mirror of
https://github.com/slackhq/nebula.git
synced 2025-11-08 22:33:58 +01:00
ee7c27093c
This change adds an index based on HostInfo.remoteIndexId. This allows
us to use HostMap.QueryReverseIndex without having to loop over all
entries in the map (this can be a bottleneck under high traffic
lighthouses).
Without this patch, a high traffic lighthouse server receiving recv_error
packets and lots of handshakes, cpu pprof trace can look like this:
flat flat% sum% cum cum%
2000ms 32.26% 32.26% 3040ms 49.03% github.com/slackhq/nebula.(*HostMap).QueryReverseIndex
870ms 14.03% 46.29% 1060ms 17.10% runtime.mapiternext
Which shows 50% of total cpu time is being spent in QueryReverseIndex.
36 lines
1019 B
Go
36 lines
1019 B
Go
package nebula
|
|
|
|
const (
|
|
handshakeIXPSK0 = 0
|
|
handshakeXXPSK0 = 1
|
|
)
|
|
|
|
func HandleIncomingHandshake(f *Interface, addr *udpAddr, packet []byte, h *Header, hostinfo *HostInfo) {
|
|
newHostinfo, _ := f.handshakeManager.QueryIndex(h.RemoteIndex)
|
|
//TODO: For stage 1 we won't have hostinfo yet but stage 2 and above would require it, this check may be helpful in those cases
|
|
//if err != nil {
|
|
// l.WithError(err).WithField("udpAddr", addr).Error("Error while finding host info for handshake message")
|
|
// return
|
|
//}
|
|
|
|
if !f.lightHouse.remoteAllowList.Allow(udp2ipInt(addr)) {
|
|
l.WithField("udpAddr", addr).Debug("lighthouse.remote_allow_list denied incoming handshake")
|
|
return
|
|
}
|
|
|
|
tearDown := false
|
|
switch h.Subtype {
|
|
case handshakeIXPSK0:
|
|
switch h.MessageCounter {
|
|
case 1:
|
|
tearDown = ixHandshakeStage1(f, addr, newHostinfo, packet, h)
|
|
case 2:
|
|
tearDown = ixHandshakeStage2(f, addr, newHostinfo, packet, h)
|
|
}
|
|
}
|
|
|
|
if tearDown && newHostinfo != nil {
|
|
f.handshakeManager.DeleteHostInfo(newHostinfo)
|
|
}
|
|
}
|