m/n/c/network: drop random snat mapping workaround Linux has since fixed the issue that if two connections get assigned the same mapped port/address combo one of them drops the packet. Instead they just "requeue" it so it gets a new non-conflicting mapping. This allows us the drop the workaround that mappings need to be generated on a per-connection basis instead of just a per-port basis, this makes Linux behave more like an endpoint-independent NAT which is better for anything trying to establish P2P connections and also a bit easier to debug as source ports get preserved if possible. Change-Id: Ibfaf63746a269ec6bf0444e8c7dddb3a51b07900 Reviewed-on: https://review.monogon.dev/c/monogon/+/3907 Reviewed-by: Tim Windelschmidt <tim@monogon.tech> Tested-by: Jenkins CI

commit: 2c3956750bb75b0d18ddd52565f998492b0f83f4 [log] [tgz]
author: Lorenz Brun <lorenz@monogon.tech> Tue Feb 18 12:26:41 2025 +0100
committer: Lorenz Brun <lorenz@monogon.tech> Tue Feb 25 16:04:13 2025 +0000
tree: e74900cf54d9476463bde2bac7a8c3e040ff18a6
parent: d842aaf9b5b45c6a0851542e8c9d21032f99a249 [diff]
diff --git a/metropolis/node/core/network/main.go b/metropolis/node/core/network/main.go
index 8b834ac..f9fa010 100644
--- a/metropolis/node/core/network/main.go
+++ b/metropolis/node/core/network/main.go

@@ -296,10 +296,7 @@
 				Register: 8,
 				Data:     binaryutil.NativeEndian.PutUint32(node.LinkGroupClusternet),
 			},
-			&expr.Masq{
-				FullyRandom: true,
-				Persistent:  true,
-			},
+			&expr.Masq{},
 		},
 	})
commit	2c3956750bb75b0d18ddd52565f998492b0f83f4	[log] [tgz]
author	Lorenz Brun <lorenz@monogon.tech>	Tue Feb 18 12:26:41 2025 +0100
committer	Lorenz Brun <lorenz@monogon.tech>	Tue Feb 25 16:04:13 2025 +0000
tree	e74900cf54d9476463bde2bac7a8c3e040ff18a6
parent	d842aaf9b5b45c6a0851542e8c9d21032f99a249 [diff]