From 95faefd1f622ea5224b13a9d8f65bad2c60536aa Mon Sep 17 00:00:00 2001 From: Brad Fitzpatrick Date: Mon, 16 Oct 2023 09:30:47 -0700 Subject: [PATCH] net/dnsfallback: disable recursive resolver for now It seems to be implicated in a CPU consumption bug that's not yet understood. Disable it until we understand. Updates tailscale/corp#15261 Change-Id: Ia6d0c310da6464dda79a70fc3c18be0782812d3f Signed-off-by: Brad Fitzpatrick --- net/dnsfallback/dnsfallback.go | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/net/dnsfallback/dnsfallback.go b/net/dnsfallback/dnsfallback.go index d60404ddc..c7d08858b 100644 --- a/net/dnsfallback/dnsfallback.go +++ b/net/dnsfallback/dnsfallback.go @@ -39,14 +39,22 @@ import ( "tailscale.com/util/slicesx" ) -var disableRecursiveResolver = envknob.RegisterBool("TS_DNSFALLBACK_DISABLE_RECURSIVE_RESOLVER") +var ( + optRecursiveResolver = envknob.RegisterOptBool("TS_DNSFALLBACK_RECURSIVE_RESOLVER") + disableRecursiveResolver = envknob.RegisterBool("TS_DNSFALLBACK_DISABLE_RECURSIVE_RESOLVER") // legacy pre-1.52 env knob name +) // MakeLookupFunc creates a function that can be used to resolve hostnames // (e.g. as a LookupIPFallback from dnscache.Resolver). // The netMon parameter is optional; if non-nil it's used to do faster interface lookups. func MakeLookupFunc(logf logger.Logf, netMon *netmon.Monitor) func(ctx context.Context, host string) ([]netip.Addr, error) { return func(ctx context.Context, host string) ([]netip.Addr, error) { - if disableRecursiveResolver() { + // If they've explicitly disabled the recursive resolver with the legacy + // TS_DNSFALLBACK_DISABLE_RECURSIVE_RESOLVER envknob or not set the + // newer TS_DNSFALLBACK_RECURSIVE_RESOLVER to true, then don't use the + // recursive resolver. (tailscale/corp#15261) In the future, we might + // change the default (the opt.Bool being unset) to mean enabled. + if disableRecursiveResolver() || !optRecursiveResolver().EqualBool(true) { return lookup(ctx, host, logf, netMon) }