Path MTU discovery fixes and improvements (#3109)

- Existing option `WIREGUARD_MTU` , if set, disables PMTUD and is used - New option `PMTUD_ICMP_ADDRESSES=1.1.1.1,8.8.8.8` and `PMTUD_TCP_ADDRESSES=1.1.1.1:443,8.8.8.8:443` - ICMP PMTUD now targets external-by-default IP addresses - New TCP PMTUD (binary search only) as a second MTU confirmation and fallback mechanism. - Force set TCP MSS to MTU - IP header - TCP base header - "magic 20 bytes" 🎆 - Fix #3108
2026-05-09 20:29:23 +02:00 · 2026-02-15 01:40:34 +01:00
parent 8f1fda7646
commit be92aa2ac4
59 changed files with 2050 additions and 376 deletions
@@ -47,3 +47,26 @@ func (r *Routing) VPNLocalGatewayIP(vpnIntf string) (ip netip.Addr, err error) {
 	}
 	return ip, fmt.Errorf("%w: in %d routes", ErrVPNLocalGatewayIPNotFound, len(routes))
 }
+
+var ErrVPNRouteNotFound = errors.New("VPN route not found")
+
+func (r *Routing) VPNRoute(vpnIntf string) (route netlink.Route, err error) {
+	vpnLink, err := r.netLinker.LinkByName(vpnIntf)
+	if err != nil {
+		return route, fmt.Errorf("finding link %s: %w", vpnIntf, err)
+	}
+	vpnLinkIndex := vpnLink.Index
+
+	routes, err := r.netLinker.RouteList(netlink.FamilyAll)
+	if err != nil {
+		return route, fmt.Errorf("listing routes: %w", err)
+	}
+	for _, route := range routes {
+		if route.LinkIndex == vpnLinkIndex &&
+			!route.Dst.IsValid() {
+			return route, nil
+		}
+	}
+	return route, fmt.Errorf("%w: for interface %s in %d routes",
+		ErrVPNRouteNotFound, vpnIntf, len(routes))
+}