From c07d1286ef6cf058d43837e25ff0db3490c626b5 Mon Sep 17 00:00:00 2001 From: "Sijie.Sun" Date: Thu, 12 Jun 2025 08:09:59 +0800 Subject: [PATCH] internal stun server should use xor mapped addr (#975) --- easytier/src/tests/three_node.rs | 68 ++++++++++++++++++++++++++++++++ easytier/src/tunnel/udp.rs | 6 ++- 2 files changed, 72 insertions(+), 2 deletions(-) diff --git a/easytier/src/tests/three_node.rs b/easytier/src/tests/three_node.rs index e37b5d4..dc8a110 100644 --- a/easytier/src/tests/three_node.rs +++ b/easytier/src/tests/three_node.rs @@ -839,6 +839,74 @@ pub async fn socks5_vpn_portal(#[values("10.144.144.1", "10.144.144.3")] dst_add tokio::join!(task).0.unwrap(); } +#[tokio::test] +#[serial_test::serial] +pub async fn foreign_network_functional_cluster() { + crate::set_global_var!(OSPF_UPDATE_MY_GLOBAL_FOREIGN_NETWORK_INTERVAL_SEC, 1); + prepare_linux_namespaces(); + + let center_node_config1 = get_inst_config("inst1", Some("net_a"), "10.144.144.1"); + center_node_config1 + .set_network_identity(NetworkIdentity::new("center".to_string(), "".to_string())); + let mut center_inst1 = Instance::new(center_node_config1); + + let center_node_config2 = get_inst_config("inst2", Some("net_b"), "10.144.144.2"); + center_node_config2 + .set_network_identity(NetworkIdentity::new("center".to_string(), "".to_string())); + let mut center_inst2 = Instance::new(center_node_config2); + + let inst1_config = get_inst_config("inst1", Some("net_c"), "10.144.145.1"); + inst1_config.set_listeners(vec![]); + let mut inst1 = Instance::new(inst1_config); + + let mut inst2 = Instance::new(get_inst_config("inst2", Some("net_d"), "10.144.145.2")); + + center_inst1.run().await.unwrap(); + center_inst2.run().await.unwrap(); + inst1.run().await.unwrap(); + inst2.run().await.unwrap(); + + center_inst1 + .get_conn_manager() + .add_connector(RingTunnelConnector::new( + format!("ring://{}", center_inst2.id()).parse().unwrap(), + )); + + inst1 + .get_conn_manager() + .add_connector(RingTunnelConnector::new( + format!("ring://{}", center_inst1.id()).parse().unwrap(), + )); + + inst2 + .get_conn_manager() + .add_connector(RingTunnelConnector::new( + format!("ring://{}", center_inst2.id()).parse().unwrap(), + )); + + let peer_map_inst1 = inst1.get_peer_manager(); + println!("inst1 peer map: {:?}", peer_map_inst1.list_routes().await); + + wait_for_condition( + || async { ping_test("net_c", "10.144.145.2", None).await }, + Duration::from_secs(5), + ) + .await; + + // connect to two centers, ping should work + inst1 + .get_conn_manager() + .add_connector(RingTunnelConnector::new( + format!("ring://{}", center_inst2.id()).parse().unwrap(), + )); + tokio::time::sleep(tokio::time::Duration::from_secs(5)).await; + wait_for_condition( + || async { ping_test("net_c", "10.144.145.2", None).await }, + Duration::from_secs(5), + ) + .await; +} + #[rstest::rstest] #[tokio::test] #[serial_test::serial] diff --git a/easytier/src/tunnel/udp.rs b/easytier/src/tunnel/udp.rs index 8496e6e..422c414 100644 --- a/easytier/src/tunnel/udp.rs +++ b/easytier/src/tunnel/udp.rs @@ -151,7 +151,7 @@ async fn respond_stun_packet( use crate::common::stun_codec_ext::*; use bytecodec::DecodeExt as _; use bytecodec::EncodeExt as _; - use stun_codec::rfc5389::attributes::MappedAddress; + use stun_codec::rfc5389::attributes::XorMappedAddress; use stun_codec::rfc5389::methods::BINDING; use stun_codec::{Message, MessageClass, MessageDecoder, MessageEncoder}; @@ -173,7 +173,9 @@ async fn respond_stun_packet( // we discard the prefix, make sure our implementation is not compatible with other stun client u32_to_tid(tid_to_u32(&tid)), ); - resp_msg.add_attribute(Attribute::MappedAddress(MappedAddress::new(addr.clone()))); + resp_msg.add_attribute(Attribute::XorMappedAddress(XorMappedAddress::new( + addr.clone(), + ))); let mut encoder = MessageEncoder::new(); let rsp_buf = encoder