refactor peer calculations

2025-09-06 21:24:16 +08:00 · 2022-06-14 14:36:30 +00:00 · 2022-06-14 14:36:30 +00:00 · 34263a6e2f
commit 34263a6e2f
parent 242a46cda9
5 changed files with 160 additions and 486 deletions
--- a/logic/nodes.go
+++ b/logic/nodes.go
@ -5,7 +5,6 @@ import (
 	"errors"
 	"fmt"
 	"sort"
-	"strings"
 	"time"

 	"github.com/go-playground/validator/v10"
@ -96,25 +95,6 @@ func UncordonNode(nodeid string) (models.Node, error) {
 	return node, err
 }

-// GetPeers - gets the peers of a given server node
-func GetPeers(node *models.Node) ([]models.Node, error) {
-	if IsLeader(node) {
-		setNetworkServerPeers(node)
-	}
-	peers, err := GetPeersList(node)
-	if err != nil {
-		if strings.Contains(err.Error(), RELAY_NODE_ERR) {
-			peers, err = PeerListUnRelay(node.ID, node.Network)
-			if err != nil {
-				return nil, err
-			}
-		} else {
-			return nil, err
-		}
-	}
-	return peers, nil
-}
-
 // SetIfLeader - gets the peers of a given server node
 func SetPeersIfLeader(node *models.Node) {
 	if IsLeader(node) {
@ -704,3 +684,19 @@ func FindRelay(node *models.Node) *models.Node {
 	}
 	return nil
 }
+
+func findNode(ip string) (*models.Node, error) {
+	nodes, err := GetAllNodes()
+	if err != nil {
+		return nil, err
+	}
+	for _, node := range nodes {
+		if node.Address == ip {
+			return &node, nil
+		}
+		if node.Address6 == ip {
+			return &node, nil
+		}
+	}
+	return nil, errors.New("node not found")
+}
--- a/logic/peers.go
+++ b/logic/peers.go
@ -1,6 +1,7 @@
 package logic

 import (
+	"errors"
 	"fmt"
 	"log"
 	"net"
@ -9,216 +10,25 @@ import (
 	"time"

 	"github.com/c-robinson/iplib"
-	"github.com/gravitl/netmaker/database"
 	"github.com/gravitl/netmaker/logger"
-	"github.com/gravitl/netmaker/logic/acls"
 	"github.com/gravitl/netmaker/logic/acls/nodeacls"
 	"github.com/gravitl/netmaker/models"
 	"github.com/gravitl/netmaker/servercfg"
 	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 )

-// GetNodePeers - fetches peers for a given node
-func GetNodePeers(network *models.Network, nodeid string, excludeRelayed bool, isP2S bool) ([]models.Node, error) {
-	var peers []models.Node
-
-	// networkNodes = all nodes in network
-	// egressNetworkNodes = all egress gateways in network
-	var networkNodes, egressNetworkNodes, err = getNetworkEgressAndNodes(network.NetID)
-	if err != nil {
-		return peers, nil
-	}
-
-	// udppeers = the peers parsed from the local interface
-	// gives us correct port to reach
-	udppeers, errN := database.GetPeers(network.NetID)
-	if errN != nil {
-		logger.Log(2, errN.Error())
-	}
-
-	// gets all the ACL rules
-	currentNetworkACLs, aclErr := nodeacls.FetchAllACLs(nodeacls.NetworkID(network.NetID))
-	if aclErr != nil {
-		return peers, aclErr
-	}
-
-	/*
-		at this point we have 4 lists of node information:
-		- networkNodes: all nodes in network (models.Node)
-		- egressNetworkNodes: all egress gateways in network (models.Node)
-		- udppeers: all peers in database (parsed by server off of active WireGuard interface)
-		- currentNetworkACLs: all ACL rules associated with the network
-		- peers: a currently empty list that will be filled and returned
-
-	*/
-
-	// we now parse through all networkNodes and format properly to set as "peers"
-	for _, node := range networkNodes {
-
-		// skip over any node that is disallowed by ACL rules
-		if !currentNetworkACLs.IsAllowed(acls.AclID(nodeid), acls.AclID(node.ID)) {
-			continue
-		}
-
-		// create an empty model to fill with peer info
-		var peer = models.Node{}
-
-		// set egress gateway information if it's an egress gateway
-		if node.IsEgressGateway == "yes" { // handle egress stuff
-			peer.EgressGatewayRanges = node.EgressGatewayRanges
-			peer.IsEgressGateway = node.IsEgressGateway
-		}
-
-		// set ingress gateway information
-		peer.IsIngressGateway = node.IsIngressGateway
-
-		/*
-			- similar to ACLs, we must determine if peer is allowed based on Relay information
-			- if the nodes is "not relayed" (not behind a relay), it is ok
-			- if the node IS relayed, but excludeRelay has not been marked, it is ok
-			- excludeRelayed is marked for any node that is NOT a Relay Server
-			- therefore, the peer is allowed as long as it is not "relayed", or the node it is being sent to is its relay server
-		*/
-		allow := node.IsRelayed != "yes" || !excludeRelayed
-
-		// confirm conditions allow node to be added as peer
-		// node should be in same network, not pending, and "allowed" based on above logic
-		if node.Network == network.NetID && node.IsPending != "yes" && allow {
-
-			// node info is cleansed to remove sensitive info using setPeerInfo
-			peer = setPeerInfo(&node)
-
-			// Sets ListenPort to UDP Hole Punching Port assuming:
-			// - UDP Hole Punching is enabled
-			// - udppeers retrieval did not return an error
-			// - the endpoint is valid
-			if node.UDPHolePunch == "yes" && errN == nil && CheckEndpoint(udppeers[node.PublicKey]) {
-				endpointstring := udppeers[node.PublicKey]
-				endpointarr := strings.Split(endpointstring, ":")
-				if len(endpointarr) == 2 {
-					port, err := strconv.Atoi(endpointarr[1])
-					if err == nil {
-						peer.ListenPort = int32(port)
-					}
-				}
-			}
-
-			// if udp hole punching is on, but the node's port is still set to default (e.g. 51821), use the LocalListenPort
-			// or, if port is for some reason zero use the LocalListenPort
-			// but only do this if LocalListenPort is not zero
-			if node.UDPHolePunch == "yes" &&
-				((peer.ListenPort == node.ListenPort || peer.ListenPort == 0) && node.LocalListenPort != 0) {
-				peer.ListenPort = node.LocalListenPort
-			}
-
-			// if the node is a relay, append the network cidr and any relayed egress ranges
-			if node.IsRelay == "yes" { // TODO, check if addressrange6 needs to be appended
-				peer.AllowedIPs = append(peer.AllowedIPs, network.AddressRange)
-				for _, egressNode := range egressNetworkNodes {
-					if egressNode.IsRelayed == "yes" && StringSliceContains(node.RelayAddrs, egressNode.Address) {
-						peer.AllowedIPs = append(peer.AllowedIPs, egressNode.EgressGatewayRanges...)
-					}
-				}
-			}
-
-			// if the node is an ingress gateway, append all the extclient allowedips
-			if peer.IsIngressGateway == "yes" { // handle ingress stuff
-				if currentExtClients, err := GetExtPeersList(&node); err == nil {
-					for i := range currentExtClients {
-						if network.IsIPv4 == "yes" && currentExtClients[i].Address != "" {
-							peer.AllowedIPs = append(peer.AllowedIPs, currentExtClients[i].Address)
-						}
-						if network.IsIPv6 == "yes" && currentExtClients[i].Address6 != "" {
-							peer.AllowedIPs = append(peer.AllowedIPs, currentExtClients[i].Address6)
-						}
-					}
-				}
-			}
-
-			// dont appent if this isn't a p2p network or if ACLs disallow
-			if (!isP2S || peer.IsHub == "yes") && currentNetworkACLs.IsAllowed(acls.AclID(nodeid), acls.AclID(node.ID)) {
-				peers = append(peers, peer)
-			}
-		}
-	}
-
-	return peers, err
-}
-
-// GetPeersList - gets the peers of a given network
-func GetPeersList(refnode *models.Node) ([]models.Node, error) {
-	var peers []models.Node
-	var err error
-	var isP2S bool
-	var networkName = refnode.Network
-	var excludeRelayed = refnode.IsRelay != "yes"
-	var relayedNodeAddr string
-	if refnode.IsRelayed == "yes" {
-		relayedNodeAddr = refnode.Address
-	}
-
-	network, err := GetNetwork(networkName)
-	if err != nil {
-		return peers, err
-	} else if network.IsPointToSite == "yes" && refnode.IsHub != "yes" {
-		isP2S = true
-	}
-	if refnode.IsRelayed != "yes" {
-		// if the node is not being relayed, retrieve peers as normal
-		peers, err = GetNodePeers(&network, refnode.ID, excludeRelayed, isP2S)
-	} else {
-		var relayNode models.Node
-		// If this node IS being relayed node, we must first retrieve its relay
-		relayNode, err = GetNodeRelay(networkName, relayedNodeAddr)
-		if relayNode.Address != "" && err == nil {
-			// we must cleanse sensitive info from the relay node
-			var peerNode = setPeerInfo(&relayNode)
-
-			// we must append the CIDR to the relay so the relayed node can reach the network
-			peerNode.AllowedIPs = append(peerNode.AllowedIPs, network.AddressRange)
-
-			// we must append the egress ranges to the relay so the relayed node can reach egress
-			var _, egressNetworkNodes, err = getNetworkEgressAndNodes(networkName)
-			if err == nil {
-				for _, egress := range egressNetworkNodes {
-					if egress.Address != relayedNodeAddr {
-						peerNode.AllowedIPs = append(peerNode.AllowedIPs, egress.EgressGatewayRanges...)
-					}
-				}
-			}
-
-			// get the other peers that are behind the Relay
-			// we dont want to go through the relay to reach them
-			// I'm not sure if this is actually a good call to have this here
-			// may want to test without it, I think it may return bad info
-			nodepeers, err := GetNodePeers(&network, refnode.ID, false, isP2S)
-			if err == nil && peerNode.UDPHolePunch == "yes" {
-				for _, nodepeer := range nodepeers {
-
-					// im not sure if this is good either
-					if nodepeer.Address == peerNode.Address {
-						// peerNode.Endpoint = nodepeer.Endpoint
-						peerNode.ListenPort = nodepeer.ListenPort
-					}
-				}
-			}
-			if !isP2S || peerNode.IsHub == "yes" {
-				peers = append(peers, peerNode)
-			}
-		}
-	}
-	return peers, err
-}
-
 // GetPeerUpdate - gets a wireguard peer config for each peer of a node
 func GetPeerUpdate(node *models.Node) (models.PeerUpdate, error) {
 	var peerUpdate models.PeerUpdate
 	var peers []wgtypes.PeerConfig
 	var serverNodeAddresses = []models.ServerAddr{}
-	currentPeers, err := GetPeers(node)
+	currentPeers, err := GetNetworkNodes(node.Network)
 	if err != nil {
 		return models.PeerUpdate{}, err
 	}
+	if node.IsRelayed == "yes" {
+		return GetPeerUpdateForRelayedNode(node)
+	}

 	// #1 Set Keepalive values: set_keepalive
 	// #2 Set local address: set_local - could be a LOT BETTER and fix some bugs with additional logic
@ -228,6 +38,14 @@ func GetPeerUpdate(node *models.Node) (models.PeerUpdate, error) {
 			//skip yourself
 			continue
 		}
+		if !nodeacls.AreNodesAllowed(nodeacls.NetworkID(node.Network), nodeacls.NodeID(node.ID), nodeacls.NodeID(peer.ID)) {
+			//skip if not permitted by acl
+			continue
+		}
+		if peer.IsRelayed == "yes" {
+			//skip -- willl be added to relay
+			continue
+		}
 		pubkey, err := wgtypes.ParseKey(peer.PublicKey)
 		if err != nil {
 			return models.PeerUpdate{}, err
@ -406,6 +224,48 @@ func GetAllowedIPs(node, peer *models.Node) []net.IPNet {
 			}
 		}
 	}
+	// handle ingress gateway peers
+	if peer.IsIngressGateway == "yes" {
+		extPeers, err := getExtPeers(peer)
+		if err != nil {
+			logger.Log(2, "could not retrieve ext peers for ", peer.Name, err.Error())
+		}
+		for _, extPeer := range extPeers {
+			allowedips = append(allowedips, extPeer.AllowedIPs...)
+		}
+	}
+	// handle relay gateway peers
+	if peer.IsRelay == "yes" {
+		for _, ip := range peer.RelayAddrs {
+			//find node ID of relayed peer
+			relayedPeer, err := findNode(ip)
+			if err != nil {
+				logger.Log(0, "failed to find node for ip ", ip, err.Error())
+			}
+			if relayedPeer.ID == node.ID {
+				//skip self
+				continue
+			}
+			//check if acl permits comms
+			if !nodeacls.AreNodesAllowed(nodeacls.NetworkID(node.Network), nodeacls.NodeID(node.ID), nodeacls.NodeID(relayedPeer.ID)) {
+				continue
+			}
+			if iplib.Version(net.ParseIP(ip)) == 4 {
+				relayAddr := net.IPNet{
+					IP:   net.ParseIP(ip),
+					Mask: net.CIDRMask(32, 32),
+				}
+				allowedips = append(allowedips, relayAddr)
+			}
+			if iplib.Version(net.ParseIP(ip)) == 6 {
+				relayAddr := net.IPNet{
+					IP:   net.ParseIP(ip),
+					Mask: net.CIDRMask(128, 128),
+				}
+				allowedips = append(allowedips, relayAddr)
+			}
+		}
+	}
 	return allowedips
 }

@ -425,3 +285,89 @@ func getPeerDNS(network string) string {
 	}
 	return dns
 }
+
+func GetPeerUpdateForRelayedNode(node *models.Node) (models.PeerUpdate, error) {
+	var peerUpdate models.PeerUpdate
+	var peers []wgtypes.PeerConfig
+	var serverNodeAddresses = []models.ServerAddr{}
+	var allowedips []net.IPNet
+	//find node that is relaying us
+	relay := FindRelay(node)
+	if relay == nil {
+		return models.PeerUpdate{}, errors.New("not found")
+	}
+	//add relay to lists of allowed ip
+	if relay.Address != "" {
+		relayIP := net.IPNet{
+			IP:   net.ParseIP(relay.Address),
+			Mask: net.CIDRMask(32, 32),
+		}
+		allowedips = append(allowedips, relayIP)
+	}
+	if relay.Address6 != "" {
+		relayIP6 := net.IPNet{
+			IP:   net.ParseIP(relay.Address6),
+			Mask: net.CIDRMask(128, 128),
+		}
+		allowedips = append(allowedips, relayIP6)
+	}
+	//get PeerUpdate for relayed node
+	relayPeerUpdate, err := GetPeerUpdate(relay)
+	if err != nil {
+		return models.PeerUpdate{}, err
+	}
+	//add the relays allowed ips from all of the relay's peers
+	for _, peer := range relayPeerUpdate.Peers {
+		allowedips = append(allowedips, peer.AllowedIPs...)
+	}
+	//delete any ips not permitted by acl
+	for i, ip := range allowedips {
+		target, err := findNode(ip.IP.String())
+		if err != nil {
+			logger.Log(0, "failed to find node for ip", ip.IP.String(), err.Error())
+			continue
+		}
+		if !nodeacls.AreNodesAllowed(nodeacls.NetworkID(node.Network), nodeacls.NodeID(node.ID), nodeacls.NodeID(target.ID)) {
+			logger.Log(0, "deleting node from relayednode per acl", node.Name, target.Name)
+			allowedips = append(allowedips[:i], allowedips[i+1:]...)
+		}
+	}
+	//delete self from allowed ips
+	for i, ip := range allowedips {
+		if ip.IP.String() == node.Address || ip.IP.String() == node.Address6 {
+			allowedips = append(allowedips[:i], allowedips[i+1:]...)
+		}
+	}
+
+	pubkey, err := wgtypes.ParseKey(relay.PublicKey)
+	if err != nil {
+		return models.PeerUpdate{}, err
+	}
+	endpoint := relay.Endpoint + ":" + strconv.FormatInt(int64(relay.ListenPort), 10)
+	address, err := net.ResolveUDPAddr("udp", endpoint)
+	if err != nil {
+		return models.PeerUpdate{}, err
+	}
+	var keepalive time.Duration
+	if node.PersistentKeepalive != 0 {
+		// set_keepalive
+		keepalive, _ = time.ParseDuration(strconv.FormatInt(int64(node.PersistentKeepalive), 10) + "s")
+	}
+	var peerData = wgtypes.PeerConfig{
+		PublicKey:                   pubkey,
+		Endpoint:                    address,
+		ReplaceAllowedIPs:           true,
+		AllowedIPs:                  allowedips,
+		PersistentKeepaliveInterval: &keepalive,
+	}
+	peers = append(peers, peerData)
+	if relay.IsServer == "yes" {
+		serverNodeAddresses = append(serverNodeAddresses, models.ServerAddr{IsLeader: IsLeader(relay), Address: relay.Address})
+	}
+	peerUpdate.Network = node.Network
+	peerUpdate.ServerVersion = servercfg.Version
+	peerUpdate.Peers = peers
+	peerUpdate.ServerAddrs = serverNodeAddresses
+	peerUpdate.DNS = getPeerDNS(node.Network)
+	return peerUpdate, nil
+}
--- a/logic/relay.go
+++ b/logic/relay.go
@ -105,15 +105,6 @@ func SetNodeIsRelayed(yesOrno string, id string) (models.Node, error) {
 	return node, database.Insert(node.ID, string(data), database.NODES_TABLE_NAME)
 }

-// PeerListUnRelay - call this function if a relayed node fails to get its relay: unrelays node and gets new peer list
-func PeerListUnRelay(id string, network string) ([]models.Node, error) {
-	node, err := SetNodeIsRelayed("no", id)
-	if err != nil {
-		return nil, err
-	}
-	return GetPeersList(&node)
-}
-
 // ValidateRelay - checks if relay is valid
 func ValidateRelay(relay models.RelayRequest) error {
 	var err error
--- a/logic/server.go
+++ b/logic/server.go
@ -6,14 +6,9 @@ import (
 	"net"
 	"os"
 	"runtime"
-	"strconv"
 	"strings"
-	"time"

-	"github.com/c-robinson/iplib"
 	"github.com/gravitl/netmaker/logger"
-	"github.com/gravitl/netmaker/logic/acls"
-	"github.com/gravitl/netmaker/logic/acls/nodeacls"
 	"github.com/gravitl/netmaker/models"
 	"github.com/gravitl/netmaker/netclient/ncutils"
 	"github.com/gravitl/netmaker/servercfg"
@ -193,210 +188,11 @@ func ServerUpdate(serverNode *models.Node, ifaceDelta bool) error {

 // GetServerPeers - gets peers of server
 func GetServerPeers(serverNode *models.Node) ([]wgtypes.PeerConfig, bool, []string, error) {
-	hasGateway := false
-	var gateways []string
-	var peers []wgtypes.PeerConfig
-	var nodes []models.Node // fill above fields from server or client
-	var err error
-
-	nodes, err = GetPeers(serverNode)
+	update, err := GetPeerUpdate(serverNode)
 	if err != nil {
-		return nil, hasGateway, gateways, err
+		return []wgtypes.PeerConfig{}, false, []string{}, err
 	}
-
-	keepalive := serverNode.PersistentKeepalive
-	keepalivedur, err := time.ParseDuration(strconv.FormatInt(int64(keepalive), 10) + "s")
-	if err != nil {
-		logger.Log(1, "Issue with format of keepalive duration value, Please view server config:", err.Error())
-		return nil, hasGateway, gateways, err
-	}
-
-	currentNetworkACL, err := nodeacls.FetchAllACLs(nodeacls.NetworkID(serverNode.Network))
-	if err != nil {
-		logger.Log(1, "could not fetch current ACL list, proceeding with all peers")
-	}
-
-	for _, node := range nodes {
-		pubkey, err := wgtypes.ParseKey(node.PublicKey)
-		if err != nil {
-			logger.Log(1, "error parsing key", pubkey.String())
-			return peers, hasGateway, gateways, err
-		}
-
-		if serverNode.PublicKey == node.PublicKey {
-			continue
-		}
-		if serverNode.Endpoint == node.Endpoint {
-			if serverNode.LocalAddress != node.LocalAddress && node.LocalAddress != "" {
-				node.Endpoint = node.LocalAddress
-			} else {
-				continue
-			}
-		}
-		if currentNetworkACL != nil && !(currentNetworkACL.IsAllowed(acls.AclID(serverNode.ID), acls.AclID(node.ID))) {
-			continue
-		}
-
-		var peer wgtypes.PeerConfig
-		var allowedips = []net.IPNet{}
-		if node.Address != "" {
-			var peeraddr = net.IPNet{
-				IP:   net.ParseIP(node.Address),
-				Mask: net.CIDRMask(32, 32),
-			}
-			if peeraddr.IP != nil && peeraddr.Mask != nil {
-				allowedips = append(allowedips, peeraddr)
-			}
-		}
-
-		if node.Address6 != "" {
-			var addr6 = net.IPNet{
-				IP:   net.ParseIP(node.Address6),
-				Mask: net.CIDRMask(128, 128),
-			}
-			if addr6.IP != nil && addr6.Mask != nil {
-				allowedips = append(allowedips, addr6)
-			}
-		}
-
-		// handle manually set peers
-		for _, allowedIp := range node.AllowedIPs {
-			if iplib.Version(net.ParseIP(allowedIp)) == 4 {
-				if _, ipnet, err := net.ParseCIDR(allowedIp); err == nil {
-					nodeEndpointArr := strings.Split(node.Endpoint, ":")
-					if !ipnet.Contains(net.IP(nodeEndpointArr[0])) && ipnet.IP.String() != node.Address { // don't need to add an allowed ip that already exists..
-						allowedips = append(allowedips, *ipnet)
-					}
-				} else if appendip := net.ParseIP(allowedIp); appendip != nil && allowedIp != node.Address {
-					ipnet := net.IPNet{
-						IP:   net.ParseIP(allowedIp),
-						Mask: net.CIDRMask(32, 32),
-					}
-					allowedips = append(allowedips, ipnet)
-				}
-			} else if iplib.Version(net.ParseIP(allowedIp)) == 6 {
-				//ipnet : = iplib.Net6FromStr(allowedIp).IP()
-				ipnet := net.IPNet{
-					IP:   iplib.Net6FromStr(allowedIp).IP(),
-					Mask: net.CIDRMask(128, 128),
-				}
-				allowedips = append(allowedips, ipnet)
-			}
-		}
-		// handle egress gateway peers
-		if node.IsEgressGateway == "yes" {
-			hasGateway = true
-			ranges := node.EgressGatewayRanges
-			for _, iprange := range ranges { // go through each cidr for egress gateway
-				_, ipnet, err := net.ParseCIDR(iprange) // confirming it's valid cidr
-				if err != nil {
-					logger.Log(1, "could not parse gateway IP range. Not adding", iprange)
-					continue // if can't parse CIDR
-				}
-				nodeEndpointArr := strings.Split(node.Endpoint, ":") // getting the public ip of node
-				if ipnet.Contains(net.ParseIP(nodeEndpointArr[0])) { // ensuring egress gateway range does not contain public ip of node
-					logger.Log(2, "egress IP range of", iprange, "overlaps with", node.Endpoint, ", omitting")
-					continue // skip adding egress range if overlaps with node's ip
-				}
-				if ipnet.Contains(net.ParseIP(serverNode.LocalAddress)) { // ensuring egress gateway range does not contain public ip of node
-					logger.Log(2, "egress IP range of", iprange, "overlaps with", serverNode.LocalAddress, ", omitting")
-					continue // skip adding egress range if overlaps with node's local ip
-				}
-				gateways = append(gateways, iprange)
-				if err != nil {
-					logger.Log(1, "ERROR ENCOUNTERED SETTING GATEWAY:", err.Error())
-				} else {
-					allowedips = append(allowedips, *ipnet)
-				}
-			}
-		}
-
-		peer = wgtypes.PeerConfig{
-			PublicKey:                   pubkey,
-			PersistentKeepaliveInterval: &(keepalivedur),
-			ReplaceAllowedIPs:           true,
-			AllowedIPs:                  allowedips,
-		}
-
-		peers = append(peers, peer)
-	}
-	if serverNode.IsIngressGateway == "yes" {
-		extPeers, err := GetServerExtPeers(serverNode)
-		if err == nil {
-			peers = append(peers, extPeers...)
-		} else {
-			logger.Log(1, "ERROR RETRIEVING EXTERNAL PEERS ON SERVER:", err.Error())
-		}
-		extPeers = nil
-	}
-	return peers, hasGateway, gateways, err
-}
-
-// GetServerExtPeers - gets the extpeers for a client
-func GetServerExtPeers(serverNode *models.Node) ([]wgtypes.PeerConfig, error) {
-	var peers []wgtypes.PeerConfig
-	var extPeers []models.Node
-	var err error
-	var tempPeers []models.ExtPeersResponse
-
-	tempPeers, err = GetExtPeersList(serverNode)
-	if err != nil {
-		return nil, err
-	}
-
-	for i := 0; i < len(tempPeers); i++ {
-		extPeers = append(extPeers, models.Node{
-			Address:             tempPeers[i].Address,
-			Address6:            tempPeers[i].Address6,
-			Endpoint:            tempPeers[i].Endpoint,
-			PublicKey:           tempPeers[i].PublicKey,
-			PersistentKeepalive: tempPeers[i].KeepAlive,
-			ListenPort:          tempPeers[i].ListenPort,
-			LocalAddress:        tempPeers[i].LocalAddress,
-		})
-	}
-	for _, extPeer := range extPeers {
-		pubkey, err := wgtypes.ParseKey(extPeer.PublicKey)
-		if err != nil {
-			return peers, err
-		}
-
-		if serverNode.PublicKey == extPeer.PublicKey {
-			continue
-		}
-		var allowedips = []net.IPNet{}
-
-		var peer wgtypes.PeerConfig
-		if extPeer.Address != "" {
-			newAddr := net.IPNet{
-				IP:   net.ParseIP(extPeer.Address),
-				Mask: net.CIDRMask(32, 32),
-			}
-			if &newAddr != nil {
-				allowedips = append(allowedips, newAddr)
-			}
-		}
-
-		if extPeer.Address6 != "" {
-			newAddr6 := net.IPNet{
-				IP:   net.ParseIP(extPeer.Address6),
-				Mask: net.CIDRMask(128, 128),
-			}
-			if &newAddr6 != nil {
-				allowedips = append(allowedips, newAddr6)
-			}
-		}
-		peer = wgtypes.PeerConfig{
-			PublicKey:         pubkey,
-			ReplaceAllowedIPs: true,
-			AllowedIPs:        allowedips,
-		}
-		peers = append(peers, peer)
-		allowedips = nil
-	}
-	tempPeers = nil
-	extPeers = nil
-	return peers, err
+	return update.Peers, false, []string{}, nil
 }

 // == Private ==
--- a/logic/util.go
+++ b/logic/util.go
@ -115,61 +115,6 @@ func RandomString(length int) string {

 // == Private Methods ==

-// getNetworkEgressAndNodes - returns two slices, #1 is all nodes in the network, #2 is the egress nodes in the network
-func getNetworkEgressAndNodes(networkName string) ([]models.Node, []models.Node, error) {
-	var networkNodes, egressNetworkNodes []models.Node
-	collection, err := database.FetchRecords(database.NODES_TABLE_NAME)
-	if err != nil {
-		if database.IsEmptyRecord(err) {
-			return networkNodes, egressNetworkNodes, nil
-		}
-		logger.Log(2, err.Error())
-		return nil, nil, err
-	}
-
-	for _, value := range collection {
-		var node = models.Node{}
-		err := json.Unmarshal([]byte(value), &node)
-		if err != nil {
-			logger.Log(2, err.Error())
-			continue
-		}
-		if node.Network == networkName {
-			networkNodes = append(networkNodes, node)
-			if node.IsEgressGateway == "yes" {
-				egressNetworkNodes = append(egressNetworkNodes, node)
-			}
-		}
-	}
-	return networkNodes, egressNetworkNodes, nil
-}
-
-func setPeerInfo(node *models.Node) models.Node {
-	var peer models.Node
-	peer.RelayAddrs = node.RelayAddrs
-	peer.IsRelay = node.IsRelay
-	peer.IsServer = node.IsServer
-	peer.IsRelayed = node.IsRelayed
-	peer.PublicKey = node.PublicKey
-	peer.Endpoint = node.Endpoint
-	peer.Name = node.Name
-	peer.Network = node.Network
-	peer.LocalAddress = node.LocalAddress
-	peer.LocalListenPort = node.LocalListenPort
-	peer.ListenPort = node.ListenPort
-	peer.AllowedIPs = node.AllowedIPs
-	peer.UDPHolePunch = node.UDPHolePunch
-	peer.Address = node.Address
-	peer.Address6 = node.Address6
-	peer.IsHub = node.IsHub
-	peer.EgressGatewayRanges = node.EgressGatewayRanges
-	peer.IsEgressGateway = node.IsEgressGateway
-	peer.IngressGatewayRange = node.IngressGatewayRange
-	peer.IsIngressGateway = node.IsIngressGateway
-	peer.IsPending = node.IsPending
-	return peer
-}
-
 func setIPForwardingLinux() error {
 	out, err := ncutils.RunCmd("sysctl net.ipv4.ip_forward", true)
 	if err != nil {