Ask questionsMagicsock refuses to downgrade from LAN to DERP

Be on bradfitz's LAN. Block all UDP traffic to/from bradfitz's dev box. Run tailscaled. Tailscaled peers with bradfitz's dev box over DERP, because LAN doesn't work. Remove UDP blocks. Direct LAN connectivity now available. Tailscaled notices this on the next handshake cycle, upgrades from DERP to LAN \o/ Put UDP blocks back. Direct LAN connectivity is broken. Notice that tailscaled never downgrades from LAN back to DERP. Connectivity remains broken until you restart tailscaled.

During the outage, tailscaled periodically logs:

Feb 21 15:02:12 vega tailscaled[2996756]: 2020/02/21 15:02:12 magicsock: rx [pub:…xg0R] from low-pri (0), keeping current (2)

So it's receiving nothing from LAN, and receiving handshakes from DERP, but refusing to downgrade.


@crawshaw, yup, that was basically our conclusion. Or every new WireGuard handshake, we set the AddrSet curIndex back to -1 and let it re-upgrade back to the best it can.


