TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-02-20 11:58:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

wgengine: move DNS configuration out of wgengine/router.

Browse Source 
Signed-off-by: David Anderson <danderson@tailscale.com>
This commit is contained in:
David Anderson 2021-04-02 19:24:02 -07:00 committed by Dave Anderson
parent 7183e1f052
commit 4c61ebacf4
15 changed files with 38 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
cmd/tailscaled/tailscaled.go
View File

@ -350,6 +350,13 @@ func tryEngine(logf logger.Logf, linkMon *monitor.Mon, name string) (e wgengine.
return nil, false, err return nil, false, err
} }
conf.Router = r conf.Router = r
tunname, err := dev.Name()
if err != nil {
r.Close()
dev.Close()
return nil, false, err
}
conf.DNS = dns.NewOSConfigurator(logf, tunname)
} }
e, err = wgengine.NewUserspaceEngine(logf, conf) e, err = wgengine.NewUserspaceEngine(logf, conf)
if err != nil { if err != nil {

7
internal/deepprint/deepprint_test.go
View File

@ -9,7 +9,6 @@ import (
"testing" "testing"
"inet.af/netaddr" "inet.af/netaddr"
"tailscale.com/net/dns"
"tailscale.com/wgengine/router" "tailscale.com/wgengine/router"
"tailscale.com/wgengine/wgcfg" "tailscale.com/wgengine/wgcfg"
) )
@ -45,9 +44,9 @@ func getVal() []interface{} {
}, },
}, },
&router.Config{ &router.Config{
DNS: dns.OSConfig{ Routes: []netaddr.IPPrefix{
Nameservers: []netaddr.IP{netaddr.IPv4(8, 8, 8, 8)}, netaddr.MustParseIPPrefix("1.2.3.0/24"),
Domains: []string{"tailscale.net"}, netaddr.MustParseIPPrefix("1234::/64"),
}, },
}, },
map[string]string{ map[string]string{

7
net/dns/manager.go
View File

@ -33,11 +33,11 @@ type Manager struct {
} }
// NewManagers created a new manager from the given config. // NewManagers created a new manager from the given config.
func NewManager(logf logger.Logf, interfaceName string) *Manager { func NewManager(logf logger.Logf, oscfg OSConfigurator) *Manager {
logf = logger.WithPrefix(logf, "dns: ") logf = logger.WithPrefix(logf, "dns: ")
m := &Manager{ m := &Manager{
logf: logf, logf: logf,
impl: newManager(logf, interfaceName), impl: oscfg,
} }
m.logf("using %T", m.impl) m.logf("using %T", m.impl)
@ -81,7 +81,8 @@ func (m *Manager) Down() error {
// in case the Tailscale daemon terminated without closing the router. // in case the Tailscale daemon terminated without closing the router.
// No other state needs to be instantiated before this runs. // No other state needs to be instantiated before this runs.
func Cleanup(logf logger.Logf, interfaceName string) { func Cleanup(logf logger.Logf, interfaceName string) {
dns := NewManager(logf, interfaceName) oscfg := NewOSConfigurator(logf, interfaceName)
dns := NewManager(logf, oscfg)
if err := dns.Down(); err != nil { if err := dns.Down(); err != nil {
logf("dns down: %v", err) logf("dns down: %v", err)
} }

4
net/dns/manager_default.go
View File

@ -8,9 +8,9 @@ package dns
import "tailscale.com/types/logger" import "tailscale.com/types/logger"
func newManager(logger.Logf, string) OSConfigurator { func NewOSConfigurator(logger.Logf, string) OSConfigurator {
// TODO(dmytro): on darwin, we should use a macOS-specific method such as scutil. // TODO(dmytro): on darwin, we should use a macOS-specific method such as scutil.
// This is currently not implemented. Editing /etc/resolv.conf does not work, // This is currently not implemented. Editing /etc/resolv.conf does not work,
// as most applications use the system resolver, which disregards it. // as most applications use the system resolver, which disregards it.
return newNoopManager() return NewNoopManager()
} }

2
net/dns/manager_freebsd.go
View File

@ -6,7 +6,7 @@ package dns
import "tailscale.com/types/logger" import "tailscale.com/types/logger"
func newManager(logf logger.Logf, _ string) OSConfigurator { func NewOSConfigurator(logf logger.Logf, _ string) OSConfigurator {
switch { switch {
case isResolvconfActive(): case isResolvconfActive():
return newResolvconfManager(logf) return newResolvconfManager(logf)

2
net/dns/manager_linux.go
View File

@ -6,7 +6,7 @@ package dns
import "tailscale.com/types/logger" import "tailscale.com/types/logger"
func newManager(logf logger.Logf, interfaceName string) OSConfigurator { func NewOSConfigurator(logf logger.Logf, interfaceName string) OSConfigurator {
switch { switch {
// TODO: rework NetworkManager and resolved support. // TODO: rework NetworkManager and resolved support.
// case isResolvedActive(): // case isResolvedActive():

2
net/dns/manager_openbsd.go
View File

@ -6,6 +6,6 @@ package dns
import "tailscale.com/types/logger" import "tailscale.com/types/logger"
func newManager(logger.Logf, string) OSConfigurator { func NewOSConfigurator(logger.Logf, string) OSConfigurator {
return newDirectManager() return newDirectManager()
} }

2
net/dns/manager_windows.go
View File

@ -25,7 +25,7 @@ type windowsManager struct {
guid string guid string
} }
func newManager(logf logger.Logf, interfaceName string) OSConfigurator { func NewOSConfigurator(logf logger.Logf, interfaceName string) OSConfigurator {
return windowsManager{ return windowsManager{
logf: logf, logf: logf,
guid: interfaceName, guid: interfaceName,

4
net/dns/noop.go
View File

@ -2,8 +2,6 @@
// Use of this source code is governed by a BSD-style // Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file. // license that can be found in the LICENSE file.
// +build !linux,!freebsd,!openbsd,!windows
package dns package dns
type noopManager struct{} type noopManager struct{}
@ -12,6 +10,6 @@ func (m noopManager) Set(OSConfig) error { return nil }
func (m noopManager) RoutingMode() RoutingMode { return RoutingModeNone } func (m noopManager) RoutingMode() RoutingMode { return RoutingModeNone }
func (m noopManager) Close() error { return nil } func (m noopManager) Close() error { return nil }
func newNoopManager() noopManager { func NewNoopManager() noopManager {
return noopManager{} return noopManager{}
} }

5
wgengine/router/router.go
View File

@ -9,7 +9,6 @@ package router
import ( import (
"github.com/tailscale/wireguard-go/tun" "github.com/tailscale/wireguard-go/tun"
"inet.af/netaddr" "inet.af/netaddr"
"tailscale.com/net/dns"
"tailscale.com/types/logger" "tailscale.com/types/logger"
"tailscale.com/types/preftype" "tailscale.com/types/preftype"
) )
@ -58,11 +57,7 @@ type Config struct {
// this node has chosen to use. // this node has chosen to use.
Routes []netaddr.IPPrefix Routes []netaddr.IPPrefix
// Set internally by wgengine, must not be set elsewhere.
DNS dns.OSConfig
// Linux-only things below, ignored on other platforms. // Linux-only things below, ignored on other platforms.
SubnetRoutes []netaddr.IPPrefix // subnets being advertised to other Tailscale nodes SubnetRoutes []netaddr.IPPrefix // subnets being advertised to other Tailscale nodes
SNATSubnetRoutes bool // SNAT traffic to local subnets SNATSubnetRoutes bool // SNAT traffic to local subnets
NetfilterMode preftype.NetfilterMode // how much to manage netfilter rules NetfilterMode preftype.NetfilterMode // how much to manage netfilter rules

11
wgengine/router/router_linux.go
View File

@ -18,7 +18,6 @@ import (
"github.com/go-multierror/multierror" "github.com/go-multierror/multierror"
"github.com/tailscale/wireguard-go/tun" "github.com/tailscale/wireguard-go/tun"
"inet.af/netaddr" "inet.af/netaddr"
"tailscale.com/net/dns"
"tailscale.com/net/tsaddr" "tailscale.com/net/tsaddr"
"tailscale.com/types/logger" "tailscale.com/types/logger"
"tailscale.com/types/preftype" "tailscale.com/types/preftype"
@ -102,8 +101,6 @@ type linuxRouter struct {
v6Available bool v6Available bool
v6NATAvailable bool v6NATAvailable bool
dns *dns.Manager
ipt4 netfilterRunner ipt4 netfilterRunner
ipt6 netfilterRunner ipt6 netfilterRunner
cmd commandRunner cmd commandRunner
@ -158,7 +155,6 @@ func newUserspaceRouterAdvanced(logf logger.Logf, tunname string, netfilter4, ne
ipt4: netfilter4, ipt4: netfilter4,
ipt6: netfilter6, ipt6: netfilter6,
cmd: cmd, cmd: cmd,
dns: dns.NewManager(logf, tunname),
}, nil }, nil
} }
@ -180,9 +176,6 @@ func (r *linuxRouter) Up() error {
} }
func (r *linuxRouter) Close() error { func (r *linuxRouter) Close() error {
if err := r.dns.Down(); err != nil {
return fmt.Errorf("dns down: %w", err)
}
if err := r.downInterface(); err != nil { if err := r.downInterface(); err != nil {
return err return err
} }
@ -206,10 +199,6 @@ func (r *linuxRouter) Set(cfg *Config) error {
cfg = &shutdownConfig cfg = &shutdownConfig
} }
if err := r.dns.Set(cfg.DNS); err != nil {
errs = append(errs, fmt.Errorf("dns set: %w", err))
}
if err := r.setNetfilterMode(cfg.NetfilterMode); err != nil { if err := r.setNetfilterMode(cfg.NetfilterMode); err != nil {
errs = append(errs, err) errs = append(errs, err)
} }

11
wgengine/router/router_openbsd.go
View File

@ -12,7 +12,6 @@ import (
"github.com/tailscale/wireguard-go/tun" "github.com/tailscale/wireguard-go/tun"
"inet.af/netaddr" "inet.af/netaddr"
"tailscale.com/net/dns"
"tailscale.com/types/logger" "tailscale.com/types/logger"
) )
@ -26,8 +25,6 @@ type openbsdRouter struct {
local4 netaddr.IPPrefix local4 netaddr.IPPrefix
local6 netaddr.IPPrefix local6 netaddr.IPPrefix
routes map[netaddr.IPPrefix]struct{} routes map[netaddr.IPPrefix]struct{}
dns *dns.Manager
} }
func newUserspaceRouter(logf logger.Logf, tundev tun.Device) (Router, error) { func newUserspaceRouter(logf logger.Logf, tundev tun.Device) (Router, error) {
@ -39,7 +36,6 @@ func newUserspaceRouter(logf logger.Logf, tundev tun.Device) (Router, error) {
return &openbsdRouter{ return &openbsdRouter{
logf: logf, logf: logf,
tunname: tunname, tunname: tunname,
dns: dns.NewManager(logf, tunname),
}, nil }, nil
} }
@ -210,17 +206,10 @@ func (r *openbsdRouter) Set(cfg *Config) error {
r.local6 = localAddr6 r.local6 = localAddr6
r.routes = newRoutes r.routes = newRoutes
if err := r.dns.Set(cfg.DNS); err != nil {
errq = fmt.Errorf("dns set: %v", err)
}
return errq return errq
} }
func (r *openbsdRouter) Close() error { func (r *openbsdRouter) Close() error {
if err := r.dns.Down(); err != nil {
return fmt.Errorf("dns down: %v", err)
}
cleanup(r.logf, r.tunname) cleanup(r.logf, r.tunname)
return nil return nil
} }

13
wgengine/router/router_userspace_bsd.go
View File

@ -14,7 +14,6 @@ import (
"github.com/tailscale/wireguard-go/tun" "github.com/tailscale/wireguard-go/tun"
"inet.af/netaddr" "inet.af/netaddr"
"tailscale.com/net/dns"
"tailscale.com/types/logger" "tailscale.com/types/logger"
"tailscale.com/version" "tailscale.com/version"
) )
@ -24,8 +23,6 @@ type userspaceBSDRouter struct {
tunname string tunname string
local []netaddr.IPPrefix local []netaddr.IPPrefix
routes map[netaddr.IPPrefix]struct{} routes map[netaddr.IPPrefix]struct{}
dns *dns.Manager
} }
func newUserspaceBSDRouter(logf logger.Logf, tundev tun.Device) (Router, error) { func newUserspaceBSDRouter(logf logger.Logf, tundev tun.Device) (Router, error) {
@ -37,7 +34,6 @@ func newUserspaceBSDRouter(logf logger.Logf, tundev tun.Device) (Router, error)
return &userspaceBSDRouter{ return &userspaceBSDRouter{
logf: logf, logf: logf,
tunname: tunname, tunname: tunname,
dns: dns.NewManager(logf, tunname),
}, nil }, nil
} }
@ -183,18 +179,9 @@ func (r *userspaceBSDRouter) Set(cfg *Config) (reterr error) {
} }
r.routes = newRoutes r.routes = newRoutes
if err := r.dns.Set(cfg.DNS); err != nil {
r.logf("DNS set: %v", err)
setErr(err)
}
return errq return errq
} }
func (r *userspaceBSDRouter) Close() error { func (r *userspaceBSDRouter) Close() error {
if err := r.dns.Down(); err != nil {
r.logf("dns down: %v", err)
}
// No interface cleanup is necessary during normal shutdown.
return nil return nil
} }

9
wgengine/router/router_windows.go
View File

@ -29,7 +29,6 @@ type winRouter struct {
logf func(fmt string, args ...interface{}) logf func(fmt string, args ...interface{})
nativeTun *tun.NativeTun nativeTun *tun.NativeTun
routeChangeCallback *winipcfg.RouteChangeCallback routeChangeCallback *winipcfg.RouteChangeCallback
dns *dns.Manager
firewall *firewallTweaker firewall *firewallTweaker
// firewallSubproc is a subprocess that runs a tweaked version of // firewallSubproc is a subprocess that runs a tweaked version of
@ -53,7 +52,6 @@ func newUserspaceRouter(logf logger.Logf, tundev tun.Device) (Router, error) {
return &winRouter{ return &winRouter{
logf: logf, logf: logf,
nativeTun: nativeTun, nativeTun: nativeTun,
dns: dns.NewManager(logf, guid.String()),
firewall: &firewallTweaker{ firewall: &firewallTweaker{
logf: logger.WithPrefix(logf, "firewall: "), logf: logger.WithPrefix(logf, "firewall: "),
tunGUID: *guid, tunGUID: *guid,
@ -92,10 +90,6 @@ func (r *winRouter) Set(cfg *Config) error {
return err return err
} }
if err := r.dns.Set(cfg.DNS); err != nil {
return fmt.Errorf("dns set: %w", err)
}
// Flush DNS on router config change to clear cached DNS entries (solves #1430) // Flush DNS on router config change to clear cached DNS entries (solves #1430)
if err := dns.Flush(); err != nil { if err := dns.Flush(); err != nil {
r.logf("flushdns error: %v", err) r.logf("flushdns error: %v", err)
@ -116,9 +110,6 @@ func hasDefaultRoute(routes []netaddr.IPPrefix) bool {
func (r *winRouter) Close() error { func (r *winRouter) Close() error {
r.firewall.clear() r.firewall.clear()
if err := r.dns.Down(); err != nil {
return fmt.Errorf("dns down: %w", err)
}
if r.routeChangeCallback != nil { if r.routeChangeCallback != nil {
r.routeChangeCallback.Unregister() r.routeChangeCallback.Unregister()
} }

23
wgengine/userspace.go
View File

@ -84,6 +84,7 @@ type userspaceEngine struct {
tundev *tstun.Wrapper tundev *tstun.Wrapper
wgdev *device.Device wgdev *device.Device
router router.Router router router.Router
dns *dns.Manager
resolver *resolver.Resolver resolver *resolver.Resolver
magicConn *magicsock.Conn magicConn *magicsock.Conn
linkMon *monitor.Mon linkMon *monitor.Mon
@ -143,6 +144,10 @@ type Config struct {
// If nil, a fake Router that does nothing is used. // If nil, a fake Router that does nothing is used.
Router router.Router Router router.Router
// DNS interfaces the Engine to the OS DNS resolver configuration.
// If nil, a fake OSConfigurator that does nothing is used.
DNS dns.OSConfigurator
// LinkMonitor optionally provides an existing link monitor to re-use. // LinkMonitor optionally provides an existing link monitor to re-use.
// If nil, a new link monitor is created. // If nil, a new link monitor is created.
LinkMonitor *monitor.Mon LinkMonitor *monitor.Mon
@ -193,6 +198,10 @@ func NewUserspaceEngine(logf logger.Logf, conf Config) (_ Engine, reterr error)
logf("[v1] using fake (no-op) OS network configurator") logf("[v1] using fake (no-op) OS network configurator")
conf.Router = router.NewFake(logf) conf.Router = router.NewFake(logf)
} }
if conf.DNS == nil {
logf("[v1] using fake (no-op) DNS configurator")
conf.DNS = dns.NewNoopManager()
}
tsTUNDev := tstun.Wrap(logf, conf.Tun) tsTUNDev := tstun.Wrap(logf, conf.Tun)
closePool.add(tsTUNDev) closePool.add(tsTUNDev)
@ -204,6 +213,7 @@ func NewUserspaceEngine(logf logger.Logf, conf Config) (_ Engine, reterr error)
waitCh: make(chan struct{}), waitCh: make(chan struct{}),
tundev: tsTUNDev, tundev: tsTUNDev,
router: conf.Router, router: conf.Router,
dns: dns.NewManager(logf, conf.DNS),
pingers: make(map[wgkey.Key]*pinger), pingers: make(map[wgkey.Key]*pinger),
} }
e.isLocalAddr.Store(genLocalAddrFunc(nil)) e.isLocalAddr.Store(genLocalAddrFunc(nil))
@ -990,25 +1000,26 @@ func (e *userspaceEngine) Reconfig(cfg *wgcfg.Config, routerCfg *router.Config,
LocalDomains: dnsCfg.AuthoritativeSuffixes, LocalDomains: dnsCfg.AuthoritativeSuffixes,
Routes: map[string][]netaddr.IPPort{}, Routes: map[string][]netaddr.IPPort{},
} }
osCfg := dns.OSConfig{
Domains: dnsCfg.SearchDomains,
}
// We must proxy through quad-100 if MagicDNS hosts are in // We must proxy through quad-100 if MagicDNS hosts are in
// use, or there are any per-domain routes. // use, or there are any per-domain routes.
mustProxy := len(dnsCfg.Hosts) > 0 || len(dnsCfg.Routes) > 0 mustProxy := len(dnsCfg.Hosts) > 0 || len(dnsCfg.Routes) > 0
routerCfg.DNS = dns.OSConfig{
Domains: dnsCfg.SearchDomains,
}
if mustProxy { if mustProxy {
routerCfg.DNS.Nameservers = []netaddr.IP{tsaddr.TailscaleServiceIP()} osCfg.Nameservers = []netaddr.IP{tsaddr.TailscaleServiceIP()}
resolverCfg.Routes["."] = dnsCfg.DefaultResolvers resolverCfg.Routes["."] = dnsCfg.DefaultResolvers
for suffix, resolvers := range dnsCfg.Routes { for suffix, resolvers := range dnsCfg.Routes {
resolverCfg.Routes[suffix] = resolvers resolverCfg.Routes[suffix] = resolvers
} }
} else { } else {
for _, resolver := range dnsCfg.DefaultResolvers { for _, resolver := range dnsCfg.DefaultResolvers {
routerCfg.DNS.Nameservers = append(routerCfg.DNS.Nameservers, resolver.IP) osCfg.Nameservers = append(osCfg.Nameservers, resolver.IP)
} }
} }
routerCfg.DNS.Domains = dnsCfg.SearchDomains osCfg.Domains = dnsCfg.SearchDomains
e.resolver.SetConfig(resolverCfg) // TODO: check error and propagate to health pkg e.resolver.SetConfig(resolverCfg) // TODO: check error and propagate to health pkg
e.dns.Set(osCfg) // TODO: check error and propagate to health pkg
e.logf("wgengine: Reconfig: configuring router") e.logf("wgengine: Reconfig: configuring router")
err := e.router.Set(routerCfg) err := e.router.Set(routerCfg)
health.SetRouterHealth(err) health.SetRouterHealth(err)