policy/v2,state,mapper: implement per-viewer via route steering

Via grants steer routes to specific nodes per viewer. Until now, all clients saw the same routes for each peer because route assembly was viewer-independent. This implements per-viewer route visibility so that via-designated peers serve routes only to matching viewers, while non-designated peers have those routes withdrawn. Add ViaRouteResult type (Include/Exclude prefix lists) and ViaRoutesForPeer to the PolicyManager interface. The v2 implementation iterates via grants, resolves sources against the viewer, matches destinations against the peer's advertised routes (both subnet and exit), and categorizes prefixes by whether the peer has the via tag. Add RoutesForPeer to State which composes global primary election, via Include/Exclude filtering, exit routes, and ACL reduction. When no via grants exist, it falls back to existing behavior. Update the mapper to call RoutesForPeer per-peer instead of using a single route function for all peers. The route function now returns all routes (subnet + exit), and TailNode filters exit routes out of the PrimaryRoutes field for HA tracking. Updates #2180
2026-04-25 10:08:41 +02:00 · 2026-03-22 20:43:28 +00:00
parent 28be15f8ea
commit 8358017dcf
6 changed files with 182 additions and 14 deletions
--- a/hscontrol/policy/pm.go
+++ b/hscontrol/policy/pm.go
@@ -36,6 +36,12 @@ type PolicyManager interface {
 	// NodeCanApproveRoute reports whether the given node can approve the given route.
 	NodeCanApproveRoute(node types.NodeView, route netip.Prefix) bool

+	// ViaRoutesForPeer computes via grant effects for a viewer-peer pair.
+	// It returns which routes should be included (peer is via-designated for viewer)
+	// and excluded (steered to a different peer). When no via grants apply,
+	// both fields are empty and the caller falls back to existing behavior.
+	ViaRoutesForPeer(viewer, peer types.NodeView) types.ViaRouteResult
+
 	Version() int
 	DebugString() string
 }