New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ipn: get rid of Prefs.AllowSingleHosts? #12058
Comments
Interesting thought. In theory, the same thing could apply to several things that we initialize in
I also noticed that |
I'm explicitly not proposing doing this for CorpDNS and Auto-update. Those can very reasonably be off. They're much more subjective. I wouldn't want to invert those checks every time opinions change. I'm not proposing this as a fix for the Start woes. I just remembered AllowSingleHosts and how useless it was. |
The field exists purely because the first customer, in the earliest days, wanted pure subnet routing with no client<>client connectivity, and ACLs didn't exist yet. This was the big hammer to ensure clients could only use subnet routes. It's been vestigial the entire time I've been here. It can be removed. |
It was requested by the first customer 4-5 years ago and only used for a brief moment of time. We later added netmap visibility trimming which removes the need for this. It's been hidden by the CLI for quite some time and never documented anywhere else. This keeps the CLI flag, though, out of caution. It just returns an error if it's set to anything but true (its default). Fixes #12058 Change-Id: I7514ba572e7b82519b04ed603ff9f3bdbaecfda7 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
It was requested by the first customer 4-5 years ago and only used for a brief moment of time. We later added netmap visibility trimming which removes the need for this. It's been hidden by the CLI for quite some time and never documented anywhere else. This keeps the CLI flag, though, out of caution. It just returns an error if it's set to anything but true (its default). Fixes #12058 Change-Id: I7514ba572e7b82519b04ed603ff9f3bdbaecfda7 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
It was requested by the first customer 4-5 years ago and only used for a brief moment of time. We later added netmap visibility trimming which removes the need for this. It's been hidden by the CLI for quite some time and never documented anywhere else. This keeps the CLI flag, though, out of caution. It just returns an error if it's set to anything but true (its default). Fixes #12058 Change-Id: I7514ba572e7b82519b04ed603ff9f3bdbaecfda7 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
It was requested by the first customer 4-5 years ago and only used for a brief moment of time. We later added netmap visibility trimming which removes the need for this. It's been hidden by the CLI for quite some time and never documented anywhere else. This keeps the CLI flag, though, out of caution. It just returns an error if it's set to anything but true (its default). Fixes tailscale#12058 Change-Id: I7514ba572e7b82519b04ed603ff9f3bdbaecfda7 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
Nobody sets
Prefs.AllowSingleHosts
to false. We use its defaulttrue
value and only notice that the pref exists when there's a mistake and we accidentally use aipn.Prefs
zero value rather than useipn.NewPrefs
.Maybe we should just ditch the field.
If they really really want to disallow single hosts, we can add a new pref (or envknob?) later that's named in the negative.
Thoughts?
/cc @maisem @oxtoacart @andrew-d @danderson @sailorfrag
The text was updated successfully, but these errors were encountered: