tun_darwin #163
tun_darwin #163
Conversation
Support unsafe_routes on darwin
Allow ValidateLHStaticEntries to check all static host map entries
tun_darwin.go
Outdated
| h[0] = 0x00 | ||
| h[1] = 0x00 | ||
| h[2] = 0x00 | ||
| h[3] = unix.AF_INET |
There was a problem hiding this comment.
Can you provide a link for the description of this behavior?
There was a problem hiding this comment.
It's doing the same thing IFF_NO_PI does on Linux (doesn't appear that flag exists in Darwin/BSD). We have to strip the 4 byte protocol information header header on read, and add it on write.
tun_darwin.go
Outdated
| h[1] = 0x00 | ||
| h[2] = 0x00 | ||
| h[3] = unix.AF_INET | ||
| b = append(h[:], b[:]...) |
There was a problem hiding this comment.
This will trash the GC. Ideally we'd find a way to pass a slice with h prepended and avoid the copy. That said, darwin is not a likely maximum performance target.
There was a problem hiding this comment.
what about https://golang.org/pkg/net/#Buffers ?
| } | ||
|
|
||
| /* | ||
| // Set the transmit queue length |
There was a problem hiding this comment.
This seems to be managed by some ring buffer sizes and slot size. I need to read the code some more, but if we want to target performance we'd want to expose these options in config
These control options in specific
UTUN_OPT_SLOT_SIZE
UTUN_OPT_NETIF_RING_SIZE
UTUN_OPT_TX_FSW_RING_SIZE
UTUN_OPT_RX_FSW_RING_SIZE
UTUN_OPT_MAX_PENDING_PACKETS
|
Whew there's a lot to learn here. I believe this will come in handy for establishing routes without
|
|
|
Also don't make it fatal if an invalid name is set, because someone may have historically set it and not know it will break Nebula when upgrading.
Surely there must be a better way to get the ifIndex, but it doesn't seem like SIOCGIFINDEX exists.
|
i've updated this branch up to master, and also removed the This is ready for more testing! |
Two changes:
This needs testing
I submitted the PR to get some more help reviewing and testing. I've tested on Catalina.
If anyone has pointers on sending route messages to an AF_ROUTE socket so we can replace the execs I'd love to see an example.