Documentation ¶
Overview ¶
Package resolver implements a stub DNS resolver that can also serve records out of an internal local zone.
Index ¶
- func WriteDNSResolver(w *bufio.Writer, r *dnstype.Resolver)
- func WriteDNSResolvers(w *bufio.Writer, resolvers []*dnstype.Resolver)
- func WriteIPPorts(w *bufio.Writer, vv []netip.AddrPort)
- func WriteRoutes(w *bufio.Writer, routes map[dnsname.FQDN][]*dnstype.Resolver)
- type Config
- type ForwardLinkSelector
- type Resolver
- func (r *Resolver) Close()
- func (r *Resolver) HandleExitNodeDNSQuery(ctx context.Context, q []byte, from netip.AddrPort, ...) (res []byte, err error)
- func (r *Resolver) Query(ctx context.Context, bs []byte, from netip.AddrPort) ([]byte, error)
- func (r *Resolver) SetConfig(cfg Config) error
- func (r *Resolver) TestOnlySetHook(hook func(Config))
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func WriteDNSResolver ¶
WriteDNSResolver writes r to w.
func WriteDNSResolvers ¶
WriteDNSResolvers writes resolvers to w.
func WriteIPPorts ¶
WriteIPPorts writes vv to w.
Types ¶
type Config ¶
type Config struct { // Routes is a map of DNS name suffix to the resolvers to use for // queries within that suffix. // Queries only match the most specific suffix. // To register a "default route", add an entry for ".". Routes map[dnsname.FQDN][]*dnstype.Resolver // LocalHosts is a map of FQDNs to corresponding IPs. Hosts map[dnsname.FQDN][]netip.Addr // LocalDomains is a list of DNS name suffixes that should not be // routed to upstream resolvers. LocalDomains []dnsname.FQDN }
Config is a resolver configuration. Given a Config, queries are resolved in the following order: If the query is an exact match for an entry in LocalHosts, return that. Else if the query suffix matches an entry in LocalDomains, return NXDOMAIN. Else forward the query to the most specific matching entry in Routes. Else return SERVFAIL.
func (*Config) WriteToBufioWriter ¶
WriteToBufioWriter write a debug version of c for logs to w, omitting spammy stuff like *.arpa entries and replacing it with a total count.
type ForwardLinkSelector ¶
type Resolver ¶
type Resolver struct {
// contains filtered or unexported fields
}
Resolver is a DNS resolver for nodes on the Tailscale network, associating them with domain names of the form <mynode>.<mydomain>.<root>. If it is asked to resolve a domain that is not of that form, it delegates to upstream nameservers if any are set.
func New ¶
func New(logf logger.Logf, netMon *netmon.Monitor, linkSel ForwardLinkSelector, dialer *tsdial.Dialer) *Resolver
New returns a new resolver. netMon optionally specifies a network monitor to use for socket rebinding.
func (*Resolver) Close ¶
func (r *Resolver) Close()
Close shuts down the resolver and ensures poll goroutines have exited. The Resolver cannot be used again after Close is called.
func (*Resolver) HandleExitNodeDNSQuery ¶
func (r *Resolver) HandleExitNodeDNSQuery(ctx context.Context, q []byte, from netip.AddrPort, allowName func(name string) bool) (res []byte, err error)
HandleExitNodeDNSQuery handles a DNS query that arrived from a peer via the peerapi's DoH server. This is only used when the local node is being an exit node.
The provided allowName callback is whether a DNS query for a name (as found by parsing q) is allowed.
In most (all?) cases, err will be nil. A bogus DNS query q will still result in a response DNS packet (saying there's a failure) and a nil error. TODO: figure out if we even need an error result.