Add flag to disable bootstrap dns

Adds an optional (default off) boolean environment flag `TS_NO_DNS_FALLBACK` which will simply disable functionality to fallback to using Tailscale DNS servers as indicated in text logs like: ``` trying bootstrapDNS("derp8c.tailscale.com", "2a03:b0c0:1:d0::e1f:4001") for "log.tailscale.io" ... ``` For some user environments, it is desirable to strictly control outbound access to external servers and and leaked data or metadata - and losing this functionality is a desired trade off. Closes #7981 Signed-off-by: Kevin Allen <kallen@bostondynamics.com>
2023-04-26 15:03:04 -04:00 · 2023-04-26 15:03:04 -04:00 · c0c182f487
parent c5bf868940
commit c0c182f487
1 changed files with 8 additions and 1 deletions
--- a/net/dnscache/dnscache.go
+++ b/net/dnscache/dnscache.go
@ -169,6 +169,7 @@ func (r *Resolver) ttl() time.Duration {
 }

 var debug = envknob.RegisterBool("TS_DEBUG_DNS_CACHE")
+var noDNSFallback = envknob.RegisterBool("TS_NO_DNS_FALLBACK")

 // debugLogging allows enabling debug logging at runtime, via
 // SetDebugLoggingEnabled.
@ -302,7 +303,7 @@ func (r *Resolver) lookupIP(host string) (ip, ip6 netip.Addr, allIPs []netip.Add
 			ips, err = resolver.LookupNetIP(ctx, "ip", host)
 		}
 	}
-	if (err != nil || len(ips) == 0) && r.LookupIPFallback != nil {
+	if (err != nil || len(ips) == 0) && r.LookupIPFallback != nil && !noDNSFallback() {
 		ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
 		defer cancel()
 		if err != nil {
@ -451,6 +452,12 @@ func (d *dialer) shouldTryBootstrap(ctx context.Context, err error, dc *dialCall
 		d.dnsCache.dlogf("not using bootstrap DNS: no fallback")
 		return false
 	}
+	if noDNSFallback() {
+		if debug() {
+			log.Printf("dnscache: not using bootstrap DNS: disabled via TS_NO_DNS_FALLBACK")
+		}
+		return false
+	}

 	// We can't retry if the context is canceled, since any further
 	// operations with this context will fail.