personal_interest_mirrors/nebula
1
0
Fork 0
mirror of https://github.com/slackhq/nebula.git synced 2025-11-08 18:03:58 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

add netlink options (#1326)

Browse Source 
* add netlink options

* force use buffer

* fix namings and add config examples

* fix linter
This commit is contained in:
Andriyanov Nikita 2025-04-21 20:44:33 +03:00 committed by GitHub
parent 2dc30fc300
commit e5ce8966d6
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 31 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
examples/config.yml
View File

@ -275,6 +275,10 @@ tun:
# On linux only, set to true to manage unsafe routes directly on the system route table with gateway routes instead of # On linux only, set to true to manage unsafe routes directly on the system route table with gateway routes instead of
# in nebula configuration files. Default false, not reloadable. # in nebula configuration files. Default false, not reloadable.
#use_system_route_table: false #use_system_route_table: false
# Buffer size for reading routes updates. 0 means default system buffer size. (/proc/sys/net/core/rmem_default).
# If using massive routes updates, for example BGP, you may need to increase this value to avoid packet loss.
# SO_RCVBUFFORCE is used to avoid having to raise the system wide max
#use_system_route_table_buffer_size: 0
# Configure logging level # Configure logging level
logging: logging:

40
overlay/tun_linux.go
View File

@ -34,10 +34,11 @@ type tun struct {
deviceIndex int deviceIndex int
ioctlFd uintptr ioctlFd uintptr
Routes atomic.Pointer[[]Route] Routes atomic.Pointer[[]Route]
routeTree atomic.Pointer[bart.Table[routing.Gateways]] routeTree atomic.Pointer[bart.Table[routing.Gateways]]
routeChan chan struct{} routeChan chan struct{}
useSystemRoutes bool useSystemRoutes bool
useSystemRoutesBufferSize int
l *logrus.Logger l *logrus.Logger
} }
@ -124,12 +125,13 @@ func newTun(c *config.C, l *logrus.Logger, vpnNetworks []netip.Prefix, multiqueu
func newTunGeneric(c *config.C, l *logrus.Logger, file *os.File, vpnNetworks []netip.Prefix) (*tun, error) { func newTunGeneric(c *config.C, l *logrus.Logger, file *os.File, vpnNetworks []netip.Prefix) (*tun, error) {
t := &tun{ t := &tun{
ReadWriteCloser: file, ReadWriteCloser: file,
fd: int(file.Fd()), fd: int(file.Fd()),
vpnNetworks: vpnNetworks, vpnNetworks: vpnNetworks,
TXQueueLen: c.GetInt("tun.tx_queue", 500), TXQueueLen: c.GetInt("tun.tx_queue", 500),
useSystemRoutes: c.GetBool("tun.use_system_route_table", false), useSystemRoutes: c.GetBool("tun.use_system_route_table", false),
l: l, useSystemRoutesBufferSize: c.GetInt("tun.use_system_route_table_buffer_size", 0),
l: l,
} }
err := t.reload(c, true) err := t.reload(c, true)
@ -531,7 +533,13 @@ func (t *tun) watchRoutes() {
rch := make(chan netlink.RouteUpdate) rch := make(chan netlink.RouteUpdate)
doneChan := make(chan struct{}) doneChan := make(chan struct{})
if err := netlink.RouteSubscribe(rch, doneChan); err != nil { netlinkOptions := netlink.RouteSubscribeOptions{
ReceiveBufferSize: t.useSystemRoutesBufferSize,
ReceiveBufferForceSize: t.useSystemRoutesBufferSize != 0,
ErrorCallback: func(e error) { t.l.WithError(e).Errorf("netlink error") },
}
if err := netlink.RouteSubscribeWithOptions(rch, doneChan, netlinkOptions); err != nil {
t.l.WithError(err).Errorf("failed to subscribe to system route changes") t.l.WithError(err).Errorf("failed to subscribe to system route changes")
return return
} }
@ -541,8 +549,14 @@ func (t *tun) watchRoutes() {
go func() { go func() {
for { for {
select { select {
case r := <-rch: case r, ok := <-rch:
t.updateRoutes(r) if ok {
t.updateRoutes(r)
} else {
// may be should do something here as
// netlink stops sending updates
return
}
case <-doneChan: case <-doneChan:
// netlink.RouteSubscriber will close the rch for us // netlink.RouteSubscriber will close the rch for us
return return