Ask questionsMagicsock refuses to downgrade from LAN to DERP
Be on bradfitz's LAN. Block all UDP traffic to/from bradfitz's dev box. Run tailscaled. Tailscaled peers with bradfitz's dev box over DERP, because LAN doesn't work. Remove UDP blocks. Direct LAN connectivity now available. Tailscaled notices this on the next handshake cycle, upgrades from DERP to LAN \o/ Put UDP blocks back. Direct LAN connectivity is broken. Notice that tailscaled never downgrades from LAN back to DERP. Connectivity remains broken until you restart tailscaled.
During the outage, tailscaled periodically logs:
Feb 21 15:02:12 vega tailscaled: 2020/02/21 15:02:12 magicsock: rx [pub:…xg0R] from low-pri 127.3.3.40:1 (0), keeping current 10.0.128.103:41641 (2)
So it's receiving nothing from LAN, and receiving handshakes from DERP, but refusing to downgrade.
Answer questions bradfitz
@crawshaw, yup, that was basically our conclusion. Or every new WireGuard handshake, we set the AddrSet curIndex back to -1 and let it re-upgrade back to the best it can.
Related questionsNo questions were found.