Giters

slackhq / nebula

A scalable overlay networking tool with a focus on performance, simplicity and security

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

πŸ› BUG: Nebula crashes and restarts in case of no "via address" in the route at the route table

PolMarzia opened this issue Β· comments

commented

What version of nebula are you using?

1.7.2

What operating system are you using?

Linux (Ubuntu 20.04)

Describe the Bug

Hello.

In case of using option "use_system_route_table: true" in the nebula configuration, routes at the route tabel must contain "via X.X.X.X".
If routes isn't contain this part of line nebula crashes and restarts.
For example, the line from the route table
10.10.0.10 dev nebula proto kernel scope link metric 100
will cause a crash and restart of nebula
But the line
10.10.0.10 via 10.20.1.1 dev nebula proto kernel metric 100
will be work correctly

But linux allows to use both options.

It would be better if nebula will be ignoring such strings and write warning in logs instead of crashing and restart

Logs from affected hosts

Dec 01 12:04:31 testhost nebula[3126709]: panic: interface conversion: interface {} is *interface {}, not iputil.VpnIp
Dec 01 12:04:31 testhost nebula[3126709]: goroutine 76 [running, locked to thread]:
Dec 01 12:04:31 testhost nebula[3126709]: github.com/slackhq/nebula/overlay.(*tun).RouteFor(0xc000249a60?, 0x51e8a0?)
Dec 01 12:04:31 testhost nebula[3126709]:         github.com/slackhq/nebula/overlay/tun_linux.go:167 +0x8f
Dec 01 12:04:31 testhost nebula[3126709]: github.com/slackhq/nebula.(*Interface).getOrHandshake(0xc0000e57a0, 0x0?)
Dec 01 12:04:31 testhost nebula[3126709]:         github.com/slackhq/nebula/inside.go:119 +0x5f
Dec 01 12:04:31 testhost nebula[3126709]: github.com/slackhq/nebula.(*Interface).consumeInsidePacket(0xc0000e57a0, {0xc000428000, 0x99, 0x2329}, 0xc000436000, {0xc000436010, 0xc, 0xc}, {0xc00042a500, 0x2329, ...}, ...)
Dec 01 12:04:31 testhost nebula[3126709]:         github.com/slackhq/nebula/inside.go:48 +0x1e5
Dec 01 12:04:31 testhost nebula[3126709]: github.com/slackhq/nebula.(*Interface).listenIn(0xc0000e57a0, {0xc591e0, 0xc0000121e0}, 0x0?)
Dec 01 12:04:31 testhost nebula[3126709]:         github.com/slackhq/nebula/interface.go:281 +0x14d
Dec 01 12:04:31 testhost nebula[3126709]: created by github.com/slackhq/nebula.(*Interface).run
Dec 01 12:04:31 testhost nebula[3126709]:         github.com/slackhq/nebula/interface.go:239 +0x9a
Dec 01 12:04:31 testhost systemd[1]: nebula.service: Main process exited, code=exited, status=2/INVALIDARGUMENT
Dec 01 12:04:31 testhost systemd[1]: nebula.service: Failed with result 'exit-code'.
Dec 01 12:04:31 testhost systemd[1]: nebula.service: Scheduled restart job, restart counter is at 45.
Dec 01 12:04:31 testhost systemd[1]: Stopped nebula.service - Nebula service.

Config files from affected hosts

use_system_route_table: true

commented

I forgot to tag #1004 as closing this. The crash should no longer occur but a valid route still requires a via