From 3a5d02cb3163e3ad06c2cb77472a9394b2e213ec Mon Sep 17 00:00:00 2001 From: Maisem Ali Date: Wed, 23 Nov 2022 16:01:25 +0500 Subject: [PATCH] ipn/ipnlocal: update comment about using FallbackResolvers for exit nodes While reading the DNS code noticed that we were still using FallbackResolvers in this code path but the comment was out of date. Signed-off-by: Maisem Ali --- ipn/ipnlocal/local.go | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/ipn/ipnlocal/local.go b/ipn/ipnlocal/local.go index 5dc5f098d..b4c622a13 100644 --- a/ipn/ipnlocal/local.go +++ b/ipn/ipnlocal/local.go @@ -2769,10 +2769,12 @@ func dnsConfigForNetmap(nm *netmap.NetworkMap, prefs ipn.PrefsView, logf logger. case len(dcfg.DefaultResolvers) != 0: // Default resolvers already set. case !prefs.ExitNodeID().IsZero(): - // When using exit nodes, it's very likely the LAN - // resolvers will become unreachable. So, force use of the - // fallback resolvers until we implement DNS forwarding to - // exit nodes. + // When using an exit node, we send all DNS traffic to the exit node, so + // we don't need a fallback resolver. + // + // However, if the exit node is too old to run a DoH DNS proxy, then we + // need to use a fallback resolver as it's very likely the LAN resolvers + // will become unreachable. // // This is especially important on Apple OSes, where // adding the default route to the tunnel interface makes