go-sockaddr

sockaddr Library

Socket address convenience functions for Go. go-sockaddr is a convenience
library that makes doing the right thing with IP addresses easy. go-sockaddr
is loosely modeled after the UNIX sockaddr_t and creates a union of the family
of sockaddr_t types (see below for an ascii diagram). Library documentation
is available
at
https://godoc.org/github.com/hashicorp/go-sockaddr.
The primary intent of the library was to make it possible to define heuristics
for selecting the correct IP addresses when a configuration is evaluated at
runtime. See
the
docs,
template package,
tests,
and
CLI utility
for details and hints as to how to use this library.

For example, with this library it is possible to find an IP address that:

• is attached to a default route
  (GetDefaultInterfaces())
• is contained within a CIDR block (IfByNetwork())
• is an RFC1918 address
  (IfByRFC("1918"))
• is ordered
  (OrderedIfAddrBy(args) where
  args includes, but is not limited
  to,
  AscIfType,
  AscNetworkSize)
• excludes all IPv6 addresses
  (IfByType("^(IPv4)$"))
• is larger than a /32
  (IfByMaskSize(32))
• is not on a down interface
  (ExcludeIfs("flags", "down"))
• preferences an IPv6 address over an IPv4 address
  (SortIfByType() +
  ReverseIfAddrs()); and
• excludes any IP in RFC6890 address
  (IfByRFC("6890"))

Or any combination or variation therein.

There are also a few simple helper functions such as GetPublicIP and
GetPrivateIP which both return strings and select the first public or private
IP address on the default interface, respectively. Similarly, there is also a
helper function called GetInterfaceIP which returns the first usable IP
address on the named interface.

sockaddr CLI

Given the possible complexity of the sockaddr library, there is a CLI utility
that accompanies the library, also
called
sockaddr.
The
sockaddr
utility exposes nearly all of the functionality of the library and can be used
either as an administrative tool or testing tool. To install
the
sockaddr,
run:

$ go get -u github.com/hashicorp/go-sockaddr/cmd/sockaddr

If you're familiar with UNIX's sockaddr struct's, the following diagram
mapping the C sockaddr (top) to go-sockaddr structs (bottom) and
interfaces will be helpful:

+-------------------------------------------------------+
|                                                       |
|                        sockaddr                       |
|                        SockAddr                       |
|                                                       |
| +--------------+ +----------------------------------+ |
| | sockaddr_un  | |                                  | |
| | SockAddrUnix | |           sockaddr_in{,6}        | |
| +--------------+ |                IPAddr            | |
|                  |                                  | |
|                  | +-------------+ +--------------+ | |
|                  | | sockaddr_in | | sockaddr_in6 | | |
|                  | |   IPv4Addr  | |   IPv6Addr   | | |
|                  | +-------------+ +--------------+ | |
|                  |                                  | |
|                  +----------------------------------+ |
|                                                       |
+-------------------------------------------------------+

Inspiration and Design

There were many subtle inspirations that led to this design, but the most direct
inspiration for the filtering syntax was
OpenBSD's
pf.conf(5) firewall
syntax that lets you select the first IP address on a given named interface.
The original problem stemmed from:

• needing to create immutable images using Packer that
  ran the Consul process (Consul can only use one IP
  address at a time);
• images that may or may not have multiple interfaces or IP addresses at
  runtime; and
• we didn't want to rely on configuration management to render out the correct
  IP address if the VM image was being used in an auto-scaling group.

Instead we needed some way to codify a heuristic that would correctly select the
right IP address but the input parameters were not known when the image was
created.