test(connlib): add RoamClient transition to state machine tests
#5060
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎ 1 Ignored Deployment
|
github-actions
bot
added
the
kind/test
Terraform Cloud Plan Output |
Performance Test ResultsTCP
UDP
|
thomaseizinger
force-pushed
the
chore/connlib/roam-transition
branch
from
3d0c959
to
8ea0845
Compare
github-merge-queue bot
pushed a commit
that referenced
this pull request
Jun 25, 2024
Currently, `snownet` tries to be very clever in how it roams connections. This is/was necessary because we associated DNS-specific state with a connection. More specifically, the assigned proxy IPs for a DNS resource are stored as part of a connection with the gateway. As a result, DNS resources would always break if the underlying connection in `snownet` failed. This is quite error prone and means, `snownet` must be very careful to never-ever fail a connection erroneously. With #5049, we no longer store any important state with a connection and thus, can implement roaming in much simpler way: Drop all connections and let the incoming packets create new ones. This is much more robust as we don't have to "patch" existing state in `snownet` as part of roaming. We test this new functionality by adding a `RoamClient` transition to `tunnel_test`. This ensures roaming works in a lot of scenarios, including relayed and non-relayed situations as well as roaming between either of them. As a result, we can delete several of the more specific test cases of `snownet`. Depends-On: #5049. Replaces: #5060. Resolves: #5080.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Firezone needs to work seemlessly despite the user roaming networks. We can incorporate this property into our state machine tests with a
RoamClienttransition. This updates the client's IPv4 and IPv6 socket to a new pair.In these tests, we treat all unhandled packets as a bug. Unfortunately, a client cannot immediately detect that it roamed networks (we use BINDING requests to all our relays for that). Prior to it detecting which interfaces are now available and which are gone, it may still send outdated srflx candidates to the gateway which will prompt the gateway to send packets to that endpoint. Thus, we have to add an exception to the "all unhandled packets are a bug"-check and simply discard packets to a client's old sockets.
Depends-On: #5080.
Depends-On: #5077.
Depends-On: #5079.
Depends-On: #5049.