nebula/lighthouse_test.go

package nebula

import (
	"net"
	"testing"

	"github.com/golang/protobuf/proto"
	"github.com/stretchr/testify/assert"
)

func TestNewLhQuery(t *testing.T) {
	myIp := net.ParseIP("192.1.1.1")
	myIpint := ip2int(myIp)

	// Generating a new lh query should work
	a := NewLhQueryByInt(myIpint)

	// The result should be a nebulameta protobuf
	assert.IsType(t, &NebulaMeta{}, a)

	// It should also Marshal fine
	b, err := proto.Marshal(a)
	assert.Nil(t, err)

	// and then Unmarshal fine
	n := &NebulaMeta{}
	err = proto.Unmarshal(b, n)
	assert.Nil(t, err)

}

func TestNewipandportfromudpaddr(t *testing.T) {
	blah := NewUDPAddrFromString("1.2.2.3:12345")
	meh := NewIpAndPortFromUDPAddr(*blah)
	assert.Equal(t, uint32(16908803), meh.Ip)
	assert.Equal(t, uint32(12345), meh.Port)
}

func TestSetipandportsfromudpaddrs(t *testing.T) {
	blah := NewUDPAddrFromString("1.2.2.3:12345")
	blah2 := NewUDPAddrFromString("9.9.9.9:47828")
	group := []udpAddr{*blah, *blah2}
	var lh *LightHouse
	lhh := lh.NewRequestHandler()
	result := lhh.setIpAndPortsFromNetIps(group)
	assert.IsType(t, []*IpAndPort{}, result)
	assert.Len(t, result, 2)
	assert.Equal(t, uint32(0x01020203), result[0].Ip)
	assert.Equal(t, uint32(12345), result[0].Port)
	assert.Equal(t, uint32(0x09090909), result[1].Ip)
	assert.Equal(t, uint32(47828), result[1].Port)
	//t.Error(reflect.TypeOf(hah))

}

func Test_lhStaticMapping(t *testing.T) {
	lh1 := "10.128.0.2"
	lh1IP := net.ParseIP(lh1)

	udpServer, _ := NewListener("0.0.0.0", 0, true)

	meh := NewLightHouse(true, 1, []uint32{ip2int(lh1IP)}, 10, 10003, udpServer, false, 1, false)
	meh.AddRemote(ip2int(lh1IP), NewUDPAddr(ip2int(lh1IP), uint16(4242)), true)
	err := meh.ValidateLHStaticEntries()
	assert.Nil(t, err)

	lh2 := "10.128.0.3"
	lh2IP := net.ParseIP(lh2)

	meh = NewLightHouse(true, 1, []uint32{ip2int(lh1IP), ip2int(lh2IP)}, 10, 10003, udpServer, false, 1, false)
	meh.AddRemote(ip2int(lh1IP), NewUDPAddr(ip2int(lh1IP), uint16(4242)), true)
	err = meh.ValidateLHStaticEntries()
	assert.EqualError(t, err, "Lighthouse 10.128.0.3 does not have a static_host_map entry")
}

func BenchmarkLighthouseHandleRequest(b *testing.B) {
	lh1 := "10.128.0.2"
	lh1IP := net.ParseIP(lh1)

	udpServer, _ := NewListener("0.0.0.0", 0, true)

	lh := NewLightHouse(true, 1, []uint32{ip2int(lh1IP)}, 10, 10003, udpServer, false, 1, false)

	hAddr := NewUDPAddrFromString("4.5.6.7:12345")
	hAddr2 := NewUDPAddrFromString("4.5.6.7:12346")
	lh.addrMap[3] = []udpAddr{*hAddr, *hAddr2}

	rAddr := NewUDPAddrFromString("1.2.2.3:12345")
	rAddr2 := NewUDPAddrFromString("1.2.2.3:12346")
	lh.addrMap[2] = []udpAddr{*rAddr, *rAddr2}

	mw := &mockEncWriter{}

	b.Run("notfound", func(b *testing.B) {
		lhh := lh.NewRequestHandler()
		req := &NebulaMeta{
			Type: NebulaMeta_HostQuery,
			Details: &NebulaMetaDetails{
				VpnIp:      4,
				IpAndPorts: nil,
			},
		}
		p, err := proto.Marshal(req)
		assert.NoError(b, err)
		for n := 0; n < b.N; n++ {
			lhh.HandleRequest(rAddr, 2, p, nil, mw)
		}
	})
	b.Run("found", func(b *testing.B) {
		lhh := lh.NewRequestHandler()
		req := &NebulaMeta{
			Type: NebulaMeta_HostQuery,
			Details: &NebulaMetaDetails{
				VpnIp:      3,
				IpAndPorts: nil,
			},
		}
		p, err := proto.Marshal(req)
		assert.NoError(b, err)

		for n := 0; n < b.N; n++ {
			lhh.HandleRequest(rAddr, 2, p, nil, mw)
		}
	})
}

func Test_lhRemoteAllowList(t *testing.T) {
	c := NewConfig()
	c.Settings["remoteallowlist"] = map[interface{}]interface{}{
		"10.20.0.0/12": false,
	}
	allowList, err := c.GetAllowList("remoteallowlist", false)
	assert.Nil(t, err)

	lh1 := "10.128.0.2"
	lh1IP := net.ParseIP(lh1)

	udpServer, _ := NewListener("0.0.0.0", 0, true)

	lh := NewLightHouse(true, 1, []uint32{ip2int(lh1IP)}, 10, 10003, udpServer, false, 1, false)
	lh.SetRemoteAllowList(allowList)

	remote1 := "10.20.0.3"
	remote1IP := net.ParseIP(remote1)
	lh.AddRemote(ip2int(remote1IP), NewUDPAddr(ip2int(remote1IP), uint16(4242)), true)
	assert.Nil(t, lh.addrMap[ip2int(remote1IP)])

	remote2 := "10.128.0.3"
	remote2IP := net.ParseIP(remote2)
	remote2UDPAddr := NewUDPAddr(ip2int(remote2IP), uint16(4242))

	lh.AddRemote(ip2int(remote2IP), remote2UDPAddr, true)
	assert.Equal(t, remote2UDPAddr, &lh.addrMap[ip2int(remote2IP)][0])
}

//func NewLightHouse(amLighthouse bool, myIp uint32, ips []string, interval int, nebulaPort int, pc *udpConn, punchBack bool) *LightHouse {

/*
func TestLHQuery(t *testing.T) {
	//n := NewLhQueryByIpString("10.128.0.3")
	_, myNet, _ := net.ParseCIDR("10.128.0.0/16")
	m := NewHostMap(myNet)
	y, _ := net.ResolveUDPAddr("udp", "10.128.0.3:11111")
	m.Add(ip2int(net.ParseIP("127.0.0.1")), y)
	//t.Errorf("%s", m)
	_ = m

	_, n, _ := net.ParseCIDR("127.0.0.1/8")

	/*udpServer, err := net.ListenUDP("udp", &net.UDPAddr{Port: 10009})
	if err != nil {
		t.Errorf("%s", err)
	}

	meh := NewLightHouse(n, m, []string{"10.128.0.2"}, false, 10, 10003, 10004)
	//t.Error(m.Hosts)
	meh2, err := meh.Query(ip2int(net.ParseIP("10.128.0.3")))
	t.Error(err)
	if err != nil {
		return
	}
	t.Errorf("%s", meh2)
	t.Errorf("%s", n)
}
*/
Public Release 2019-11-19 10:00:20 -07:00			`package nebula`

			`import (`
			`"net"`
			`"testing"`

enforce the use of goimports (#248) * enforce the use of goimports Instead of enforcing `gofmt`, enforce `goimports`, which also asserts a separate section for non-builtin packages. * run `goimports` everywhere * exclude generated .pb.go files 2020-06-30 16:53:30 -06:00			`"github.com/golang/protobuf/proto"`
Public Release 2019-11-19 10:00:20 -07:00			`"github.com/stretchr/testify/assert"`
			`)`

			`func TestNewLhQuery(t *testing.T) {`
			`myIp := net.ParseIP("192.1.1.1")`
			`myIpint := ip2int(myIp)`

			`// Generating a new lh query should work`
			`a := NewLhQueryByInt(myIpint)`

			`// The result should be a nebulameta protobuf`
			`assert.IsType(t, &NebulaMeta{}, a)`

			`// It should also Marshal fine`
			`b, err := proto.Marshal(a)`
			`assert.Nil(t, err)`

			`// and then Unmarshal fine`
			`n := &NebulaMeta{}`
			`err = proto.Unmarshal(b, n)`
			`assert.Nil(t, err)`

			`}`

			`func TestNewipandportfromudpaddr(t *testing.T) {`
			`blah := NewUDPAddrFromString("1.2.2.3:12345")`
			`meh := NewIpAndPortFromUDPAddr(*blah)`
			`assert.Equal(t, uint32(16908803), meh.Ip)`
			`assert.Equal(t, uint32(12345), meh.Port)`
			`}`

Lighthouse handler optimizations (#320) We noticed that the number of memory allocations LightHouse.HandleRequest creates for each call can seriously impact performance for high traffic lighthouses. This PR introduces a benchmark in the first commit and then optimizes memory usage by creating a LightHouseHandler struct. This struct allows us to re-use memory between each lighthouse request (one instance per UDP listener go-routine). 2020-11-23 12:50:01 -07:00			`func TestSetipandportsfromudpaddrs(t *testing.T) {`
Public Release 2019-11-19 10:00:20 -07:00			`blah := NewUDPAddrFromString("1.2.2.3:12345")`
			`blah2 := NewUDPAddrFromString("9.9.9.9:47828")`
			`group := []udpAddr{blah, blah2}`
Lighthouse handler optimizations (#320) We noticed that the number of memory allocations LightHouse.HandleRequest creates for each call can seriously impact performance for high traffic lighthouses. This PR introduces a benchmark in the first commit and then optimizes memory usage by creating a LightHouseHandler struct. This struct allows us to re-use memory between each lighthouse request (one instance per UDP listener go-routine). 2020-11-23 12:50:01 -07:00			`var lh *LightHouse`
			`lhh := lh.NewRequestHandler()`
			`result := lhh.setIpAndPortsFromNetIps(group)`
			`assert.IsType(t, []*IpAndPort{}, result)`
			`assert.Len(t, result, 2)`
			`assert.Equal(t, uint32(0x01020203), result[0].Ip)`
			`assert.Equal(t, uint32(12345), result[0].Port)`
			`assert.Equal(t, uint32(0x09090909), result[1].Ip)`
			`assert.Equal(t, uint32(47828), result[1].Port)`
Public Release 2019-11-19 10:00:20 -07:00			`//t.Error(reflect.TypeOf(hah))`

			`}`

add tests and improve error 2019-11-23 16:55:23 -07:00			`func Test_lhStaticMapping(t *testing.T) {`
			`lh1 := "10.128.0.2"`
			`lh1IP := net.ParseIP(lh1)`

			`udpServer, _ := NewListener("0.0.0.0", 0, true)`

add meta packet statistics (#230) This change add more metrics around "meta" (non "message" type packets). For lighthouse packets, we also record statistics around the specific lighthouse meta type. We don't keep statistics for the "message" type so that we don't slow down the fast path (and you can just look at metrics on the tun interface to find that information). 2020-06-26 11:45:48 -06:00			`meh := NewLightHouse(true, 1, []uint32{ip2int(lh1IP)}, 10, 10003, udpServer, false, 1, false)`
add tests and improve error 2019-11-23 16:55:23 -07:00			`meh.AddRemote(ip2int(lh1IP), NewUDPAddr(ip2int(lh1IP), uint16(4242)), true)`
			`err := meh.ValidateLHStaticEntries()`
			`assert.Nil(t, err)`

			`lh2 := "10.128.0.3"`
Fail with a better error message if lh a hosts is unparsable 2019-12-09 17:53:56 -07:00			`lh2IP := net.ParseIP(lh2)`

add meta packet statistics (#230) This change add more metrics around "meta" (non "message" type packets). For lighthouse packets, we also record statistics around the specific lighthouse meta type. We don't keep statistics for the "message" type so that we don't slow down the fast path (and you can just look at metrics on the tun interface to find that information). 2020-06-26 11:45:48 -06:00			`meh = NewLightHouse(true, 1, []uint32{ip2int(lh1IP), ip2int(lh2IP)}, 10, 10003, udpServer, false, 1, false)`
add tests and improve error 2019-11-23 16:55:23 -07:00			`meh.AddRemote(ip2int(lh1IP), NewUDPAddr(ip2int(lh1IP), uint16(4242)), true)`
			`err = meh.ValidateLHStaticEntries()`
			`assert.EqualError(t, err, "Lighthouse 10.128.0.3 does not have a static_host_map entry")`
			`}`

Lighthouse handler optimizations (#320) We noticed that the number of memory allocations LightHouse.HandleRequest creates for each call can seriously impact performance for high traffic lighthouses. This PR introduces a benchmark in the first commit and then optimizes memory usage by creating a LightHouseHandler struct. This struct allows us to re-use memory between each lighthouse request (one instance per UDP listener go-routine). 2020-11-23 12:50:01 -07:00			`func BenchmarkLighthouseHandleRequest(b *testing.B) {`
			`lh1 := "10.128.0.2"`
			`lh1IP := net.ParseIP(lh1)`

			`udpServer, _ := NewListener("0.0.0.0", 0, true)`

			`lh := NewLightHouse(true, 1, []uint32{ip2int(lh1IP)}, 10, 10003, udpServer, false, 1, false)`

			`hAddr := NewUDPAddrFromString("4.5.6.7:12345")`
			`hAddr2 := NewUDPAddrFromString("4.5.6.7:12346")`
			`lh.addrMap[3] = []udpAddr{hAddr, hAddr2}`

			`rAddr := NewUDPAddrFromString("1.2.2.3:12345")`
			`rAddr2 := NewUDPAddrFromString("1.2.2.3:12346")`
			`lh.addrMap[2] = []udpAddr{rAddr, rAddr2}`

			`mw := &mockEncWriter{}`

			`b.Run("notfound", func(b *testing.B) {`
			`lhh := lh.NewRequestHandler()`
			`req := &NebulaMeta{`
			`Type: NebulaMeta_HostQuery,`
			`Details: &NebulaMetaDetails{`
			`VpnIp: 4,`
			`IpAndPorts: nil,`
			`},`
			`}`
			`p, err := proto.Marshal(req)`
			`assert.NoError(b, err)`
			`for n := 0; n < b.N; n++ {`
			`lhh.HandleRequest(rAddr, 2, p, nil, mw)`
			`}`
			`})`
			`b.Run("found", func(b *testing.B) {`
			`lhh := lh.NewRequestHandler()`
			`req := &NebulaMeta{`
			`Type: NebulaMeta_HostQuery,`
			`Details: &NebulaMetaDetails{`
			`VpnIp: 3,`
			`IpAndPorts: nil,`
			`},`
			`}`
			`p, err := proto.Marshal(req)`
			`assert.NoError(b, err)`

			`for n := 0; n < b.N; n++ {`
			`lhh.HandleRequest(rAddr, 2, p, nil, mw)`
			`}`
			`})`
			`}`

Ensure mutex is unlocked when adding remote IP. (#406) Currently, if you use the remote allow list config, as soon as you attempt to create a tunnel to a node that has a blocked IP address, a mutex is locked and never unlocked. This happens even if the node has an allowed remote IP address in addition to the blocked remote IP address. This pull request ensures that the lighthouse mutex is unlocked whenever we attempt to add a remote IP. 2021-03-16 10:41:35 -06:00			`func Test_lhRemoteAllowList(t *testing.T) {`
			`c := NewConfig()`
			`c.Settings["remoteallowlist"] = map[interface{}]interface{}{`
			`"10.20.0.0/12": false,`
			`}`
			`allowList, err := c.GetAllowList("remoteallowlist", false)`
			`assert.Nil(t, err)`

			`lh1 := "10.128.0.2"`
			`lh1IP := net.ParseIP(lh1)`

			`udpServer, _ := NewListener("0.0.0.0", 0, true)`

			`lh := NewLightHouse(true, 1, []uint32{ip2int(lh1IP)}, 10, 10003, udpServer, false, 1, false)`
			`lh.SetRemoteAllowList(allowList)`

			`remote1 := "10.20.0.3"`
			`remote1IP := net.ParseIP(remote1)`
			`lh.AddRemote(ip2int(remote1IP), NewUDPAddr(ip2int(remote1IP), uint16(4242)), true)`
			`assert.Nil(t, lh.addrMap[ip2int(remote1IP)])`

			`remote2 := "10.128.0.3"`
			`remote2IP := net.ParseIP(remote2)`
			`remote2UDPAddr := NewUDPAddr(ip2int(remote2IP), uint16(4242))`

			`lh.AddRemote(ip2int(remote2IP), remote2UDPAddr, true)`
			`assert.Equal(t, remote2UDPAddr, &lh.addrMap[ip2int(remote2IP)][0])`
			`}`

add tests and improve error 2019-11-23 16:55:23 -07:00			`//func NewLightHouse(amLighthouse bool, myIp uint32, ips []string, interval int, nebulaPort int, pc udpConn, punchBack bool) LightHouse {`

Public Release 2019-11-19 10:00:20 -07:00			`/*`
			`func TestLHQuery(t *testing.T) {`
			`//n := NewLhQueryByIpString("10.128.0.3")`
			`_, myNet, _ := net.ParseCIDR("10.128.0.0/16")`
			`m := NewHostMap(myNet)`
			`y, _ := net.ResolveUDPAddr("udp", "10.128.0.3:11111")`
			`m.Add(ip2int(net.ParseIP("127.0.0.1")), y)`
			`//t.Errorf("%s", m)`
			`_ = m`

			`_, n, _ := net.ParseCIDR("127.0.0.1/8")`

			`/*udpServer, err := net.ListenUDP("udp", &net.UDPAddr{Port: 10009})`
			`if err != nil {`
			`t.Errorf("%s", err)`
			`}`

			`meh := NewLightHouse(n, m, []string{"10.128.0.2"}, false, 10, 10003, 10004)`
			`//t.Error(m.Hosts)`
			`meh2, err := meh.Query(ip2int(net.ParseIP("10.128.0.3")))`
			`t.Error(err)`
			`if err != nil {`
			`return`
			`}`
			`t.Errorf("%s", meh2)`
			`t.Errorf("%s", n)`
			`}`
			`*/`