net/dns, ipn/local: skip health warnings in dns forwarder when accept-dns is false (#18572)
fixes tailscale/tailscale#18436 Queries can still make their way to the forwarder when accept-dns is disabled. Since we have not configured the forwarder if --accept-dns is false, this errors out (correctly) but it also generates a persistent health warning. This forwards the Pref setting all the way through the stack to the forwarder so that we can be more judicious about when we decide that the forward path is unintentionally missing, vs simply not configured. Testing: tailscale set --accept-dns=false. (or from the GUI) dig @100.100.100.100 example.com tailscale status No dns related health warnings should be surfaced. Signed-off-by: Jonathan Nobels <jonathan@tailscale.com>
This commit is contained in:
@@ -219,7 +219,8 @@ func TestDNSConfigForNetmap(t *testing.T) {
|
||||
CorpDNS: true,
|
||||
},
|
||||
want: &dns.Config{
|
||||
Hosts: map[dnsname.FQDN][]netip.Addr{},
|
||||
AcceptDNS: true,
|
||||
Hosts: map[dnsname.FQDN][]netip.Addr{},
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{
|
||||
"0.e.1.a.c.5.1.1.a.7.d.f.ip6.arpa.": nil,
|
||||
"100.100.in-addr.arpa.": nil,
|
||||
@@ -319,7 +320,8 @@ func TestDNSConfigForNetmap(t *testing.T) {
|
||||
CorpDNS: true,
|
||||
},
|
||||
want: &dns.Config{
|
||||
Hosts: map[dnsname.FQDN][]netip.Addr{},
|
||||
AcceptDNS: true,
|
||||
Hosts: map[dnsname.FQDN][]netip.Addr{},
|
||||
DefaultResolvers: []*dnstype.Resolver{
|
||||
{Addr: "8.8.8.8"},
|
||||
},
|
||||
@@ -342,8 +344,9 @@ func TestDNSConfigForNetmap(t *testing.T) {
|
||||
ExitNodeID: "some-id",
|
||||
},
|
||||
want: &dns.Config{
|
||||
Hosts: map[dnsname.FQDN][]netip.Addr{},
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
AcceptDNS: true,
|
||||
Hosts: map[dnsname.FQDN][]netip.Addr{},
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
DefaultResolvers: []*dnstype.Resolver{
|
||||
{Addr: "8.8.4.4"},
|
||||
},
|
||||
@@ -362,8 +365,9 @@ func TestDNSConfigForNetmap(t *testing.T) {
|
||||
CorpDNS: true,
|
||||
},
|
||||
want: &dns.Config{
|
||||
Hosts: map[dnsname.FQDN][]netip.Addr{},
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
AcceptDNS: true,
|
||||
Hosts: map[dnsname.FQDN][]netip.Addr{},
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
},
|
||||
},
|
||||
{
|
||||
@@ -420,6 +424,7 @@ func TestDNSConfigForNetmap(t *testing.T) {
|
||||
CorpDNS: true,
|
||||
},
|
||||
want: &dns.Config{
|
||||
AcceptDNS: true,
|
||||
Hosts: map[dnsname.FQDN][]netip.Addr{
|
||||
"a.": ips("100.101.101.101"),
|
||||
"p1.": ips("100.102.0.1"),
|
||||
@@ -466,7 +471,8 @@ func TestDNSConfigForNetmap(t *testing.T) {
|
||||
CorpDNS: true,
|
||||
},
|
||||
want: &dns.Config{
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
AcceptDNS: true,
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
Hosts: map[dnsname.FQDN][]netip.Addr{
|
||||
"a.": ips("100.101.101.101"),
|
||||
"p1.": ips("100.102.0.1"),
|
||||
|
||||
@@ -696,8 +696,9 @@ func dnsConfigForNetmap(nm *netmap.NetworkMap, peers map[tailcfg.NodeID]tailcfg.
|
||||
}
|
||||
|
||||
dcfg := &dns.Config{
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
Hosts: map[dnsname.FQDN][]netip.Addr{},
|
||||
AcceptDNS: prefs.CorpDNS(),
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
Hosts: map[dnsname.FQDN][]netip.Addr{},
|
||||
}
|
||||
|
||||
// selfV6Only is whether we only have IPv6 addresses ourselves.
|
||||
|
||||
+21
-14
@@ -1300,8 +1300,9 @@ func TestEngineReconfigOnStateChange(t *testing.T) {
|
||||
Routes: routesWithQuad100(),
|
||||
},
|
||||
wantDNSCfg: &dns.Config{
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
Hosts: hostsFor(node1),
|
||||
AcceptDNS: true,
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
Hosts: hostsFor(node1),
|
||||
},
|
||||
},
|
||||
{
|
||||
@@ -1356,8 +1357,9 @@ func TestEngineReconfigOnStateChange(t *testing.T) {
|
||||
Routes: routesWithQuad100(),
|
||||
},
|
||||
wantDNSCfg: &dns.Config{
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
Hosts: hostsFor(node2),
|
||||
AcceptDNS: true,
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
Hosts: hostsFor(node2),
|
||||
},
|
||||
},
|
||||
{
|
||||
@@ -1404,8 +1406,9 @@ func TestEngineReconfigOnStateChange(t *testing.T) {
|
||||
Routes: routesWithQuad100(),
|
||||
},
|
||||
wantDNSCfg: &dns.Config{
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
Hosts: hostsFor(node1),
|
||||
AcceptDNS: true,
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
Hosts: hostsFor(node1),
|
||||
},
|
||||
},
|
||||
{
|
||||
@@ -1436,8 +1439,9 @@ func TestEngineReconfigOnStateChange(t *testing.T) {
|
||||
Routes: routesWithQuad100(),
|
||||
},
|
||||
wantDNSCfg: &dns.Config{
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
Hosts: hostsFor(node3),
|
||||
AcceptDNS: true,
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
Hosts: hostsFor(node3),
|
||||
},
|
||||
},
|
||||
{
|
||||
@@ -1500,8 +1504,9 @@ func TestEngineReconfigOnStateChange(t *testing.T) {
|
||||
Routes: routesWithQuad100(),
|
||||
},
|
||||
wantDNSCfg: &dns.Config{
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
Hosts: hostsFor(node1),
|
||||
AcceptDNS: true,
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
Hosts: hostsFor(node1),
|
||||
},
|
||||
},
|
||||
{
|
||||
@@ -1529,8 +1534,9 @@ func TestEngineReconfigOnStateChange(t *testing.T) {
|
||||
Routes: routesWithQuad100(),
|
||||
},
|
||||
wantDNSCfg: &dns.Config{
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
Hosts: hostsFor(node1),
|
||||
AcceptDNS: true,
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
Hosts: hostsFor(node1),
|
||||
},
|
||||
},
|
||||
{
|
||||
@@ -1560,8 +1566,9 @@ func TestEngineReconfigOnStateChange(t *testing.T) {
|
||||
Routes: routesWithQuad100(),
|
||||
},
|
||||
wantDNSCfg: &dns.Config{
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
Hosts: hostsFor(node1),
|
||||
AcceptDNS: true,
|
||||
Routes: map[dnsname.FQDN][]*dnstype.Resolver{},
|
||||
Hosts: hostsFor(node1),
|
||||
},
|
||||
},
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user