search

tailscale / tailscale

The easiest, most secure way to use WireGuard and 2FA.
https://tailscale.com
BSD 3-Clause "New" or "Revised" License
19.67k stars 1.55k forks source link

cmd/tailscaled: use alternate DHCP package? #8042

Open bradfitz opened 1 year ago

bradfitz commented 1 year ago

tailscaled depends on github.com/insomniacslk/dhcp/dhcpv4 for its little-used tap mode.

But github.com/insomniacslk/dhcp/dhcpv4 depends on github.com/u-root/uio/uio (for *uio.Lexer and uio.NewBigEndianBuffer primarily) which now also depends on github.com/pierrec/lz4/v4 (and thus github.com/pierrec/lz4/v4/internal/lz4block and github.com/pierrec/lz4/v4/internal/lz4errors and github.com/pierrec/lz4/v4/internal/lz4stream and github.com/pierrec/lz4/v4/internal/xxh32).

Maybe we should just fork off the DHCPv4 stuff we need rather than keep growing our dep tree that's out of our control.

cc @hugelgupf in case he has ideas.

danderson commented 1 year ago

If we need a DHCP server, I wrote the bones of one years ago for pixiecore: https://pkg.go.dev/go.universe.tf/netboot/dhcp4 and https://pkg.go.dev/go.universe.tf/netboot/dhcp6. Neither are super maintained, but they have encoders/decoders for the wire protocol which is mostly the irritating part of DHCP with the fiddly option encoding. That'd be easy to clean up and use if we want.

Those packages don't implement any of the DHCP client/server state machines though, so if we're after a package that correctly does the semantics of DISCOVER/OFFER/REQUEST/RESPONSE/RELEASE/etc. and keeps track of allocated IPs and does all the conformant "probe an IP before allocating to find rogue users" and stuff, then it's a bunch more work on top of those serdes libs.

bradfitz commented 1 year ago

IIRC we just need the v4 message {un,}marshallers and no state machine.

danderson commented 1 year ago

Then yeah, my dhcp4 package has no external deps other than stdlib and x/net for some net.Conn tricks, and has marshallers that were good enough to make PXE work. The dhcp6 package was contrib and has a bit more cruft than I'd have personally put in there, but also has no deps outside stdlib and x/net.

bradfitz commented 1 year ago

It's old school and uses net.IP! :)

danderson commented 1 year ago

Patches welcome! :zany_face: Or I can modernize pixiecore tomorrow, it'll be a fun trip down memory lane

bradfitz commented 1 year ago

Do you care about breaking API for your users? https://pkg.go.dev/go.universe.tf/netboot/dhcp4?tab=importedby

danderson commented 1 year ago

Hmm, none of those ever talked to me. Most seem abandoned, except maybe Mirantis/virtlet but it looks like it'd be a very simple conversion. I say let's update away and I can send Mirantis a PR.