From b96f84b894684ed43e281a3aa2f391b424414a84 Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Mon, 19 Feb 2024 11:24:33 +0100 Subject: [networking-fixes] add option to bind outgoing RPC sockets (fix #638) Thanks to yuka for the original patch. --- src/garage/main.rs | 2 +- src/net/netapp.rs | 26 ++++++++++++++++++++++---- src/net/test.rs | 2 +- src/rpc/system.rs | 5 ++++- src/util/config.rs | 3 +++ 5 files changed, 31 insertions(+), 7 deletions(-) (limited to 'src') diff --git a/src/garage/main.rs b/src/garage/main.rs index 4d8dcc67..e489fff0 100644 --- a/src/garage/main.rs +++ b/src/garage/main.rs @@ -203,7 +203,7 @@ async fn cli_command(opt: Opt) -> Result<(), Error> { // Generate a temporary keypair for our RPC client let (_pk, sk) = sodiumoxide::crypto::sign::ed25519::gen_keypair(); - let netapp = NetApp::new(GARAGE_VERSION_TAG, network_key, sk); + let netapp = NetApp::new(GARAGE_VERSION_TAG, network_key, sk, None); // Find and parse the address of the target host let (id, addr, is_default_addr) = if let Some(h) = opt.rpc_host { diff --git a/src/net/netapp.rs b/src/net/netapp.rs index e572dc11..faa51a99 100644 --- a/src/net/netapp.rs +++ b/src/net/netapp.rs @@ -13,7 +13,7 @@ use sodiumoxide::crypto::sign::ed25519; use futures::stream::futures_unordered::FuturesUnordered; use futures::stream::StreamExt; -use tokio::net::{TcpListener, TcpStream}; +use tokio::net::{TcpListener, TcpSocket, TcpStream}; use tokio::select; use tokio::sync::{mpsc, watch}; @@ -62,6 +62,7 @@ type OnDisconnectHandler = Box; /// If using it alone, you will want to set `on_connect` and `on_disconnect` events /// in order to manage information about the current peer list. pub struct NetApp { + bind_outgoing_to: Option, listen_params: ArcSwapOption, /// Version tag, 8 bytes for netapp version, 8 bytes for app version @@ -94,13 +95,19 @@ impl NetApp { /// using `.listen()` /// /// Our Peer ID is the public key associated to the secret key given here. - pub fn new(app_version_tag: u64, netid: auth::Key, privkey: ed25519::SecretKey) -> Arc { + pub fn new( + app_version_tag: u64, + netid: auth::Key, + privkey: ed25519::SecretKey, + bind_outgoing_to: Option, + ) -> Arc { let mut version_tag = [0u8; 16]; version_tag[0..8].copy_from_slice(&u64::to_be_bytes(NETAPP_VERSION_TAG)[..]); version_tag[8..16].copy_from_slice(&u64::to_be_bytes(app_version_tag)[..]); let id = privkey.public_key(); let netapp = Arc::new(Self { + bind_outgoing_to, listen_params: ArcSwapOption::new(None), version_tag, netid, @@ -300,9 +307,20 @@ impl NetApp { return Ok(()); } - let socket = TcpStream::connect(ip).await?; + let stream = match self.bind_outgoing_to { + Some(addr) => { + let socket = if addr.is_ipv4() { + TcpSocket::new_v4()? + } else { + TcpSocket::new_v6()? + }; + socket.bind(SocketAddr::new(addr, 0))?; + socket.connect(ip).await? + } + None => TcpStream::connect(ip).await?, + }; info!("Connected to {}, negotiating handshake...", ip); - ClientConn::init(self, socket, id).await?; + ClientConn::init(self, stream, id).await?; Ok(()) } diff --git a/src/net/test.rs b/src/net/test.rs index c6259752..5a3f236d 100644 --- a/src/net/test.rs +++ b/src/net/test.rs @@ -102,7 +102,7 @@ fn run_netapp( Arc, Arc, ) { - let netapp = NetApp::new(0u64, netid, sk); + let netapp = NetApp::new(0u64, netid, sk, None); let peering = PeeringManager::new(netapp.clone(), bootstrap_peers, None); let peering2 = peering.clone(); diff --git a/src/rpc/system.rs b/src/rpc/system.rs index 5c6e07b1..147ec4d6 100644 --- a/src/rpc/system.rs +++ b/src/rpc/system.rs @@ -324,7 +324,10 @@ impl System { warn!("This Garage node does not know its publicly reachable RPC address, this might hamper intra-cluster communication."); } - let netapp = NetApp::new(GARAGE_VERSION_TAG, network_key, node_key); + let bind_outgoing_to = Some(config) + .filter(|x| x.rpc_bind_outgoing) + .map(|x| x.rpc_bind_addr.ip()); + let netapp = NetApp::new(GARAGE_VERSION_TAG, network_key, node_key, bind_outgoing_to); let peering = PeeringManager::new(netapp.clone(), vec![], rpc_public_addr); if let Some(ping_timeout) = config.rpc_ping_timeout_msec { peering.set_ping_timeout_millis(ping_timeout); diff --git a/src/util/config.rs b/src/util/config.rs index a9a72110..056c625d 100644 --- a/src/util/config.rs +++ b/src/util/config.rs @@ -55,6 +55,9 @@ pub struct Config { pub rpc_secret_file: Option, /// Address to bind for RPC pub rpc_bind_addr: SocketAddr, + /// Bind outgoing sockets to rpc_bind_addr's IP address as well + #[serde(default)] + pub rpc_bind_outgoing: bool, /// Public IP address of this node pub rpc_public_addr: Option, -- cgit v1.2.3