connlib: only get system dns servers on session connect (#3198)

2026-01-27 10:18:54 +00:00 · 2024-01-11 19:41:33 -03:00
parent 9b7c5d4ebd
commit bdf260a58c
2 changed files with 8 additions and 6 deletions
--- a/rust/connlib/clients/shared/src/control.rs
+++ b/rust/connlib/clients/shared/src/control.rs
@@ -33,6 +33,7 @@ pub struct ControlPlane<CB: Callbacks> {
    pub tunnel: Arc<Tunnel<CB, ClientState>>,
    pub phoenix_channel: PhoenixSenderWithTopic,
    pub tunnel_init: Mutex<bool>,
+    pub system_dns_servers: Option<Vec<IpAddr>>,
    // It's a Mutex<Option<_>> because we need the init message to initialize the resolver
    // also, in platforms with split DNS and no configured upstream dns this will be None.
    //
@@ -41,16 +42,16 @@ pub struct ControlPlane<CB: Callbacks> {
 }

 fn create_resolver(
+    system_dns_servers: &Option<Vec<IpAddr>>,
    upstream_dns: Vec<DnsServer>,
-    callbacks: &impl Callbacks,
 ) -> Option<TokioAsyncResolver> {
    let dns_servers = if upstream_dns.is_empty() {
-        let Ok(Some(dns_servers)) = callbacks.get_system_default_resolvers() else {
+        let Some(dns_servers) = system_dns_servers else {
            return None;
        };
        let mut dns_servers = dns_servers
-            .into_iter()
-            .filter(|ip| ip != &IpAddr::from(DNS_SENTINEL))
+            .iter()
+            .filter(|ip| ip != &&IpAddr::from(DNS_SENTINEL))
            .peekable();
        if dns_servers.peek().is_none() {
            tracing::error!("No system default DNS servers available! Can't initialize resolver. DNS will be broken.");
@@ -60,7 +61,7 @@ fn create_resolver(
        dns_servers
            .map(|ip| {
                DnsServer::IpPort(IpDnsServer {
-                    address: (ip, DNS_PORT).into(),
+                    address: (*ip, DNS_PORT).into(),
                })
            })
            .collect()
@@ -109,7 +110,7 @@ impl<CB: Callbacks + 'static> ControlPlane<CB> {

        self.tunnel.set_upstream_dns(&interface.upstream_dns);
        *self.fallback_resolver.lock() =
-            create_resolver(interface.upstream_dns, self.tunnel.callbacks());
+            create_resolver(&self.system_dns_servers, interface.upstream_dns);
        for resource_description in resources {
            self.add_resource(resource_description);
        }
--- a/rust/connlib/clients/shared/src/lib.rs
+++ b/rust/connlib/clients/shared/src/lib.rs
@@ -172,6 +172,7 @@ where
                tunnel: Arc::new(tunnel),
                phoenix_channel: connection.sender_with_topic("client".to_owned()),
                tunnel_init: Mutex::new(false),
+                system_dns_servers: callbacks.get_system_default_resolvers().ok().flatten(),
                fallback_resolver: parking_lot::Mutex::new(None),
            };