diff --git a/pkg/core/tunhandler.go b/pkg/core/tunhandler.go index fbb69f8ed..5e3b8e19a 100644 --- a/pkg/core/tunhandler.go +++ b/pkg/core/tunhandler.go @@ -18,9 +18,7 @@ import ( ) const ( - MaxSize = 1000 - MaxThread = 10 - MaxConn = 1 + MaxSize = 1000 ) type tunHandler struct { @@ -171,8 +169,7 @@ func (h *tunHandler) printRoute(ctx context.Context) { } type Device struct { - tun net.Conn - thread int + tun net.Conn tunInboundRaw chan *DataElem tunInbound chan *DataElem @@ -195,9 +192,11 @@ func (d *Device) readFromTun() { } return } - d.tunInboundRaw <- &DataElem{ - data: b[:], - length: n, + if n != 0 { + d.tunInboundRaw <- &DataElem{ + data: b[:], + length: n, + } } } } @@ -353,9 +352,7 @@ func genICMPPacketIPv6(src net.IP, dst net.IP) ([]byte, error) { func (d *Device) Start(ctx context.Context) { go d.readFromTun() - for i := 0; i < d.thread; i++ { - go d.parseIPHeader() - } + go d.parseIPHeader() go d.tunInboundHandler(d.tunInbound, d.tunOutbound) go d.writeToTun() go heartbeats(d.tun, d.tunInbound) @@ -378,7 +375,6 @@ func (h *tunHandler) HandleServer(ctx context.Context, tun net.Conn) { device := &Device{ tun: tun, - thread: MaxThread, tunInboundRaw: make(chan *DataElem, MaxSize), tunInbound: make(chan *DataElem, MaxSize), tunOutbound: make(chan *DataElem, MaxSize), @@ -435,8 +431,7 @@ type udpElem struct { } type Peer struct { - conn net.PacketConn - thread int + conn net.PacketConn connInbound chan *udpElem parsedConnInfo chan *udpElem @@ -591,9 +586,7 @@ func (p *Peer) routeTUN() { func (p *Peer) Start() { go p.readFromConn() go p.readFromTCPConn() - for i := 0; i < p.thread; i++ { - go p.parseHeader() - } + go p.parseHeader() go p.routePeer() go p.routeTUN() } @@ -605,7 +598,6 @@ func (p *Peer) Close() { func transportTun(ctx context.Context, tunInbound <-chan *DataElem, tunOutbound chan<- *DataElem, packetConn net.PacketConn, nat *NAT, connNAT *sync.Map) error { p := &Peer{ conn: packetConn, - thread: MaxThread, connInbound: make(chan *udpElem, MaxSize), parsedConnInfo: make(chan *udpElem, MaxSize), tunInbound: tunInbound, diff --git a/pkg/tun/tun.go b/pkg/tun/tun.go index f9433f46b..2e0af9762 100644 --- a/pkg/tun/tun.go +++ b/pkg/tun/tun.go @@ -3,6 +3,7 @@ package tun import ( "errors" "net" + "os" "time" "github.com/containernetworking/cni/pkg/types" @@ -87,18 +88,29 @@ func (c *tunConn) Read(b []byte) (n int, err error) { defer config.LPool.Put(bytes[:]) var num int - sizes := []int{1} + sizes := make([]int, 1) num, err = c.ifce.Read([][]byte{bytes[:]}, sizes, offset) - if err != nil || num == 0 { + if err != nil { + if errors.Is(err, tun.ErrTooManySegments) { + log.Errorf("Dropped some packets from multi-segment read: %v", err) + return 0, nil + } + if !errors.Is(err, os.ErrClosed) { + log.Errorf("Failed to read packet from TUN device: %v", err) + return 0, nil + } return 0, err } + if num == 0 { + return 0, nil + } var size = sizes[0] if size == 0 { - return 0, errors.New("tun packet is zero") - } - if size > device.MaxSegmentSize-device.MessageTransportHeaderSize { - return 0, errors.New("tun packet is too large") + return 0, nil } + //if size > device.MaxSegmentSize-device.MessageTransportHeaderSize { + // return 0, errors.New("tun packet is too large") + //} return copy(b, bytes[offset:offset+size]), nil } diff --git a/pkg/tun/tun_windows.go b/pkg/tun/tun_windows.go index f200cd99c..57a5a6065 100644 --- a/pkg/tun/tun_windows.go +++ b/pkg/tun/tun_windows.go @@ -6,6 +6,7 @@ import ( "fmt" "net" "net/netip" + "os" "reflect" "time" @@ -153,11 +154,22 @@ func (c *winTunConn) Close() error { } func (c *winTunConn) Read(b []byte) (int, error) { - sizes := []int{1} + sizes := make([]int, 1) num, err := c.ifce.Read([][]byte{b}, sizes, 0) - if err != nil || num == 0 { + if err != nil { + if errors.Is(err, wireguardtun.ErrTooManySegments) { + log.Errorf("Dropped some packets from multi-segment read: %v", err) + return 0, nil + } + if !errors.Is(err, os.ErrClosed) { + log.Errorf("Failed to read packet from TUN device: %v", err) + return 0, nil + } return 0, err } + if num == 0 { + return 0, nil + } return sizes[0], nil }