_server.go:161 +0x564
tailscale.com/derp.(*Server).Accept(0xc0000293e0, 0x6329a0, 0xc000306090, 0xc00012a7b0)
/home/dave/tail/corp/oss/derp/derp_server.go:90 +0x18b
created by tailscale.com/derp.TestSendRecv
/home/dave/tail/corp/oss/derp/derp_test.go:57 +0x7c9
goroutine 780 [IO wait]:
internal/poll.runtime_pollWait(0x7f08f4623a88, 0x72, 0xffffffffffffffff)
/usr/lib/go/src/runtime/netpoll.go:184 +0x55
internal/poll.(*pollDesc).wait(0xc0004ccd18, 0x72, 0x1000, 0x1000, 0xffffffffffffffff)
/usr/lib/go/src/internal/poll/fd_poll_runtime.go:87 +0x45
internal/poll.(*pollDesc).waitRead(...)
/usr/lib/go/src/internal/poll/fd_poll_runtime.go:92
internal/poll.(*FD).Read(0xc0004ccd00, 0xc000362000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
/usr/lib/go/src/internal/poll/fd_unix.go:169 +0x1cf
net.(*netFD).Read(0xc0004ccd00, 0xc000362000, 0x1000, 0x1000, 0x18, 0xc00016b5c0, 0x483ea7)
/usr/lib/go/src/net/fd_unix.go:202 +0x4f
net.(*conn).Read(0xc000306078, 0xc000362000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
/usr/lib/go/src/net/net.go:184 +0x68
bufio.(*Reader).fill(0xc0000295c0)
/usr/lib/go/src/bufio/bufio.go:100 +0x103
bufio.(*Reader).ReadByte(0xc0000295c0, 0xbf8bd7412899df3f, 0x1c0685c47d, 0x759860)
/usr/lib/go/src/bufio/bufio.go:252 +0x39
tailscale.com/derp.(*Client).Recv(0xc000222500, 0xc0003f0000, 0x10000, 0x10000, 0x0, 0x0, 0x0)
/home/dave/tail/corp/oss/derp/derp_client.go:166 +0x10d
tailscale.com/derp.TestSendRecv.func1(0xc000222500, 0xc000029560, 0xc0000b0c80, 0x0)
/home/dave/tail/corp/oss/derp/derp_test.go:77 +0x93
created by tailscale.com/derp.TestSendRecv
/home/dave/tail/corp/oss/derp/derp_test.go:74 +0xc83
goroutine 758 [IO wait]:
internal/poll.runtime_pollWait(0x7f08f4623268, 0x72, 0xffffffffffffffff)
/usr/lib/go/src/runtime/netpoll.go:184 +0x55
internal/poll.(*pollDesc).wait(0xc0004cce18, 0x72, 0x1000, 0x1000, 0xffffffffffffffff)
/usr/lib/go/src/internal/poll/fd_poll_runtime.go:87 +0x45
internal/poll.(*pollDesc).waitRead(...)
/usr/lib/go/src/internal/poll/fd_poll_runtime.go:92
internal/poll.(*FD).Read(0xc0004cce00, 0xc00039a000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
/usr/lib/go/src/internal/poll/fd_unix.go:169 +0x1cf
net.(*netFD).Read(0xc0004cce00, 0xc00039a000, 0x1000, 0x1000, 0x18, 0xc0001685c0, 0x483ea7)
/usr/lib/go/src/net/fd_unix.go:202 +0x4f
net.(*conn).Read(0xc000306080, 0xc00039a000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
/usr/lib/go/src/net/net.go:184 +0x68
bufio.(*Reader).fill(0xc0000296e0)
/usr/lib/go/src/bufio/bufio.go:100 +0x103
bufio.(*Reader).ReadByte(0xc0000296e0, 0xbf8bd74128b4162b, 0x1c069ffbd7, 0x759860)
/usr/lib/go/src/bufio/bufio.go:252 +0x39
tailscale.com/derp.(*Client).Recv(0xc0002225a0, 0xc000400000, 0x10000, 0x10000, 0x0, 0x0, 0x0)
/home/dave/tail/corp/oss/derp/derp_client.go:166 +0x10d
tailscale.com/derp.TestSendRecv.func1(0xc0002225a0, 0xc000029560, 0xc0000b0c80, 0x1)
/home/dave/tail/corp/oss/derp/derp_test.go:77 +0x93
created by tailscale.com/derp.TestSendRecv
/home/dave/tail/corp/oss/derp/derp_test.go:74 +0xc83
goroutine 779 [select]:
tailscale.com/derp.(*sclient).keepAliveLoop(0xc000029620, 0x631700, 0xc0000129c0, 0x0, 0x0)
/home/dave/tail/corp/oss/derp/derp_server.go:328 +0x208
tailscale.com/derp.(*Server).sendClientKeepAlives(0xc0000293e0, 0x631700, 0xc0000129c0, 0xc000029620)
/home/dave/tail/corp/oss/derp/derp_server.go:194 +0x46
created by tailscale.com/derp.(*Server).accept
/home/dave/tail/corp/oss/derp/derp_server.go:158 +0x52c
goroutine 781 [select]:
tailscale.com/derp.(*sclient).keepAliveLoop(0xc000029740, 0x631700, 0xc000012a40, 0x0, 0x0)
/home/dave/tail/corp/oss/derp/derp_server.go:328 +0x208
tailscale.com/derp.(*Server).sendClientKeepAlives(0xc0000293e0, 0x631700, 0xc000012a40, 0xc000029740)
/home/dave/tail/corp/oss/derp/derp_server.go:194 +0x46
created by tailscale.com/derp.(*Server).accept
/home/dave/tail/corp/oss/derp/derp_server.go:158 +0x52c
FAIL tailscale.com/derp 30.006s
FAIL
Line 1 in d539a95
Is that on purpose ?
Shouldn't it rather be module github.com/tailscale/tailscale
?
Is your feature request related to a problem? Please describe.
NewUserspaceEngine in wgengine/userspace.go issues a call to CreateTUN, which creates the wg0 interface on first run, but results in an "interface wg0 already exists" on subsequent runs.
Describe the solution you'd like
Mostly just looking for some context on whether this scenario exists on other platforms and how you'd like it to be handled. Perhaps a way to handle CreateTUN in which if it already exists, it gets reused.
Describe alternatives you've considered
Looking at the wireguard-go implementation, it looks like they're setting an environment variable after creating the tun, and referencing the file descriptor in the environment variable on subsequent runs. I can issue an "ifconfig wg0 destroy" to clean up the interface on close but that seems a little brute-forcish, and handling it higher up will likely impact all the platforms. I've checked the linux/darwin/windows implementations for an example of how this is handled but it's not immediately apparent from the code.
Additional context
logtail...
Starting userspace wireguard engine.
external packet routing via --tun=wg0 enabled
CreateTUN: interface wg0 already exists
Error starting wireguard engine: interface wg0 already exists
I built & ran tailscaled with the race detector:
2020/02/28 07:51:13 7.0M/78.3M external packet routing via --tun=tailscale0 enabled
2020/02/28 07:51:13 15.2M/78.8M CreateTUN ok.
2020/02/28 07:51:13 magicsock: bind: trying :0
2020/02/28 07:51:13 16.1M/82.2M Routine: event worker - started
==================
WARNING: DATA RACE
Write at 0x00c00007e3d0 by main goroutine:
github.com/tailscale/wireguard-go/tun.(*NativeTun).Name()
/home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/tun/tun_linux.go:302 +0x48a
tailscale.com/wgengine.newUserspaceRouter()
/home/bradfitz/src/tailscale.com/wgengine/router_linux.go:32 +0x45
tailscale.com/wgengine.newUserspaceEngineAdvanced()
/home/bradfitz/src/tailscale.com/wgengine/userspace.go:190 +0xbf6
tailscale.com/wgengine.NewUserspaceEngine()
/home/bradfitz/src/tailscale.com/wgengine/userspace.go:96 +0x2f0
main.main()
/home/bradfitz/src/tailscale.com/cmd/tailscaled/tailscaled.go:72 +0xbfd
Previous read at 0x00c00007e3d0 by goroutine 49:
github.com/tailscale/wireguard-go/tun.(*NativeTun).MTU()
/home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/tun/tun_linux.go:262 +0xfb
github.com/tailscale/wireguard-go/device.(*Device).RoutineTUNEventReader()
/home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/tun.go:27 +0x353
Goroutine 49 (running) created at:
github.com/tailscale/wireguard-go/device.NewDevice()
/home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/device.go:410 +0x62d
tailscale.com/wgengine.newUserspaceEngineAdvanced()
/home/bradfitz/src/tailscale.com/wgengine/userspace.go:183 +0xaea
tailscale.com/wgengine.NewUserspaceEngine()
/home/bradfitz/src/tailscale.com/wgengine/userspace.go:96 +0x2f0
main.main()
/home/bradfitz/src/tailscale.com/cmd/tailscaled/tailscaled.go:72 +0xbfd
==================
2020/02/28 07:51:13 16.3M/82.4M UDP bind has been updated
2020/02/28 07:51:13 16.4M/82.4M Interface set up
2020/02/28 07:51:13 16.4M/82.4M external route MTU: 1420 (<nil>)
2020/02/28 07:51:13 16.4M/82.4M Listening on tailscaled.sock
2020/02/28 07:51:13 21.7M/95.8M control: authRoutine: state:new
2020/02/28 07:51:13 21.7M/95.8M control: mapRoutine: state:new
==================
WARNING: DATA RACE
Write at 0x00c000140148 by goroutine 99:
tailscale.com/wgengine.(*userspaceEngine).SetStatusCallback()
/home/bradfitz/src/tailscale.com/wgengine/userspace.go:419 +0x43
tailscale.com/wgengine.(*watchdogEngine).SetStatusCallback.func1()
/home/bradfitz/src/tailscale.com/wgengine/watchdog.go:70 +0x71
tailscale.com/wgengine.(*watchdogEngine).watchdog.func1()
/home/bradfitz/src/tailscale.com/wgengine/watchdog.go:58 +0x3d
tailscale.com/wgengine.(*watchdogEngine).watchdogErr.func1()
/home/bradfitz/src/tailscale.com/wgengine/watchdog.go:40 +0x34
Previous read at 0x00c000140148 by goroutine 26:
tailscale.com/wgengine.(*userspaceEngine).RequestStatus()
/home/bradfitz/src/tailscale.com/wgengine/userspace.go:546 +0xf5
tailscale.com/wgengine.newUserspaceEngineAdvanced.func2()
/home/bradfitz/src/tailscale.com/wgengine/userspace.go:119 +0x13a
tailscale.com/wgengine/magicsock.(*Conn).epUpdate.func1()
/home/bradfitz/src/tailscale.com/wgengine/magicsock/magicsock.go:208 +0x2ea
Goroutine 99 (running) created at:
tailscale.com/wgengine.(*watchdogEngine).watchdogErr()
/home/bradfitz/src/tailscale.com/wgengine/watchdog.go:39 +0x87
tailscale.com/wgengine.(*watchdogEngine).watchdog()
/home/bradfitz/src/tailscale.com/wgengine/watchdog.go:57 +0xb0
tailscale.com/wgengine.(*watchdogEngine).SetStatusCallback()
/home/bradfitz/src/tailscale.com/wgengine/watchdog.go:70 +0xde
tailscale.com/ipn.(*LocalBackend).Start()
/home/bradfitz/src/tailscale.com/ipn/local.go:253 +0xa86
tailscale.com/ipn.(*BackendServer).GotCommand()
/home/bradfitz/src/tailscale.com/ipn/message.go:105 +0x575
tailscale.com/ipn/ipnserver.Run()
/home/bradfitz/src/tailscale.com/ipn/ipnserver/server.go:127 +0xe1a
main.main()
/home/bradfitz/src/tailscale.com/cmd/tailscaled/tailscaled.go:86 +0x985
Goroutine 26 (finished) created at:
tailscale.com/wgengine/magicsock.(*Conn).epUpdate()
/home/bradfitz/src/tailscale.com/wgengine/magicsock/magicsock.go:195 +0x110
==================
2020/02/28 07:51:13 21.7M/95.9M Backend: logs: be:d8110230555bdb199b48ca6ca71c3802b758e9373cd104d785b8e5c2d1eb8d27 fe:
2020/02/28 07:51:13 21.8M/96.1M control: client.Login(false, 0)
2020/02/28 07:51:13 21.8M/96.1M control: authRoutine: context done.
2020/02/28 07:51:14 48.3M/120.9M [z6DZ…Mo3g] - Starting...
2020/02/28 07:51:14 magicsock: CreateEndpoint: key=[pub:…ZXWj]: 127.3.3.40:1,64.137.139.195:61988,192.0.0.1:61988,10.88.111.5:61988
2020/02/28 07:51:14 [0xc00011e150] derphttp.Client.Send: connecting
==================
WARNING: DATA RACE
Write at 0x00c0001940db by goroutine 25:
tailscale.com/wgengine.(*userspaceEngine).Reconfig()
/home/bradfitz/src/tailscale.com/wgengine/magicsock/magicsock.go:743 +0x768
tailscale.com/wgengine.(*watchdogEngine).Reconfig.func1()
/home/bradfitz/src/tailscale.com/wgengine/watchdog.go:64 +0x95
tailscale.com/wgengine.(*watchdogEngine).watchdogErr.func1()
/home/bradfitz/src/tailscale.com/wgengine/watchdog.go:40 +0x34
Previous read at 0x00c0001940db by goroutine 161:
tailscale.com/wgengine/magicsock.(*Conn).derpWriteChanOfAddr()
/home/bradfitz/src/tailscale.com/wgengine/magicsock/magicsock.go:535 +0x2ad
tailscale.com/wgengine/magicsock.(*Conn).sendAddr()
/home/bradfitz/src/tailscale.com/wgengine/magicsock/magicsock.go:491 +0x60
tailscale.com/wgengine/magicsock.(*Conn).Send()
/home/bradfitz/src/tailscale.com/wgengine/magicsock/magicsock.go:467 +0x388
github.com/tailscale/wireguard-go/device.(*Peer).SendBuffer()
/home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/peer.go:179 +0x29a
github.com/tailscale/wireguard-go/device.(*Peer).SendHandshakeInitiation()
/home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/send.go:169 +0x552
github.com/tailscale/wireguard-go/device.(*Peer).RoutineNonce()
/home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/send.go:475 +0x296
Goroutine 25 (running) created at:
tailscale.com/wgengine.(*watchdogEngine).watchdogErr()
/home/bradfitz/src/tailscale.com/wgengine/watchdog.go:39 +0x87
tailscale.com/wgengine.(*watchdogEngine).Reconfig()
/home/bradfitz/src/tailscale.com/wgengine/watchdog.go:64 +0x126
tailscale.com/ipn.(*LocalBackend).authReconfig()
/home/bradfitz/src/tailscale.com/ipn/local.go:622 +0x56b
tailscale.com/ipn.(*LocalBackend).SetPrefs()
/home/bradfitz/src/tailscale.com/ipn/local.go:551 +0x4f3
tailscale.com/ipn.(*LocalBackend).Start.func1()
/home/bradfitz/src/tailscale.com/ipn/local.go:248 +0x16f
tailscale.com/control/controlclient.(*Client).sendStatus()
/home/bradfitz/src/tailscale.com/control/controlclient/auto.go:538 +0x471
tailscale.com/control/controlclient.(*Client).mapRoutine.func2()
/home/bradfitz/src/tailscale.com/control/controlclient/auto.go:457 +0x338
tailscale.com/control/controlclient.(*Direct).PollNetMap()
/home/bradfitz/src/tailscale.com/control/controlclient/direct.go:572 +0x1b1a
tailscale.com/control/controlclient.(*Client).mapRoutine()
/home/bradfitz/src/tailscale.com/control/controlclient/auto.go:428 +0x3a6
Goroutine 161 (running) created at:
github.com/tailscale/wireguard-go/device.(*Peer).Start()
/home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/peer.go:239 +0x4cf
github.com/tailscale/wireguard-go/device.(*Device).NewPeer()
/home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/peer.go:139 +0x834
github.com/tailscale/wireguard-go/device.(*Device).Reconfig()
/home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/config.go:102 +0xeb8
tailscale.com/wgengine.(*userspaceEngine).Reconfig()
/home/bradfitz/src/tailscale.com/wgengine/userspace.go:328 +0x598
tailscale.com/wgengine.(*watchdogEngine).Reconfig.func1()
/home/bradfitz/src/tailscale.com/wgengine/watchdog.go:64 +0x95
tailscale.com/wgengine.(*watchdogEngine).watchdogErr.func1()
/home/bradfitz/src/tailscale.com/wgengine/watchdog.go:40 +0x34
==================
2020/02/28 07:51:14 49.9M/121.1M Reconfiguring router. la=100.120.74.110/10 dns=[8.8.8.8 8.8.4.4] dom=[in.tailscale.com]
2020/02/28 07:51:14 magicsock: Conn.Send(127.3.3.40:1): too many DERP packets queued; dropping
2020/02/28 07:51:14 49.9M/121.1M New routes: 100.120.74.110/10 [8.8.8.8 8.8.4.4] [in.tailscale.com] [[100.125.152.110/32] [100.106.144.123/32] [100.96.181.91/32] [100.88.232.119/32] [100.67.55.67/32] [100.97.182.82/32] [100.81.251.94/32] [100.109.156.26/32] [100.99.142.13/32] [100.68.74.102/32] [100.91.57.75/32] [100.71.176.115/32] [100.123.101.40/32] [100.96.237.84/32] [100.85.197.98/32] [100.75.157.1/32] [100.101.102.103/32] [100.76.113.46/32] [100.89.143.94/32] [100.100.32.69/32] [100.112.88.8/32] [100.81.195.72/32] [100.114.136.105/32] [100.116.73.104/32]]
2020/02/28 07:51:14 52.7M/123.5M vLONGVER-TODO peers: 92/180 x x x x 92/180 x x x x x x 211/251 x x x 92/180 x x x x x x x
2020/02/28 07:51:14 52.8M/123.6M netmap diff:
==================
WARNING: DATA RACE
Write at 0x00c000330880 by goroutine 98:
tailscale.com/ipn.(*LocalBackend).Start.func1()
/home/bradfitz/src/tailscale.com/ipn/local.go:223 +0x48d
tailscale.com/control/controlclient.(*Client).sendStatus()
/home/bradfitz/src/tailscale.com/control/controlclient/auto.go:538 +0x471
tailscale.com/control/controlclient.(*Client).mapRoutine.func2()
/home/bradfitz/src/tailscale.com/control/controlclient/auto.go:457 +0x338
tailscale.com/control/controlclient.(*Direct).PollNetMap()
/home/bradfitz/src/tailscale.com/control/controlclient/direct.go:572 +0x1b1a
tailscale.com/control/controlclient.(*Client).mapRoutine()
/home/bradfitz/src/tailscale.com/control/controlclient/auto.go:428 +0x3a6
Previous read at 0x00c000330880 by goroutine 173:
tailscale.com/ipn.(*LocalBackend).nextState()
/home/bradfitz/src/tailscale.com/ipn/local.go:671 +0x94
tailscale.com/ipn.(*LocalBackend).stateMachine()
/home/bradfitz/src/tailscale.com/ipn/local.go:710 +0x38
tailscale.com/ipn.(*LocalBackend).Start.func2()
/home/bradfitz/src/tailscale.com/ipn/local.go:273 +0x422
tailscale.com/wgengine.(*userspaceEngine).RequestStatus()
/home/bradfitz/src/tailscale.com/wgengine/userspace.go:547 +0x13a
Goroutine 98 (running) created at:
tailscale.com/control/controlclient.(*Client).Start()
/home/bradfitz/src/tailscale.com/control/controlclient/auto.go:169 +0x6e
tailscale.com/control/controlclient.New()
/home/bradfitz/src/tailscale.com/control/controlclient/auto.go:136 +0xe5
tailscale.com/ipn.(*LocalBackend).Start()
/home/bradfitz/src/tailscale.com/ipn/local.go:180 +0x8ad
tailscale.com/ipn.(*BackendServer).GotCommand()
/home/bradfitz/src/tailscale.com/ipn/message.go:105 +0x575
tailscale.com/ipn/ipnserver.Run()
/home/bradfitz/src/tailscale.com/ipn/ipnserver/server.go:127 +0xe1a
main.main()
/home/bradfitz/src/tailscale.com/cmd/tailscaled/tailscaled.go:86 +0x985
Goroutine 173 (finished) created at:
tailscale.com/wgengine.newUserspaceEngineAdvanced.func4()
/home/bradfitz/src/tailscale.com/wgengine/userspace.go:158 +0x84
github.com/tailscale/wireguard-go/device.(*Peer).handshakeDoneCallback()
/home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/send.go:399 +0x1c5
github.com/tailscale/wireguard-go/device.(*Peer).RoutineNonce()
/home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/send.go:484 +0x1f0
==================
2020/02/28 07:51:14 magicsock: rx [pub:…00sP] from 160.39.145.122:51774 (1/2), set as new priority
2020/02/28 07:51:14 52.9M/124.1M [k2e0…9PQ0] - Received handshake response from 160.39.145.122:51774
2020/02/28 07:51:14 52.9M/124.1M [k2e0…9PQ0] - Obtained awaited keypair
2020/02/28 07:51:14 52.9M/124.1M generating initial ping traffic to [pub:…00sP] (100.89.143.94)
So, yeah.
Be on bradfitz's LAN.
Block all UDP traffic to/from bradfitz's dev box.
Run tailscaled.
Tailscaled peers with bradfitz's dev box over DERP, because LAN doesn't work.
Remove UDP blocks. Direct LAN connectivity now available.
Tailscaled notices this on the next handshake cycle, upgrades from DERP to LAN \o/
Put UDP blocks back. Direct LAN connectivity is broken.
Notice that tailscaled never downgrades from LAN back to DERP. Connectivity remains broken until you restart tailscaled.
During the outage, tailscaled periodically logs:
Feb 21 15:02:12 vega tailscaled[2996756]: 2020/02/21 15:02:12 magicsock: rx [pub:…xg0R] from low-pri 127.3.3.40:1 (0), keeping current 10.0.128.103:41641 (2)
So it's receiving nothing from LAN, and receiving handshakes from DERP, but refusing to downgrade.
After cloning the repo in a non-GOPATH location, running go mod download
returns an error:
go: finding github.com/tailscale/wireguard-go v0.0.0-20200211020303-f39bc8eeee1b
go: github.com/tailscale/[email protected]: unknown revision f39bc8eeee1b
go: error loading module requirements
I tried both go 1.13.5 and 1.13.8 giving the same error. Commit f39bc8eeee1b
seems to be appeared in the wireguard-go
repo.
Not sure if i'm doing anything wrong here.
Some firewalls only allow UDP to pass if it is from a known port. We should have a way for clients to be configured to use a predictable port.
It's not clear yet whether this is a network-wide setting, or a client setting.
I ran:
sudo dpkg -i ./out/x86_64-linux/packages/tailscale.deb
...on Ubuntu. It installed everything, but did not print the systemd magic commands to install and start the service, as many other packages do. (You probably don't forget them as much as I do, the pointers are really helpful for me.)
Built at HEAD with NetInfo:
morty:~> journalctl -fu tailscaled
-- Logs begin at Thu 2018-02-22 12:57:10 EST. --
Feb 27 22:28:49 morty tailscaled[36344]: 2020/02/27 22:28:49 derphttp.Client.Recv: connecting
Feb 27 22:28:49 morty tailscaled[36344]: 2020/02/27 22:28:49 derp.Recv: derp.Recv: EOF
Feb 27 22:28:49 morty tailscaled[36344]: 2020/02/27 22:28:49 derphttp.Client.Recv: connecting
Feb 27 22:28:49 morty tailscaled[36344]: 2020/02/27 22:28:49 derp.Recv: derp.Recv: EOF
Feb 27 22:28:50 morty tailscaled[36344]: 2020/02/27 22:28:50 derphttp.Client.Recv: connecting
Feb 27 22:28:50 morty tailscaled[36344]: 2020/02/27 22:28:50 derp.Recv: derp.Recv: EOF
Feb 27 22:28:50 morty tailscaled[36344]: 2020/02/27 22:28:50 derphttp.Client.Recv: connecting
Feb 27 22:28:50 morty tailscaled[36344]: 2020/02/27 22:28:50 derp.Recv: derp.Recv: EOF
Feb 27 22:28:51 morty tailscaled[36344]: 2020/02/27 22:28:51 derphttp.Client.Recv: connecting
Feb 27 22:28:51 morty tailscaled[36344]: 2020/02/27 22:28:51 derp.Recv: derp.Recv: EOF
Feb 27 22:28:51 morty tailscaled[36344]: 2020/02/27 22:28:51 derphttp.Client.Recv: connecting
Feb 27 22:28:51 morty tailscaled[36344]: 2020/02/27 22:28:51 derp.Recv: derp.Recv: EOF
Feb 27 22:28:52 morty tailscaled[36344]: 2020/02/27 22:28:52 derphttp.Client.Recv: connecting
Feb 27 22:28:52 morty tailscaled[36344]: 2020/02/27 22:28:52 derp.Recv: derp.Recv: EOF
Feb 27 22:28:52 morty tailscaled[36344]: 2020/02/27 22:28:52 derphttp.Client.Recv: connecting
Feb 27 22:28:52 morty tailscaled[36344]: 2020/02/27 22:28:52 derp.Recv: derp.Recv: EOF
cc @bradfitz
Hello,
I created a mesh with tailscale and it works perfectly fine. However, when I'm trying to access the IPs via my mobile phone, it doesn't seem to work.
Accessing the IP from my home computer works fine though.
What could be wrong?
Regards,
Dimitris
We don't support IPv6 for the peer-to-peer connections. We should.
(This bug is unrelated to supporting IPv6 addresses for the virtual network addresses - see #19 for that.)
I noticed my tailscaled built at HEAD fail to start up. It hung
51.3M/35.8M Switching ipn state Starting -> Running (WantRunning=true)
51.3M/35.8M [CvZr…DN0I] - Stopping...
51.3M/35.8M [qD6N…bOUo] - Stopping...
51.3M/35.8M [a2yv…HsHM] - Stopping...
51.3M/35.8M [l59f…kOjA] - Stopping...
51.3M/35.8M [k2e0…9PQ0] - Stopping...
51.3M/35.8M [Qp2x…wWAc] - Stopping...
51.3M/35.8M [o9h+…yiGg] - Stopping...
51.3M/35.8M [dFWb…htlE] - Stopping...
51.3M/35.8M [F9u+…AgxU] - Stopping...
51.3M/35.8M [tfYF…ESmU] - Stopping...
51.3M/35.8M [5v1Z…HKUc] - Stopping...
51.3M/35.8M [hBJ7…g7VM] - Stopping...
51.3M/35.8M [LA56…RMjc] - Stopping...
STUN server stun.l.google.com:19302 reports public endpoint 209.180.207.193:57417 after 9.014619ms
magicsock: found local 209.180.207.193:57417 (stun)
STUN server stun3.l.google.com:19302 reports public endpoint 209.180.207.193:57417 after 74.395489ms
magicsock: found local 209.180.207.193:57417 (stun)
magicsock: found local 10.0.0.29:57417 (localAddresses)
52.7M/36.5M control: Hostinfo: &{LONGVER-TODO d8110230555bdb199b48ca6ca71c3802b758e9373cd104d785b8e5c2d1eb8d27 linux taildoc [] [{tcp 22 sshd} {tcp 25 exim4} {tcp 80 godoc} {udp 57417 tailscaled}] 0xc000066cc0}
52.6M/36.5M control: cancelMapSafely: synced=true
52.7M/36.5M external route: up
[wgengine watchdog stacks:
goroutine profile: total 73
8 @ 0x432a40 0x44259b 0x88d692 0x460801
# 0x88d691 github.com/tailscale/wireguard-go/device.(*Peer).RoutineSequentialReceiver+0x1f1 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/receive.go:555
8 @ 0x432a40 0x44259b 0x890e33 0x460801
# 0x890e32 github.com/tailscale/wireguard-go/device.(*Peer).RoutineSequentialSender+0x152 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/send.go:659
7 @ 0x432a40 0x44259b 0x890474 0x460801
# 0x890473 github.com/tailscale/wireguard-go/device.(*Peer).RoutineNonce+0x2a3 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/send.go:481
6 @ 0x432a40 0x443100 0x4430eb 0x442e67 0x892077 0x891fa3 0x892a0a 0x88e823 0x892252 0x8984b0 0x460801
# 0x442e66 sync.runtime_SemacquireMutex+0x46 /home/bradfitz/sdk/go1.13.8/src/runtime/sema.go:71
# 0x892076 sync.(*RWMutex).RLock+0x126 /home/bradfitz/sdk/go1.13.8/src/sync/rwmutex.go:50
# 0x891fa2 github.com/tailscale/wireguard-go/device.(*Peer).timersActive+0x52 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/timers.go:78
# 0x892a09 github.com/tailscale/wireguard-go/device.(*Peer).timersAnyAuthenticatedPacketTraversal+0x69 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/timers.go:223
# 0x88e822 github.com/tailscale/wireguard-go/device.(*Peer).SendHandshakeInitiation+0x372 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/send.go:166
# 0x892251 github.com/tailscale/wireguard-go/device.expiredRetransmitHandshake+0x1b1 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/timers.go:120
# 0x8984af github.com/tailscale/wireguard-go/device.(*Peer).NewTimer.func1+0x9f /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/timers.go:42
4 @ 0x432a40 0x44259b 0x88c05d 0x460801
# 0x88c05c github.com/tailscale/wireguard-go/device.(*Device).RoutineDecryption+0x15c /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/receive.go:248
4 @ 0x432a40 0x44259b 0x890a1d 0x460801
# 0x890a1c github.com/tailscale/wireguard-go/device.(*Device).RoutineEncryption+0x15c /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/send.go:560
2 @ 0x432a40 0x42d7da 0x42cda5 0x4c9885 0x4ca7ff 0x4ca7e1 0x5a715f 0x5bb408 0x615b20 0x4ed024 0x615d6c 0x6142c4 0x618531 0x61853c 0x55f86a 0x4c7657 0x69a977 0x69a92a 0x69b1e1 0x6bb67e 0x6bade3 0x460801
# 0x42cda4 internal/poll.runtime_pollWait+0x54 /home/bradfitz/sdk/go1.13.8/src/runtime/netpoll.go:184
# 0x4c9884 internal/poll.(*pollDesc).wait+0x44 /home/bradfitz/sdk/go1.13.8/src/internal/poll/fd_poll_runtime.go:87
# 0x4ca7fe internal/poll.(*pollDesc).waitRead+0x1ce /home/bradfitz/sdk/go1.13.8/src/internal/poll/fd_poll_runtime.go:92
# 0x4ca7e0 internal/poll.(*FD).Read+0x1b0 /home/bradfitz/sdk/go1.13.8/src/internal/poll/fd_unix.go:169
# 0x5a715e net.(*netFD).Read+0x4e /home/bradfitz/sdk/go1.13.8/src/net/fd_unix.go:202
# 0x5bb407 net.(*conn).Read+0x67 /home/bradfitz/sdk/go1.13.8/src/net/net.go:184
# 0x615b1f crypto/tls.(*atLeastReader).Read+0x5f /home/bradfitz/sdk/go1.13.8/src/crypto/tls/conn.go:780
# 0x4ed023 bytes.(*Buffer).ReadFrom+0xb3 /home/bradfitz/sdk/go1.13.8/src/bytes/buffer.go:204
# 0x615d6b crypto/tls.(*Conn).readFromUntil+0xeb /home/bradfitz/sdk/go1.13.8/src/crypto/tls/conn.go:802
# 0x6142c3 crypto/tls.(*Conn).readRecordOrCCS+0x123 /home/bradfitz/sdk/go1.13.8/src/crypto/tls/conn.go:609
# 0x618530 crypto/tls.(*Conn).readRecord+0x160 /home/bradfitz/sdk/go1.13.8/src/crypto/tls/conn.go:577
# 0x61853b crypto/tls.(*Conn).Read+0x16b /home/bradfitz/sdk/go1.13.8/src/crypto/tls/conn.go:1255
# 0x55f869 bufio.(*Reader).Read+0x269 /home/bradfitz/sdk/go1.13.8/src/bufio/bufio.go:226
# 0x4c7656 io.ReadAtLeast+0x86 /home/bradfitz/sdk/go1.13.8/src/io/io.go:310
# 0x69a976 io.ReadFull+0x86 /home/bradfitz/sdk/go1.13.8/src/io/io.go:329
# 0x69a929 net/http.http2readFrameHeader+0x39 /home/bradfitz/sdk/go1.13.8/src/net/http/h2_bundle.go:1477
# 0x69b1e0 net/http.(*http2Framer).ReadFrame+0xa0 /home/bradfitz/sdk/go1.13.8/src/net/http/h2_bundle.go:1735
# 0x6bb67d net/http.(*http2clientConnReadLoop).run+0x8d /home/bradfitz/sdk/go1.13.8/src/net/http/h2_bundle.go:8175
# 0x6bade2 net/http.(*http2ClientConn).readLoop+0xa2 /home/bradfitz/sdk/go1.13.8/src/net/http/h2_bundle.go:8103
2 @ 0x432a40 0x443100 0x4430eb 0x442e67 0x46eacc 0x8bb75d 0x8bb3b1 0x8bf638 0x89016c 0x890351 0x460801
# 0x442e66 sync.runtime_SemacquireMutex+0x46 /home/bradfitz/sdk/go1.13.8/src/runtime/sema.go:71
# 0x46eacb sync.(*Mutex).lockSlow+0xfb /home/bradfitz/sdk/go1.13.8/src/sync/mutex.go:138
# 0x8bb75c sync.(*Mutex).Lock+0x55c /home/bradfitz/sdk/go1.13.8/src/sync/mutex.go:81
# 0x8bb3b0 tailscale.com/wgengine.(*userspaceEngine).startPinger+0x1b0 /home/bradfitz/src/tailscale.com/wgengine/userspace.go:237
# 0x8bf637 tailscale.com/wgengine.newUserspaceEngineAdvanced.func4+0x2b7 /home/bradfitz/src/tailscale.com/wgengine/userspace.go:170
# 0x89016b github.com/tailscale/wireguard-go/device.(*Peer).handshakeDoneCallback+0xdb /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/send.go:399
# 0x890350 github.com/tailscale/wireguard-go/device.(*Peer).RoutineNonce+0x180 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/send.go:484
2 @ 0x432a40 0x443100 0x4430eb 0x442e67 0x46eacc 0x8bd897 0x8bc691 0x8bd942 0x460801
# 0x442e66 sync.runtime_SemacquireMutex+0x46 /home/bradfitz/sdk/go1.13.8/src/runtime/sema.go:71
# 0x46eacb sync.(*Mutex).lockSlow+0xfb /home/bradfitz/sdk/go1.13.8/src/sync/mutex.go:138
# 0x8bd896 sync.(*Mutex).Lock+0x1266 /home/bradfitz/sdk/go1.13.8/src/sync/mutex.go:81
# 0x8bc690 tailscale.com/wgengine.(*userspaceEngine).getStatus+0x60 /home/bradfitz/src/tailscale.com/wgengine/userspace.go:425
# 0x8bd941 tailscale.com/wgengine.(*userspaceEngine).RequestStatus+0x81 /home/bradfitz/src/tailscale.com/wgengine/userspace.go:543
2 @ 0x432a40 0x443100 0x4430eb 0x442e67 0x884df4 0x884d41 0x887e19 0x88d06c 0x460801
# 0x442e66 sync.runtime_SemacquireMutex+0x46 /home/bradfitz/sdk/go1.13.8/src/runtime/sema.go:71
# 0x884df3 sync.(*RWMutex).RLock+0x113 /home/bradfitz/sdk/go1.13.8/src/sync/rwmutex.go:50
# 0x884d40 github.com/tailscale/wireguard-go/device.(*Device).LookupPeer+0x60 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/device.go:421
# 0x887e18 github.com/tailscale/wireguard-go/device.(*Device).ConsumeMessageInitiation+0x2c8 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/noise-protocol.go:274
# 0x88d06b github.com/tailscale/wireguard-go/device.(*Device).RoutineHandshake+0xb2b /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/receive.go:441
1 @ 0x40c994 0x44713c 0x7816d2 0x460801
# 0x44713b os/signal.signal_recv+0x9b /home/bradfitz/sdk/go1.13.8/src/runtime/sigqueue.go:147
# 0x7816d1 os/signal.loop+0x21 /home/bradfitz/sdk/go1.13.8/src/os/signal/signal_unix.go:23
1 @ 0x432a40 0x407578 0x40754e 0x40723b 0x8b31a6 0x8b1ad0 0x8b2651 0x8b0650 0x8adeb4 0x8adc10 0x8adb36 0x8b779e 0x8b7178 0x460801
# 0x8b31a5 github.com/mdlayher/netlink.(*lockedNetNSGoroutine).run+0xb5 /home/bradfitz/pkg/mod/github.com/mdlayher/[email protected]/conn_linux.go:771
# 0x8b1acf github.com/mdlayher/netlink.(*sysSocket).read+0xef /home/bradfitz/pkg/mod/github.com/mdlayher/[email protected]/conn_linux.go:377
# 0x8b2650 github.com/mdlayher/netlink.(*sysSocket).Recvmsg+0x170 /home/bradfitz/pkg/mod/github.com/mdlayher/[email protected]/conn_linux.go:543
# 0x8b064f github.com/mdlayher/netlink.(*conn).Receive+0xef /home/bradfitz/pkg/mod/github.com/mdlayher/[email protected]/conn_linux.go:147
# 0x8adeb3 github.com/mdlayher/netlink.(*Conn).receive+0x73 /home/bradfitz/pkg/mod/github.com/mdlayher/[email protected]/conn.go:288
# 0x8adc0f github.com/mdlayher/netlink.(*Conn).lockedReceive+0x3f /home/bradfitz/pkg/mod/github.com/mdlayher/[email protected]/conn.go:247
# 0x8adb35 github.com/mdlayher/netlink.(*Conn).Receive+0x95 /home/bradfitz/pkg/mod/github.com/mdlayher/[email protected]/conn.go:240
# 0x8b779d tailscale.com/wgengine/monitor.(*nlConn).Receive+0x2d /home/bradfitz/src/tailscale.com/wgengine/monitor/monitor_linux.go:46
# 0x8b7177 tailscale.com/wgengine/monitor.(*Mon).pump+0x77 /home/bradfitz/src/tailscale.com/wgengine/monitor/monitor.go:103
1 @ 0x432a40 0x407578 0x40754e 0x40723b 0x8c6465 0x460801
# 0x8c6464 tailscale.com/ipn.(*LocalBackend).runPoller+0x1e4 /home/bradfitz/src/tailscale.com/ipn/local.go:305
1 @ 0x432a40 0x407578 0x40754e 0x40727b 0x892d82 0x460801
# 0x892d81 github.com/tailscale/wireguard-go/device.(*Device).RoutineTUNEventReader+0x101 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/tun.go:25
1 @ 0x432a40 0x42d7da 0x42cda5 0x4c9885 0x4ca7ff 0x4ca7e1 0x4d1f31 0x4d1f04 0x874b1c 0x88fa93 0x460801
# 0x42cda4 internal/poll.runtime_pollWait+0x54 /home/bradfitz/sdk/go1.13.8/src/runtime/netpoll.go:184
# 0x4c9884 internal/poll.(*pollDesc).wait+0x44 /home/bradfitz/sdk/go1.13.8/src/internal/poll/fd_poll_runtime.go:87
# 0x4ca7fe internal/poll.(*pollDesc).waitRead+0x1ce /home/bradfitz/sdk/go1.13.8/src/internal/poll/fd_poll_runtime.go:92
# 0x4ca7e0 internal/poll.(*FD).Read+0x1b0 /home/bradfitz/sdk/go1.13.8/src/internal/poll/fd_unix.go:169
# 0x4d1f30 os.(*File).read+0x70 /home/bradfitz/sdk/go1.13.8/src/os/file_unix.go:259
# 0x4d1f03 os.(*File).Read+0x43 /home/bradfitz/sdk/go1.13.8/src/os/file.go:116
# 0x874b1b github.com/tailscale/wireguard-go/tun.(*NativeTun).Read+0x12b /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/tun/tun_linux.go:348
# 0x88fa92 github.com/tailscale/wireguard-go/device.(*Device).RoutineReadFromTUN+0x102 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/send.go:317
1 @ 0x432a40 0x42d7da 0x42cda5 0x4c9885 0x4ca7ff 0x4ca7e1 0x5a715f 0x5bb408 0x615b20 0x4ed024 0x615d6c 0x6142c4 0x618531 0x61853c 0x55f1a3 0x55fa59 0x89c9bf 0x89caa2 0x89e2a2 0x89faf1 0x8a69b4 0x460801
# 0x42cda4 internal/poll.runtime_pollWait+0x54 /home/bradfitz/sdk/go1.13.8/src/runtime/netpoll.go:184
# 0x4c9884 internal/poll.(*pollDesc).wait+0x44 /home/bradfitz/sdk/go1.13.8/src/internal/poll/fd_poll_runtime.go:87
# 0x4ca7fe internal/poll.(*pollDesc).waitRead+0x1ce /home/bradfitz/sdk/go1.13.8/src/internal/poll/fd_poll_runtime.go:92
# 0x4ca7e0 internal/poll.(*FD).Read+0x1b0 /home/bradfitz/sdk/go1.13.8/src/internal/poll/fd_unix.go:169
# 0x5a715e net.(*netFD).Read+0x4e /home/bradfitz/sdk/go1.13.8/src/net/fd_unix.go:202
# 0x5bb407 net.(*conn).Read+0x67 /home/bradfitz/sdk/go1.13.8/src/net/net.go:184
# 0x615b1f crypto/tls.(*atLeastReader).Read+0x5f /home/bradfitz/sdk/go1.13.8/src/crypto/tls/conn.go:780
# 0x4ed023 bytes.(*Buffer).ReadFrom+0xb3 /home/bradfitz/sdk/go1.13.8/src/bytes/buffer.go:204
# 0x615d6b crypto/tls.(*Conn).readFromUntil+0xeb /home/bradfitz/sdk/go1.13.8/src/crypto/tls/conn.go:802
# 0x6142c3 crypto/tls.(*Conn).readRecordOrCCS+0x123 /home/bradfitz/sdk/go1.13.8/src/crypto/tls/conn.go:609
# 0x618530 crypto/tls.(*Conn).readRecord+0x160 /home/bradfitz/sdk/go1.13.8/src/crypto/tls/conn.go:577
# 0x61853b crypto/tls.(*Conn).Read+0x16b /home/bradfitz/sdk/go1.13.8/src/crypto/tls/conn.go:1255
# 0x55f1a2 bufio.(*Reader).fill+0x102 /home/bradfitz/sdk/go1.13.8/src/bufio/bufio.go:100
# 0x55fa58 bufio.(*Reader).ReadByte+0x38 /home/bradfitz/sdk/go1.13.8/src/bufio/bufio.go:252
# 0x89c9be tailscale.com/derp.readFrameHeader+0x2e /home/bradfitz/src/tailscale.com/derp/derp.go:95
# 0x89caa1 tailscale.com/derp.readFrame+0x31 /home/bradfitz/src/tailscale.com/derp/derp.go:117
# 0x89e2a1 tailscale.com/derp.(*Client).Recv+0x131 /home/bradfitz/src/tailscale.com/derp/derp_client.go:180
# 0x89faf0 tailscale.com/derp/derphttp.(*Client).Recv+0xa0 /home/bradfitz/src/tailscale.com/derp/derphttp/derphttp_client.go:175
# 0x8a69b3 tailscale.com/wgengine/magicsock.(*Conn).runDerpReader+0x103 /home/bradfitz/src/tailscale.com/wgengine/magicsock/magicsock.go:583
1 @ 0x432a40 0x42d7da 0x42cda5 0x4c9885 0x4cacf3 0x4cacd2 0x5a72bb 0x5c837a 0x5c696d 0x8aabaa 0x8abc1a 0x460801
# 0x42cda4 internal/poll.runtime_pollWait+0x54 /home/bradfitz/sdk/go1.13.8/src/runtime/netpoll.go:184
# 0x4c9884 internal/poll.(*pollDesc).wait+0x44 /home/bradfitz/sdk/go1.13.8/src/internal/poll/fd_poll_runtime.go:87
# 0x4cacf2 internal/poll.(*pollDesc).waitRead+0x1c2 /home/bradfitz/sdk/go1.13.8/src/internal/poll/fd_poll_runtime.go:92
# 0x4cacd1 internal/poll.(*FD).ReadFrom+0x1a1 /home/bradfitz/sdk/go1.13.8/src/internal/poll/fd_unix.go:219
# 0x5a72ba net.(*netFD).readFrom+0x5a /home/bradfitz/sdk/go1.13.8/src/net/fd_unix.go:208
# 0x5c8379 net.(*UDPConn).readFrom+0x69 /home/bradfitz/sdk/go1.13.8/src/net/udpsock_posix.go:47
# 0x5c696c net.(*UDPConn).ReadFrom+0x5c /home/bradfitz/sdk/go1.13.8/src/net/udpsock.go:121
# 0x8aaba9 tailscale.com/wgengine/magicsock.(*RebindingUDPConn).ReadFrom+0x99 /home/bradfitz/src/tailscale.com/wgengine/magicsock/magicsock.go:1068
# 0x8abc19 tailscale.com/wgengine/magicsock.(*Conn).ReceiveIPv4.func1+0x99 /home/bradfitz/src/tailscale.com/wgengine/magicsock/magicsock.go:675
1 @ 0x432a40 0x42d7da 0x42cda5 0x4c9885 0x4cc208 0x4cc1e7 0x5a7ad2 0x5cc312 0x5ca817 0x8ce2be 0x8d7544 0x43266e 0x460801
# 0x42cda4 internal/poll.runtime_pollWait+0x54 /home/bradfitz/sdk/go1.13.8/src/runtime/netpoll.go:184
# 0x4c9884 internal/poll.(*pollDesc).wait+0x44 /home/bradfitz/sdk/go1.13.8/src/internal/poll/fd_poll_runtime.go:87
# 0x4cc207 internal/poll.(*pollDesc).waitRead+0x1f7 /home/bradfitz/sdk/go1.13.8/src/internal/poll/fd_poll_runtime.go:92
# 0x4cc1e6 internal/poll.(*FD).Accept+0x1d6 /home/bradfitz/sdk/go1.13.8/src/internal/poll/fd_unix.go:384
# 0x5a7ad1 net.(*netFD).accept+0x41 /home/bradfitz/sdk/go1.13.8/src/net/fd_unix.go:238
# 0x5cc311 net.(*UnixListener).accept+0x31 /home/bradfitz/sdk/go1.13.8/src/net/unixsock_posix.go:162
# 0x5ca816 net.(*UnixListener).Accept+0x46 /home/bradfitz/sdk/go1.13.8/src/net/unixsock.go:260
# 0x8ce2bd tailscale.com/ipn/ipnserver.Run+0x5ed /home/bradfitz/src/tailscale.com/ipn/ipnserver/server.go:159
# 0x8d7543 main.main+0x6f3 /home/bradfitz/src/tailscale.com/cmd/tailscaled/tailscaled.go:86
# 0x43266d runtime.main+0x21d /home/bradfitz/sdk/go1.13.8/src/runtime/proc.go:203
1 @ 0x432a40 0x42d7da 0x42cda5 0x4c9885 0x4cd21d 0x4cd1fa 0x4d6265 0x8b396d 0x8b5270 0x8b5f2f 0x8b5c71 0x460801
# 0x42cda4 internal/poll.runtime_pollWait+0x54 /home/bradfitz/sdk/go1.13.8/src/runtime/netpoll.go:184
# 0x4c9884 internal/poll.(*pollDesc).wait+0x44 /home/bradfitz/sdk/go1.13.8/src/internal/poll/fd_poll_runtime.go:87
# 0x4cd21c internal/poll.(*pollDesc).waitRead+0x10c /home/bradfitz/sdk/go1.13.8/src/internal/poll/fd_poll_runtime.go:92
# 0x4cd1f9 internal/poll.(*FD).RawRead+0xe9 /home/bradfitz/sdk/go1.13.8/src/internal/poll/fd_unix.go:534
# 0x4d6264 os.(*rawConn).Read+0x64 /home/bradfitz/sdk/go1.13.8/src/os/rawconn.go:31
# 0x8b396c github.com/mdlayher/netlink.fdread+0x9c /home/bradfitz/pkg/mod/github.com/mdlayher/[email protected]/fdcall_gteq_1.12.go:21
# 0x8b526f github.com/mdlayher/netlink.(*sysSocket).read.func1+0x3f /home/bradfitz/pkg/mod/github.com/mdlayher/[email protected]/conn_linux.go:378
# 0x8b5f2e github.com/mdlayher/netlink.(*lockedNetNSGoroutine).run.func1+0x5e /home/bradfitz/pkg/mod/github.com/mdlayher/[email protected]/conn_linux.go:769
# 0x8b5c70 github.com/mdlayher/netlink.newLockedNetNSGoroutine.func1+0x180 /home/bradfitz/pkg/mod/github.com/mdlayher/[email protected]/conn_linux.go:742
1 @ 0x432a40 0x44259b 0x857396 0x460801
# 0x857395 tailscale.com/control/controlclient.(*Client).authRoutine+0xad5 /home/bradfitz/src/tailscale.com/control/controlclient/auto.go:282
1 @ 0x432a40 0x44259b 0x862a65 0x460801
# 0x862a64 tailscale.com/control/controlclient.(*Direct).PollNetMap.func1+0xc4 /home/bradfitz/src/tailscale.com/control/controlclient/direct.go:481
1 @ 0x432a40 0x44259b 0x873467 0x460801
# 0x873466 github.com/tailscale/wireguard-go/tun.(*NativeTun).routineHackListener+0x236 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/tun/tun_linux.go:77
1 @ 0x432a40 0x44259b 0x87dbbc 0x460801
# 0x87dbbb github.com/tailscale/wireguard-go/ratelimiter.(*Ratelimiter).Init.func1+0xbb /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/ratelimiter/ratelimiter.go:67
1 @ 0x432a40 0x44259b 0x8a443e 0x460801
# 0x8a443d tailscale.com/wgengine/magicsock.(*Conn).epUpdate+0x14d /home/bradfitz/src/tailscale.com/wgengine/magicsock/magicsock.go:178
1 @ 0x432a40 0x44259b 0x8a6e57 0x460801
# 0x8a6e56 tailscale.com/wgengine/magicsock.(*Conn).runDerpWriter+0xf6 /home/bradfitz/src/tailscale.com/wgengine/magicsock/magicsock.go:628
1 @ 0x432a40 0x44259b 0x8a7521 0x88be25 0x460801
# 0x8a7520 tailscale.com/wgengine/magicsock.(*Conn).ReceiveIPv4+0x1c0 /home/bradfitz/src/tailscale.com/wgengine/magicsock/magicsock.go:698
# 0x88be24 github.com/tailscale/wireguard-go/device.(*Device).RoutineReceiveIncoming+0x714 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/receive.go:126
1 @ 0x432a40 0x44259b 0x8c26ce 0x460801
# 0x8c26cd tailscale.com/portlist.(*Poller).Run+0x17d /home/bradfitz/src/tailscale.com/portlist/poller.go:44
1 @ 0x432a40 0x44259b 0x8ceac7 0x460801
# 0x8ceac6 tailscale.com/ipn/ipnserver.Run.func2+0xb6 /home/bradfitz/src/tailscale.com/ipn/ipnserver/server.go:90
1 @ 0x432a40 0x44259b 0x8d107c 0x8d14fa 0x460801
# 0x8d107b tailscale.com/logtail.(*logger).drainPending+0x49b /home/bradfitz/src/tailscale.com/logtail/logtail.go:184
# 0x8d14f9 tailscale.com/logtail.(*logger).uploading+0x249 /home/bradfitz/src/tailscale.com/logtail/logtail.go:236
1 @ 0x432a40 0x443100 0x4430eb 0x442d52 0x470574 0x88ad8e 0x883230 0x885086 0x894ed1 0x8be071 0x8bf15f 0x8b73d2 0x460801
# 0x442d51 sync.runtime_Semacquire+0x41 /home/bradfitz/sdk/go1.13.8/src/runtime/sema.go:56
# 0x470573 sync.(*WaitGroup).Wait+0x63 /home/bradfitz/sdk/go1.13.8/src/sync/waitgroup.go:130
# 0x88ad8d github.com/tailscale/wireguard-go/device.(*Peer).Stop+0x15d /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/peer.go:312
# 0x88322f github.com/tailscale/wireguard-go/device.unsafeRemovePeer+0x4f /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/device.go:130
# 0x885085 github.com/tailscale/wireguard-go/device.(*Device).RemoveAllPeers+0x125 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/device.go:443
# 0x894ed0 github.com/tailscale/wireguard-go/device.(*Device).IpcSetOperation+0x1b00 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/uapi.go:212
# 0x8be070 tailscale.com/wgengine.(*userspaceEngine).LinkChange+0x2e0 /home/bradfitz/src/tailscale.com/wgengine/userspace.go:591
# 0x8bf15e tailscale.com/wgengine.newUserspaceEngineAdvanced.func1+0x2e /home/bradfitz/src/tailscale.com/wgengine/userspace.go:108
# 0x8b73d1 tailscale.com/wgengine/monitor.(*Mon).debounce+0x111 /home/bradfitz/src/tailscale.com/wgengine/monitor/monitor.go:134
1 @ 0x432a40 0x443100 0x4430eb 0x442e67 0x46eacc 0x8bc312 0x8bb837 0x8c01a6 0x8c00c7 0x460801
# 0x442e66 sync.runtime_SemacquireMutex+0x46 /home/bradfitz/sdk/go1.13.8/src/runtime/sema.go:71
# 0x46eacb sync.(*Mutex).lockSlow+0xfb /home/bradfitz/sdk/go1.13.8/src/sync/mutex.go:138
# 0x8bc311 sync.(*Mutex).Lock+0xb61 /home/bradfitz/sdk/go1.13.8/src/sync/mutex.go:81
# 0x8bb836 tailscale.com/wgengine.(*userspaceEngine).Reconfig+0x86 /home/bradfitz/src/tailscale.com/wgengine/userspace.go:306
# 0x8c01a5 tailscale.com/wgengine.(*watchdogEngine).Reconfig.func1+0x55 /home/bradfitz/src/tailscale.com/wgengine/watchdog.go:64
# 0x8c00c6 tailscale.com/wgengine.(*watchdogEngine).watchdogErr.func1+0x26 /home/bradfitz/src/tailscale.com/wgengine/watchdog.go:40
1 @ 0x432a40 0x443100 0x4430eb 0x442e67 0x46eacc 0x8bd897 0x8bc691 0x8bd942 0x8bf270 0x8ab6aa 0x460801
# 0x442e66 sync.runtime_SemacquireMutex+0x46 /home/bradfitz/sdk/go1.13.8/src/runtime/sema.go:71
# 0x46eacb sync.(*Mutex).lockSlow+0xfb /home/bradfitz/sdk/go1.13.8/src/sync/mutex.go:138
# 0x8bd896 sync.(*Mutex).Lock+0x1266 /home/bradfitz/sdk/go1.13.8/src/sync/mutex.go:81
# 0x8bc690 tailscale.com/wgengine.(*userspaceEngine).getStatus+0x60 /home/bradfitz/src/tailscale.com/wgengine/userspace.go:425
# 0x8bd941 tailscale.com/wgengine.(*userspaceEngine).RequestStatus+0x81 /home/bradfitz/src/tailscale.com/wgengine/userspace.go:543
# 0x8bf26f tailscale.com/wgengine.newUserspaceEngineAdvanced.func2+0xff /home/bradfitz/src/tailscale.com/wgengine/userspace.go:119
# 0x8ab6a9 tailscale.com/wgengine/magicsock.(*Conn).epUpdate.func1+0x209 /home/bradfitz/src/tailscale.com/wgengine/magicsock/magicsock.go:208
1 @ 0x432a40 0x443100 0x4430eb 0x442e67 0x46eacc 0x8bd897 0x8bc691 0x8bd942 0x8bf8ce 0x460801
# 0x442e66 sync.runtime_SemacquireMutex+0x46 /home/bradfitz/sdk/go1.13.8/src/runtime/sema.go:71
# 0x46eacb sync.(*Mutex).lockSlow+0xfb /home/bradfitz/sdk/go1.13.8/src/sync/mutex.go:138
# 0x8bd896 sync.(*Mutex).Lock+0x1266 /home/bradfitz/sdk/go1.13.8/src/sync/mutex.go:81
# 0x8bc690 tailscale.com/wgengine.(*userspaceEngine).getStatus+0x60 /home/bradfitz/src/tailscale.com/wgengine/userspace.go:425
# 0x8bd941 tailscale.com/wgengine.(*userspaceEngine).RequestStatus+0x81 /home/bradfitz/src/tailscale.com/wgengine/userspace.go:543
# 0x8bf8cd tailscale.com/wgengine.newUserspaceEngineAdvanced.func7+0x12d /home/bradfitz/src/tailscale.com/wgengine/userspace.go:204
1 @ 0x432a40 0x443100 0x4430eb 0x442e67 0x892077 0x891fa3 0x89295b 0x88ef88 0x88d1c0 0x460801
# 0x442e66 sync.runtime_SemacquireMutex+0x46 /home/bradfitz/sdk/go1.13.8/src/runtime/sema.go:71
# 0x892076 sync.(*RWMutex).RLock+0x126 /home/bradfitz/sdk/go1.13.8/src/sync/rwmutex.go:50
# 0x891fa2 github.com/tailscale/wireguard-go/device.(*Peer).timersActive+0x52 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/timers.go:78
# 0x89295a github.com/tailscale/wireguard-go/device.(*Peer).timersSessionDerived+0x2a /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/timers.go:216
# 0x88ef87 github.com/tailscale/wireguard-go/device.(*Peer).SendHandshakeResponse+0x477 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/send.go:203
# 0x88d1bf github.com/tailscale/wireguard-go/device.(*Device).RoutineHandshake+0xc7f /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/receive.go:464
1 @ 0x432a40 0x443100 0x4430eb 0x442e67 0x892077 0x891fa3 0x892a0a 0x88cd44 0x460801
# 0x442e66 sync.runtime_SemacquireMutex+0x46 /home/bradfitz/sdk/go1.13.8/src/runtime/sema.go:71
# 0x892076 sync.(*RWMutex).RLock+0x126 /home/bradfitz/sdk/go1.13.8/src/sync/rwmutex.go:50
# 0x891fa2 github.com/tailscale/wireguard-go/device.(*Peer).timersActive+0x52 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/timers.go:78
# 0x892a09 github.com/tailscale/wireguard-go/device.(*Peer).timersAnyAuthenticatedPacketTraversal+0x69 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/timers.go:223
# 0x88cd43 github.com/tailscale/wireguard-go/device.(*Device).RoutineHandshake+0x803 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/receive.go:498
1 @ 0x47b345 0x86595c 0x864c44 0x872963 0x872923 0x87388a 0x460801
# 0x47b344 syscall.Syscall6+0x4 /home/bradfitz/sdk/go1.13.8/src/syscall/asm_linux_amd64.s:44
# 0x86595b golang.org/x/sys/unix.Pselect+0xbb /home/bradfitz/pkg/mod/golang.org/x/[email protected]/unix/zsyscall_linux_amd64.go:1221
# 0x864c43 golang.org/x/sys/unix.Select+0x93 /home/bradfitz/pkg/mod/golang.org/x/[email protected]/unix/syscall_linux_amd64.go:54
# 0x872962 github.com/tailscale/wireguard-go/rwcancel.unixSelect+0x162 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/rwcancel/select_linux.go:11
# 0x872922 github.com/tailscale/wireguard-go/rwcancel.(*RWCancel).ReadyRead+0x122 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/rwcancel/rwcancel.go:67
# 0x873889 github.com/tailscale/wireguard-go/tun.(*NativeTun).routineNetlinkListener+0x199 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/tun/tun_linux.go:118
1 @ 0x47b345 0x86595c 0x864c44 0x872963 0x872923 0x8913e0 0x460801
# 0x47b344 syscall.Syscall6+0x4 /home/bradfitz/sdk/go1.13.8/src/syscall/asm_linux_amd64.s:44
# 0x86595b golang.org/x/sys/unix.Pselect+0xbb /home/bradfitz/pkg/mod/golang.org/x/[email protected]/unix/zsyscall_linux_amd64.go:1221
# 0x864c43 golang.org/x/sys/unix.Select+0x93 /home/bradfitz/pkg/mod/golang.org/x/[email protected]/unix/syscall_linux_amd64.go:54
# 0x872962 github.com/tailscale/wireguard-go/rwcancel.unixSelect+0x162 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/rwcancel/select_linux.go:11
# 0x872922 github.com/tailscale/wireguard-go/rwcancel.(*RWCancel).ReadyRead+0x122 /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/rwcancel/rwcancel.go:67
# 0x8913df github.com/tailscale/wireguard-go/device.(*Device).routineRouteListener+0x19f /home/bradfitz/pkg/mod/github.com/tailscale/[email protected]/device/sticky_linux.go:60
1 @ 0x765305 0x765120 0x761d4a 0x8be3da 0x8be6d6 0x8c8cb7 0x8c90fe 0x8c96d9 0x8cc7a6 0x8584ac 0x86289f 0x85cf77 0x857ae3 0x460801
# 0x765304 runtime/pprof.writeRuntimeProfile+0x94 /home/bradfitz/sdk/go1.13.8/src/runtime/pprof/pprof.go:708
# 0x76511f runtime/pprof.writeGoroutine+0x9f /home/bradfitz/sdk/go1.13.8/src/runtime/pprof/pprof.go:670
# 0x761d49 runtime/pprof.(*Profile).WriteTo+0x3d9 /home/bradfitz/sdk/go1.13.8/src/runtime/pprof/pprof.go:329
# 0x8be3d9 tailscale.com/wgengine.(*watchdogEngine).watchdogErr+0x1e9 /home/bradfitz/src/tailscale.com/wgengine/watchdog.go:49
# 0x8be6d5 tailscale.com/wgengine.(*watchdogEngine).Reconfig+0xa5 /home/bradfitz/src/tailscale.com/wgengine/watchdog.go:64
# 0x8c8cb6 tailscale.com/ipn.(*LocalBackend).authReconfig+0x316 /home/bradfitz/src/tailscale.com/ipn/local.go:622
# 0x8c90fd tailscale.com/ipn.(*LocalBackend).enterState+0x20d /home/bradfitz/src/tailscale.com/ipn/local.go:656
# 0x8c96d8 tailscale.com/ipn.(*LocalBackend).stateMachine+0x38 /home/bradfitz/src/tailscale.com/ipn/local.go:710
# 0x8cc7a5 tailscale.com/ipn.(*LocalBackend).Start.func1+0x195 /home/bradfitz/src/tailscale.com/ipn/local.go:250
# 0x8584ab tailscale.com/control/controlclient.(*Client).sendStatus+0x35b /home/bradfitz/src/tailscale.com/control/controlclient/auto.go:538
# 0x86289e tailscale.com/control/controlclient.(*Client).mapRoutine.func2+0x1be /home/bradfitz/src/tailscale.com/control/controlclient/auto.go:457
# 0x85cf76 tailscale.com/control/controlclient.(*Direct).PollNetMap+0x1026 /home/bradfitz/src/tailscale.com/control/controlclient/direct.go:572
# 0x857ae2 tailscale.com/control/controlclient.(*Client).mapRoutine+0x2a2 /home/bradfitz/src/tailscale.com/control/controlclient/auto.go:428
wgengine: watchdog timeout on Reconfig
I always forget to specify the tailscaled --state
flag, then forget what value I used previously.
Let's just make it user-friendly and pick a reasonable, opinionated default.
If it absolutely must be opt-in (can't think of why?), then the error should say why and suggest a reasonable default value. Currently it just says:
# ./tailscaled
logtail started
Program starting: vLONGVER-TODO: []string{"./tailscaled"}
LogID: d8110230555bdb199b48ca6ca71c3802b758e9373cd104d785b8e5c2d1eb8d27
--state is required
tailscale{,d} is shaping up, and as part of that I'm moving a bunch of paths around:
The tailscaled paths are managed by systemd, so they're guaranteed to always exist on daemon startup, and /run/tailscale is guaranteed to be cleaned up on daemon exit.
What's the right place to put these files on *BSD? I'm guessing most of them are already correct, with the possible exception of /run/tailscale -> /var/run/tailscale ?
cc @wardn @martinbaillie as our resident BSD knowers.
Describe the bug
Tailscale won't start and logs :
CreateTUN: no such file or directory
Error starting wireguard engine: no such file or directory
Because in LXC, the wireguard module is loaded on the host machine (Like a Proxmox) and not in the container. I think that's why the bug occurs because i've made 3 times the same install and this is the only one that failed.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Tailscale has to start and work normally
Version information:
Additional context
I've added the default (41641) port as UDP forward on my Proxmox NAT but still won't start
Tailscale end-to-end connectivity between peers needs to always work, even if the peers have challenging/changing network configurations.
Some high level dependent bugs are:
/cc @danderson @apenwarr @crawshaw
┆Issue is synchronized with this Asana task by Unito
Overall tracking bug for network change reactivity.
When the network environment changes (e.g. switch from LTE to wifi, NAT gateway reboots and loses all its mappings), nodes should reestablish connectivity gracefully.
We currently adapt in some cases, but not others. We should always notice changes to connectivity, and adapt gracefully to them.
Tracking bug for deploying DERP, the "Detour Encrypted Routing Protocol".
Tailscale tries to send traffic directly between peers, traversing NATs as needed, but sometimes no path is possible or it takes some time to find a path, so DERP is the ultimate fallback that routes encrypted packets through the cloud.
DERP is somewhat implemented & tested, but not enough, and it's not yet deployed + used.
Packet from [2604:a880:2:d1::c5:7001]:3478: "\x01\x01\x00H!\x12\xa4B\x06\xf5f\x85Ҋ\xf3\xe6\x9c\xe3A\xe2\x00\x01\x00\x14\x00\x02\x90\xce&\x02\x00Ѵ\xcf\xc1\x008\xb21\xff\xfe\xef\x96\xf6\x80+\x00\x14\x00\x02\r\x96&\x04\xa8\x80\x00\x02\x00\xd1\x00\x00\x00\x00\x00\xc5p\x01\x00 \x00\x14\x00\x02\xb1\xdc\a\x10\xa4\x93\xb2:\xa7\x85\xea8\xc2\x19b\f\xd7\x14"
panic: runtime error: index out of range [4] with length 4
goroutine 12 [running]:
tailscale.com/stun.xorMappedAddress(0xe6f38ad28566f506, 0xe241e39c, 0xc0001dc048, 0x14, 0xffb8, 0x4d46d1, 0xba7740, 0x85afc0, 0xc0002a2000, 0xc00004fd50, ...)
/home/bradfitz/src/tailscale.com/stun/stun.go:165 +0x27e
tailscale.com/stun.ParseResponse(0xc0001dc000, 0x14, 0xffbc, 0xe6f38ad28566f506, 0xc0e241e39c, 0x3, 0xc00004fdd8, 0x4d46d1, 0x8, 0xc00004fd60, ...)
/home/bradfitz/src/tailscale.com/stun/stun.go:107 +0x462
tailscale.com/stunner.(*Stunner).Receive(0xc000012780, 0xc0001dc000, 0x5c, 0x10000, 0xc00029e450)
/home/bradfitz/src/tailscale.com/stunner/stunner.go:54 +0x71
tailscale.com/ipn.(*LocalBackend).populateNetworkConditions.func3(0xc000012780, 0x907160, 0xc0000100a0)
/home/bradfitz/src/tailscale.com/ipn/local.go:833 +0x1e9
created by tailscale.com/ipn.(*LocalBackend).populateNetworkConditions
/home/bradfitz/src/tailscale.com/ipn/local.go:857 +0x9c3
FAIL tailscale.com/ipn 0.068s
FAIL
/cc @crawshaw but I can also figure this out if you're busy. I should learn STUN anyway.
Describe the bug
After running for a short-ish while (overnight), tailscaled crashed with a panic this morning:
panic: Tried to generate emptyPrivateKey.Public()
I don't think there was significant traffic - if any just background traffic as I was asleep.
I'm not really sure what other information you need to debug. Happy to answer questions.
To Reproduce
Don't know yet at this point.
Expected behavior
Not to panic :-)
Screenshots
If applicable, add screenshots to help explain your problem.
Version information:
[simon@fsrv0:tailscale] git rev-parse HEAD
c47f907
(Not experienced git user, so I hope this identifies the version. I cloned repo last evening 2020-02-20)
Additional context
Had been started with:
~simon/go/bin/tailscaled --state /var/db/tailscaled.state
Terminal output:
91.1M/59.6M netmap packet filter: [=>:*]
91.1M/59.6M Configuring wireguard connection.
91.1M/59.6M reconfig: ra=false dns=true 0x01
91.1M/59.6M Reconfig(): configuring userspace wireguard engine.
91.1M/59.6M ...unchanged config, skipping.
91.1M/59.6M SetPrefs: Prefs{ra=false mesh=true dns=true want=true notepad=false pf=true routes=[] Persist{m=[pub:_/iWz], o=[empty], n=[pub:_0koN] u="REDACTED"}}
91.1M/59.6M Switching ipn state Running -> NeedsLogin (WantRunning=true)
91.1M/59.6M blockEngineUpdates(true)
91.1M/59.6M Reconfig(): configuring userspace wireguard engine.
91.1M/59.6M [nCr2_ciUA] - Stopping...
91.1M/59.6M [EDlz_xXjU] - Stopping...
91.1M/59.6M [I2nU_mekE] - Stopping...
panic: Tried to generate emptyPrivateKey.Public()
goroutine 1306 [running]:
github.com/tailscale/wireguard-go/wgcfg.(*PrivateKey).Public(0xc0019e54f8, 0x0, 0x0, 0x0, 0x0)
/home/simon/go/pkg/mod/github.com/tailscale/[email protected]/wgcfg/key.go:158 +0x12b
github.com/tailscale/wireguard-go/device.(*Device).SetPrivateKey(0xc0000ce580, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
/home/simon/go/pkg/mod/github.com/tailscale/[email protected]/device/device.go:269 +0x3c3
github.com/tailscale/wireguard-go/device.(*Device).Reconfig(0xc0000ce580, 0xc00010eb00, 0x0, 0x0)
/home/simon/go/pkg/mod/github.com/tailscale/[email protected]/device/config.go:82 +0xd14
tailscale.com/wgengine.(*userspaceEngine).Reconfig(0xc000172000, 0xc00010eb00, 0x0, 0x0, 0x0, 0x0, 0x0)
/home/simon/src/tailscale/wgengine/userspace.go:234 +0x2f5
tailscale.com/wgengine.(*watchdogEngine).Reconfig.func1(0x80420a768, 0xc00019fe00)
/home/simon/src/tailscale/wgengine/watchdog.go:64 +0x56
tailscale.com/wgengine.(*watchdogEngine).watchdogErr.func1(0xc00016c1e0, 0xc0005bcba0)
/home/simon/src/tailscale/wgengine/watchdog.go:40 +0x27
created by tailscale.com/wgengine.(*watchdogEngine).watchdogErr
/home/simon/src/tailscale/wgengine/watchdog.go:39 +0x77
We should configure this project's labels:
https://github.com/tailscale/tailscale/labels
Ideas:
What else?
/cc @danderson @apenwarr @crawshaw @dfcarney
┆Issue is synchronized with this Asana task by Unito
(Using tailscale/tailscale's bug tracker instead of wireguard-go's)
I saw this code in https://github.com/tailscale/wireguard-go/blob/master/wgcfg/ip.go#L109 ....
func (r *CIDR) Contains(ip *IP) bool {
if r == nil || ip == nil {
return false
}
// TODO: this isn't hard, write a more efficient implementation.
return r.IPNet().Contains(ip.IP())
}
This bug is for that TODO. The current version allocates and does a lot of work.
Then again, I don't see anything calling it, so low priority.
Copying bug from @apenwarr elsewhere:
STUN should re-run sometimes, not just at startup time, in case local IP address or NAT changes.
This matters on Linux especially because the local network might not be up at boot time.
We just had a bug report from a user whose ISP gives them a new IP pretty regularly and they had to manual restart the tailscale service for it to unbreak after those ISP changes.
/cc @danderson
Congrats on open sourcing!
I just happened to open up the first package and noticed the write a new file and rename trick.
I'm not sure this is safe because ioutil.WriteFile
doesn't call f.Flush()
.
┆Issue is synchronized with this Asana task by Unito
Describe the bug
On macOS dns resolution order doesn't get prioritized with the dns in the admin panel which means it's essentially ignored.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
I'd expect the dns set in the admin to take priority with the vpn is connected, or at least an option per client to decide
Version information:
- Device: macbook pro
- OS: macOS
- OS version: 10.14.6
- Tailscale version: App version: 0.95.208
Additional context
I currently have a very specific hardcoded example that works as a work around at
https://github.com/pelotech/tailscale-tools/tree/master/resolver
it listens to the up/down of the interfaces and adds resolvers for specific domains to be used.
┆Issue is synchronized with this Asana task by Unito
At this moment, it's not possible to do the following basic action:
┆Issue is synchronized with this Asana task by Unito
In investigating #22, staticcheck reported a fairly large closure of code that's unused in logtail.
It's all unexported symbols, and I can't find any reference in either the OSS or corp repo, so I'm fairly sure it's right... Unless this was preparation for some radical new thing, and I'll cheese someone off by deleting it.
@apenwarr you'd know! Can I remove these bits and bobs?
logtail/logtail.go:235:5: var clientSentinelPrefix is unused (U1000)
logtail/logtail.go:238:2: const noSentinel is unused (U1000)
logtail/logtail.go:239:2: const stopSentinel is unused (U1000)
logtail/logtail.go:246:6: func newSentinel is unused (U1000)
logtail/logtail.go:260:6: func readSentinel is unused (U1000)
logtail/logtail.go:346:5: var errHasLogtail is unused (U1000)
We don't currently run the GitHub actions on Windows VMs. We currently just cross-compile things.
But GitHub doesn't charge extra for Windows (like they do for macOS), so just use Windows and then actually run the tests.
I compiled the relaynode from source and when i try to start it i get a panic:
sudo /usr/sbin/relaynode --config=/var/lib/tailscale/relay.conf --tun=wg0 --port=41641 --acl-file=/etc/tailscale/acl.json :(
logtail started
Program starting: vLONGVER-TODO: []string{"/usr/sbin/relaynode", "--config=/var/lib/tailscale/relay.conf", "--tun=wg0", "--port=41641", "--acl-file=/etc/tailscale/acl.json"}
LogID: 560f0c00b49bd7c56b4018db6d3cb0d1760aaf3f0de6e3a3adede46b3701f4a3
7.0M/9.9M Starting userspace wireguard engine.
15.1M/10.2M external packet routing via --tun=wg0 enabled
15.5M/11.7M CreateTUN ok.
15.6M/11.9M Routine: event worker - started
15.6M/11.9M Interface set up
15.7M/11.9M UDP bind has been updated
15.8M/11.9M external route MTU: 1420 (<nil>)
15.8M/11.9M external route MTU: 1420 (<nil>)
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x68 pc=0x89581f]
goroutine 1 [running]:
tailscale.com/wgengine.(*linuxRouter).SetRoutes(0xc0007c03c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
/home/rkaufmann/go/src/tailscale.com/wgengine/router_linux.go:114 +0x9f
tailscale.com/wgengine.NewUserspaceEngineAdvanced(0xc00018e040, 0xa6f640, 0xc0007a2120, 0x9cc650, 0xa2a9, 0x0, 0x0, 0x10, 0x92d460)
/home/rkaufmann/go/src/tailscale.com/wgengine/userspace.go:186 +0x68e
tailscale.com/wgengine.NewUserspaceEngine(0xc00018e040, 0x7ffdd13f075e, 0x3, 0xa2a9, 0xc000182180, 0x0, 0xc00021fcb0, 0x1)
/home/rkaufmann/go/src/tailscale.com/wgengine/userspace.go:75 +0x288
main.main()
/home/rkaufmann/go/src/tailscale.com/cmd/relaynode/relaynode.go:80 +0x1897
Meta-bug for getting traffic through more types of NATs.
Our current traversal logic works fairly well with NATs that use endpoint-independent mapping (aka "full cone NAT" to use the old terminology) and endpoint-dependent firewalling. This covers most linux-based routers and basic enterprise NATs.
We don't yet work when both nodes are behind endpoint-dependent mapping (aka "Restricted Cone" or "Port-restricted").
We don't yet work reliably when both nodes are behind the same NAT, but have to hairpin through the NAT device to get connectivity.
Hello guys,
I'm trying to deploy Tailscale on Windows, but at this moment I have three machines (machine 1 with linux, machine 2 and 3 with windows), and I can't have connection from/to machine 3.
I'm debuging with ping, machine 2 and 3 have the same ICMP Firewall Rule:
Rule Name: Allow ICMP
----------------------------------------------------------------------
Enabled: Yes
Direction: In
Profiles: Domain,Private,Public
Grouping:
LocalIP: Any
RemoteIP: Any
Protocol: ICMPv4
Type Code
Any Any
Edge traversal: No
Action: Allow
Ok.
but machine 3 it' not working.
How can I debug it? No ping output, no traceroute, no tcpdump output....
In machine 3 I can only ping 100.101.102.103.
This is my route table on machine 3:
administrator@machine3 C:\Users\administrator> route print -4
...
machine2ip 255.255.255.255 machine3ip machine3ip 5
100.101.102.103 255.255.255.255 machine3ip machine3ip 5
machine1ip 255.255.255.255 machine3ip machine3ip 5
...
There are only one difference between them. Local network is different. Machine 1 and 2 are in the same local network, and machine 3 are in another, but I this that's not the problem...
Any suggestion?
staticcheck is currently very mad at our code, so we can't add it to CI.
┆Issue is synchronized with this Asana task by Unito
Original title: Re-attempt lock down systemd unit configuration more
The tailscaled systemd service configuration is something I whipped up quickly, based on relaynode's config. It runs as root and unconfined on the system. This is too much privilege.
We should run tailscaled as a tailscale
system user, with pinhole CAP_* granted to it. Then we can also start screwing down other sandboxing options like ProtectSystem et al.
One prerequisite for this is that we need to use netlink to directly configure the network stack, instead of shelling out to ip
and iptables
. That way we can do everything with CAP_NET_ADMIN in-process (although possibly ambient capabilities would let us shell out with appropriate privs as well? I can never remember the capability semantics)
--
In the time since this bug, we have added a good number of features that further extend the capabilities that we use, which are often granted by default to root, but not to non-root users.
We can track additional known challenges relating to root dependencies here, with an eye to eventually offering fuller feature support with reduced privileges.
CI currently builds GOOS=linux. We should build other platforms, just to make sure we don't let syntax errors and other obvious compile failures rot in the repo.
GOOS=darwin and GOOS=windows don't produce useful binaries, but we can at least check that the packages compile.
We're likely to have GOOS=openbsd and GOOS=freebsd soonish.
It would be nice if the admin console allowed for storing more than just an IP address for DNS, e.g. DNS over TLS: 1.1.1.1@853
When we do tailscale binary releases, we stamp version info into the binaries with the Go linker.
But for people just using "go get" the default way, we don't have that info.
Since Go modules, we at least see the summary of all our deps (and Go's version itself; I'm running a devel build) automatically stamped into the binaries:
$ go version -m ~/bin/tailscaled
/home/bradfitz/bin/tailscaled: devel +e7f9e17b79 Tue Jan 28 22:08:43 2020 +0000
path tailscale.com/cmd/tailscaled
mod tailscale.com (devel)
dep github.com/apenwarr/fixconsole v0.0.0-20191012055117-5a9f6489cc29 h1:muXWUcay7DDy1/hEQWrYlBy+g0EuwT70sBHg65SeUc4=
dep github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e h1:1r7pUrabqp18hOBcwBwiTsbnFeTZHV9eER/QT5JVZxY=
dep github.com/google/go-cmp v0.4.0 h1:xsAVV57WRhGj6kEIi8ReJzQlHHqcBYCElAvkovg3B/4=
dep github.com/klauspost/compress v1.9.8 h1:VMAMUUOh+gaxKTMk+zqbjsSjsIcUcL/LF4o63i82QyA=
dep github.com/mdlayher/netlink v1.1.0 h1:mpdLgm+brq10nI9zM1BpX1kpDbh3NLl3RSnVq6ZSkfg=
dep github.com/pborman/getopt v0.0.0-20190409184431-ee0cd42419d3 h1:YtFkrqsMEj7YqpIhRteVxJxCeC3jJBieuLr0d4C4rSA=
dep github.com/tailscale/wireguard-go v0.0.0-20200213180345-a7c4b7719b1d h1:LVJovgZxbmPxtY6kJm4vwMtk0HpcNeI+vU2jB3T8M40=
dep golang.org/x/crypto v0.0.0-20200210222208-86ce3cb69678 h1:wCWoJcFExDgyYx2m2hpHgwz8W3+FPdfldvIgzqDIhyg=
dep golang.org/x/net v0.0.0-20200202094626-16171245cfb2 h1:CCH4IOTTfewWjGOlSp+zGcjutRKlBEZQ6wTn8ozI/nI=
dep golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d h1:TzXSXBo42m9gQenoE3b9BGiEpg5IG2JkU5FkPIawgtw=
dep golang.org/x/sys v0.0.0-20200217220822-9197077df867 h1:JoRuNIf+rpHl+VhScRQQvzbHed86tKkqwPMV34T8myw=
dep rsc.io/goversion v1.2.0 h1:SPn+NLTiAG7w30IRK/DKp1BjvpWabYgxlLp/+kx5J8w=
We can get that at runtime (using https://godoc.org/rsc.io/goversion/version) but for better or worse, that doesn't include that the Git hash of the top-level module, only the deps.
So one thing we could do is add a fake dep to another module (like github.com/tailscale/version-horizon) that we have a bot auto-advance every $INTERVAL, so at least we have a rough date range of what binary people are running when they're running unofficial binaries. Or, if we're already having a bot do this, avoid that indirection and just have the bot auto-commit the latest date to version/version.go every $INTERVAL instead.
Low priority, but we'll probably want better data in the future.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.