From e1d078a2c37bd20ead183fc51b0e8b57103f2a6b Mon Sep 17 00:00:00 2001 From: Cuong Manh Le Date: Tue, 1 Aug 2023 04:10:20 +0000 Subject: [PATCH] Ignoring RFC 1918 addresses for ControlD upstream --- config.go | 16 +++++++++++++++- resolver.go | 4 ++-- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/config.go b/config.go index 3e2efe4..70b165b 100644 --- a/config.go +++ b/config.go @@ -343,9 +343,23 @@ func (uc *UpstreamConfig) SetupBootstrapIP() { // SetupBootstrapIP manually find all available IPs of the upstream. // The first usable IP will be used as bootstrap IP of the upstream. func (uc *UpstreamConfig) setupBootstrapIP(withBootstrapDNS bool) { - b := backoff.NewBackoff("setupBootstrapIP", func(format string, args ...any) {}, 2*time.Second) + b := backoff.NewBackoff("setupBootstrapIP", func(format string, args ...any) {}, 10*time.Second) + isControlD := uc.isControlD() for { uc.bootstrapIPs = lookupIP(uc.Domain, uc.Timeout, withBootstrapDNS) + // For ControlD upstream, the bootstrap IPs could not be RFC 1918 addresses, + // filtering them out here to prevent weird behavior. + if isControlD { + n := 0 + for _, ip := range uc.bootstrapIPs { + netIP := net.ParseIP(ip) + if netIP != nil && !netIP.IsPrivate() { + uc.bootstrapIPs[n] = ip + n++ + } + } + uc.bootstrapIPs = uc.bootstrapIPs[:n] + } if len(uc.bootstrapIPs) > 0 { break } diff --git a/resolver.go b/resolver.go index 297d796..d2586ec 100644 --- a/resolver.go +++ b/resolver.go @@ -177,12 +177,12 @@ func lookupIP(domain string, timeout int, withBootstrapDNS bool) (ips []string) ipFromRecord := func(record dns.RR, target string) string { switch ar := record.(type) { case *dns.A: - if ar.Hdr.Name != target { + if ar.Hdr.Name != target || len(ar.A) == 0 { return "" } return ar.A.String() case *dns.AAAA: - if ar.Hdr.Name != target { + if ar.Hdr.Name != target || len(ar.AAAA) == 0 { return "" } return ar.AAAA.String()