From c9a411e341582a4a9be4acefc4b1176d1ba2221b Mon Sep 17 00:00:00 2001 From: Juan Font Date: Tue, 5 Oct 2021 17:47:21 +0200 Subject: [PATCH 1/3] Preload namespace --- machine.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/machine.go b/machine.go index 0ea97d9..688dc78 100644 --- a/machine.go +++ b/machine.go @@ -63,7 +63,7 @@ func (h *Headscale) getDirectPeers(m *Machine) (Machines, error) { Msg("Finding direct peers") machines := Machines{} - if err := h.db.Where("namespace_id = ? AND machine_key <> ? AND registered", + if err := h.db.Preload("Namespace").Where("namespace_id = ? AND machine_key <> ? AND registered", m.NamespaceID, m.MachineKey).Find(&machines).Error; err != nil { log.Error().Err(err).Msg("Error accessing db") return nil, err From 6981543db68ca7e1008871c4c1564932e5831d31 Mon Sep 17 00:00:00 2001 From: Juan Font Date: Tue, 5 Oct 2021 19:00:40 +0200 Subject: [PATCH 2/3] Only search domain from current namespace in MapResponse --- api.go | 11 ++--------- dns.go | 2 +- 2 files changed, 3 insertions(+), 10 deletions(-) diff --git a/api.go b/api.go index e360187..dd762a0 100644 --- a/api.go +++ b/api.go @@ -260,16 +260,9 @@ func (h *Headscale) getMapResponse(mKey wgkey.Key, req tailcfg.MapRequest, m *Ma var dnsConfig *tailcfg.DNSConfig if h.cfg.DNSConfig != nil && h.cfg.DNSConfig.Proxied { // if MagicDNS is enabled - // TODO(juanfont): We should not be regenerating this all the time - // And we should only send the domains of the peers (this own namespace + those from the shared peers) - namespaces, err := h.ListNamespaces() - if err != nil { - return nil, err - } + // Only inject the Search Domain of the current namespace - shared nodes should use their full FQDN dnsConfig = h.cfg.DNSConfig.Clone() - for _, ns := range *namespaces { - dnsConfig.Domains = append(dnsConfig.Domains, fmt.Sprintf("%s.%s", ns.Name, h.cfg.BaseDomain)) - } + dnsConfig.Domains = append(dnsConfig.Domains, fmt.Sprintf("%s.%s", m.Namespace.Name, h.cfg.BaseDomain)) } else { dnsConfig = h.cfg.DNSConfig } diff --git a/dns.go b/dns.go index 74a85ae..9cd747f 100644 --- a/dns.go +++ b/dns.go @@ -13,7 +13,7 @@ func (h *Headscale) generateMagicDNSRootDomains() (*[]dnsname.FQDN, error) { } // TODO(juanfont): we are not handing out IPv6 addresses yet - // and in fact this is Tailscale.com's range (not the fd7a:115c:a1e0: range in the fc00::/7 network) + // and in fact this is Tailscale.com's range (note the fd7a:115c:a1e0: range in the fc00::/7 network) ipv6base := dnsname.FQDN("0.e.1.a.c.5.1.1.a.7.d.f.ip6.arpa.") fqdns := []dnsname.FQDN{base, ipv6base} From 1a0f6f6e39669160ef0d3784d4f62bf4a257d7f8 Mon Sep 17 00:00:00 2001 From: Juan Font Date: Tue, 5 Oct 2021 19:01:56 +0200 Subject: [PATCH 3/3] Added note on TODO --- dns.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dns.go b/dns.go index 9cd747f..68df460 100644 --- a/dns.go +++ b/dns.go @@ -17,10 +17,10 @@ func (h *Headscale) generateMagicDNSRootDomains() (*[]dnsname.FQDN, error) { ipv6base := dnsname.FQDN("0.e.1.a.c.5.1.1.a.7.d.f.ip6.arpa.") fqdns := []dnsname.FQDN{base, ipv6base} + // TODO(juanfont): This only works for the 100.64.0.0/10 range. for i := 64; i <= 127; i++ { fqdn, err := dnsname.ToFQDN(fmt.Sprintf("%d.100.in-addr.arpa.", i)) if err != nil { - // TODO: propagate error continue } fqdns = append(fqdns, fqdn)