TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-08-11 21:27:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

tailcfg: add DNS routes and advanced resolver config.

Browse Source 
Signed-off-by: David Anderson <danderson@tailscale.com>
This commit is contained in:
David Anderson
2021-04-08 01:35:14 -07:00
committed by Dave Anderson
parent 6a7912e37a
commit fad21af01c
3 changed files with 137 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
ipn/ipnlocal/local.go
View File

@@ -1486,16 +1486,30 @@ func (b *LocalBackend) authReconfig() {
// If CorpDNS is false, dcfg remains the zero value.
if uc.CorpDNS {
proxied := nm.DNS.Proxied
if proxied && len(nm.DNS.Nameservers) == 0 {
b.logf("[unexpected] dns proxied but no nameservers")
proxied = false
for _, resolver := range nm.DNS.Resolvers {
res, err := parseResolver(resolver)
if err != nil {
b.logf(err.Error())
continue
}
dcfg.DefaultResolvers = append(dcfg.DefaultResolvers, res)
}
for _, ip := range nm.DNS.Nameservers {
dcfg.DefaultResolvers = append(dcfg.DefaultResolvers, netaddr.IPPort{
IP: ip,
Port: 53,
})
if len(nm.DNS.Routes) > 0 {
dcfg.Routes = map[string][]netaddr.IPPort{}
}
for suffix, resolvers := range nm.DNS.Routes {
if !strings.HasSuffix(suffix, ".") || strings.HasPrefix(suffix, ".") {
b.logf("[unexpected] malformed DNS route suffix %q", suffix)
continue
}
for _, resolver := range resolvers {
res, err := parseResolver(resolver)
if err != nil {
b.logf(err.Error())
continue
}
dcfg.Routes[suffix] = append(dcfg.Routes[suffix], res)
}
}
dcfg.SearchDomains = nm.DNS.Domains
dcfg.AuthoritativeSuffixes = magicDNSRootDomains(nm)
@@ -1509,9 +1523,12 @@ func (b *LocalBackend) authReconfig() {
}
dcfg.Hosts[name] = ips
}
// TODO: hack to make the current code continue to work while
// refactoring happens.
if proxied {
enableMagicDNS := nm.DNS.Proxied
if enableMagicDNS && len(nm.DNS.Resolvers) == 0 {
b.logf("[unexpected] dns proxied but no nameservers")
enableMagicDNS = false
}
if enableMagicDNS {
dcfg.Hosts = map[string][]netaddr.IP{}
set(nm.Name, nm.Addresses)
for _, peer := range nm.Peers {
@@ -1529,6 +1546,17 @@ func (b *LocalBackend) authReconfig() {
b.initPeerAPIListener()
}
func parseResolver(cfg tailcfg.DNSResolver) (netaddr.IPPort, error) {
ip, err := netaddr.ParseIP(cfg.Addr)
if err != nil {
return netaddr.IPPort{}, fmt.Errorf("[unexpected] non-IP resolver %q", cfg.Addr)
}
return netaddr.IPPort{
IP: ip,
Port: 53,
}, nil
}
// tailscaleVarRoot returns the root directory of Tailscale's writable
// storage area. (e.g. "/var/lib/tailscale")
func tailscaleVarRoot() string {