Enable both exit node routes (IPv4 and IPv6) at the same time.
As indicated by bradfitz in https://github.com/juanfont/headscale/issues/804#issuecomment-1399314002, both routes for the exit node must be enabled at the same time. If a user tries to enable one of the exit node routes, the other gets activated too. This commit also reduces the API surface, making private a method that didnt need to be exposed.
This commit is contained in:
parent
b322cdf251
commit
3ac2e0b253
2 changed files with 10 additions and 3 deletions
|
@ -1047,8 +1047,8 @@ func (h *Headscale) IsRoutesEnabled(machine *Machine, routeStr string) bool {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
// EnableRoutes enables new routes based on a list of new routes.
|
// enableRoutes enables new routes based on a list of new routes.
|
||||||
func (h *Headscale) EnableRoutes(machine *Machine, routeStrs ...string) error {
|
func (h *Headscale) enableRoutes(machine *Machine, routeStrs ...string) error {
|
||||||
newRoutes := make([]netip.Prefix, len(routeStrs))
|
newRoutes := make([]netip.Prefix, len(routeStrs))
|
||||||
for index, routeStr := range routeStrs {
|
for index, routeStr := range routeStrs {
|
||||||
route, err := netip.ParsePrefix(routeStr)
|
route, err := netip.ParsePrefix(routeStr)
|
||||||
|
|
|
@ -90,7 +90,14 @@ func (h *Headscale) EnableRoute(id uint64) error {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
return h.EnableRoutes(&route.Machine, netip.Prefix(route.Prefix).String())
|
// Tailscale requires both IPv4 and IPv6 exit routes to
|
||||||
|
// be enabled at the same time, as per
|
||||||
|
// https://github.com/juanfont/headscale/issues/804#issuecomment-1399314002
|
||||||
|
if route.isExitRoute() {
|
||||||
|
return h.enableRoutes(&route.Machine, ExitRouteV4.String(), ExitRouteV6.String())
|
||||||
|
}
|
||||||
|
|
||||||
|
return h.enableRoutes(&route.Machine, netip.Prefix(route.Prefix).String())
|
||||||
}
|
}
|
||||||
|
|
||||||
func (h *Headscale) DisableRoute(id uint64) error {
|
func (h *Headscale) DisableRoute(id uint64) error {
|
||||||
|
|
Loading…
Reference in a new issue