TUN-8807: Add support_datagram_v3 to remote feature rollout

Support rolling out the `support_datagram_v3` feature via remote feature rollout (DNS TXT record) with `dv3` key.

Consolidated some of the feature evaluation code into the features module to simplify the lookup of available features at runtime.

Reduced complexity for management logs feature lookup since it's a default feature.

Closes TUN-8807

cmd/cloudflared/tunnel/cmd.go

@@ -31,7 +31,6 @@ import (
 	"github.com/cloudflare/cloudflared/credentials"
 	"github.com/cloudflare/cloudflared/diagnostic"
 	"github.com/cloudflare/cloudflared/edgediscovery"
-	"github.com/cloudflare/cloudflared/features"
 	"github.com/cloudflare/cloudflared/ingress"
 	"github.com/cloudflare/cloudflared/logger"
 	"github.com/cloudflare/cloudflared/management"
@@ -515,26 +514,23 @@ func StartServer(
 		tunnelConfig.ICMPRouterServer = nil
 	}
 
-	internalRules := []ingress.Rule{}
-	if features.Contains(features.FeatureManagementLogs) {
-		serviceIP := c.String("service-op-ip")
-		if edgeAddrs, err := edgediscovery.ResolveEdge(log, tunnelConfig.Region, tunnelConfig.EdgeIPVersion); err == nil {
-			if serviceAddr, err := edgeAddrs.GetAddrForRPC(); err == nil {
-				serviceIP = serviceAddr.TCP.String()
-			}
+	serviceIP := c.String("service-op-ip")
+	if edgeAddrs, err := edgediscovery.ResolveEdge(log, tunnelConfig.Region, tunnelConfig.EdgeIPVersion); err == nil {
+		if serviceAddr, err := edgeAddrs.GetAddrForRPC(); err == nil {
+			serviceIP = serviceAddr.TCP.String()
 		}
-
-		mgmt := management.New(
-			c.String("management-hostname"),
-			c.Bool("management-diagnostics"),
-			serviceIP,
-			clientID,
-			c.String(connectorLabelFlag),
-			logger.ManagementLogger.Log,
-			logger.ManagementLogger,
-		)
-		internalRules = []ingress.Rule{ingress.NewManagementRule(mgmt)}
 	}
+
+	mgmt := management.New(
+		c.String("management-hostname"),
+		c.Bool("management-diagnostics"),
+		serviceIP,
+		clientID,
+		c.String(connectorLabelFlag),
+		logger.ManagementLogger.Log,
+		logger.ManagementLogger,
+	)
+	internalRules := []ingress.Rule{ingress.NewManagementRule(mgmt)}
 	orchestrator, err := orchestration.NewOrchestrator(ctx, orchestratorConfig, tunnelConfig.Tags, internalRules, tunnelConfig.Log)
 	if err != nil {
 		return err

cmd/cloudflared/tunnel/configuration.go

@@ -137,28 +137,22 @@ func prepareTunnelConfig(
 
 	transportProtocol := c.String("protocol")
 
-	clientFeatures := features.Dedup(append(c.StringSlice("features"), features.DefaultFeatures...))
-
-	staticFeatures := features.StaticFeatures{}
-	if c.Bool("post-quantum") {
-		if FipsEnabled {
-			return nil, nil, fmt.Errorf("post-quantum not supported in FIPS mode")
-		}
-		pqMode := features.PostQuantumStrict
-		staticFeatures.PostQuantumMode = &pqMode
+	if c.Bool("post-quantum") && FipsEnabled {
+		return nil, nil, fmt.Errorf("post-quantum not supported in FIPS mode")
 	}
-	featureSelector, err := features.NewFeatureSelector(ctx, namedTunnel.Credentials.AccountTag, staticFeatures, log)
+
+	featureSelector, err := features.NewFeatureSelector(ctx, namedTunnel.Credentials.AccountTag, c.StringSlice("features"), c.Bool("post-quantum"), log)
 	if err != nil {
 		return nil, nil, errors.Wrap(err, "Failed to create feature selector")
 	}
+	clientFeatures := featureSelector.ClientFeatures()
 	pqMode := featureSelector.PostQuantumMode()
 	if pqMode == features.PostQuantumStrict {
 		// Error if the user tries to force a non-quic transport protocol
 		if transportProtocol != connection.AutoSelectFlag && transportProtocol != connection.QUIC.String() {
 			return nil, nil, fmt.Errorf("post-quantum is only supported with the quic transport")
 		}
 		transportProtocol = connection.QUIC.String()
-		clientFeatures = append(clientFeatures, features.FeaturePostQuantum)
 
 		log.Info().Msgf(
 			"Using hybrid post-quantum key agreement %s",

features/features.go

@@ -12,7 +12,7 @@ const (
 )
 
 var (
-	DefaultFeatures = []string{
+	defaultFeatures = []string{
 		FeatureAllowRemoteConfig,
 		FeatureSerializedHeaders,
 		FeatureDatagramV2,
@@ -21,15 +21,30 @@ var (
 	}
 )
 
-func Contains(feature string) bool {
-	for _, f := range DefaultFeatures {
-		if f == feature {
-			return true
-		}
-	}
-	return false
+// Features set by user provided flags
+type staticFeatures struct {
+	PostQuantumMode *PostQuantumMode
 }
 
+type PostQuantumMode uint8
+
+const (
+	// Prefer post quantum, but fallback if connection cannot be established
+	PostQuantumPrefer PostQuantumMode = iota
+	// If the user passes the --post-quantum flag, we override
+	// CurvePreferences to only support hybrid post-quantum key agreements.
+	PostQuantumStrict
+)
+
+type DatagramVersion string
+
+const (
+	// DatagramV2 is the currently supported datagram protocol for UDP and ICMP packets
+	DatagramV2 DatagramVersion = FeatureDatagramV2
+	// DatagramV3 is a new datagram protocol for UDP and ICMP packets. It is not backwards compatible with datagram v2.
+	DatagramV3 DatagramVersion = FeatureDatagramV3
+)
+
 // Remove any duplicates from the slice
 func Dedup(slice []string) []string {
 

features/selector.go

@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"hash/fnv"
 	"net"
+	"slices"
 	"sync"
 	"time"
 
@@ -18,61 +19,67 @@ const (
 	lookupTimeout           = time.Second * 10
 )
 
-type PostQuantumMode uint8
-
-const (
-	// Prefer post quantum, but fallback if connection cannot be established
-	PostQuantumPrefer PostQuantumMode = iota
-	// If the user passes the --post-quantum flag, we override
-	// CurvePreferences to only support hybrid post-quantum key agreements.
-	PostQuantumStrict
-)
-
 // If the TXT record adds other fields, the umarshal logic will ignore those keys
 // If the TXT record is missing a key, the field will unmarshal to the default Go value
-// pq was removed in TUN-7970
-type featuresRecord struct{}
 
-func NewFeatureSelector(ctx context.Context, accountTag string, staticFeatures StaticFeatures, logger *zerolog.Logger) (*FeatureSelector, error) {
-	return newFeatureSelector(ctx, accountTag, logger, newDNSResolver(), staticFeatures, defaultRefreshFreq)
+type featuresRecord struct {
+	// support_datagram_v3
+	DatagramV3Percentage int32 `json:"dv3"`
+
+	// PostQuantumPercentage int32 `json:"pq"` // Removed in TUN-7970
 }
 
-// FeatureSelector determines if this account will try new features. It preiodically queries a DNS TXT record
-// to see which features are turned on
+func NewFeatureSelector(ctx context.Context, accountTag string, cliFeatures []string, pq bool, logger *zerolog.Logger) (*FeatureSelector, error) {
+	return newFeatureSelector(ctx, accountTag, logger, newDNSResolver(), cliFeatures, pq, defaultRefreshFreq)
+}
+
+// FeatureSelector determines if this account will try new features. It periodically queries a DNS TXT record
+// to see which features are turned on.
 type FeatureSelector struct {
 	accountHash int32
 	logger      *zerolog.Logger
 	resolver    resolver
 
-	staticFeatures StaticFeatures
+	staticFeatures staticFeatures
+	cliFeatures    []string
 
 	// lock protects concurrent access to dynamic features
 	lock     sync.RWMutex
 	features featuresRecord
 }
 
-// Features set by user provided flags
-type StaticFeatures struct {
-	PostQuantumMode *PostQuantumMode
-}
-
-func newFeatureSelector(ctx context.Context, accountTag string, logger *zerolog.Logger, resolver resolver, staticFeatures StaticFeatures, refreshFreq time.Duration) (*FeatureSelector, error) {
+func newFeatureSelector(ctx context.Context, accountTag string, logger *zerolog.Logger, resolver resolver, cliFeatures []string, pq bool, refreshFreq time.Duration) (*FeatureSelector, error) {
+	// Combine default features and user-provided features
+	var pqMode *PostQuantumMode
+	if pq {
+		mode := PostQuantumStrict
+		pqMode = &mode
+		cliFeatures = append(cliFeatures, FeaturePostQuantum)
+	}
+	staticFeatures := staticFeatures{
+		PostQuantumMode: pqMode,
+	}
 	selector := &FeatureSelector{
 		accountHash:    switchThreshold(accountTag),
 		logger:         logger,
 		resolver:       resolver,
 		staticFeatures: staticFeatures,
+		cliFeatures:    Dedup(cliFeatures),
 	}
 
 	if err := selector.refresh(ctx); err != nil {
 		logger.Err(err).Msg("Failed to fetch features, default to disable")
 	}
 
-	// Run refreshLoop next time we have a new feature to rollout
+	go selector.refreshLoop(ctx, refreshFreq)
 
 	return selector, nil
 }
 
+func (fs *FeatureSelector) accountEnabled(percentage int32) bool {
+	return percentage > fs.accountHash
+}
+
 func (fs *FeatureSelector) PostQuantumMode() PostQuantumMode {
 	if fs.staticFeatures.PostQuantumMode != nil {
 		return *fs.staticFeatures.PostQuantumMode
@@ -81,6 +88,33 @@ func (fs *FeatureSelector) PostQuantumMode() PostQuantumMode {
 	return PostQuantumPrefer
 }
 
+func (fs *FeatureSelector) DatagramVersion() DatagramVersion {
+	fs.lock.RLock()
+	defer fs.lock.RUnlock()
+
+	// If user provides the feature via the cli, we take it as priority over remote feature evaluation
+	if slices.Contains(fs.cliFeatures, FeatureDatagramV3) {
+		return DatagramV3
+	}
+	// If the user specifies DatagramV2, we also take that over remote
+	if slices.Contains(fs.cliFeatures, FeatureDatagramV2) {
+		return DatagramV2
+	}
+
+	if fs.accountEnabled(fs.features.DatagramV3Percentage) {
+		return DatagramV3
+	}
+	return DatagramV2
+}
+
+// ClientFeatures will return the list of currently available features that cloudflared should provide to the edge.
+//
+// This list is dynamic and can change in-between returns.
+func (fs *FeatureSelector) ClientFeatures() []string {
+	// Evaluate any remote features along with static feature list to construct the list of features
+	return Dedup(slices.Concat(defaultFeatures, fs.cliFeatures, []string{string(fs.DatagramVersion())}))
+}
+
 func (fs *FeatureSelector) refreshLoop(ctx context.Context, refreshFreq time.Duration) {
 	ticker := time.NewTicker(refreshFreq)
 	for {