net/dns: insert OS base config when emulating split DNS.

Part of #953.

Signed-off-by: David Anderson <danderson@tailscale.com>
pull/1677/head
David Anderson 4 years ago committed by Dave Anderson
parent e560be6443
commit 720c1ad0f0

@ -76,7 +76,10 @@ func (m *Manager) Set(cfg Config) error {
forceSplitDNSForTesting(&cfg) forceSplitDNSForTesting(&cfg)
} }
rcfg, ocfg := m.compileConfig(cfg) rcfg, ocfg, err := m.compileConfig(cfg)
if err != nil {
return err
}
m.logf("Resolvercfg: %+v", rcfg) m.logf("Resolvercfg: %+v", rcfg)
m.logf("OScfg: %+v", ocfg) m.logf("OScfg: %+v", ocfg)
@ -93,7 +96,7 @@ func (m *Manager) Set(cfg Config) error {
// compileConfig converts cfg into a quad-100 resolver configuration // compileConfig converts cfg into a quad-100 resolver configuration
// and an OS-level configuration. // and an OS-level configuration.
func (m *Manager) compileConfig(cfg Config) (resolver.Config, OSConfig) { func (m *Manager) compileConfig(cfg Config) (resolver.Config, OSConfig, error) {
// Deal with trivial configs first. // Deal with trivial configs first.
switch { switch {
case !cfg.needsOSResolver(): case !cfg.needsOSResolver():
@ -102,14 +105,14 @@ func (m *Manager) compileConfig(cfg Config) (resolver.Config, OSConfig) {
// configs clear all Tailscale DNS settings. // configs clear all Tailscale DNS settings.
return resolver.Config{}, OSConfig{ return resolver.Config{}, OSConfig{
SearchDomains: cfg.SearchDomains, SearchDomains: cfg.SearchDomains,
} }, nil
case cfg.hasDefaultResolversOnly(): case cfg.hasDefaultResolversOnly():
// Trivial CorpDNS configuration, just override the OS // Trivial CorpDNS configuration, just override the OS
// resolver. // resolver.
return resolver.Config{}, OSConfig{ return resolver.Config{}, OSConfig{
Nameservers: toIPsOnly(cfg.DefaultResolvers), Nameservers: toIPsOnly(cfg.DefaultResolvers),
SearchDomains: cfg.SearchDomains, SearchDomains: cfg.SearchDomains,
} }, nil
case cfg.hasDefaultResolvers(): case cfg.hasDefaultResolvers():
// Default resolvers plus other stuff always ends up proxying // Default resolvers plus other stuff always ends up proxying
// through quad-100. // through quad-100.
@ -127,7 +130,7 @@ func (m *Manager) compileConfig(cfg Config) (resolver.Config, OSConfig) {
Nameservers: []netaddr.IP{tsaddr.TailscaleServiceIP()}, Nameservers: []netaddr.IP{tsaddr.TailscaleServiceIP()},
SearchDomains: cfg.SearchDomains, SearchDomains: cfg.SearchDomains,
} }
return rcfg, ocfg return rcfg, ocfg, nil
} }
// From this point on, we're figuring out split DNS // From this point on, we're figuring out split DNS
@ -144,7 +147,7 @@ func (m *Manager) compileConfig(cfg Config) (resolver.Config, OSConfig) {
Nameservers: toIPsOnly(cfg.singleResolverSet()), Nameservers: toIPsOnly(cfg.singleResolverSet()),
SearchDomains: cfg.SearchDomains, SearchDomains: cfg.SearchDomains,
MatchDomains: cfg.matchDomains(), MatchDomains: cfg.matchDomains(),
} }, nil
} }
// Split DNS configuration with either multiple upstream routes, // Split DNS configuration with either multiple upstream routes,
@ -170,10 +173,15 @@ func (m *Manager) compileConfig(cfg Config) (resolver.Config, OSConfig) {
if m.os.SupportsSplitDNS() { if m.os.SupportsSplitDNS() {
ocfg.MatchDomains = cfg.matchDomains() ocfg.MatchDomains = cfg.matchDomains()
} else { } else {
rcfg.Routes["."] = []netaddr.IPPort{netaddr.MustParseIPPort("8.8.8.8:53")} bcfg, err := m.os.GetBaseConfig()
if err != nil {
return resolver.Config{}, OSConfig{}, err
}
rcfg.Routes["."] = toIPPorts(bcfg.Nameservers)
ocfg.SearchDomains = append(ocfg.SearchDomains, bcfg.SearchDomains...)
} }
return rcfg, ocfg return rcfg, ocfg, nil
} }
func addFQDNDots(domains []string) []string { func addFQDNDots(domains []string) []string {
@ -196,6 +204,13 @@ func toIPsOnly(ipps []netaddr.IPPort) (ret []netaddr.IP) {
return ret return ret
} }
func toIPPorts(ips []netaddr.IP) (ret []netaddr.IPPort) {
for _, ip := range ips {
ret = append(ret, netaddr.IPPort{IP: ip, Port: 53})
}
return ret
}
func (m *Manager) EnqueueRequest(bs []byte, from netaddr.IPPort) error { func (m *Manager) EnqueueRequest(bs []byte, from netaddr.IPPort) error {
return m.resolver.EnqueueRequest(bs, from) return m.resolver.EnqueueRequest(bs, from)
} }

@ -14,7 +14,8 @@ import (
) )
type fakeOSConfigurator struct { type fakeOSConfigurator struct {
SplitDNS bool SplitDNS bool
BaseConfig OSConfig
OSConfig OSConfig OSConfig OSConfig
ResolverConfig resolver.Config ResolverConfig resolver.Config
@ -37,8 +38,7 @@ func (c *fakeOSConfigurator) SupportsSplitDNS() bool {
} }
func (c *fakeOSConfigurator) GetBaseConfig() (OSConfig, error) { func (c *fakeOSConfigurator) GetBaseConfig() (OSConfig, error) {
// TODO return c.BaseConfig, nil
return OSConfig{}, nil
} }
func (c *fakeOSConfigurator) Close() error { return nil } func (c *fakeOSConfigurator) Close() error { return nil }
@ -54,6 +54,7 @@ func TestManager(t *testing.T) {
name string name string
in Config in Config
split bool split bool
bs OSConfig
os OSConfig os OSConfig
rs resolver.Config rs resolver.Config
}{ }{
@ -178,9 +179,13 @@ func TestManager(t *testing.T) {
Routes: upstreams("corp.com", "2.2.2.2:53"), Routes: upstreams("corp.com", "2.2.2.2:53"),
SearchDomains: strs("tailscale.com", "universe.tf"), SearchDomains: strs("tailscale.com", "universe.tf"),
}, },
bs: OSConfig{
Nameservers: mustIPs("8.8.8.8"),
SearchDomains: strs("coffee.shop"),
},
os: OSConfig{ os: OSConfig{
Nameservers: mustIPs("100.100.100.100"), Nameservers: mustIPs("100.100.100.100"),
SearchDomains: strs("tailscale.com", "universe.tf"), SearchDomains: strs("tailscale.com", "universe.tf", "coffee.shop"),
}, },
rs: resolver.Config{ rs: resolver.Config{
Routes: upstreams( Routes: upstreams(
@ -209,9 +214,13 @@ func TestManager(t *testing.T) {
"bigco.net", "3.3.3.3:53"), "bigco.net", "3.3.3.3:53"),
SearchDomains: strs("tailscale.com", "universe.tf"), SearchDomains: strs("tailscale.com", "universe.tf"),
}, },
bs: OSConfig{
Nameservers: mustIPs("8.8.8.8"),
SearchDomains: strs("coffee.shop"),
},
os: OSConfig{ os: OSConfig{
Nameservers: mustIPs("100.100.100.100"), Nameservers: mustIPs("100.100.100.100"),
SearchDomains: strs("tailscale.com", "universe.tf"), SearchDomains: strs("tailscale.com", "universe.tf", "coffee.shop"),
}, },
rs: resolver.Config{ rs: resolver.Config{
Routes: upstreams( Routes: upstreams(
@ -232,7 +241,7 @@ func TestManager(t *testing.T) {
os: OSConfig{ os: OSConfig{
Nameservers: mustIPs("100.100.100.100"), Nameservers: mustIPs("100.100.100.100"),
SearchDomains: strs("tailscale.com", "universe.tf"), SearchDomains: strs("tailscale.com", "universe.tf"),
MatchDomains: strs("corp.com", "bigco.net"), MatchDomains: strs("bigco.net", "corp.com"),
}, },
rs: resolver.Config{ rs: resolver.Config{
Routes: upstreams( Routes: upstreams(
@ -249,9 +258,13 @@ func TestManager(t *testing.T) {
AuthoritativeSuffixes: strs("ts.com"), AuthoritativeSuffixes: strs("ts.com"),
SearchDomains: strs("tailscale.com", "universe.tf"), SearchDomains: strs("tailscale.com", "universe.tf"),
}, },
bs: OSConfig{
Nameservers: mustIPs("8.8.8.8"),
SearchDomains: strs("coffee.shop"),
},
os: OSConfig{ os: OSConfig{
Nameservers: mustIPs("100.100.100.100"), Nameservers: mustIPs("100.100.100.100"),
SearchDomains: strs("tailscale.com", "universe.tf"), SearchDomains: strs("tailscale.com", "universe.tf", "coffee.shop"),
}, },
rs: resolver.Config{ rs: resolver.Config{
Routes: upstreams(".", "8.8.8.8:53"), Routes: upstreams(".", "8.8.8.8:53"),
@ -293,9 +306,13 @@ func TestManager(t *testing.T) {
AuthoritativeSuffixes: strs("ts.com"), AuthoritativeSuffixes: strs("ts.com"),
SearchDomains: strs("tailscale.com", "universe.tf"), SearchDomains: strs("tailscale.com", "universe.tf"),
}, },
bs: OSConfig{
Nameservers: mustIPs("8.8.8.8"),
SearchDomains: strs("coffee.shop"),
},
os: OSConfig{ os: OSConfig{
Nameservers: mustIPs("100.100.100.100"), Nameservers: mustIPs("100.100.100.100"),
SearchDomains: strs("tailscale.com", "universe.tf"), SearchDomains: strs("tailscale.com", "universe.tf", "coffee.shop"),
}, },
rs: resolver.Config{ rs: resolver.Config{
Routes: upstreams( Routes: upstreams(
@ -321,7 +338,7 @@ func TestManager(t *testing.T) {
os: OSConfig{ os: OSConfig{
Nameservers: mustIPs("100.100.100.100"), Nameservers: mustIPs("100.100.100.100"),
SearchDomains: strs("tailscale.com", "universe.tf"), SearchDomains: strs("tailscale.com", "universe.tf"),
MatchDomains: strs("ts.com", "corp.com"), MatchDomains: strs("corp.com", "ts.com"),
}, },
rs: resolver.Config{ rs: resolver.Config{
Routes: upstreams("corp.com.", "2.2.2.2:53"), Routes: upstreams("corp.com.", "2.2.2.2:53"),
@ -335,7 +352,10 @@ func TestManager(t *testing.T) {
for _, test := range tests { for _, test := range tests {
t.Run(test.name, func(t *testing.T) { t.Run(test.name, func(t *testing.T) {
f := fakeOSConfigurator{SplitDNS: test.split} f := fakeOSConfigurator{
SplitDNS: test.split,
BaseConfig: test.bs,
}
m := NewManager(t.Logf, &f, nil) m := NewManager(t.Logf, &f, nil)
m.resolver.TestOnlySetHook(f.SetResolver) m.resolver.TestOnlySetHook(f.SetResolver)

Loading…
Cancel
Save