tailscale/net/dns/resolver
Jonathan Nobels 02e3c046aa
net/dns: re-query system resolvers on no-upstream resolver failure on apple platforms (#12398)
Fixes tailscale/corp#20677

On macOS sleep/wake, we're encountering a condition where reconfigure the network
a little bit too quickly - before apple has set the nameservers for our interface.
This results in a persistent condition where we have no upstream resolver and
fail all forwarded DNS queries.

No upstream nameservers is a legitimate configuration, and we have no  (good) way
of determining when Apple is ready - but if we need to forward a query, and we
have no nameservers, then something has gone badly wrong and the network is
very broken.

A simple fix here is to simply inject a netMon event, which will go through the
configuration dance again when we hit the SERVFAIL condition.

Tested by artificially/randomly returning [] for the list of nameservers in the bespoke
ipn-bridge code responsible for getting the nameservers.

Signed-off-by: Jonathan Nobels <jonathan@tailscale.com>
2024-06-12 15:45:13 -04:00
..
debug.go all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
doh_test.go net/dns/resolver: remove maxDoHInFlight 2023-02-03 17:07:12 -08:00
forwarder.go net/dns: re-query system resolvers on no-upstream resolver failure on apple platforms (#12398) 2024-06-12 15:45:13 -04:00
forwarder_test.go all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
macios_ext.go all: avoid repeated default interface lookups 2023-04-20 15:46:01 -07:00
tsdns.go net/dns/resolver: return an empty successful response instead of NXDomain when resolving A records for 4via6 domains 2024-06-11 09:43:48 -05:00
tsdns_server_test.go all: update copyright and license headers 2023-01-27 15:36:29 -08:00
tsdns_test.go net/dns/resolver: return an empty successful response instead of NXDomain when resolving A records for 4via6 domains 2024-06-11 09:43:48 -05:00