net/dns,userspace: remove unused DNS paths, normalize query limit on iOS
With a42a594bb3, iOS uses netstack and
hence there are no longer any platforms which use the legacy MagicDNS path. As such, we remove it.
We also normalize the limit for max in-flight DNS queries on iOS (it was 64, now its 256 as per other platforms).
It was 64 for the sake of being cautious about memory, but now we have 50Mb (iOS-15 and greater) instead of 15Mb
so we have the spare headroom.
Signed-off-by: Tom DNetto <tom@tailscale.com>
This commit is contained in:
Tom DNetto
@ -11,7 +11,6 @@ import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
"net"
|
||||
"net/netip"
|
||||
"reflect"
|
||||
"runtime"
|
||||
@ -56,13 +55,6 @@ import (
|
||||
"tailscale.com/wgengine/wglog"
|
||||
)
|
||||
|
||||
const magicDNSPort = 53
|
||||
|
||||
var (
|
||||
magicDNSIP = tsaddr.TailscaleServiceIP()
|
||||
magicDNSIPv6 = tsaddr.TailscaleServiceIPv6()
|
||||
)
|
||||
|
||||
// Lazy wireguard-go configuration parameters.
|
||||
const (
|
||||
// lazyPeerIdleThreshold is the idle duration after
|
||||
@ -462,8 +454,6 @@ func NewUserspaceEngine(logf logger.Logf, conf Config) (_ Engine, reterr error)
|
||||
e.logf("Starting link monitor...")
|
||||
e.linkMon.Start()
|
||||
|
||||
go e.pollResolver()
|
||||
|
||||
e.logf("Engine created.")
|
||||
return e, nil
|
||||
}
|
||||
@ -491,19 +481,6 @@ func echoRespondToAll(p *packet.Parsed, t *tstun.Wrapper) filter.Response {
|
||||
// tailscaled directly. Other packets are allowed to proceed into the
|
||||
// main ACL filter.
|
||||
func (e *userspaceEngine) handleLocalPackets(p *packet.Parsed, t *tstun.Wrapper) filter.Response {
|
||||
// Handle traffic to the service IP.
|
||||
// TODO(tom): Netstack handles this when it is installed. Rip all
|
||||
// this out once netstack is used on all platforms.
|
||||
switch p.Dst.Addr() {
|
||||
case magicDNSIP, magicDNSIPv6:
|
||||
err := e.dns.EnqueuePacket(append([]byte(nil), p.Payload()...), p.IPProto, p.Src, p.Dst)
|
||||
if err != nil {
|
||||
e.logf("dns: enqueue: %v", err)
|
||||
}
|
||||
metricMagicDNSPacketIn.Add(1)
|
||||
return filter.Drop
|
||||
}
|
||||
|
||||
if runtime.GOOS == "darwin" || runtime.GOOS == "ios" {
|
||||
isLocalAddr, ok := e.isLocalAddr.LoadOk()
|
||||
if !ok {
|
||||
@ -523,27 +500,6 @@ func (e *userspaceEngine) handleLocalPackets(p *packet.Parsed, t *tstun.Wrapper)
|
||||
return filter.Accept
|
||||
}
|
||||
|
||||
// pollResolver reads packets from the DNS resolver and injects them inbound.
|
||||
//
|
||||
// TODO(tom): Remove this fallback path (via NextPacket()) once all
|
||||
// platforms use netstack.
|
||||
func (e *userspaceEngine) pollResolver() {
|
||||
for {
|
||||
bs, err := e.dns.NextPacket()
|
||||
if errors.Is(err, net.ErrClosed) {
|
||||
return
|
||||
}
|
||||
if err != nil {
|
||||
e.logf("dns: error: %v", err)
|
||||
continue
|
||||
}
|
||||
|
||||
// The leading empty space required by the semantics of
|
||||
// InjectInboundDirect is allocated in NextPacket().
|
||||
e.tundev.InjectInboundDirect(bs, tstun.PacketStartOffset)
|
||||
}
|
||||
}
|
||||
|
||||
var debugTrimWireguard = envknob.RegisterOptBool("TS_DEBUG_TRIM_WIREGUARD")
|
||||
|
||||
// forceFullWireguardConfig reports whether we should give wireguard our full
|
||||
|
||||
Reference in New Issue
Block a user