fix(routes): ensure routes are correctly propagated
When using Tailscale v1.34.1, enabling or disabling a route does not effectively add or remove the route from the node's routing table. We must restart tailscale on the node to have a netmap update. Fix this by refreshing last state change so that a netmap diff is sent. Also do not include secondary routes in allowedIPs, otherwise secondary routes might be used by nodes instead of the primary route. Signed-off-by: Fatih Acar <facar@scaleway.com>
This commit is contained in:
parent
91900b7310
commit
2afba0233b
2 changed files with 10 additions and 7 deletions
10
machine.go
10
machine.go
|
@ -675,19 +675,14 @@ func (h *Headscale) toNode(
|
||||||
[]netip.Prefix{},
|
[]netip.Prefix{},
|
||||||
addrs...) // we append the node own IP, as it is required by the clients
|
addrs...) // we append the node own IP, as it is required by the clients
|
||||||
|
|
||||||
enabledRoutes, err := h.GetEnabledRoutes(&machine)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
|
|
||||||
allowedIPs = append(allowedIPs, enabledRoutes...)
|
|
||||||
|
|
||||||
primaryRoutes, err := h.getMachinePrimaryRoutes(&machine)
|
primaryRoutes, err := h.getMachinePrimaryRoutes(&machine)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
primaryPrefixes := Routes(primaryRoutes).toPrefixes()
|
primaryPrefixes := Routes(primaryRoutes).toPrefixes()
|
||||||
|
|
||||||
|
allowedIPs = append(allowedIPs, primaryPrefixes...)
|
||||||
|
|
||||||
var derp string
|
var derp string
|
||||||
if machine.HostInfo.NetInfo != nil {
|
if machine.HostInfo.NetInfo != nil {
|
||||||
derp = fmt.Sprintf("127.3.3.40:%d", machine.HostInfo.NetInfo.PreferredDERP)
|
derp = fmt.Sprintf("127.3.3.40:%d", machine.HostInfo.NetInfo.PreferredDERP)
|
||||||
|
@ -1057,6 +1052,7 @@ func (h *Headscale) EnableRoutes(machine *Machine, routeStrs ...string) error {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
h.setLastStateChangeToNow()
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -215,6 +215,7 @@ func (h *Headscale) handlePrimarySubnetFailover() error {
|
||||||
log.Error().Err(err).Msg("error getting routes")
|
log.Error().Err(err).Msg("error getting routes")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
routesChanged := false
|
||||||
for pos, route := range routes {
|
for pos, route := range routes {
|
||||||
if route.isExitRoute() {
|
if route.isExitRoute() {
|
||||||
continue
|
continue
|
||||||
|
@ -235,6 +236,7 @@ func (h *Headscale) handlePrimarySubnetFailover() error {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
routesChanged = true
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -306,9 +308,14 @@ func (h *Headscale) handlePrimarySubnetFailover() error {
|
||||||
|
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
routesChanged = true
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if routesChanged {
|
||||||
|
h.setLastStateChangeToNow()
|
||||||
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue