From d92ef4c215cf425f06d317ab5c3c474ea2c44ef7 Mon Sep 17 00:00:00 2001
From: shayne <shayne@tailscale.com>
Date: Thu, 2 Mar 2023 23:36:12 -0500
Subject: [PATCH] cmd/derper: randomize IPs on refreshBootstrapDNS (#7440)

This is to address a possible DNS failure on startup. Before this
change IPv6 addresses would be listed first, and the client dialer would
fail for hosts without IPv6 connectivity.
---
 cmd/derper/bootstrap_dns.go | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/cmd/derper/bootstrap_dns.go b/cmd/derper/bootstrap_dns.go
index 134cfad93..83961a5ef 100644
--- a/cmd/derper/bootstrap_dns.go
+++ b/cmd/derper/bootstrap_dns.go
@@ -8,6 +8,7 @@ import (
 	"encoding/json"
 	"expvar"
 	"log"
+	"math/rand"
 	"net"
 	"net/http"
 	"strings"
@@ -52,6 +53,13 @@ func refreshBootstrapDNS() {
 	ctx, cancel := context.WithTimeout(context.Background(), refreshTimeout)
 	defer cancel()
 	dnsEntries := resolveList(ctx, strings.Split(*bootstrapDNS, ","))
+	// Randomize the order of the IPs for each name to avoid the client biasing
+	// to IPv6
+	for k := range dnsEntries {
+		ips := dnsEntries[k]
+		rand.Shuffle(len(ips), func(i, j int) { ips[i], ips[j] = ips[j], ips[i] })
+		dnsEntries[k] = ips
+	}
 	j, err := json.MarshalIndent(dnsEntries, "", "\t")
 	if err != nil {
 		// leave the old values in place