ipn/ipnlocal: put DNS suffixes of shared nodes as split DNS routes

Updates #3756
Updates #3767

Co-authored-by: Mihai Parparita <mihai@tailscale.com>
Change-Id: I049ffa7e7dce3d7a7ee4c6aa37f7d4ceefd1ff9d
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

ipn/ipnlocal/local.go

@@ -2580,17 +2580,22 @@ func (b *LocalBackend) initPeerAPIListener() {
 }
 
 // magicDNSRootDomains returns the subset of nm.DNS.Domains that are the search domains for MagicDNS.
-func magicDNSRootDomains(nm *netmap.NetworkMap) []dnsname.FQDN {
+func magicDNSRootDomains(nm *netmap.NetworkMap) (ret []dnsname.FQDN) {
-	if v := nm.MagicDNSSuffix(); v != "" {
+	v := nm.MagicDNSSuffix()
+	if v == "" {
+		return nil
+	}
+	seen := map[dnsname.FQDN]bool{}
 	fqdn, err := dnsname.ToFQDN(v)
 	if err != nil {
 		// TODO: propagate error
 		return nil
 	}
-		ret := []dnsname.FQDN{
+	ret = []dnsname.FQDN{
 		fqdn,
 		dnsname.FQDN("0.e.1.a.c.5.1.1.a.7.d.f.ip6.arpa."),
 	}
+	seen[fqdn] = true
 	for i := 64; i <= 127; i++ {
 		fqdn, err = dnsname.ToFQDN(fmt.Sprintf("%d.100.in-addr.arpa.", i))
 		if err != nil {
@@ -2599,9 +2604,25 @@ func magicDNSRootDomains(nm *netmap.NetworkMap) []dnsname.FQDN {
 		}
 		ret = append(ret, fqdn)
 	}
+	for _, p := range nm.Peers {
+		if p.Sharer == 0 {
+			//	continue
+		}
+		if fqdn, ok := magicDNSSuffix(p); ok && !seen[fqdn] {
+			seen[fqdn] = true
+			ret = append(ret, fqdn)
+		}
+	}
 	return ret
 }
-	return nil
+
+func magicDNSSuffix(p *tailcfg.Node) (dnsname.FQDN, bool) {
+	if _, rest, ok := strings.Cut(p.Name, "."); ok {
+		if fqdn, err := dnsname.ToFQDN(rest); err == nil {
+			return fqdn, true
+		}
+	}
+	return "", false
 }
 
 var (