debugging
debugging
debugging
debugging
use default route interface IP for OS resolver queries
remove retries
fix resolv.conf clobbering on MacOS, set custom local addr for os resolver queries
remove the client info discovery logic on network change, this was overkill just for the IP, and was causing service failure after switching networks many times rapidly
handle ipv6 local addresses
guard ciTable from nil pointer
debugging failure count
fix test
use upstreamIS var
init map, fix watcher flag
attempt to detect network changes
attempt to detect network changes
cancel and rerun reinitializeOSResolver
cancel and rerun reinitializeOSResolver
cancel and rerun reinitializeOSResolver
ignore invalid inferaces
ignore invalid inferaces
allow OS resolver upstream to fail
dont wait for dnsWait group on reinit, check for active interfaces to trigger reinit
fix unused var
simpler active iface check, debug logs
dont spam network service name patching on Mac
dont wait for os resolver nameserver testing
remove test for osresovlers for now
async nameserver testing
remove unused test
The current flow involves marking OS resolver as down, which is not
right at all, since ctrld depends on it for leaking queries.
This commits implements new flow, which ctrld will restore DNS settings
once leaking marked, allowing queries go to OS resolver until the
internet connection is established.
So it would work in more general case than just captive portal network,
which ctrld have supported recently.
Uses who may want no leaking behavior can use a config to turn off this
feature.
To prevent duplicated running of checkUpstream function at the same
time, upstream monitor uses a boolean to report whether the upstream is
checking. If this boolean is true, then other calls after the first one
will be returned immediately.
However, checkUpstream does not set this boolean to false when it
finishes, thus all future calls to checkUpstream won't be run, causing
the upstream is marked as down forever.
Fixing this by ensuring the boolean is reset once checkUpstream done.
While at it, also guarding all upstream monitor operations with a mutex,
ensuring there's no race condition between marking upstream state.
Otherwise, network changes may not be seen on some platforms, causing
ctrld failed to recover and failing all requests.
While at it, also doing the check DNS in separate goroutine, prevent it
from blocking ctrld from notifying others that it "started". The issue
was seen when ctrld is configured as direct listener, requests are
flooded before ctrld started, causing the healtch process failed.
Some users mentioned that when there is an Internet outage, ctrld fails
to recover, crashing or locks up the router. When requests start
failing, this results in the clients emitting more queries, creating a
resource spiral of death that can brick the device entirely.
To guard against this case, this commit implement an upstream monitor
approach:
- Marking upstream as down after 100 consecutive failed queries.
- Start a goroutine to check when the upstream is back again.
- When upstream is down, answer all queries with SERVFAIL.
- The checking process uses backoff retry to reduce high requests rate.
- As long as the query succeeded, marking the upstream as alive then
start operate normally.
